CAPSA Consultation on ESG, Leverage, Cyber and Risk Management Guidelines for Pension Plans

July 11, 2022

Written By Jordan Fremont and Jaspreet Kaur

On June 9, 2022, the Canadian Association of Pension Supervisory Authorities (CAPSA) published consultation drafts of pension plan guidelines covering environmental, social and governance (ESG) considerations, as well as cyber and leverage. CAPSA also announced that it is contemplating the establishment of a separate, principles-based risk management guideline, but is inviting comments on whether to instead prepare a single document that combines all of these items into an inclusive risk management guideline.

Comments on the consultation drafts and the matter of whether to combine ESG, cyber and leverage related guidance into a single, inclusive risk management document are to be provided to CAPSA by September 15, 2022.

Draft Guidelines

ESG Considerations in Pension Plan Management

The draft guideline sets out three principles, which provide that a plan administrator should:

• consider ESG characteristics that may have material relevance to the financial risk-return profile of the pension fund's investment;
• assess whether plan governance, risk management and investment decision-making practices are sufficient to identify and respond to material ESG information in a manner proportionate to a particular plan and appropriate for the investment beliefs; and
• disclose information about the pension fund’s investment policies in relation to ESG considerations and, where appropriate, provide reports on the stewardship activities as well as request companies in which they invest to disclose their ESG-related policies.

Additional commentary provides guidance as to how a plan administrator might apply these principles in certain circumstances.

Cyber Risk for Pension Plans

The draft guideline reviews cyber related risks and related actions that plan administrators should be considering, including the following:

• regular review and assessment of cyber risk, with a view to establishing and maintaining appropriate controls, taking into account the evolving nature of technology, cyber practices, and data standards, the need for specialized technological expertise and training, as well as the sensitive nature of information retained by plans;
• obtain or retain the required skills, expertise and/or training to understand and manage cyber risk;
• clearly define, assign, and understand roles and responsibilities related to cyber risks, including with respect to any activities delegated to third-party service providers (and all applicable subcontractors); and
• establish a strategy for responding to and reporting cyber incidents, including with respect to business continuity, disaster recovery and incident response.

Leverage and the Effective Management of Associated Risks

The draft guideline identifies a number of practices that plan administrators should consider respecting the management of risks associated with the use of leverage in pension plan investments, including the following:

• identification of risk factors and economic exposures, including approaches for their measurement, monitoring and mitigation;
• describing objectives respecting the use of leverage in the plan's Statement of Investment Policy and Procedures;
• content for a risk management framework, including the roles and responsibilities of key stakeholders, risk monitoring, reporting and oversight;
• establishment of appropriate risk guidelines and controls; and
• stress testing and scenario analysis.

The draft guideline also presents three illustrative metrics for measuring leverage and its effects.

The Bennett Jones Pensions & Benefits Group are monitoring progress of the draft guidelines.  Please contact a member of group if you have any questions respecting the draft guidelines or if you would like assistance respecting CAPSA's consultation. 

Authors