UK Auto-Enrolment: Six Mistakes Growing Companies Make (and How to Avoid Them)

The Pensions Regulator can see what you're doing

UK auto-enrolment has been in effect since 2012. The Pensions Regulator (TPR) has been progressively increasing its enforcement activity since the full rollout completed in 2018. In its published enforcement bulletins, TPR reports issuing tens of thousands of statutory notices and penalty notices annually to employers failing to meet their auto-enrolment obligations.

For growing companies — particularly those that set up their auto-enrolment in the early stages and then let it run without much active management — the risk isn't usually deliberate non-compliance. It's the accumulation of small administrative errors that go unnoticed until a TPR audit or an employee complaint surfaces them.

This article covers six specific mistakes that growing companies make with UK auto-enrolment, based on the patterns that produce the most TPR enforcement activity.

Mistake 1: Not managing re-enrolment correctly

Auto-enrolment is not a one-time exercise. Every three years from the employer's staging date (or from a date the employer selects within a three-month window of the third anniversary), the employer must re-enrol all eligible workers who are not currently in a qualifying pension scheme — specifically, those who previously opted out or ceased active membership.

The re-enrolment process mirrors initial enrolment: assess eligibility, enrol eligible non-members, notify them in writing within six weeks, and file a re-declaration of compliance with TPR within five months of the re-enrolment date.

Where growing companies go wrong: The three-year re-enrolment cycle is often forgotten or mismanaged when there is staff turnover in the HR team. A company that set up auto-enrolment in 2019 and had its first re-enrolment in 2022 may have handled it correctly. But if the person who managed that process has since left, the 2025 re-enrolment can slip past without anyone realising the deadline exists.

The TPR consequence: Failure to complete re-enrolment on time results in a compliance notice. Failure to file the re-declaration of compliance results in a fixed penalty of £400, escalating to a daily penalty of £50 to £10,000 per day depending on employer size.

Mistake 2: Using the wrong qualifying earnings band

Qualifying earnings (QE) are the band of earnings on which auto-enrolment contributions are calculated. For the 2024–25 tax year, the QE lower threshold is £6,240 and the upper threshold is £50,270. These figures are updated annually by the Department for Work and Pensions (DWP) and come into effect at the start of the tax year (6 April).

Contributions are calculated on earnings above the lower threshold and up to the upper threshold. An employee earning £30,000/year has qualifying earnings of £30,000 minus £6,240 = £23,760 for contribution purposes.

Where growing companies go wrong: Payroll systems are not automatically updated with the new QE thresholds each April. If a company's payroll team misses the April update, every employee's contribution is calculated on the wrong base for the entire tax year. This compounds over 12 months and produces both an underpayment of contributions and a potential breach of auto-enrolment rules.

A secondary version of this error occurs when employers use a "pensionable pay" definition that doesn't meet the QE equivalence tests under the Pensions Act 2008. Some pension schemes use a simplified "total pensionable pay" approach that avoids the QE calculation. This is permitted under TPR's certification framework, but the employer must certify that the simplified approach meets the minimum requirements. Using a non-qualifying pay definition without certification produces a compliance breach.

Mistake 3: Missing the postponement rules

Postponement allows employers to delay auto-enrolment for a new employee by up to three months. During the postponement period, the employer does not have to enrol the employee or pay contributions. However, the postponement must be communicated to the employee in writing within six weeks of the employment start date (or the employee's 22nd birthday or the date their earnings exceed the trigger, if those are the qualifying dates).

Where growing companies go wrong: Using postponement without sending the required written notice. Many employers use postponement operationally to align pension enrolment with probationary period ends. This is legitimate. But if the written notice isn't sent within the six-week window, the postponement is invalid and the employer is in breach from day one.

A related error: treating postponement as optional notification rather than a binding obligation. If an employer consistently fails to send postponement notices and TPR runs an audit, the employer will struggle to demonstrate compliance for any of the affected employees.

Mistake 4: Mishandling opt-outs and opt-out windows

An employee who has been auto-enrolled has a statutory right to opt out of the pension scheme within one month of being enrolled (the opt-out window). If they opt out within this window, the employer must refund any contributions already deducted from their salary.

After the opt-out window closes, the employee can still leave the scheme, but this is treated as a "cessation of active membership" rather than an opt-out. The employer does not refund contributions in this case. The distinction matters for re-enrolment: opted-out employees must be re-enrolled at the three-year re-enrolment date; those who ceased active membership after the opt-out window must also be re-assessed.

Where growing companies go wrong: Four common errors in this area:

1. Processing refunds for employees who left the scheme after the opt-out window (no refund is required or permitted)
2. Failing to refund contributions for employees who opted out within the window (the refund is mandatory and time-sensitive)
3. Not recording the distinction between opt-outs and post-window cessations in HR records — this creates re-enrolment errors three years later
4. Encouraging employees to opt out — this is prohibited under the Pensions Act 2008 and can result in TPR prosecution

Mistake 5: Not assessing new worker categories correctly

Auto-enrolment eligibility depends on age and earnings. Workers are categorised into three groups at any assessment date:

• Eligible jobholder: aged 22 to state pension age, earning above the earnings trigger (£10,000 for 2024–25). Must be auto-enrolled.
• Non-eligible jobholder: aged 16–21 or state pension age to 74, or earning between £6,240 and £10,000. Has the right to opt in but need not be auto-enrolled.
• Entitled worker: earning below £6,240. Has the right to join a pension scheme but the employer need not contribute.

Where growing companies go wrong: Treating all employees as either enrolled or not enrolled, without tracking workers who need to be assessed for eligibility changes over time. A 21-year-old hired today becomes an eligible jobholder on their 22nd birthday. An employee whose earnings increase above the earnings trigger must be assessed again. Growing companies with manual assessment processes miss these triggers.

Part-time workers are a particularly common source of error. An employee working two part-time jobs (neither of which individually exceeds the £10,000 trigger) falls into the non-eligible category at each employer separately. HR teams should understand that eligibility is assessed per-employment, not on combined income — and ensure that assessment records reflect actual earnings from this employer only.

Mistake 6: Contribution records that don't reconcile with payroll

TPR's enforcement process frequently involves requesting evidence of contributions made. For defined contribution (DC) qualifying schemes — which includes NEST and most other UK auto-enrolment schemes — the employer must be able to demonstrate that the correct contribution amounts were paid, on time, to the scheme.

The payment deadline for DC contributions is the 22nd of the month following the payroll month in which the contributions were deducted (or the 19th for non-electronic payments). Missing this deadline is a breach.

Where growing companies go wrong: Contribution records maintained in payroll do not reconcile with what was actually paid to the pension provider. This happens for several reasons:

• Payroll software calculates contributions but the payment to the provider is made manually from a bank account, introducing discrepancies
• Salary changes in the middle of a payroll period produce contribution calculations that don't match the actual payment
• Part-time or variable-hours employees have payroll entries that are calculated inconsistently

TPR can request a contribution audit going back six years. An employer that cannot produce reconciled contribution records for this period faces significant compliance risk. The absence of records does not mean the employer is assumed to have complied — it shifts the burden onto the employer to prove it.

The compliance calendar: key auto-enrolment dates

For reference, the key recurring dates in UK auto-enrolment compliance:

• 6 April each year: New tax year. QE thresholds and earnings trigger are updated.
• Every three years from your staging date: Re-enrolment. Must re-enrol eligible non-members and file re-declaration within five months of the re-enrolment date.
• Within six weeks of each new eligible employee's start date: Enrolment letter (or postponement notice if using postponement).
• Within one month of enrolment: Employee's opt-out window opens and closes.
• 22nd of month following payroll: Contribution payment deadline.

A note on NEST vs other qualifying schemes

NEST (National Employment Savings Trust) is the government-established pension scheme created specifically for auto-enrolment. It accepts any employer and any employee, has no minimum size, and its administration interface is designed for employers without in-house pension expertise. Most growing companies use either NEST or a commercial master trust from an insurance provider.

The administrative obligations are the same regardless of provider: correct eligibility assessment, correct contribution calculation, timely payment, accurate records, and on-schedule re-enrolment. The choice of provider doesn't change the compliance obligations — it changes the quality of the administration interface and the fees charged.

Growing companies face heightened risk

The six mistakes above are disproportionately common at growing companies for a structural reason: pension administration was set up at a smaller scale and the processes weren't designed to scale with headcount. What worked manually for 30 employees doesn't work reliably for 150. A company that has added 100 employees in two years may have accumulated eligibility assessment errors, contribution record discrepancies, and missed re-enrolment obligations across a large portion of its workforce without anyone in HR being aware.

The solution is not complexity — it's automation. Eligibility assessment, contribution calculation, and compliance notifications are all deterministic processes. They follow a defined logic that can be built into software. A growing company that has this logic encoded in its pension administration platform rather than managed in spreadsheets will have significantly lower compliance risk over a three-to-five year growth trajectory.