Pension providers, schemes and third-party administrators will need choice in how they connect to the Pensions Dashboard and reassurance that their customers data will be secure no matter how they connect, according to Origo.
With the staging dates set from 2023, every provider will be looking at the practical issues of delivering the right data, securely and cost effectively to the dashboard when requests come through. This will be based on where their company is in the staging process to connect to the pensions dashboard central digital architecture, how they want to make that connection and how much of the process they want to do themselves.
The Fintech says its experience to date is that providers are wary of building the interface directly, as potentially receiving millions of data requests a year will impact already stretched resources. For most providers, using an ‘ISP’ (Integrated Service Provider) service, to take on the heavy lifting for them, makes business sense.
Providers will want to connect to the pensions dashboard in the way that best suits their structure. Typically, this will be via one of three options, Origo suggests:
• A straight forward, secure and compliant link from the pension provider to the pensions dashboard central digital architecture;
• An option offering this link but which will also respond to a citizen’s request to know if a company has a policy in their name – customised to meet the provider’s individual data matching preferences; and
• A fully-managed service, building on the first two, where the ISP securely holds all the pension data necessary to completely fulfil a citizen’s request and makes the data available to the dashboard and ultimately the citizen themselves.
• An option offering this link but which will also respond to a citizen’s request to know if a company has a policy in their name – customised to meet the provider’s individual data matching preferences; and
• A fully-managed service, building on the first two, where the ISP securely holds all the pension data necessary to completely fulfil a citizen’s request and makes the data available to the dashboard and ultimately the citizen themselves.
The fully-managed option takes an incoming request can be dealt with in full without any input from the pension provider, other than regularly updating the data available to the ISP. To date, Origo says it is finding most providers are favouring this option.
Whichever option is chosen, it must handle the complex security interactions ensuring that the pension provider is fully compliant with all the connectivity and SLA requirements of the ecosystem.
An important consideration here, the Fintech says, is that where data is held by the ISP, not only should it follow all security best practices and use world-class technology platforms, but each provider’s data should be fully segregated from other providers’ data.
Anthony Rafferty, CEO Origo says: “As we head towards 2023, time will be pressing for operations and IT heads in pension providers, schemes and TPAs, who will want to ensure they connect securely to the Pension Dashboard, keeping their members and customers data safe, whilst also conforming to the relevant legislation and regulation.
“For many they will be considering how much of the process they want to do themselves. Over time, the volume of requests for data is expected to grow considerably, which will put more pressure on internal resources, so implementing an efficient, secure and compliant option from the start can make sense from a business perspective.
“This is why we think most companies will want to connect via an ISP with experience of the dashboard market.”
