As an ISP, such tech businesses can take data feeds at a cadence that suits a legacy provider or trustee.
If they have a scheme that does not change very often, they could provide simple updates to let us know when there has been a retirement, a death or a transfer out, for example.
This can be done legitimately under the current regulations and, in the case of defined benefit pensions, is perfectly adequate, although we could argue that defined contribution should be far more real time and capable of dealing with modern tech.
Action points for advisers
Advisers, especially if they are tied to particular pension providers, need to make sure their providers are doing the right thing. If they are placing workplace business, for example, what are their workplace customers being given in this space? Have they got a good chance of that being correct?
The other thing is making sure their clients’ information is up to date. Making sure clients’ information is accurate with providers is something advisers could really be proactive with. If providers do it at the same time as their annual or periodic reviews, it will not cost them a lot of resource and will enable them to give clients better service in the long run.
It is always good to make sure you are adhering to the General Data Protection Regulation correctly and that data is being held securely, especially following recent cyber incidents. The more copies of data you have lying around, the more likely it is that something can go wrong.
In the case of a well-known recent data breach, none of the actual systems were compromised, but files outside it such as in Excel, Word, extracts of benefits statements and so on are likely to have been, and something similar could easily happen in the adviser world.
Schemes and providers must make sure their cyber security is up to date and they are not keeping spreadsheets or temporary files hanging around, because you can be sure that cyber criminals will find any way possible to get access.
Naturally, advisers will want to look at how they connect to dashboards.
They may decide to use the delegated permissions to help them calculate pension values more quickly. If the client data they hold is wrong, it will take time and client effort to get a possible match upgraded to a full match.
When the Financial Conduct Authority gives a framework as to how advisers will get delegated access, they should think about how they can connect to give customers a better overall experience — do they need a “preferred dashboard” that gives them and their clients the right tools and journeys?
