Six Easy Steps to Keep Your Plan Assets Safe
Joel Shapiro, JD, LLM, Senior Vice President, ERISA Compliance
 
Cyber fraud is a growing concern globally. Individuals are typically very careful to keep their bank account and email authentication information safe, but they aren’t always smart with the rest of their personal information.
 
Participants need to be vigilant with their retirement savings accounts as well. In the past year, we’ve seen a slew of cases of attempted fraud – some successful – against retirement savings plan participants across a multitude of recordkeepers. The good news is that virtually all recordkeepers view security as a prominent priority and diligently update their technology. However, their security can only go so far if the participant isn’t being equally vigilant.
 
Educate your plan participants on the following tips to ensure the security of their retirement savings accounts.

 
 
  1. Use all available levels of authentication. If your plan’s recordkeeper comes out with a new type of authentication, your participants should implement it immediately.
     
  2. If participants frequent a website or have an account with a company whose website and information has been compromised, they should change all of their passwords for all online accounts.
     
  3. Remind participants to use strong passwords. Utilize letters, capitalization, numbers and symbols. Don’t use recognizable words. Don’t use the same password for multiple purposes. Have the password be at least 14 characters in length. Consider changing passwords frequently. Using a password manager can make this task less unwieldly.
     
  4. Don’t send authentication information to any third-parties and remind participants to limit authentication access to use on sites which are navigated to independently – not through a link or other prompt.
     
  5. Check your participants’ accounts frequently and address any irregularities and remind participants to also keep an eye out.
     
  6. Ask participants to immediately contact you if they receive any “updates” that look suspicious so you can notify your recordkeeper.
     
Keep your participants in the know. We recommend sending the participant memo that is included with this newsletter on the importance of remaining vigilant when it comes to cybersecurity – it’s one of the most important investments your participants can make.
 
For more information on keeping your plan safe from cyberattack, please contact your plan advisor.

 

 
 


About the Author, Joel Shapiro, JD, LLM
As a former practicing ERISA attorney Joel works to ensure that plan sponsors stay fully informed on all legislative and regulatory matters. Joel earned his Bachelor of Arts from Tufts University and his Juris Doctor from Washington College of Law at the American University.
 

January 2019

© 2019

Securities offered through Kestra Investment Services, LLC, member FINRA/SIPC. Kestra Investment Services, LLC is not affiliated with AHT Retirement Services. The “Retirement Times” is published monthly by Retirement Plan Advisory Group’s marketing team. This material is intended for informational purposes only and should not be construed as legal advice and is not intended to replace the advice of a qualified attorney, tax adviser, investment professional or insurance agent. All rights reserved. 110603 rpag 2011-40

The “Retirement Times” is published monthly by Retirement Plan Advisory Group’s marketing team. This material is intended for informational purposes only and should not be construed as legal advice and is not intended to replace the advice of a qualified attorney, tax adviser, investment professional or insurance agent. (c) 2018. Retirement Plan Advisory Group.

To remove yourself from this list, or to add a colleague, please email us at 
jventura@ahtins.com or call 703.554.6287
Hey Joel! Answers from a recovering former practicing ERISA attorney

Welcome to Hey Joel! This forum answers plan sponsor questions from all over the country by our in-house former practicing ERISA attorney.

 
Hey Joel,
 
Will hardship suspensions go away in January 2019? If someone takes a hardship today, do we stop the suspension on Jan. 1, 2019?
 
~ Anxious in Alabama

Dear Anxious,
 
First, understand that we are all still awaiting further guidance from the IRS/Treasury on the new hardship safe harbor rules. The suspensions don’t so much as “go away” as much as the necessity to suspend deferrals potentially becomes optional. That said, if a plan wants to keep the suspension, I believe they may do so. The only question would be whether or not the safe harbor remains intact for the plan sponsor. As originally stated, we are still waiting on additional guidance from the IRS/Treasury on whether or not all the new rules would be required, or are just optional, for the safe harbor protection.
 
Also anxious,
 
Joel Shapiro, JD, LLM

 

 











About Joel Shapiro, JD, LLM
As a former practicing ERISA attorney Joel works to ensure that plan sponsors stay fully informed about all legislative and regulatory matters. Joel earned his Bachelor of Arts from Tufts University and his Juris Doctor from Washington College of Law at the American University.

 
 
If you have a question for Joel, please send it to your plan advisor. Maybe it will be featured in a future issue!
Records and Their Expiration Dates
 
“What records should I keep? How long should I keep them? How should I organize my files?”
 
Advisors have been asked these questions time and time again by plan sponsors looking for a general guideline for record expiration dates.
 
Record retention doesn’t need to be a mystery, and the filing system doesn’t need to become a tomb. For audits, remember the following requirements.*
 



















 
*For litigation purposes, we recommend that documents be retained indefinitely.
 
As for organizing your fiduciary file, we suggest a format that includes the following sections:
 
  1. Documents with all plan documents, amendments, tax filings and so on.
     
  2. Administrative for all audit results, contribution records, Fiduciary Plan Review meeting minutes, fee benchmarking and participant complaints.
     
  3. Participant Communication containing copies of enrollment materials, communications, memos and meeting sign-in sheets.
     
  4. Investments with a listing of fund menu with expenses, Fiduciary Investment Review meeting minutes.
 
If a participant, auditor or DOL agent requested plan information, could you find it quickly? The key is twofold: keep the things you need and store them so you can find them easily. 

 
Of course, these are only general guidelines. For questions about your specific case, contact your plan advisor to discuss best practices for keeping records.
 
 
DOCUMENTATION RETENTION REQUIREMENT FOR AUDIT PURPOSES
Plan Documents (including Basic Plan Document, Adoption Agreement,
Amendments, Summary Plan Descriptions and Summary of Material Modifications)
At least six years following plan termination
 
Annual Filings (including 5500, Summary Annual Reports, plan audits,
distribution records and supporting materials for contributions and testing)
At least six years
Participant Records (including enrollment, beneficiary and distribution forms; QDROs) At least six years after the participant’s termination
Loan Records At least six years after the loan is paid off
Retirement / Investment Committee meeting materials and notes
At least six years following plan termination