DOL investigators are increasingly questioning plan sponsors, fiduciaries, and service providers about how their ERISA-governed plans manage cybersecurity threats. Investigators often seek evidence or documents relating to prudent vigilance in relation to information security standards, service provision, and indemnifications.
DOL investigations primarily focus on how plans and recordkeepers react to cyber-incidents and on the policies and processes in place by plans and providers to thwart cyber-criminals. As the pandemic has increased the number of people working remotely, concerns about account takeovers by cyber-criminals have risen rapidly. The combination of delayed postal service-based identity verification and squeezed personal budgets can result in an influx of distribution requests, not all of which are likely to come from genuine participants.
Benefit plan sponsors and service providers must be proactive in their approach to cybersecurity and be ready for a future DOL inquiry. Although the focus has been on retirement plans so far, health and welfare plan sponsors and fiduciaries should expect DOL auditors to ask questions regarding cybersecurity.
How Windes Can Help
Windes is dedicated to providing clients with the highest level of trust and confidence when it comes to auditing their employee benefit plans. Our members are experts in auditing standards, DOL, and ERISA filing requirements. For additional information on how we may assist your company, or for a complimentary plan audit quote, connect with us today.