Skip to main content

Cybersecurity of retirement accounts is taking center stage

Retirement plan administration has advanced in recent decades with the rise of the Internet and other digital technologies. However, that has made retirement plans a target for cyber criminals. Armed with stolen personal data, hackers now see trillions of American retirement dollars as a new favorite target.

The retirement industry has had to strengthen its defense against cyberattacks and, as a natural extension of this effort, the due diligence practices of plan sponsor fiduciaries have entered the spotlight. The U.S. Department of Labor released new cybersecurity guidance for plan sponsors in April and is already making it a priority topic of audits as DOL underscores the “obligation to ensure proper mitigation of cybersecurity risks.”

The DOL guidance includes:
  • Tips for hiring a service provider with sound cybersecurity practices: These tips include asking about the service provider’s security standards, evaluating any historical breaches or litigation and seeking favorable contract terms around cybersecurity.
  • Best practices for the cybersecurity programs of service providers: These best practices include the use of data encryption, periodic cybersecurity training and third-party audits of security controls.
  • Online security tips for plan participants: These tips include registering one's account and utilizing multi-factor authentication.
Retirement plan sponsors are strongly encouraged to incorporate cybersecurity oversight in their governance practices for the benefit of plan participants and beneficiaries. As with all good fiduciary habits, it’s important this oversight is memorialized by way of meeting minutes or other internal documentation.

Plan sponsors should understand this obligation extends not only to the cybersecurity controls of their service providers, but the organization’s own internal controls, as well. If not yet addressed, plan sponsors should prioritize a review of their internal practices and talk to their service providers about this topic.

If you would like to speak with a consultant at HANYS Benefit Services on this or any other issue, call (800) 388-1963 or email hbs@hanys.org.

Popular posts from this blog

Employee Benefits Offerings: What Perks Can You Add?

Employee benefits can play a crucial role in attracting and retaining top talent. Beyond compensation and bonuses, offering a variety of perks can significantly enhance employee satisfaction and productivity. But what should you include in your employee benefits offerings?   What are employee benefits?   Employee benefits encompass compensation, bonuses and various perks outside an employee's wage. By offering flexible employee benefits, you can improve employee productivity and loyalty while attracting and retaining talented candidates.   Personalized benefits examples   The type of benefits offered can vary by industry. We've compiled some of the most popular options to help you explore possible employee benefits strategies .  1. Social opportunities   Employee perks don't always have to be tied to a benefits package. Sometimes, the best way to engage your employees can be through social opportunities. Group activities can help im...

What is Risk Management? 4 Key Topics to Know

Understanding risk management in retirement programs  Managing a retirement program is complex, with multiple layers of risk. For organizations and their leadership, understanding and mitigating these risks is crucial to ensuring the long-term success and reliability of these programs.   It often leaves human resource professionals, employers and program administrators questioning, "What is risk management, and how can we excel at it?"  This blog post explores the various aspects of risk management in retirement program administration and provides actionable insights to help organizations better manage these risks.  The importance of risk management  Retirement programs are designed to benefit participants and beneficiaries, but they come with their own set of risks. These risks can be broadly categorized into four main topics:  Fees  Administration  Investments  Cybersecurity  Each of these topics requires meticulous attention and ...

Innovative employee retention strategies: 9 fresh ideas

Employee engagement and retention are pivotal in every sector, but they carry even more weight in the not-for-profit space, where resources are often limited. High turnover can be both costly and disruptive, impacting productivity and damaging morale. In an era of workforce evolution, to effectively retain their top talent, organizations must explore innovative employee retention strategies that go beyond conventional methods.  Engaged employees are distinguished by their higher productivity, motivation and loyalty, and they are more likely to stay with a company for the long term. Gallup recently updated its research article, The Benefits of Employee Engagement , finding that "low engagement teams typically endure turnover rates that are 18% to 43% higher than highly engaged teams."  In addition to turnover, disengaged employees negatively impact a company's financial health, with turnover costs averaging six to nine months of the departed employee's salary, accordin...