Plan sponsor liability: Is fiduciary insurance an option?

In this current economic environment, workers are anxious about the status of their employer-sponsored retirement plans, as well as the worth of their benefits. Communication between businesses and plan sponsors is key in the retirement plan processes – however, business owners can be held liable if they face claims of alleged or actual breaches of duty in connection with the employee retirement plan.

Allowing an allegation of a fiduciary breach to distract business owners from the running of their company – and even jeopardize their personal assets – is not a good idea.

Richard Clarke, chief insurance officer at Colonial Surety based in Woodcliff Lake, New Jersey shares how business owners can best protect themselves.

BenefitsPRO: What guardrails can business owners enact to protect themselves as the fiduciary from personal liability?

Richard Clarke: First and foremost, it’s a good practice for employers to not go too far in doing calculations on behalf of employees.

For example, say an employee tells the people manager of the organization that they are concerned about the amount in their retirement plan. Their projected retirement date is five years from now and their current 401(k) balance is such and such, and they ask the people manager, ‘Can you help me calculate how much money I’m going to have when I retire?’ Generally, the employer should not get too involved in such calculations, but instead refer them to the company’s plan management outsourcing firm.

Basically, the people manager needs to be a pass-through, and only answer very general questions and nothing specific, because of their personal liability exposure. With that said, employers still need to have sensitivity to employees and the status of their retirement plans – employers should have sensitivity that their employees hate to see the value of those investments decline, particularly with the current economic conditions and the dollar situation.

What is the role of fiduciary liability insurance?

Fiduciary liability insurance entered the commercial marketplace towards the end of 1975, after ERISA was enacted the year before. The federal law’s Section 409(a) states that if a person has discretionary judgment authority for employee benefit plans, then they are considered to be personally liable – and Section 409(b) states that if they want to pursue some insurance for that exposure, they are welcome to do that.

The policy is specifically designed to defend fiduciaries – to pay their defense expenses and pay settlements and judgments in connection with personal liability described in ERISA. The policy also has coverage for administrative mistakes, such as failing to enroll an employee or their dependents, or mishandling enrollment.

The market for this insurance is firming, but considering the protection that a fiduciary liability policy provides and the litigious nature of our society, it’s still considered to be pretty valuable protection for business owners. Moreover, when doing due diligence on a prospective outsourcing firm in connection with the management of employee benefit programs, employers should ask what kinds of insurance they have and what protections they have.

What else should business owners offering employer-sponsored retirement plans be concerned about and how should they protect themselves?

There’s a lot of outsourcing that goes on, from actuarial calculations to reporting systems to lining up online platforms that employers utilize to help employees track investments in their plan, and there’s a concern for regulators for some of those systems, particularly in an outsourcing situation.

So many high-profile cyber incidents have happened to the employee benefit plans at companies, including Home Depot, Target and Capital One. In all of those instances, it was the outsourcing situation that suffered the security breach and insurance carriers that provide coverage for this type of exposure have paid some significant claims.

Fraudsters have the ability to hack into systems and then encrypt them and demand a ransom paid in an untraceable cryptocurrency, like bitcoin. Systems are also vulnerable to carelessness – someone leaving the system open or unwittingly introducing malware that was attached to applications. It’s been a really big problem. There’s also social engineering fraud, tricking employees into sending money or divulging sensitive information within the 401(k) plan.

Cyber coverage pays the defense costs and also pays settlements and judgments for failing to protect information. But not all cyber policies cover the same things, so employers should research the details of any policy before selecting it.