Cyber for Plan Sponsors

Retirement Plans: Active Enforcement?


ERISA law experts remind us that the Department of Labor has robust investigatory resources dedicated to the pursuit and curtailment of fiduciary breaches and prohibited transaction rules. Amidst major enforcement priorities and projects, compliance basics related to plan documents, disclosures and ERISA bonds are frequently pursued, and increasingly, cybersecurity practices are under scrutiny.


Understanding EBSA’s Regulatory Authority

Although the Department of Labor (DOL) makes and receives investigative referrals from the IRS, the U.S. Securities and Exchange Commission (SEC), the Financial Industry Regulatory Authority, and the Office of the Comptroller of the Currency (OCC), its own subagency, the Employee Benefits Security Administration (EBSA), is the primary enforcer of ERISA’s fiduciary rules. Given it’s regulatory authority over an estimated $12.9 trillion in employment plan assets—owned by 158 million plan participants—as well as the associated plan sponsors and service providers, EBSA has an extensive approach to investigation and enforcement, as explained by Morgan, Lewis & Bockius LLP:


The National Office sets enforcement priorities by identifying and planning enforcement programs, providing enforcement guidance, and, most importantly, supervising investigations and corrections of violations.These investigations are largely conducted by the investigative staff in EBSA’s regional field offices…The EBSA regional offices operate on a semiautonomous basis…and…can set their own enforcement priorities…


If an investigation is referred for litigation, civil litigation will be handled by the DOL Solicitor’s Office (Solicitor’s Office), and criminal enforcement will be handled primarily by the Department of Justice (DOJ)…ERISA grants EBSA the power to assess civil penalties when its enforcement actions are successful. In addition to recovery of plan assets lost through fiduciary breaches or illicit profits… these penalties include, but are not limited to, monetary penalties of up to $110 a day for disclosure failures and government penalties related to civil fiduciary enforcement actions…In addition to civil enforcement, EBSA has independent authority to conduct criminal investigations.


Legal experts  observe that investigation and enforcement remain high priorities for the DOL, predict that activities and protocols will continue to roll out, and remind us: “The DOL has the power to impose significant liability and disruption on ERISA fiduciaries and service providers.” When it comes to the high standards of ERISA law, it’s much easier said then done for retirement plan fiduciaries to be 100% certain they have gotten everything right—even with great diligence.


Colonial’s here to help, with affordable Fiduciary Liability Insurance: our annual premium is less then you will pay for just one hour with an ERISA legal expert if disaster strikes. Get Fiduciary Liability Insurance today. Then, you and your business will be protected against claims of alleged or actual breaches of duty in connection with the employee retirement plan. Since cyber breaches can result in additional claims against fiduciaries, we even include $50,000 of Basic Cyber Liability Insurance with your Fiduciary coverage. Colonial makes it easy and speedy:

Obtain Fiduciary Liability Insurance–With Cyber–Now!


Routine Enforcement?

Some of EBSA’s efforts are organized around formal, national programs. For example, ensuring that missing participants are identified and receive their distributions has been a priority—and remains so. Encouraging retirement plan fiduciaries to bring plans into compliance with ERISA (when errors are detected) is another important prong of EBSA strategy. For example, through administration of the Voluntary Fiduciary Correction Program, EBSA recovered $34 million for plans, participants and beneficiaries in 2021 alone.


Of course another growing area of attention is the intersection of cybersecurity and ERISA law. In followup to the DOL’s 2021 release of cybersecurity guidance for plan sponsors, as well as other fiduciaries and record keepers, it has been reportedthe DOL has been requesting documentation of any actions taken by plan fiduciaries and service providers as they pertain to cybersecurity and the DOL’s sub regulatory guidance.” Despite the scope and breadth of it’s regulatory work in changing times, EBSA  continues to routinely enforce fundamental ERISA requirements, related to plan documents and even ERISA bonds, as Morgan, Lewis & Bockius LLP explain:


The DOL consistently examines plans to verify that they appropriately maintain the necessary documents and circulate required disclosures. For example, the maintenance and/or disclosure of a plan’s summary plan description, participant-level disclosures, and other Title I disclosures are encompassed by this investigative focus.


The DOL routinely seeks evidence of a fidelity bond covering a plan’s fiduciaries and (to the extent applicable) service providers that complies with ERISA Section 412. The bond requirement is designed to protect the plan from theft of assets. In the absence of a compliant bond, the DOL likely will require that the company (or applicable fiduciaries or service providers) acquire one before closing the investigation.


Experts caution that insufficient or expired ERISA bonds are a trigger for Department of Labor audits. Failure to have current and adequate ERISA Bond coverage at all times is among the most common compliance issues plaguing retirement plan sponsors. Uniquely, Colonial Surety includes retroactive ERISA fidelity bond coverage for years when the plan was not adequately covered and provides cost-saving multi-year coverage, ensuring the ERISA bond remains Department of Labor compliant for the life of its term.


Our three point coverage package offers plan sponsors the greatest value, protection and efficiency. Conveniently, Colonial provides: the required ERISA bond to protect the assets of the retirement plan from theft; Fiduciary Liability coverage to protect you and your assets from personal liability; and, Cyber Liability coverage to safeguard your company and plan from covered losses and expenses in the event of a cyber breach.


Proceed with confidence: Three Point Coverage Package.


Serving customers since 1930, Colonial Surety is the trusted source for the pension industry to secure legally required ERISA bonds, fiduciary liability insurance and cyber-liability insurance. We help safeguard plan sponsors, pension professionals and financial advisors — and keep their businesses compliant — with pain-free, efficient, and friendly service every time.


Colonial Surety Company is rated “A Excellent” by A.M. Best Company, US Treasury listed and in business all across the country.