Cybersecurity and ERISA Retirement Plans: The Financial Consultant’s Role. Cybersecurity is top of mind for many businesses, but have consultants for retirement plans given the area sufficient consideration? After all, there is no explicit cybersecurity duty that applies to consultants under the Employee Retirement Income Security Act of 1974 (“ERISA”). Despite this, plan consultants need to become educated on the cybersecurity landscape surrounding plans, in order to assist plan sponsor clients in fulfilling their fiduciary duties.
ERISA retirement plans hold both monetary assets and non-physical assets in the form of information about the plan and participants. Cyber incidents pose a threat to both. Phishing could result in a criminal obtaining sufficient personal information to obtain a fraudulent plan loan or plan distribution. It could also be that the data itself is the target of the theft, for example, the Social Security number, name, and bank account information used by a retirement plan to pay periodic distribution amount to a participant.
Common types of cybersecurity threats include phishing, ransomware, malware, and wire fraud. Phishing seeks interaction from a plan fiduciary or participant in order to obtain information. Ransomware will lock a hard drive or server to prevent the owner from using that device until a ransom has been paid. Malware is often introduced onto a device or system to capture keystrokes or perform other malicious activities. Finally, wire fraud has become very sophisticated. Genuine-looking e-mails from business clients or partners will seek a transfer of funds for legitimate-sounding business reasons, only to actually be from an entirely different person or entity. Many times, this can be achieved by altering a trusted email address by a single letter.
Latest posts by 401ktv Contributor (see all)
- Plan Hardship Distribution Rules Change in 2019 - September 19, 2018
- Total Compensation Statements Reflect an Employee’s True Compensation - September 19, 2018
- Let Your Retirement Plan Help You Get the Most Out of Your Qualified Business Income Deduction - September 19, 2018