Call us on 020 7112 8300
Call me back Get in touch

FAQs

FAQs

General

Does my pension scheme need accounts?

It is the responsibility of the trustees to prepare financial statements for the benefit of the scheme’s members, although if there is only one member of the scheme and that happens to also be the trustee then no accounts are required. Also, if the scheme is fully insured then there is no requirement to produce accounts each year.

So, the following schemes would need annual accounts:

  • Defined contribution schemes, (that are not earmarked)
  • Defined benefit schemes
  • Hybrid schemes of defined benefit and defined contribution benefits
Does my pension scheme need to be audited?

Generally “Yes”. If the scheme is a government one, such as NEST, then you will not need to prepare accounts or have the scheme audited. However, company pension schemes that prepare accounts will need an audit if they are not exempt, you can be exempt if:

Scheme type Conditions Audit
Self-invested scheme Less than 2 members No
Small scheme Less than 12 members
and all of them are trustees
No
Small scheme Directors only scheme with less than 12
members,
and the company is the only trustee
No
Government scheme Such as NEST No
Defined contribution or
defined benefit or hybrid
schemes
More than 12 members,
or not all members are trustees
Yes
Does the entire organisation have to have an AAF 01/06 or AAF 02/07 assurance report?

No – the entire organisation does not have to have an AAF 01/06 or AAF 02/07 assurance report. An organisation may have many business units, one of which may process transactions or provide information processing services for its customers. Therefore, an AAF 01/06 assurance report could focus on just one business unit.

How can a service provider prepare for an AAF 01/06?

A service provider can do many things to prepare for an AAF 01/06 or AAF 02/07 assurance engagement. Defining control objectives and identifying related control activities is an important step in the process. Many service providers will engage a professional services firm with a background in both financial auditing and IT auditing to assist with drafting the control objectives and evaluating the existing control activities. This allows the service provider to determine if any improvements need to be made with respect to the control environment prior to the start of the actual engagement.

If the service provider has an internal audit department, the internal auditors could also assist with developing the control objectives and documenting the related control activities. Internal audit can also periodically evaluate and test some of the controls that may be testedas part of the engagement to determine if improvements need to be made.

How does a trustee judge whether a late payment of contributions is material and needs to be reported to the Pensions Regulator?

For defined contribution schemes the Pensions Regulator has a Code of Practice 05 Reporting late payment of
contributions to occupational money purchase schemes. For defined benefit schemes the Pensions Regulator has a Code of Practice 03 Funding defined benefits. Both give practical guidelines on the requirements of reporting the late payment of contributions. These state that trustees should report material late payments to the Pensions Regulator and scheme members where:

  • contributions remain unpaid 90 days after the due date (unless it is a one-off or infrequent administration error,
    which is discovered after the 90 days, and which is corrected when found or is thereafter corrected as soon as
    practicable);
  • where there is a late payment involving possible dishonesty
  • where there is a failure to pay contributions which carries a criminal penalty. For example, where the employer is knowingly concerned in the fraudulent evasion of the obligation to pay member contributions;
  • where the trustees become aware that the employer does not have adequate procedures or systems in place to ensure the correct and timely payment of contributions due and appears not to be taking adequate steps to remedy the situation;
  • where there is no early prospect of outstanding contributions being paid, for example because of the financial circumstances of the employer or for any other reason.

These examples from the Codes are not an exhaustive list. Others may apply. The Codes also give examples of late payments which trustees should not normally report.

Is there a deadline for pension scheme accounts?

The usual deadline for obtaining audited pension scheme accounts is seven months from the end of the accounting period.

What are the differences between AAF 01/06 and ISO 9001:2008?

AAF 01/06 and ISO 9001:2008 are similar in that they are recognised as global quality management standards applying to all types of organisations of different sizes. AAF 01/06 is an assurance standard based on audit principles designed to allow an ICAEW. Reporting Accountant to evaluate and issue an opinion on the controls of a third party service organisation. The AAF 01/06 report could often publish 50 plus pages describing the
service organisation’s control environment and detail specific control objectives, controls and testing performed. The Reporting Accountant’s report for an AAF 01/06 assurance engagement will state compliance with ISAE standards and identify subject matter information, the criteria used for assurance reporting, a summary of the procedures used by management, results of those procedures, identification of the responsible party and summary of the work performed. ISO 9001:2008 requires a business to have in place a documented Quality Management System and be able to demonstrate its implementation and on-going maintenance. An assessment is carried out be an independent accreditation company and a certificate is
awarded and an ISO 9001:2008 “badge” is able to be displayed on the service organisation’s documentation.

What are the main types of “AAF” assurance reporting standards in the UK?

The most common assurance reporting standards issued by chartered accountants in the UK are AAF 01/06, AAF 02/07. AAF 01/06 and AAF 02/07 are technical guidance issued by the Institute of Chartered Accountants in England & Wales (ICAEW) Audit and Assurance Faculty (hence the term “AAF”). Both provide comfort over the design, implementation and operating effectiveness of controls. AF 01/06 focuses on the comfort over the services provided by third party service organisations such as third party pension scheme administrators and investment managers. AAF 01/06 can also be used in conjunction with the international standard IAASB’s ISAE
3402 “Assurance Reports on Controls at a Service Organization”, and IAASB’s 3000 Assurance Engagements. Other than Audits or Reviews of Historical Financial Information”. AAF 02/07 is AAF 02/07 is a framework for assurance that extends beyond AAF 01/06 internal controls reporting and can provide assurance over company policies and procedures. AAF 02/07 can also be used in conjunction with the international standard
IAASB’s 3000 “Assurance Engagements Other than Audits or Reviews of Historical Financial Information”.

What is a payment schedule?

A payment schedule is a schedule required under pension legislation for defined contribution occupational pension schemes. It must specify the contribution rates that the employer and employee will pay into the scheme and the date these payments must be received by the trustees.

What is a schedule of contributions?

A schedule of contributions is a schedule required under pension legislation and regulations for defined benefit occupational pension schemes. It must specify the contribution rates that the employer and employee will pay into the scheme and the date these payments must be received by the trustees. This schedule is normally agreed between the employer and the trustees and certified by the scheme actuary as being sufficient to meet funding requirements set by law.

What should I consider when deciding whether to have an AAF 01/06 or AAF 02/07 assurance report?

The AAF 01/06 and AAF 02/07 are not an auditing standard and are generally not a regulatory requirement. For directors of service organisations that have had an AAF 01/06 or AAF 02/07, the experience of these reports from other organisations and the arrival of the new guidance in the form of supplements, such as TECH 04/13 “Assurance Reporting on Relevant Trustees (Relevant Trustee Supplement to ICAEW AAF 02/07)” gives them the
opportunity to consider the cost and benefits of independent assurance reporting. An external review that assesses the design, documentation and operation of control objectives and procedures against core criteria issued by the ICAEW Audit and Assurance Faculty would help many service organisations become more risk aware and efficient through better design, documentation and recording of control procedures – but at the cost of paying for the services of an ICAEW reporting accountant. With the significant increase in the use of outsourced service organisations by companies and pension funds, it is expected that the executives of these entities will want to ensure the control procedures at the service organisation can be held up to scrutiny by their customers.

In addition, because many of the functions performed by outsourced service organisations
affect an entity’s financial statements, auditors may also seek information about the control
procedures surrounding those services.

Directors of service organisations in financial services may also want for an AAF 01/06 or
AAF 02/07 report to be made available to their clients and client auditors in order to
demonstrate that they have strong internal controls and procedures.

Should directors not wish to have an AAF 01/06 or AAF 02/07 report they may be faced with
producing their own assessment of their internal controls without independent verification
from a reporting accountant.

What type of pension schemes are there?

Workplace pensions are a term that covers the variety of pension arrangements employers can have in
place for their employees who work for them. It has come into usage with the legal requirement for automatic enrolment of workers into a work-based pension scheme. Workplace pensions can be defined benefit, defined contribution or group personal pensions or stakeholder schemes.

When do my pension contributions need to be paid to the trustees?

Employers must make payments so that trustees receive all the pensions due to the scheme on or before the dates specified in the payment schedule (for defined contributions) and in the schedule of contributions (for defined benefits), and employee’s pension contributions are received within 19 days from the end of the calendar month when they were deducted from pay.

When should a late payment of pension contributions be reported by the trustees to the Pensions Regulator?

The Pensions Regulator’s Code of Practice 05 Reporting late payment of contributions to occupational money purchase schemes and Code of Practice 03 Funding defined benefits states that trustees should report material late payments to the Pensions Regulator within 10 working days of identifying that a late payment is material. The reports can be either electronic or on paper-based. If an immediate report is required then this can be done by telephone initially. The reasonable period of reporting to members is stated as 30 days or earlier

Who can perform an AAF 01/06 assurance report?

An AAF 01/06 assurance report can only be performed by an independent firm licensed by the Institute of Chartered Accountants England & Wales. An ICAEW firm that performs AAF 01/06 must adhere to specific professional standards for professional ethics and independence and are required to follow specific guidance related to planning, execution, and supervision of the assurance procedures and the reporting of the results. When performing an assurance engagement under ISAE 3000, the Reporting Accountant is subject to the International Standard on Quality Control 1 (ISQC 1). ISQC 1 requires that a firm of professional accountants has an obligation to establish a system of quality control designed to provide it with reasonable assurance that the firm and its personnel comply with relevant professional standards and regulatory and legal requirements and that the assurance report issued by the firm are appropriate in the circumstances.

Assurance Reporting FAQs

Assurance

Does the entire organisation have to have an AAF 01/06 or AAF 02/07 assurance report?

No – the entire organisation does not have to have an AAF 01/06 or AAF 02/07 assurance report. An organisation may have many business units, one of which may process transactions or provide information processing services for its customers. Therefore, an AAF 01/06 assurance report could focus on just one business unit.

How can a service provider prepare for an AAF 01/06?

A service provider can do many things to prepare for an AAF 01/06 or AAF 02/07 assurance engagement. Defining control objectives and identifying related control activities is an important step in the process. Many service providers will engage a professional services firm with a background in both financial auditing and IT auditing to assist with drafting the control objectives and evaluating the existing control activities. This allows the service provider to determine if any improvements need to be made with respect to the control environment prior to the start of the actual engagement.

If the service provider has an internal audit department, the internal auditors could also assist with developing the control objectives and documenting the related control activities. Internal audit can also periodically evaluate and test some of the controls that may be tested as part of the engagement to determine if improvements need to be made.

What are the differences between AAF 01/06 and ISO 9001:2008?

AAF 01/06 and ISO 9001:2008 are similar in that they are recognised as global quality management standards applying to all types of organisations of different sizes. AAF 01/06 is an assurance standard based on audit principles designed to allow an ICAEW Reporting Accountant to evaluate and issue an opinion on the controls of a third party service organisation. The AAF 01/06 report could often publish 50 plus pages describing the
service organisation’s control environment and detail specific control objectives, controls and testing performed. The Reporting Accountant’s report for an AAF 01/06 assurance engagement will state compliance with ISAE standards and identify subject matter information, the criteria used for assurance reporting, a summary of the procedures used by management, results of those procedures, identification of the responsible party and summary of the work performed.

ISO 9001:2008 requires a business to have in place a documented Quality Management System and be able to demonstrate its implementation and on-going maintenance. An assessment is carried out be an independent accreditation company and a certificate is awarded and an ISO 9001:2008 “badge” is able to be displayed on the service organisation’s documentation.

What are the main types of “AAF” assurance reporting standards in the UK?

The most common assurance reporting standards issued by chartered accountants in the
UK are AAF 01/06, AAF 02/07. AAF 01/06 and AAF 02/07 are technical guidance issued by
the Institute of Chartered Accountants in England & Wales (ICAEW) Audit and Assurance
Faculty (hence the term “AAF”). Both provide comfort over the design, implementation and
operating effectiveness of controls.
AF 01/06 focuses on the comfort over the services provided by third party service
organisations such as third party pension scheme administrators and investment managers.
AAF 01/06 can also be used in conjunction with the international standard IAASB’s ISAE
3402 “Assurance Reports on Controls at a Service Organization”, and IAASB’s 3000
“Assurance Engagements Other than Audits or Reviews of Historical Financial Information”.
AAF 02/07 is AAF 02/07 is a framework for assurance that extends beyond AAF 01/06
internal controls reporting and can provide assurance over company policies and
procedures. AAF 02/07 can also be used in conjunction with the international standard
IAASB’s 3000 “Assurance Engagements Other than Audits or Reviews of Historical Financial
Information”.

What should I consider when deciding whether to have an AAF 01/06 or AAF 02/07 assurance report?

The AAF 01/06 and AAF 02/07 are not an auditing standard and are generally not a regulatory requirement. For directors of service organisations that have had an AAF 01/06 or AAF 02/07, the experience of these reports from other organisations and the arrival of the new guidance in the form of supplements, such as TECH 04/13 “Assurance Reporting on Relevant Trustees (Relevant Trustee Supplement to ICAEW AAF 02/07)” gives them the opportunity to consider the cost and benefits of independent assurance reporting. An external review that assesses the design, documentation and operation of control objectives and procedures against core criteria issued by the ICAEW Audit and Assurance Faculty would help many service organisations become more risk aware and efficient through better design, documentation and recording of control procedures – but at the cost of paying for the services of an ICAEW reporting accountant.

With the significant increase in the use of outsourced service organisations by companies and pension funds, it is expected that the executives of these entities will want to ensure the control procedures at the service organisation can be held up to scrutiny by their customers. In addition, because many of the functions performed by outsourced service organisations affect an entity’s financial statements, auditors may also seek information about the control procedures surrounding those services.

Directors of service organisations in financial services may also want for an AAF 01/06 or AAF 02/07 report to be made available to their clients and client auditors in order to demonstrate that they have strong internal controls and procedures. Should directors not wish to have an AAF 01/06 or AAF 02/07 report they may be faced with
producing their own assessment of their internal controls without independent verification from a reporting accountant.

Where can I get a copy of the AAF 01/06 and AAF 02/07 guidance?

Information can be found on AAF 01/06 and AAF 02/07 at icaew.com.