On April 14, 2021, for the first time, the U.S. Department of Labor’s Employee Benefits Security Administration (“EBSA”) issued cybersecurity guidance for retirement plans, such as 401(k) plans. The guidance, which is intended for plan sponsors, plan fiduciaries, record keepers and plan participants, provides best practices for maintaining cybersecurity. As of 2018, EBSA estimates that defined benefit plans and defined contribution plans held $9.3 trillion in assets. Without adequate cybersecurity protections, individual employee accounts, former employee accounts, and plan assets may be at risk from both internal and external cybersecurity threats. According to the Acting Assistant Secretary for Employee Benefits Security Ali Khawar, “This much-needed guidance emphasizes the importance that plan sponsors and fiduciaries must place on combatting cybercrime and gives important tips to participants and beneficiaries on remaining vigilant against emerging cyber threats.” In this webinar, we will:
- Review a plan fiduciary’s basic duty to safeguard plan assets;
- Consider some recent cases to understand some potential areas of exposure;
- Review EBSA’s tips for hiring a service provider;
- Examine EBSA’s recommended cybersecurity best practices; and
- Review EBSA’s online security tips for plan participants.
Questions? Please contact Renee Medema at rmedema@masudafunai.com or 312.245.7500.