Information about how ERISA litigation is playing out in courtrooms across the country helps retirement plan fiduciaries understand their increasing responsibilities. With the Department of Labor’s recent call to action on cybersecurity, fiduciaries from plans of all sizes are stepping up protection efforts.
Understand this: most ERISA lawsuits don’t make headlines. Allegations about the protection of participant data occur in large—and small—retirement plans. The same is true of litigation related to the fraudulent distribution of retirement plan funds—a growing problem. In 2020, a record number of new ERISA class actions were filed. As the body of ERISA law matures, so too do the number of lawsuits—with smaller plans increasingly targeted.
Cybersecurity litigation generally follows two lines of claims. Benefits BCLP explains and highlights some key takeaways for plan fiduciaries:
The first is that participant data is a plan asset entitled to the same fiduciary protections and prohibited transaction rules applicable to plan funds. Under this theory, the use of participant data for any purpose other than for the exclusive purpose of providing plan benefits would constitute a fiduciary breach. To date, the courts have been split on their acceptance of this theory. While some courts have rejected such theory in the absence of DOL guidance expanding plan asset protection to participant data, there have been several significant court approved settlements suggesting participant data may be viewed as a plan asset. Careful re-evaluation of the use of participant data in light of this litigation trend can offer fiduciaries some protection until more reliable guidance is established.
The second line of litigation seeks to impose liability on plan fiduciaries when a participant’s benefits are fraudulently withdrawn from their accounts. In these cases, good cybersecurity governance measures, including participant education, have been instrumental in defending such claims.
An Ounce of Prevention…
In addition to stepping up efforts to educate plan participants on digital identity protection, plan sponsors need to carefully review service provider provisions related to cybersecurity and breaches. Heightened threats—and heightened regulations—also make this important timing for plan sponsors to step up their risk management and mitigation protections. Experts increasingly caution that our businesses will experience cyber breaches. Being prepared with a breach response is the best prevention for disaster.
Small businesses no longer have to scramble on their own to prepare a cyber breach response. As a leading national provider of ERISA bonds, Colonial Surety Company is helping plan sponsors across the country with affordable Cyber Liability protection.
When you’re armed with Colonial’s Cyber Liability coverage, in the event of a data breach, a dedicated team of experts will assist at every stage of incident investigation and breach response. Carefully vetted forensic and legal experts will establish what’s been compromised, assess responsibility and notify impacted individuals. As needed, call center support, credit and identity monitoring is provided— even public relations experts. Liability protection in the event of covered lawsuits or regulatory actions due to a data breach? Of course, that’s included too.
Get your cybersecurity breach response plan in place quickly, and affordably with help from Colonial Surety Company: Cyber Liability Protection for Plan Sponsors.
Data and Assets: Fiduciary Responsibilities
The new DOL guidance puts increased importance on protecting retirement plan data and funds in the cyber era. Of course you are still required to have a current ERISA bond to protect the assets of the retirement plan from theft. Why stop there though? Remember, the ERISA bond required for the retirement plan does not cover you—the plan sponsor— as the fiduciary. Can you picture what even the allegation of a fiduciary breach would take from you? Consider damage to reputation, as well as money and time.
Why go it alone? Colonial’s annual premiums cost less then what even an hour with an expert ERISA attorney will cost if a lawsuit or compliance issue lands in your in-box. Uniquely, Colonial’s comprehensive ERISA bond packages offer plan sponsors up to $1,000,000 of fiduciary liability insurance. Our 2 or 3-year packages provide the greatest overall savings and protection, including both fiduciary and cyber protection. Colonial even includes extended coverage to ensure your ERISA bond remains US Department of Labor compliant.
Colonial Surety Company is in business all across the USA. We are rated “A Excellent” by A.M. Best Company and U.S. Treasury listed.