Dutch pension funds must continue to improve their cyber resilience, De Nederlandsche Bank (DNB) president, Olaf Sleijpen, has warned.

Delivering the keynote address at an ABP pension fund conference in The Hague yesterday, 27 October, Sleijpen described cybersecurity as a core process of pension funds, which must be in order.

He warned that cyber attacks from criminals or foreign governments pose a “very serious threat” to pension funds and the broader financial sector.

“Unfortunately, this threat is increasing in the current climate. Funds have already done a great deal to increase their cyber resilience. This is a positive development. However, given the seriousness of the threat, we must continue to work on this,” he stated.

“It is not just a matter of preventing attacks, but also of detecting them and knowing what to do if you are attacked. And as a fund, you need to be aware not only of your own cyber resilience, but also that of the third parties on whom you depend for your critical processes.”

For DNB, Sleijpen said cybersecurity is a “top priority” and it will remain so for the foreseeable future. He specified that this work applies to both protecting DNB and as part of its supervision, including pension funds.

“You are therefore sure to encounter us next year on this important topic,” he said.

During his speech, Sleijpen also spoke about the complexity of the Dutch pension reform, but reassured that it would be strange if it were not.

“The division of collective assets into personal assets is irreversible and must therefore be carried out very carefully and in a balanced manner. The transition affects all of a fund's core processes. It is no coincidence that it has been discussed for 20 years,” he said.

He added that as a supervisory authority, the transition to the new system is also an “extensive and complex process”, and it is going through a “learning curve”. Therefore, he said it was important that pension funds, DNB and all stakeholders involved continue to engage in dialogue with each other.

“We see that funds are increasingly able to explain their choices, substantiate them and link them to the objectives for asset allocation. And that they are prepared to adjust their approach in line with new insights in order to ensure balance, where necessary, in consultation with social partners. That is good news,” he said.

On the reform, he said that new pension funds will have “built-in flexibility”, which means they are “better equipped to cope with a changing world”. However, the prudent person principle will remain under the Future Pensions Act (Wtp).

“Pension funds must invest in the interests of their members. And they must be accountable for this, including how they take into account the environment, climate, human rights and social relations. That is what the law says. That was the case, that is the case, and that will remain the case,” he said.

“The prudent person principle also guides how pension funds should deal with social pressure when it comes to the impact of their investments. Whether it's about speeding up climate change or strengthening defence, or other goals, the pension money belongs to the participant and so it should be invested in the participant's best interests.”

He also spoke about the importance of transparency in the new scheme. Sleijpen stated that pension funds must explain “clearly and transparently” the consequences of external events on members’ benefits.

---