The purpose of this guidance note is to provide the Relationship Manager (RM) with information to assist in the risk assessment process. An overview of this process can be found in the Risk Assessment Framework for Federally Regulated Private Pension Plans document.
In assessing the risk within a pension plan, it is important to begin with a sound knowledge of the plan.. This involves understanding key elements of the activities the plan is involved in, such as Asset Management.
This guidance note sets out the key concepts for assessing the Inherent Risks, the Quality of Risk Management, and the process for determining the Net Risk of the Asset Management Significant Activity.
2. Specific Actions under the Asset Management Significant Activity
The Asset Management Significant Activity focuses on managing the plan’s funds, which encompasses the development of the investment strategy, including the establishment for certain plans of a Statement of Investment Policies and Procedures (SIP&P) and asset/liability management, investment decisions, regulatory compliance with investment rules, and monitoring and reporting, including the preparation of special financial or risk management reports.
Examples of activities that fall under the Asset Management Significant Activity include:
Developing Investment Strategy: A key part of Asset Management is having an appropriate investment strategy. This includes considering the role, if any, of independent investment managers and advisors, which may be hired to assist in developing the investment strategy and to conduct the actual management of investments.
This also includes developing an appropriate SIP&P, reviewing the SIP&P at least annually, and adjusting it when necessary. It involves developing an appropriate target asset mix, rate of return expectations, appropriate investment constraints, and an appropriate level of diversification, having regard to the obligations of the pension plan (asset/liability management) and the risk tolerance of the parties involved.
For plans with defined benefit provisions, the Asset Management Significant Activity and particularly the development of the investment strategy will also include the consideration of funding arrangements, including the development of a formal funding policy. A funding policy would address an employer’s willingness to accept variability in funding from year to year as a result of variable investment performance, and their willingness to fund in excess of minimum requirements to create a cushion for times where investment performance is less successful (e.g. this may include a policy on contribution holidays). The funding policies may have an impact on the investment strategy for pension plan funds.
For plans with capital accumulation accounts, the members bear the risk that poor investment performance will adversely impact their pensions. Key decisions for the administrator include whether or not to offer investment options to members and if so:
- the number of investment options to provide;
- how the funds will be invested if no option is selected by the member;
- the default options;
- any restrictions associated with transfers between options (e.g., frequency, minimum amounts); and
- for each option, disclosure on of fees, diversification, liquidity, and risk level, and
- the disclosure of other required information.
Plans with capital accumulation accounts should consider whether to enter into an arrangement with a service provider to provide advice to members. Plans that do not offer investment choice to members must invest the assets of the pension fund in a manner that a reasonable and prudent person would apply in respect of a portfolio of investments of a pension fund.
For plans subject to the Pooled Registered Pension Plans Act (PRPP Act), the administrator must decide whether it permits a member to make investment choices. Where member choice is permitted, the Pooled Registered Pension Plans Regulations (PRPP Regulations) provide that the default option must be a balanced fund or a portfolio of investments that take into account a member’s age. If member choice is not permitted, the administrator must invest the funds in members’ accounts and must do so in a manner that a reasonable and prudent person would apply in respect of a portfolio of investments appropriate for retirement savings.
Investment Decisions: In terms of the actual selection of investments, often the administrator will hire an investment manager to select investments in accordance with the plan’s SIP&P. The investment manager may be the custodian, or may be another separate service provider. Investment advisors may also be hired to provide advice. Alternatively, the actual investment decisions may be performed in-house.
Monitoring and Reporting: The Asset Management Significant Activity involves monitoring, reporting, record keeping and evaluation of both investment policies and investment performance. This includes managing relationships with third party service providers, such as the custodian, investment advisors, and investment managers. It also includes the preparation and filing of required financial information with OSFI.
Compliance with Investment Rules: Federal pension legislation and regulations set out rules regarding the investment of pension assets. For example, the legislation requires that plan administrators, when investing the fund assets, adopt the ‘prudent person portfolio approach’ that a reasonable and prudent person would apply to the investment portfolio of a pension fund. In addition, investments must comply with certain quantitative rules. There are also record-keeping and reporting requirements. Ensuring compliance with investment rules involves establishing the appropriate policies and procedures covering the development of an investment strategy, making investments, and monitoring activities.
Having funds available to pay benefits: Another component of the Asset Management Significant Activity is ensuring there are funds readily available to meet upcoming obligations (i.e. payment of benefits). This requires that pension plans determine their liquidity needs, dependent on the demographics, and hold a portion of their funds in relatively liquid assets accordingly.
3. Inherent Risks
Inherent risks are intrinsic to a pension plan and arise from exposure to and uncertainty of potential future events. Inherent risk is evaluated by considering the degree of probability and the potential size of an adverse impact on the pension promises and/or the plan meeting minimum funding requirements. The inherent risks for each activity are rated Low, Moderate, Above Average or High.
The inherent risks for the Asset Management Significant Activity are: Investment Risk, Operational Risk, Legal and Regulatory Risk, and Strategic Risk.
3.1 Investment Risk
This will usually be a key inherent risk in the Asset Management Significant Activity, as investments are the main focus of the Asset Management Significant Activity. Investment Risk is the risk of unexpected adverse investment performance of pension fund assets. It encompasses market risk, credit risk, and liquidity risk.
Market risk is a significant component of Investment Risk. It is the risk that the value of an investment will decrease due to changes in market factors. Market risk factors include:
- Equity risk: the risk that stock prices will change;
- Interest rate risk: the risk that interest rates will change;
- Currency risk: the risk that foreign exchange rates will change;
- Commodity risk: the risk that commodity prices will change; and
- Index risk: the risk that stock or other index prices will change.
Credit risk is the risk that a counterparty to a plan asset will not pay an amount due as called for in the original agreement, and may eventually default on an obligation.
Liquidity risk is the risk that a plan will be unable to obtain the necessary funds to meet pension obligations as they come due without incurring unacceptable losses.
For plans with defined benefit provisions, the primary risk is that poor investment performance will lead to a shortfall of plan assets relative to liabilities, which will impact the plan’s funding requirements and ability to meet pension promises. The risk relates not simply to absolute investment performance, but to investment performance relative to the plan’s liabilities (i.e. not simply the volatility of the value of assets, but the volatility of assets relative to liabilities). Because of this, a plan’s funding policies and arrangements and its tolerance and capacity for volatility in funding will influence the acceptable level of inherent Investment Risk, as will the membership’s demographic profile.
For plans with capital accumulation accounts, the primary risk is that poor investment performance will lead to members receiving a much lower pension than expected.
Assessing the level of Investment Risk:
The following should be considered in assessing the level of Investment Risk:
Investment Portfolio: Consistent with tiered risk indicators, the asset allocation of the investment portfolio will influence the level of Investment Risk. When plans are invested heavily in certain markets, such as equities, they may be exposed to greater Investment Risk.
The composition of the investment portfolio will determine the level of inherent credit, market, and liquidity risk. A portfolio that is heavily bond weighted may have a higher level of credit risk and a lower level of market risk. The level of credit risk will also depend on the types and quality of bonds in the portfolio. Where a portfolio has a higher level of low rated bonds, the level of credit risk is higher. A portfolio that is heavily equity weighted may have a higher level of market risk. A portfolio with a high level of foreign investment will have a higher level of currency risk, which can be affected by political situations, so the origin of these investments should be considered. Liquidity risk may be higher where a portfolio has a high level of relatively illiquid investments such as real estate or private equity. The use of derivatives, which may either offset or increase a pension plan’s exposure to different types of risk, must also be considered, as the use of derivatives to offset one risk may introduce new risk to the plan. Similarly, the use of other types of innovative investments should be carefully analysed.
Asset/liability time horizon mismatch: Immunization is the process in which a plan administrator manages the investment of assets to ensure that cash is available for meeting the plan’s obligations as they fall due. Implementing an immunized strategy for a plan with defined benefit provisions will lower investment risk. If an immunization strategy has not been implemented, the plan could have increased reinvestment and liquidity risks.
Borrowing/Leverage Activities: A pension plan may have a strategy of using borrowing to enhance returns or for liquidity purposes. Where a plan has high levels of investment-related liability, this will generally give rise to a higher level of inherent Investment Risk.
Investment Performance: Large deviations from the benchmark rate of return (more than 5% up or down) could indicate higher Investment Risk. For example, consistent low rates of return compared to the benchmark may indicate lack of proper oversight or a failed investment strategy. However, higher rates of return and/or large deviations in investment returns could indicate a riskier (and possibly inappropriate) investment strategy and therefore a higher level of inherent Investment Risk.
3.2 Operational Risk
This is the risk of breakdowns in internal controls or processes, technological failures, human errors, fraud and natural catastrophes. The primary operational risk for the Asset Management Significant Activity is that poor controls and oversight will lead to poor record keeping and poor monitoring of investment performance. Additionally, the skill of plan administrators in understanding the asset management activities of the plan could affect the Operational Risk.
Assessing the level of Operational Risk:
The following should be considered in assessing the level of Operational Risk:
Service Providers: Where a plan uses many different service providers for the Asset Management Significant Activity, the risk may be higher as the relationships and reporting structures are more complex. For example, there is a considerable amount of reporting that has to be done between the investment managers and the custodian in relation to changes in plan investments. Where pension plans use multiple investment managers and have investments in many different vehicles, the Operational Risk is higher.
Investment Strategy: Where a pension plan chooses active (as opposed to passive) investment management, Operational Risk will be higher. More complex investment strategies also give rise to higher Operational Risk.
3.3 Legal and Regulatory Risk
This is the risk that a plan may not be in compliance with the rules, regulations, prescribed practices, or fiduciary standards imposed on the plan in any jurisdiction in which the plan operates. Much of the legal risk for pension plans relates to the actions of the administrator.
Assessing the level of Legal and Regulatory Risk:
The following should be considered in assessing the level of Legal and Regulatory Risk:
Type of Plan: All plans face regulatory requirements in terms of Asset Management; however plans with capital accumulation accounts may face legal risk, in the form of litigation risk, from members as a result of poor investment decisions that lead to poor investment performance. This risk exists as a result of poor investor education, or if members are not offered appropriate investment choices. For plans with defined benefit provisions, litigation risk exists in the event there is a loss in members’ benefits as a result of inappropriate investment strategies.
Service Providers: Where plans use service providers for Asset Management, there may be additional legal considerations arising from responsibilities and duties performed by service providers. The terms of the service contracts are important in assessing these risks.
3.4 Strategic Risk
This is the risk that arises from a plan administrator’s difficulty or inability to implement appropriate policies or strategies required to address problems or challenges that may arise in the pension plan due to its design or structure.
Assessing the level of Strategic Risk:
The following should be considered in assessing the level of Strategic Risk:
Type of Plan: Investment activities tie into funding policies and strategies as well as decisions relating to benefits provided. For negotiated contribution plans (NC plans), inherent Strategic Risk may be higher than for an average plan with defined benefit provisions, as contributions cannot be readily adjusted to meet funding obligations.
Where a pension plan permits an individual to make investment choices and that individual does not make an investment choice, the administrator is required to invest the assets of the pension fund in a manner that a reasonable and prudent person would apply in respect of a portfolio of investments of a pension fund.
For plans subject to the PRPP Act that permit members to make investment choices, the PRPP Regulations provide that the default option must be a balanced fund or a portfolio of investments that take into account a member’s age.
Funding Considerations: The number of challenges or constraints that the administrator of a plan with defined benefit provisions faces due to the nature of the plan and its demographics will increase the level of Strategic Risk. Examples may include:
- Where pension plan liabilities are high relative to the assets of the employer, since the employer may depend on investment income to reduce funding;
- Where an employer has a lower ability to meet funding and/or places greater reliance on investment performance for meeting funding obligations;
- For NC plans, investment decisions (e.g. setting the asset mix) are more constrained as consideration must be given to the fact that contributions cannot be readily adjusted to meet funding volatility;
- Where a plan provides for generous defined benefits, for example indexed benefits, the Strategic Risk may be higher (i.e. because investment returns may be relied upon more heavily to meet future pension promises).
Plan Demographics: A plan’s demographic profile may pose challenges and complicate decision making which can increase the level of Strategic Risk. For example, the Strategic Risk for a plan with an aging overall membership will be higher, as future contributions may be less certain, and higher benefit payouts will be required in the near future. The choice of improper investment strategies could pose higher risks for such plans. It is important to consider demographics on a forward looking basis and in conjunction with the benefits provided under the terms of the plan. For example, although a plan may currently have a high percentage of active members, the plan may have generous early retirement provisions, and a large number of members approaching early retirement eligibility.
Quality of Risk Management (QRM) assessment considers the performance and risk mitigation efforts of plan administrators in two key areas: Controls and Oversight. QRM is rated as Weak, Needs Improvement, Acceptable or Strong.
The Controls Function involves ensuring the appropriate processes are in place to:
- Support a plan administrator to effectively carry out its activities/responsibilities
- Mitigate the plan’s inherent risks;
- Plan, direct and control the day-to-day operations of a plan;
- Properly inform management of their responsibility for planning and directing activities of the plan;
- Support general operations; and
- Help to achieve the strategic direction defined by the Board of Trustees/Directors (the Board) or Pension Committee.
The Oversight Function provides stewardship and independent oversight for the plan. This is generally performed by the Board or a Pension Committee.
4.1 Assessing “Controls” for the Asset Management Significant Activity
There are many controls that an RM would expect to be in place for the Asset Management Significant Activity. The RM should focus on the inherent risks identified to determine what controls will mitigate these risks.
Answers to the Self-Assessment questionnaire on Prudent Investment Practices attached to CAPSA Guideline No 6 (Pension Plan Prudent Investment Practices) would provide an indication of the risk mitigating strategies undertaken or contemplated by the plan administrator.
Ensuring compliance with regulatory requirements: There should be documented evidence of compliance with legislation, guidance and requirements to review policies and procedures. Lack of compliance can be identified through lack of required attestations filed with OSFI. Attestations include:
- that the SIP&P has been reviewed and/or amended;
- that investments comply with the 10% rule (Schedule III, 9(1) of PBSR);
- compliance with OSFI’s Securities Lending Guideline;
- compliance with OSFI’s Derivative Best Practices;
- accuracy of financial statements, and
- general certification that assets are invested in accordance with PBSA, PBSR PRPP Act, PRPP Regulations and the plan’s SIP&P, where applicable.
However, even where all attestations indicate compliance, some situations may warrant a more detailed examination of the controls an administrator has in place to ensure compliance.
Evidence of selection criteria in selecting an investment manager and other service providers: Where a plan uses an investment manager, a thorough process should be used to select an investment manager and the role and responsibility of the plan administrator and the investment managers should be clearly indicated. Selection criteria may include financial strength, experience and expertise, service, reporting capabilities, and fees. Fees in a plan with capital accumulation accounts are of particular importance, as fees will affect the end benefit directly. Administrators should ensure that investment managers hold all applicable licenses and are registered with the appropriate authorities. Additionally, the incentives for the investment manager should be in line with the goals of the plan.
Statement of Investment Policies and Procedures (SIP&P): Where a plan is required to have a written SIP&P in place, the SIP&P should be developed in accordance with OSFI’s Guideline for the Development of Investment Policies and Procedures for Federally Regulated Pension Plans, and there should be evidence that proper consideration went into the development of the SIP&P. There should be evidence of ongoing review and updating (where necessary) of the SIP&P. There should be evidence that the SIP&P has been submitted to the plan actuary (and pension council if applicable). While the investment manager may participate in the development and review of the SIP&P, it remains the plan administrator’s ultimate responsibility.
If the plan administrator does not have appropriate expertise in the investment field, there is a need for an independent investment advisor. There should be evidence that any recommendations have been documented such that the administrator can approve the decisions and monitor the investment manager. The applicable roles and responsibilities of these parties should be documented.
Formal Written Funding Policy: Having a formal, written funding policy indicates a positive risk management control in respect of Investment Risk and Strategic Risk. This policy should be regularly reviewed to ensure it is relevant to the current situation of the plan.
Investment Decisions: The pension plan’s investment activities can expose the plan to a range of financial risks. These risks can include market risk, credit risk and liquidity risk. Financial risks can be mitigated through a number of different strategies. Credit risk, for example, can be mitigated through the use of derivative financial instruments such as credit default swaps which are designed to transfer the credit exposure of fixed income products between parties. Derivative financial instruments can also be used to assist in the management of exposure to currency risk and interest rate risk. It is important to note that derivative instruments are not only used to hedge risks, but in some circumstances are used to increase investment returns. In addition to derivative instruments, other types of alternative investments or non-traditional investments include hedge funds, private equity, infrastructure and commodities. Plan administrators must be aware that such strategies can introduce additional risks to the pension plan. The ability to use derivative financial instruments should be described in the SIP&P and closely monitored by the plan administrator. For example, where the SIP&P authorizes the use of derivative financial instruments to mitigate risk, derivatives should not be used for speculative purposes. RMs should consider the percentage of the pension fund that is allocated to the use of financial derivatives, the type of strategy that has been implemented and the expertise that the plan administrator has in the use of these instruments.
Segregation of duties: Independence is an important aspect of investment management. There should be a clear segregation of the duties of investment managers, auditors and the custodian. These roles should not overlap, and contracts should explicitly state the duties and interaction of each party.
Evidence of stress testing: Performing stress testing on an investment portfolio is a positive risk management control. It is important that sufficient and regular analysis of testing results takes place. Stress testing is a risk management technique used to evaluate the potential impact on the plan’s financial condition, of a set of specified changes in risk factors, corresponding to exceptional but plausible events. Stress testing includes scenario testing and sensitivity testing. While scenario testing is typically conducted over a multi-year horizon, sensitivity testing is conducted over a shorter time horizon, for example an instantaneous shock. The plan administrator should ensure that each scenario is considered in terms of the impact on the plan and the probability of the scenario occurring. There should be evidence that stress testing results were considered when making investment decisions. Stress testing results should also be considered when establishing or reviewing the SIP&P and funding policy for the plan.
Monitoring the investment manager: Where a pension plan uses an investment manager, there should be evidence of ongoing monitoring of the investment manager, indicated by regular communications between the plan administrator and investment manager. There should be evidence of evaluation of the investment manager. Evaluation criteria could include factors such as compliance with the investment policy, early detection of problems, review of performance vs. performance standards established in contracts, etc. The criteria should be a combination of quantitative factors and qualitative factors, and should be aligned with the goals of the pension plan.
Record-keeping: The plan administrator should develop a document retention/records policy for investment activities. The plan administrator should maintain information on the plan’s investment portfolio that facilitates analysis of compliance with limits documented in the SIP&P such as asset quality, concentration, and mismatch.
4.2 Assessing “Oversight” of the Asset Management Significant Activity
This is generally performed by the Board of Trustees/Directors or by a Pension Committee. There should be evidence (for example through board resolutions, minutes of meetings) that this governing body is engaged in the issues of Asset Management oversight, including:
- Review of stress testing results. The Board’s involvement is critical in ensuring the appropriate use of stress testing in a plan’s governance and funding strategy. This could include setting stress testing objectives, defining scenarios, determining the frequency, discussing the results of stress tests, assessing potential actions and decision making.
- Consideration and approval of the Investment Policy: There should be a record that the SIP&P has been considered and approved, with the input of an independent investment advisor if necessary, as well as evidence of ongoing review of the policy and its implementation.
- Whether an Investment Oversight Committee exists, and if so, the nature and extent of its work.
- Whether audits of investment activities have been performed.
- Identification and follow-up of deficiencies related to Asset Management.
- Whether an auditor’s report of the pension plan has identified any issues related to Asset Management, and whether these were addressed.
- Where the Board has delegated these duties to senior management, there should be evidence documenting reporting to the Board that the asset management activities are being managed in compliance with the legislative requirements, the SIP&P and other directives provided to management by the Board.
5. Net Risk
The Net Risk for each activity is a function of the aggregate level of inherent risk offset by the aggregate QRM. The aggregate levels are based on judgments that consider all of the inherent risk ratings and the QRM for the activity. Net Risk is rated as Low, Moderate, Above Average or High.
Assessing Net Risk for the Asset Management Significant Activity involves considering the level of each of the inherent risks and how well those risks are mitigated by the QRM activities (both Controls and Oversight functions) conducted by the plan administrator.
In determining the Net Risk, some inherent risks will influence this rating more than others. RMs should exercise judgment when determining which risks have the greatest impact on Net Risks. In addition to the inherent risks, the Controls and Oversight ratings must then be considered to produce a Net Risk rating for the Asset Management Significant Activity.
Example: A plan is facing high Investment Risk as a result of an aging membership. The RM should look for specific risk mitigants, such as having a written funding policy in place, as well as evidence in the SIP&P and the investment portfolio that this risk has been addressed through an appropriate strategy, such as one involving immunization.
Example: A plan may face high Strategic Risk relating to actions and decisions of the governing body (i.e. the Board or Pension Committee). A NC plan with higher Strategic Risk relating to the negotiated level of contributions may fall into this category. Here, the consideration of the Oversight Function will be of particular importance, as the governing body should be acutely aware of the status of the plan in order to react accordingly in a timely fashion should the need arise.
Below is the portion of the Risk Matrix that is applicable to the Net Risk assessment of the Asset Management Significant Activity: