(Photo: Shutterstock)When it comes to retirement planning, our “new normal” has emerged as “never normal again” thanks to a seemingly endless series of troubled economic, global health and political events that have dramatically upended retirement planning.
Recent years have brought new concerns for corporations, administrators and sponsors to protect both themselves and their employees’ pensions. In a year that set records for workplace class action settlements, the top 10 ERISA settlements last year totaled $837 million, more than double the 2020 total of $380 million. And all signs point to a continued escalation of the ERISA litigation. Let’s look at some of the factors driving this cascade of claims against employers, and what steps company leaders and plan sponsors can take to protect themselves. The commercial insurance product that defends and protects decision-makers of employee benefit plans who are charged with administering plans is fiduciary liability insurance.
ERISA litigation is increasing
Under the Biden administration, the U.S. Department of Labor (DOL) and other agencies have increased enforcement programs and alerted companies to focus more on complying with laws and regulations in the workplace. Corporations and fiduciaries should also keep a close eye on judicial ERISA-related developments as 2022 rolls into 2023. Lower courts are struggling to interpret the January 2022 Supreme Court decision Hughes v. Northwestern University, leaving unclear what constitutes a careless act violates ERISA and what constitutes a breach of fiduciary duty.
The Supreme Court decision left the door open to further litigation. Additionally, there are attorneys looking for ways to bring litigation based on plan sponsors who charge excessive fees for outsourcing services related to the benefit plans. Therefore, acquiring or updating the required ERISA fidelity guarantee to maintain compliance with the DOL, while critical, is not sufficient as complete protection against theft, data breaches, employee dishonesty, breach of duty, carelessness, or errors and omissions. The ERISA Escrow Guarantee covers a plan’s assets for losses from theft, but not escrow for third-party claims for alleged violations of ERISA – this is fiduciary liability insurance.
Closes gaps in your organization’s (and your own) defenses.
While the ERISA Loyalty Guarantee is the only coverage required by the DOL to protect an employee benefit plan from loss due to fraud or dishonesty, relying on the ERISA Loyalty Guarantee for protection is tantamount to purchasing only mandatory liability auto insurance in the hope that Nothing bad will happen to your car or you in an accident. Unfortunately, plan sponsors bear a personal risk of third-party claims for non-compliance with fiduciary obligations. In addition, when outsourcing the administration, oversight or monitoring of pension plans, some plan sponsors believe that they also outsource liability. The risk of liability in this case is the decision that is made in order to use third-party services.
Sponsors should take out fiduciary liability insurance against claims of non-timely contributions, payment of excessive fees, or failure to respond to requests for rollovers, distributions, and investment changes. In addition to the explosion in workplace lawsuits and ERISA settlements in recent years, there has also been an explosion in data breaches and other cybercrimes, further complicating matters for plan sponsors.
Step into the breach to protect yourself from cyber liability
Plan trustees have an obligation — and a personal responsibility — to ensure adequate mitigation of cybersecurity risks, as demonstrated by the recent lawsuit against Colgate-Palmolive and his plan trustees about an alleged security breach. Forty-nine plans and 1.3 million people were affected by Horizon’s data breach last year, resulting in the company being hit by a massive class-action lawsuit. Sponsors can protect against these all-too-common data breaches with cyber liability insurance, which assists plan sponsors at every stage of incident investigation and breach response, and helps them manage the legally required steps to be taken in the event of a data breach through deployment of legal services, access to computer experts, call center services and customer notifications.
Cyber liability insurance also defends against lawsuits related to data breaches. Some form of risk management is also crucial, such as: B. Multi-factor authentication and controls at third-party IT service providers. Businesses, especially SMBs, for which breaches can pose an existential threat, should have sound cyber risk management policies, technology and education, as well as cyber liability insurance.
A tripartite plan for the peace of mind of plan sponsors
While not typically their immediate purview, plan sponsors should communicate with their IT or security leaders to determine if the organization is prepared to respond to the cyber breach and is protected from data breach litigation. If you’re the plan administrator for an SMB with less than $25 million, there’s a greater chance you haven’t covered all risks.
Just because a company is small and doesn’t have a large workforce doesn’t give you a pass or leniency when it comes to having a cyber breach response plan. While tackling all of these threats may sound daunting for plan sponsors, they can take a simple three-pronged approach to creating a holistic liability barrier by ensuring they are covered by ERISA Escrow Insurance, robust Escrow Liability Insurance, and Cyber Liability Insurance are, ideally, policies specifically designed for retirement plan sponsors. The sponsors of these plans can also make life easier for themselves by finding these covers bundled with the ERISA bond and signing a multi-year contract term instead of dealing with the paperwork every year.
Retirement plan sponsors have enough to do with the elements under their control, so they should take remedial actions that reduce the extraordinary burden of all the things they can’t control. When a plan sponsor takes this three-pronged approach, they have their “car” and the other person’s car fully insured in the event of an incident.
Richard Clarke is Chief Insurance Officer of Colonial Surety Company.
