Fiduciary Liability for Participant-Directed Plans
June 2011 Newsletter
It seems that every month there are new stories in the financial press about participants suing their employers for mismanagement of the company 401(k) plan. While most of these suits have been directed at larger companies, the increasing frequency has employers of all sizes looking for ways to minimize their liability. One way to do that is to comply with a set of "safe-harbor" rules found in section 404(c) of ERISA.
ERISA (the Employee Retirement Income Security Act) was passed in 1974, more than a decade before 401(k) plans came along. Since participant-directed plans were not the norm that they are now, many of ERISA's fiduciary rules focus on plans in which the trustees and their advisors are responsible for making the investment decisions and don't necessarily translate well into the era of the modern 401(k).
One of the core principles of ERISA is that plan fiduciaries are required to follow a prudent process in the selection and monitoring of plan investments. They must carry out that duty just as an expert would. If plan sponsors and/or trustees do not have that expertise, they must hire someone who does. But how does that change when investment decisions are turned over to plan participants? The short answer is "not much." Fiduciaries generally retain the same level of responsibility for the investment decisions made by the participants.
However, section 404(c) of ERISA creates a framework that provides an alternative method of managing that responsibility. In short, plan fiduciaries that follow the checklist of requirements can achieve a measure of protection from liability arising from participants' imprudent investment decisions.
First, we will take a look at the basic requirements of 404(c) and then consider some of the factors to be weighed in choosing to pursue this safe harbor.
The regulations are extremely detailed, and a quick Google search on "ERISA 404(c)" yields more than 400,000 hits. With that said, the requirements can be distilled to around 20 items, most of which involve providing a laundry list of disclosures to participants. Prior to that, there are a couple of threshold requirements that must be satisfied.
First, participants must be given the opportunity to direct the investment of their accounts at least quarterly and must be able to choose from at least three options that span a broad range of risk and return. If market volatility dictates, it may be necessary to allow participant direction more frequently than quarterly. Since it is commonplace for plans to allow daily access to 20+ options from the very conservative to the very aggressive, few plans will have trouble meeting this requirement.
Second, plan fiduciaries must follow a prudent process to select and monitor the investment menu that will be offered to plan participants. This one is not quite as straightforward and requires plan fiduciaries to remain involved in the investment process by carefully considering plan investment options on an ongoing basis to ensure they remain appropriate for participants.
The participant disclosures that are required can be broken down into two broad categories: those that must be provided automatically and those that must be provided only when requested.
There are many opinions and a great deal of misinformation circulating about what, exactly, plan fiduciaries get for their efforts. These range from little more than that lousy t-shirt all the way to a "get out of jail free card" that provides complete immunity. The truth lies somewhere in the middle.
Compliance with 404(c) provides fiduciaries with relief from liability for investment losses that are the direct result of participant investment decisions. Sounds good, right? Well, the "catch" is in how that relief is provided. It is not a simple matter of just claiming 404(c) compliance; rather, it is what is referred to in legal terms as an affirmative defense.
ERISA litigation is very complex, but generally speaking, the party bringing the lawsuit (the plaintiff) must prove that the plan fiduciaries breached their responsibility and that the breach resulted in losses. The fiduciaries, on the other hand, seek to rebut the assertions made by the plaintiff. The plaintiffs prove; the fiduciaries rebut.
When plan fiduciaries claim a 404(c) defense, the roles reverse. The fiduciaries must prove that they complied with all aspects of 404(c), and the plaintiff tries to rebut that assertion. In short, 404(c) compliance does not guarantee a fiduciary can't or won't get sued. It just changes the manner in which that fiduciary demonstrates he or she is not responsible for the losses in question.
Complying with 404(c) is not as easy as it might seem. For starters, it is all predicated on the plan's investment menu being prudently selected and monitored. If, for example, a plan fiduciary followed a prudent process to select the menu a couple of years ago but cannot show that he has monitored the options on an ongoing basis, he is probably on shaky ground regardless of how faithfully he has provided all the required disclosures.
To further complicate matters, 404(c) is, in many ways, an "all or nothing" proposition. It is possible for plan fiduciaries to satisfy 404(c) for some participants but not others or for only certain investment options; however, if any single requirement is missed with regard to a participant or account, protection is completely lost. Consider the most recent prospectus in the Automatic Disclosure list above. If a plan sponsor provides all other disclosures but neglects to provide the most recent prospectus for any of the investment options, 404(c) protection is lost.
While the solution may seem simple—just make sure none of the disclosures are missed—the devil is in the details. Many employers and participants alike are accustomed to receiving information electronically. However, the Department of Labor (DOL) has very specific rules governing when and how electronic disclosure is permitted in the context of employee benefit plans. A sponsor that provides 404(c) disclosures electronically but does not follow the DOL's rules for doing so is deemed to have not provided the disclosures at all.
Something as simple as using a personal e-mail account instead of an employment-related account without proper consent could be treated as a missed disclosure resulting in loss of 404(c) protection.
Many recordkeepers have built systems to help plan sponsors comply with most of ERISA 404(c)'s requirements; however, given the potentially tenuous nature of the protection, it is worthwhile for employers to read the fine print in service-provider contracts to make sure they understand which parties have responsibility for the various aspects of compliance.
Working with a third party administrator, consultant or investment professional who has expertise in working with 404(c) can also be a great way to identify any potential gaps.
In some circles, there is a misperception that ERISA mandates compliance with 404(c). The reality, however, is that it is completely optional. Throughout the various rules governing qualified retirement plans, there are "safe harbor" provisions. Such provisions are generally offered as one option to comply with a more general rule. Since safe harbors provide some form of compliance assurance, they tend to offer less flexibility than their non-safe-harbor counterparts.
Take the safe harbor 401(k) plan as an example. It is possible to maintain a 401(k) plan with no company contributions and up to a six-year graded vesting schedule. However, if an employer is willing to commit to make a contribution and provide full vesting, they can get a free pass on the ADP and ACP nondiscrimination tests.
Like the safe harbor 401(k) plan, 404(c) is also a safe-harbor. It is a method to demonstrate compliance with one aspect of ERISA's fiduciary rules. To the extent a plan fiduciary prefers not to pursue this safe harbor, there is nothing inherently illegal, unethical or otherwise imprudent about choosing another means of demonstrating he or she has followed a prudent process in managing plan assets.
There are differences of opinion as to whether 404(c) is worth the effort, and it is really a decision that each plan fiduciary must make given their specific facts and circumstances. Some believe allowing participants to transfer among investments with regular frequency tends to yield less favorable investment results; therefore, they restrict transfers to the beginning of each year. That may be a prudent design given the circumstances, yet it does not satisfy 404(c)'s requirement to allow investment direction at least quarterly.
Others take a broader perspective. Since the general rule is that fiduciaries need to follow prudent processes when managing plan assets, they will use 404(c) as a part of their process rather than as the process in and of itself. This approach has an added benefit. If a plaintiff is able to rebut the 404(c) defense by demonstrating that the fiduciary missed one of the checklist items, the fiduciary can still fall back on the non-safe-harbor rule by showing that it had documentation of having followed a prudent process.
This newsletter is intended to provide general information on matters of interest in the area of qualified retirement plans and is distributed with the understanding that the publisher and distributor are not rendering legal, tax or other professional advice. Readers should not act or rely on any information in this newsletter without first seeking the advice of an independent tax advisor such as an attorney or CPA.