UK Investment Guides Loader

UK pension funds “underprepared” against cybercrime

written by Bella Palmer

The report by Crowe found 29% of all schemes have not assessed the cyber vulnerability of their third-party suppliers

According to research by Crowe, UK pension funds are “underprepared” against the risks posed by cybercrime and fraud.

The national audit, tax, advisory and risk firm's Governance and Risk Management report revealed trustees view cybercrime as the top risk to pension schemes.

Despite this, the report found 25% of schemes do not have an adequate plan to tackle cybercrime breach, while 22% are unaware of which of their key operations and IT systems are most vulnerable to fraud.

The report also found 29% of all schemes have not assessed the cyber vulnerability of their third-party suppliers meaning they cannot be sure risks are being managed appropriately.

Crowe also revealed nearly half (46%) of schemes have not undertaken an independent review of the process for putting member benefits into payments. It also found a "worrying number" of administrators still relying on outdated identity verification methods that are highly vulnerable to fraud.

The firm revealed even for those pensions schemes that may have adequately assessed the risk of external threats, "dishonest employees can still identify and exploit vulnerabilities".

National head of pension funds Andrew Penketh said: It's no secret that 2020 will be remembered as a year of significant disruption and hardship for many businesses. Yet for all the good work done, these latest results provide a clear takeaway for the industry: the risk of cybercrime and fraud cannot be ignored and is something that needs urgent remedying.

Too few pension funds are properly assessing the risks, too many are lacking the expertise to combat cyber-attacks and there is a clear deficit of efficacious fraud prevention procedures put in place across the board, Penketh said.

A pension, in many ways, represents a life's work, he continued. The industry must better protect the fruits of peoples' labour, rather than funding early retirement for undeserving fraudsters. We urge the industry to appreciate the seriousness of the risk posed by cybercrime and take appropriate measures in response.

Partner and head of forensic services Jim Gee added: The latest government statistics show that, since the advent of Covid-19, there has been a 92% increase in incidents of cybercrime and that cybercrime and fraud now represent over 50% of all crime.

He said that pension schemes are particularly vulnerable to cybercrime, for two reasons. They are responsible for rich seams of personal data often collected over many years which is attractive for cyber criminals to steal and attack others. They are also vulnerable to ransomware attacks because cybercriminals believe that the pressure to continue to make pension payments might induce pension schemes to pay the ransom which has been demanded.


The opinions expressed by our writers are their own and do not represent the views of UK Investment Guides. The information provided on UK Investment Guides is intended for informational purposes only. UK Investment Guides is not liable for any financial losses incurred. Conduct your own research by contacting financial experts before making any investment decisions.

Share this post with friends!