RAG meaning

What is the background to the FCA’s consultation? Automatic enrolment (AE) launched in 2012 channelled more default saving into DC pensions. Default design in these schemes is sticky; members must overcome behavioural biases to make active choices. Evidence, including a recent Pensions Regulator blog, indicates most AE savers remain in entry‑level defaults such as the default investment strategy. Although steps since AE—such as the Occupational Pension Schemes (Charges and Governance) Regulations 2015 (SI 2015/879)—have been made, a narrow emphasis on charges has not invariably delivered better outcomes. Since 31 December 2021, trust‑based schemes under £100m in assets have faced enhanced value assessments under the Occupational Pension Schemes (Administration, Investment, Charges and Governance (Amendment) Regulations 2021 (SI 2021/1070), yet this has done little to spur DC consolidation or strengthen value measures. Differences between schemes mean some members enjoy stronger DC retirement outcomes than others. The absence of consistent, comparable data and metrics hampers like‑for‑like assessment, and the new VFM framework under consultation aims to increase visibility of scheme quality and...

The IA, in a letter to the FCA published on 18 October 2024, warned that the regulator’s plan to score pension providers with a traffic‑light style label risks stifling market innovation. It argued that schemes ought to be judged chiefly on delivery against their own strategic objectives, rather than set against other plans pursuing different aims. The letter expresses strong misgivings about the comparative elements of the package, noting that the potential downsides of receiving a red or amber mark, when measured against peers, would remove any clear motivation for providers to innovate within their investment offerings. The FCA’s consultation on a proposed value‑for‑money framework for defined contribution schemes closed on 17 October 2024. Under the proposals, pension providers would be assigned red, amber or green ratings—the ‘RAG’ approach—mirroring the colour coding used for food product grading. The IA said it was extremely concerned about comparative ratings stifling provider innovation and incentives...

In this Practice Note, we will navigate the five principal stages of legal project management (LPM) through an illustration drawn from an in-house legal team at a multinational drinks manufacturer. It may initially feel long‑winded; however, the virtue of LPM is that once the process is set and the tools are in place, everyone can follow the same process and rely on the same tools, scaling up or down to suit projects of varying size. Stage 1: Defining the scope This stage is the point at which you should devote time to gaining a complete understanding of the project’s scope and to mapping all relevant stakeholders. You can find further guidance on this in Practice Note: Project management: Project lifecycle and set‑up. Example: Suppose the marketing team come to you wishing to launch a limited‑edition flavour and have teamed up with a celebrity for promotion. Legal scope might include, for example, reviewing endorsement agreements, advising on competition law and/or advertising rules, and ensuring brand protection, etc. The...

Managing risk is never a single task; it is a continual process, as illustrated: This Practice Note sets out how to assess and clearly record risks in practice using a risk register, a tool that gathers all of your risk information in one place by carefully classifying each risk the organisation faces, scoring each entry and then choosing your response to each identified risk accordingly, eg reject or accept and, if the latter, how to control or mitigate the risk—see Precedent: Risk register. What is risk? There is a widely recognised definition of risk, ie: Risk = probability x impact. So, for any given risk faced by your business, two questions arise: how likely is it that the risk will occur, ie what is the probability? if it does occur, how serious will it be, ie what is the impact? A risk register is a means of scoring and documenting individual risks using this formula—see section Scoring each risk. It is...

This Practice Note is aimed at in-house counsel. It sets out how to build a legal risk register — a device for gathering all legal risk details in one location — by classifying each legal threat the organisation encounters, assigning a score to each, and then determining the controls or mitigations to apply effectively across the enterprise as appropriate. To craft a robust legal risk register, start by spotting the legal exposures your business confronts. It is also worthwhile to gauge your organisation’s tolerance for risk at this stage. What is risk? Many organisations maintain a written definition, against which their overall risk environment — and the legal component within it — can be recognised and mapped. If your organisation already has a definition, evaluate it and, if it proves practical, you are well placed to consider what amounts to legal risk. If not, you should assist the organisation in developing a usable definition. A clear, practical way to express risk is: Risk = probability x...

Please click to access the Precedent. Please note this register has been created in Excel, and therefore it cannot be downloaded into Word. For detailed guidance on completing a legal risk register, see Practice Note: How to create a legal risk register. However, a concise summary is set out briefly below. What is a legal risk register? A legal risk register is a means of gathering and overseeing all legal risk information in a single location. To produce an effective and reliable register, you must first determine the legal risks your organisation encounters. Understanding your organisation’s risk appetite is also highly advantageous. The register then lets you classify each risk appropriately, assign a score to it, and choose mitigation measures and actions. Separate Precedents exist for a general risk register and for a privacy risk register-see Precedents: Risk register and Privacy risk register. Identifying risks To create a robust risk register, you must start by identifying the risks your organisation faces. This work may already have...

Please click to open the Precedent risk register. Please note this register is produced in Excel and, as a result, it cannot be downloaded into Word. What is a risk register? A risk register gathers and manages all of your risk information in one place. To build a sound register, start by pinpointing the risks your organisation encounters, and develop an appreciation of the organisation’s appetite for risk. The register then allows you to classify each risk the organisation faces, score each one, and decide on your response to every risk—e.g. reject or accept—and, where you accept the risk, to control or mitigate that risk. Depending on the scale and character of your business, you might keep separate registers by department or by risk type, with key priorities feeding into a single overarching register. For a sample privacy risk register, see Precedent: Privacy risk register. For a sample legal risk register, see Precedent: Legal risk register. Identifying risks To produce an effective register, you...