Is Your Retirement Plan “Catchy?”
By offering — and encouraging — catch-up contributions, plan sponsors can demonstrate a heightened commitment to employee retirement readiness. Over a five-year period ending in 2020, nearly 15% of participants utilized catch-up contributions when they were offered, according to a report by Vanguard. And those who did were more likely to be higher earners with larger portfolio balances.
Employers can help close the retirement savings gap by deploying several smart strategies aimed at increasing catch-up contributions. Here are a few ideas to consider implementing at your organization.
Match-up the catch-up. Instead of simply allowing participants to make catch-up contributions, employers can consider offering, or ensuring, a company match on those contributions to further incentivize older workers.
Would they rather Roth? With SECURE 2.0 signed into law, employers can consider offering their participants the ability to make matching contributions (including those on the catch-up) in the form of a Roth contribution.
Make a day of it. Create a “Catch-up Contribution Day” (or week) dedicated to educating participants about the important benefits of catch-up contributions for their retirement readiness. Provide additional support to workers age 50 and over, such as special group sessions or one-on-one meetings with plan advisors.
Bring home the benefits. Develop online resources and educational materials geared toward various levels of financial literacy around the benefit of catch-up contributions. Include easy-to-digest video content and infographics — and provide timely reminders to participants age 50 and over.
Take a multichannel approach. Use all communication channels at your disposal as a plan sponsor, including employee newsletters, email, the company intranet, social media and in-person events. Spread the word in as many ways as you can about the advantages of making catch-up contributions.
The right tool for the job. Give participants access to online retirement planning tools to help them evaluate whether catch-up contributions could help them achieve their savings goals and to adjust their savings targets accordingly.
A Catch-as-catch-can Strategy
The retirement readiness end game has high stakes for workers. That’s why it’s so important to take a multi-pronged approach to reach as many of your participants as possible and encourage them to make catch-up contributions as necessary to stay on track for retirement. SECURE 2.0 provides sponsors with an even wider array of options to assist workers who’ve fallen behind in their retirement preparedness — and help catch-up contributions catch on among those they might benefit the most.
Leveraging ChatGPT in Retirement Plan Management: Opportunities, Concerns and Best Practices
The advent of generative artificial intelligence (AI) technology, such as ChatGPT, promises to transform the way businesses operate across sectors. Yet as quickly as novel applications and abilities surface, so does more evidence of the limitations and shortcomings of large language models. Plan sponsors can harness the immense power and utility of generative AI to provide better support to plan participants, but they must do so only after putting prudent processes and safeguards in place.
Identify Appropriate Applications
ChatGPT could be used to help streamline the retirement plan onboarding process by giving employees detailed instructions for how to enroll. Sponsors could use it to help provide information about plan options, as well as answers to employees’ frequently asked questions regarding their retirement plan benefit. The technology could also help craft customized messaging around more routine tasks such as:
- Informing participants of investment menu changes.
- Providing instructions for updating beneficiary designations.
- Giving eligible participants timely information regarding catch-up contributions.
- Helping workers access their account statements and other plan information.
- Reminding employees of contribution limits and important deadlines.
However, at present it is advised that such technology be limited in use to non-legally required communications. Because ChatGPT is only as effective as the directives it receives it is possible it may not generate a complete document meeting legal requirements. Thus, at present it is advisable to avoid using this technology for legally required disclosures, notices or legal documents.
Transparency, Security and Oversight
While the opportunities for gains in efficiency are significant, it’s critical to address potential concerns when implementing nascent generative AI systems into your plan.
Training. Employers must establish clear guidelines about which employees can access ChatGPT — and for what purposes. Appropriate training regarding the limitations of the technology should be given to those authorized to use the platform. Workers should be instructed how to handle complex or sensitive issues that require human intervention.
Data integrity and security. At all times, participants’ personal and financial information must be protected by strict adherence to privacy standards. Establish clear protocols for sensitive data handling and retention. Implement and document oversight processes to protect information from unauthorized access, disclosure or misuse.
Compliance. Designated individuals should review and approve all generative AI outputs for compliance with regulatory and internal requirements before they’re communicated. Their review should include ensuring that all information provided to participants is accurate and consistent with plan provisions. Audit generative machine learning systems regularly to identify potential issues or vulnerabilities and take any necessary corrective action.
Transparency. Employers should be transparent with workers regarding the use of ChatGPT with respect to their retirement benefit. This includes how their personal information is being used — and protected.
A Prudent Path Forward
Plan sponsors should regularly review and evaluate generative AI integrations to flag any potential issues and identify ways to optimize their use of the technology, while ensuring they remain compliant with all pertinent industry regulations and standards. With guardrails in place, and adherence to prudent processes, appropriate use of AI-powered generative tools in retirement plan management presents an opportunity for sponsors to increase efficiency and enhance outcomes for plan participants.
Dear Prudence: What is Prudence Anyway?
When it comes to monitoring and selecting investments, the responsibility lies with the ERISA fiduciary for managing your company’s 401(k) plan, and this means the fiduciary is subject to ERISA’s prudent man rule (sometimes referred to as the “prudent expert rule”). What exactly is a prudent expert?
With respect to investments, the fiduciary is responsible for selecting and monitoring the investment alternatives that are available under the plan. Acting on behalf of the plan in this way means that someone is exercising the care, skill, prudence and diligence that a prudent person familiar with such matters would exercise in similar circumstances. This expert is giving “appropriate consideration” to all the facts and circumstances that they know, or should know, are relevant to either the investment itself or to the course of action the investment requires.
This prudent expert is also selecting investment options as laid out in ERISA section 404(a). Furthermore, a prudent expert should be maintaining and following a written investment policy statement (IPS). Although ERISA doesn’t require a written IPS, it is considered best practice to maintain one and follow it because it will be requested by the DOL in any audit situation, and it provides evidence that a prudent process has been adopted by fiduciaries.
A person or entity can be considered a prudent expert if they possess enough expertise to accept full personal responsibility for managing long-term investments. This is a sizable liability, and if you’re not completely confident in your ability to take on that responsibility, then you can (and ERISA says you should) engage a trusted advisor to assist with this responsibility and act solely in the best interest of the plan participants.
A qualified advisor will accept, in writing, the fiduciary responsibility for their recommendations as a 3(21) fiduciary investment advisor or for their actions as a 3(38) fiduciary investment manager. The nuance here is that a 3(21) fiduciary is making recommendations to the employer or to the Plan Committee, who will then consider and make the final say and therefore retain fiduciary responsibility. But in a 3(38) engagement, the fiduciary investment manager is transferred discretion to select and monitor (via prudent process with the IPS, etc.) investments for the plan, and then reports back to the employer or committee the actions they took and why it was prudent to do so.
The 3(38) scenario is where the language above is so important that it bears repeating: Acting on behalf of a plan means the entity monitoring and selecting investments exercises everything a prudent person familiar with such matters would exercise. A third party 3(38) fiduciary is often hired when there is no in-house “prudent expert” available to assume the full financial responsibility of selecting and monitoring investments and the plan sponsor wishes to outsource the responsibility.
We hope this clarifies ERISA’s prudent man rule. If you have questions about which lanes 3(21) or 3(38) fiduciaries follow—or about any other ERISA nuance—reach out and we will be happy to walk through it with you.
ONLINE SECURITY TIPS FROM THE DEPARTMENT OF LABOR
You can reduce the risk of fraud and loss to your retirement account by following these basic rules:
- REGISTER, SET UP AND ROUTINELY MONITOR YOUR ONLINE ACCOUNT
- Maintaining online access to your retirement account allows you to protect and manage your investment.
- Regularly checking your retirement account reduces the risk of fraudulent account access.
- Failing to register for an online account may enable cybercriminals to assume your online identify.
- USE STRONG AND UNIQUE PASSWORDS
- Don’t use dictionary words.
- Use letters (both upper and lower case), numbers, and special characters.
- Don’t use letters and numbers in sequence (no “abc”, “567”, etc.).
- Use 14 or more characters.
- Don’t write passwords down.
- Consider using a secure password manager to help create and track passwords.
- Change passwords every 120 days, or if there’s a security breach.
- Don’t share, reuse, or repeat passwords.
- USE MULTI-FACTOR AUTHENTICATION
- Multi-Factor Authentication (also called two-factor authentication) requires a second credential to verify your identity (for example, entering a code sent in real-time by text message or email).
- KEEP PERSONAL CONTACT INFORMATION CURRENT
- Update your contact information when it changes, so you can be reached if there’s a problem.
- Select multiple communication options.
- CLOSE OR DELETE UNUSED ACCOUNTS
- The smaller your on-line presence, the more secure your information. Close unused accounts to minimize your vulnerability.
- Sign up for account activity notifications.
- BE WARY OF FREE WI-FI
- Free Wi-Fi networks, such as the public Wi-Fi available at airports, hotels, or coffee shops pose security risks that may give criminals access to your personal information.
- A better option is to use your cellphone or home network.
- BEWARE OF PHISHING ATTACKS
- Phishing attacks aim to trick you into sharing your passwords, account numbers, and sensitive information, and gain access to your accounts. A phishing message may look like it comes from a trusted organization, to lure you to click on a dangerous link or pass along confidential information.
- Common warning signs of phishing attacks include:
- A text message or email that you didn’t expect or that comes from a person or service you don’t know or use.
- Spelling errors or poor grammar.
- Mismatched links (a seemingly legitimate link sends you to an unexpected address). Often, but not always, you can spot this by hovering your mouse over the link without clicking on it, so that your browser displays the actual destination.
- Shortened or odd links or addresses.
- An email request for your account number or personal information (legitimate providers should never send you emails or texts asking for your password, account number, personal information, or answers to security questions).
- Offers or messages that seem too good to be true, express great urgency, or are aggressive and scary.
- Strange or mismatched sender addresses.
- Anything else that makes you feel uneasy.
- USE ANTIVIRUS SOFTWARE AND KEEP APPS AND SOFTWARE CURRENT
- Make sure that you have trustworthy antivirus software installed and updated to protect your computers and mobile devices from viruses and malware. Keep all your software up to date with the latest patches and upgrades. Many vendors offer automatic updates.
- KNOW HOW TO REPORT IDENTITY THEFT AND CYBERSECURITY INCIDENTS
- The FBI and the Department of Homeland Security have set up valuable sites for reporting cybersecurity incidents: