Multimillion-dollar ERISA settlements make headlines weekly, and government audits continue to challenge fiduciary decisions in retirement plans. In light of these trends, solid governance isn’t just good practice—it’s your strongest defense.
Carol Buckmann of Cohen & Buckmann recently explained why process matters more than perfect outcomes when it comes to ERISA compliance. The courts don’t judge fiduciary decisions with hindsight. Instead, they look at whether you followed a prudent decision-making process when you made those choices.
Nobody starts their career knowing how to be a good fiduciary. That’s why training forms the foundation of everything else. Regular fiduciary education helps employers, plan committees, trustees, investment managers, and advisors understand their responsibilities. More importantly, it increases your chances of getting a breach lawsuit dismissed early or winning if it goes to trial, according to Ms. Buckmann.
But training alone isn’t enough. You need structure. Think of plan governance as your GPS for ERISA compliance. It maps out who does what, when they do it, and how responsibilities get handled. Good governance means having committee charters, delegating effectively, staying on top of service providers, and working with qualified investment and legal professionals.
Written policies become your proof points. Investment policy statements, internal controls, cybersecurity protocols, and procedures for missing participants all demonstrate you’re running a deliberate process, not making decisions on the fly.
Many plan sponsors are surprised to learn that your recordkeeper probably isn’t a fiduciary. Standard service agreements specifically disclaim fiduciary status because recordkeepers don’t exercise the discretion that would make them fiduciaries under ERISA. Unless they’ve signed a 3(16) agreement taking on administrative fiduciary duties, they’re just following your procedures.
That means you’re still on the hook for their mistakes, late contribution deposits, and overall plan compliance. The solution? Written procedures and administrative manuals that reduce error risk, plus carefully negotiated agreements that include proper indemnification and insurance requirements.
You also need an independent process for evaluating investments both on and off your recordkeeper’s platform. Recordkeepers don’t give legal advice about prohibited transactions or ERISA compliance—that’s on you and your advisors.
The smartest move? Get a formal fiduciary audit from an independent third party before problems surface. These audits help you find and fix violations before they show up in government reviews or lawsuits, when correction costs really start to multiply. The Department of Labor offers voluntary correction programs, but you can’t use them once you’re under audit. The IRS has its own correction program for plan mistakes, though SECURE 2.0 expanded self-correction options for many errors.
ERISA requires you to bring in professionals to help you make major plan decisions. That includes service provider reviews, investment evaluations, pension risk transfers, cybersecurity planning, and ESOP formation. Even routine participant communications can trigger litigation if they miss material information or misstate plan terms.
What this all comes down to is coordination. ERISA compliance works best as a team effort, and your governance structure should map out how specialists work together to meet ERISA requirements. With the right process, training, and professional support, you can fulfill your fiduciary duties while protecting both your participants and yourself.
