Qualified Plan Risk Management

The message is that there are known knowns. There are things we know that we know. There are known unknowns. That is to say there are things that we now know we don't know. But there are also unknown unknowns. There are things we do not know we don't know. ' Donald Rumsfeld, June 6, 2002.

Former Secretary of Defense Donald Rumsfeld was widely ridiculed for the above statement, versions of which he uttered on more than one occasion. But he was right on point. He was talking about terrorist threat assessments, not your firm's qualified plans and related fiduciary duty ERISA risks, but he could have been. You may be generally aware of such certain risks, and you may think you are protected from them. Or maybe you even think you don't have any such risks. But odds are, you are not aware of all the risks and you are not protected from them. There are things you likely do not know you don't know.

General Risk

Especially today after severe market value declines in virtually all investments over the past two years, the risk of claims against plan sponsors and fiduciaries is more real than ever. The risk flows from the fiduciary duties of plan fiduciaries and from how plans are usually not well administered.

Other than the prudent man standard of ERISA ' 404(a)(1)(B), ERISA does not contain a clear or limiting definition of the term “fiduciary.” That task is left to the courts. It might be said the scope of the definition is limited only by the creativity of plaintiffs' lawyers. (ERISA's Regulation ' 2510.3-21, “Definition of 'Fiduciary,'” simply states at subsection (a), “Reserved.)

ERISA offers scant protection for plan fiduciaries outside the limited scope of the “safe harbor” of ERISA ' 404(c), which can protect fiduciaries in certain instances from liability resulting from losses attributable to participants' own investment decisions. There is simply no expectation expressed in ERISA that participants, who generally are unqualified to do so, would be making their own investment decisions or that employee-funded plans such as 401(k) plans would become America's primary retirement vehicle. Qualified plans were conceived as a supplement to retirement resources; however, today the unfortunate reality is that aside from Social Security, such plans are for most people their primary if not sole retirement plan. On top of disappointment participants have realized lately in the market, add the fact that the primary purpose of ERISA is to protect employees' rights to receive their retirement benefits, and the stage is set for potential claims. The congressional findings and declarations of policy in ERISA ' 2(a) is fertile ground for plaintiffs' lawyers to develop causes of action against plan fiduciaries.

The investment return disappointments of the past two years are for many people simply too much to bear. They wonder if things somehow could have been better handled. Self-blame for investment decisions is pretty far down the list. They may begin to look askance at the plan sponsor and fiduciaries on a number of fronts, from the investment alternatives offered to the fees charged for something arguably not delivered, to perceived plan administration and governance deficiencies.

When Plan Fiduciaries Are Blamed

It might be asked how plan participants can complain when, after all, they made their own investment decisions; plus, after all, hasn't everyone suffered losses in the severely down market of the last two years? When plan fiduciaries are blamed for declines in account values and for the undisclosed and/or excessive fees and costs that have further reduced account values, the fiduciaries may recall the title of the 1993 book by Robert Fulghum, “It Was on Fire When I Lay Down on It.” The book opens with the story of a man who is rescued from a burning house, and when asked how he managed to set his bed alight, his response was, “It was on fire when I lay down on it.”

What Fiduciaries and Sponsors Must Do

Here is where the inquiry leads. Administering qualified plans normally is the sponsor's duty. But the operation of a plan goes beyond the ordinary meaning of the word “administration” to include the concept of plan governance, oversight and the selection and supervision of plan advisers and the offering of investment alternatives. Examination of the sponsor's and plan fiduciaries' actions thus extends beyond the scope of common administration concepts, such as keeping good records, to an examination of how plans are governed, with performance measured against the very high standards of fiduciary duty.

Little can be done to mitigate participants' perceptions about market performance, but the sponsor and plan fiduciaries can do plenty to protect against and manage their risks. At a minimum, the sponsor should look to four areas of available protection and fill gaps in those areas where gaps are found to exist; otherwise, the sponsor and its fiduciaries could find themselves lying on a burning bed with the house afire around them. The four areas of protection are plan governance, fidelity bonds, fiduciary insurance and Employment Practices Liability Insurance (EPLI).

Risk Management

There are a number of actions a sponsor and plan fiduciaries can take in terms of day-to-day management of a plan to help protect against or prevent claims. These are generally beyond the scope of this article other than the following fundamental structural governance measures, including the self-help device of obtaining indemnity for the plan's fiduciaries.

The definition of “administrator” under ERISA ' 3(16)(A) includes the named administrator or the sponsor itself if no administrator is named, but ERISA does not impose fiduciary duties only on the administrator. Plan fiduciaries can include the sponsor's officers, directors, partners, managers, members and even ordinary employees who provide assistance with plan administration, including members of a benefits or plan administration committee or the like.

The first step in proper risk management is to implement and to actually engage in a good plan management system. Many sponsors allow their officers to delegate plan management to a plan administrator, either a company employee or an outside vendor, and then assume all is being taken care of and all is well. This is not a good approach. Rather, the sponsor should formally create a Plan Committee, general company or sponsor Benefits Committee or the like through documented formal action of its board or management committee or equivalent. There should be a charter of authority for the Committee and a clear description of its duties and responsibilities. The point is to create a documented trail of authority.

The Committee members should receive training (that is itself documented) on their duties and responsibilities. There are vendors which can provide such training and the documentation of that training. In addition, the sponsor should also retain a qualified investment advisor to assist the Committee with its investment selection and monitoring duties. A qualified adviser can help develop a plan that is ERISA
' 404(c) compliant.

The adviser can also provide governance advice to assist the committee in staying in compliance with ERISA and fiduciary standards. Having a well-qualified adviser (in terms of ability, resources and insurance coverage along with deep pockets) is important. A more detailed discussion of ongoing services of the adviser is also beyond the scope of this article, but would include obtaining advice on plan investment alternatives, developing a menu of available investment choices, monitoring plan investments and fees and monitoring individual participants' results.

The chartered Committee process should be consistently followed and documented. The existence of a governance model that is shelved and not observed could be worse from a future liability risk standpoint than having no governance model at all.

Finally, the individual officers, directors, partners, members, employees, etc. and other individuals participating in plan management and administration (including Committee members) should be fully indemnified by the sponsor and, in the case of, for example, a law firm partnership or limited liability company, indemnified by the individual partners or members. In the case of corporations and other state law-governed entities, provisions applicable to the scope and extent of the indemnity (including any minimum required or mandated indemnity) of officers, directors, members or managers will be a matter of statute. As to others, it will be a matter of contract. The agreement should also mandate insurance coverage for the benefit of the indemnified parties, as discussed below. (Careful drafting should provide that resort to insurance is not the sole remedy of the indemnified party.) It would unwise for an individual to participate in plan management and administration or to serve on a plan committee without an indemnity while relying on fidelity bond or insurance coverage alone.

External Measures

There are also external measures that can be taken to manage the risk.

The most fundamental measure is actually mandatory under ERISA. Section 412 requires that the plan be bonded. The amount of the bond is dictated by ERISA, generally 10% of the plan's assets determined at the beginning of each plan fiscal year, with a bond cap of $500,000. Many sponsors assume because the bond is mandatory, it is sufficient for all risks. It is not. ERISA provides that the bond must ” ' provide protection to the plan against loss by reason of acts of fraud or dishonesty on the part of the plan official, directly or through connivance with others.” Thus, the scope of the required bond is limited as to both the protected loss and amount of coverage.

As a simple example, a plan official embezzles money from the plan. The bond will cover the loss up to the amount of the bond. But the bond will not cover claims in excess of the bond amount or against claims that plan fiduciaries or the sponsor's officers or directors failed to supervise the embezzler or against other alleged breaches of duty. Other possible claims not covered by the bond include noncompliance claims (discrepancies between the summary plan description and the plan or ERISA or Internal Revenue Code noncompliance); negligence (improperly calculated benefits, improper expenditures, failure to supervise); employment (discrimination, harassment, retaliation, wrongful termination); investments (investment choices, fees incurred or asset allocations); third-party fraud or dishonesty losses including those due to poor computer security (hacking); and claims arising due to theft, fraud or dishonesty by investment advisers and benefits professionals.

When such claims occur, one of the first questions asked by the sponsor and the plan's fiduciaries is, “Are we covered?” Better to ask that question now rather than after a claim arises. The answer is to obtain appropriate coverage now. Working to manage and mitigate the chance of a claim is certainly a priority, but having adequate coverage in place for a claim, both for any possible liability and for defense costs, is of equal importance.

Insurance Coverage

Available insurance covers general liability policies including errors and omissions or fiduciary liability type coverage, plus Employment Practices Liability Insurance (EPLI) coverage for employment related claims. Do not assume existing D&O coverage is sufficient or that it provides any coverage at all for plan-related matters.

Fiduciary insurance policies are essential to provide an umbrella over the ERISA-required bond and existing D&O coverage or coverage limits. As with any insurance, its terms and conditions must be carefully shopped ' coverage limits, deductibles, etc., and a primary concern should be coverage that includes defense costs. Determine if the deductible applies to the defense costs or only to any eventual indemnity. The named insureds should be broad enough to cover the plan, its administrators and other fiduciaries, and the sponsor, its subsidiaries, partners (i.e., in the case of a law firm partnership). Coverage and exclusions, and policy definitions, require special scrutiny in this area. For example, a policy or bond providing coverage against theft or dishonesty might not cover negligent acts that border on or appear to be fraud. Obtain coverage for fines and penalties if possible, perhaps through a rider. Look for the scope of third-party coverage of outside advisers or for coverage of the named insureds because of the acts by third-party advisers. Of course, you can demand that such third parties provide coverage that extends to the plan and its sponsors as well as its administrators and fiduciaries, but careful monitoring to insure such coverage is both adequate and remains in place is essential (and in fact will usually be overlooked).

Conclusion

Market performance disappointments and fears of the future, including general economic fears, and other threats to retirement resources emanating from Washington, have increased the likelihood of claims against qualified plan fiduciaries. Plaintiffs' lawyers, ever casting about to exploit the current economic times, may find willing clients among disappointed and even angry plan participants. Now is the time to protect against these threats with effective plan administration and prudent insurance coverage and indemnification.

Bruce Jackson, a member of this newsletter's Board of Editors, is a partner with Arnall Golden Gregory LLP, Atlanta, where he is a member of the firm's Benefits Committee. He can be reached at 404-521-3985 or at [email protected]. Warren Kingsley is also a partner at the same office, where he practices employee benefits law. He can be reached at 404-873-8636 or at [email protected].

The message is that there are known knowns. There are things we know that we know. There are known unknowns. That is to say there are things that we now know we don't know. But there are also unknown unknowns. There are things we do not know we don't know. ' Donald Rumsfeld, June 6, 2002.

Former Secretary of Defense Donald Rumsfeld was widely ridiculed for the above statement, versions of which he uttered on more than one occasion. But he was right on point. He was talking about terrorist threat assessments, not your firm's qualified plans and related fiduciary duty ERISA risks, but he could have been. You may be generally aware of such certain risks, and you may think you are protected from them. Or maybe you even think you don't have any such risks. But odds are, you are not aware of all the risks and you are not protected from them. There are things you likely do not know you don't know.

General Risk

Especially today after severe market value declines in virtually all investments over the past two years, the risk of claims against plan sponsors and fiduciaries is more real than ever. The risk flows from the fiduciary duties of plan fiduciaries and from how plans are usually not well administered.

Other than the prudent man standard of ERISA ' 404(a)(1)(B), ERISA does not contain a clear or limiting definition of the term “fiduciary.” That task is left to the courts. It might be said the scope of the definition is limited only by the creativity of plaintiffs' lawyers. (ERISA's Regulation ' 2510.3-21, “Definition of 'Fiduciary,'” simply states at subsection (a), “Reserved.)

ERISA offers scant protection for plan fiduciaries outside the limited scope of the “safe harbor” of ERISA ' 404(c), which can protect fiduciaries in certain instances from liability resulting from losses attributable to participants' own investment decisions. There is simply no expectation expressed in ERISA that participants, who generally are unqualified to do so, would be making their own investment decisions or that employee-funded plans such as 401(k) plans would become America's primary retirement vehicle. Qualified plans were conceived as a supplement to retirement resources; however, today the unfortunate reality is that aside from Social Security, such plans are for most people their primary if not sole retirement plan. On top of disappointment participants have realized lately in the market, add the fact that the primary purpose of ERISA is to protect employees' rights to receive their retirement benefits, and the stage is set for potential claims. The congressional findings and declarations of policy in ERISA ' 2(a) is fertile ground for plaintiffs' lawyers to develop causes of action against plan fiduciaries.

The investment return disappointments of the past two years are for many people simply too much to bear. They wonder if things somehow could have been better handled. Self-blame for investment decisions is pretty far down the list. They may begin to look askance at the plan sponsor and fiduciaries on a number of fronts, from the investment alternatives offered to the fees charged for something arguably not delivered, to perceived plan administration and governance deficiencies.

When Plan Fiduciaries Are Blamed

It might be asked how plan participants can complain when, after all, they made their own investment decisions; plus, after all, hasn't everyone suffered losses in the severely down market of the last two years? When plan fiduciaries are blamed for declines in account values and for the undisclosed and/or excessive fees and costs that have further reduced account values, the fiduciaries may recall the title of the 1993 book by Robert Fulghum, “It Was on Fire When I Lay Down on It.” The book opens with the story of a man who is rescued from a burning house, and when asked how he managed to set his bed alight, his response was, “It was on fire when I lay down on it.”

What Fiduciaries and Sponsors Must Do

Here is where the inquiry leads. Administering qualified plans normally is the sponsor's duty. But the operation of a plan goes beyond the ordinary meaning of the word “administration” to include the concept of plan governance, oversight and the selection and supervision of plan advisers and the offering of investment alternatives. Examination of the sponsor's and plan fiduciaries' actions thus extends beyond the scope of common administration concepts, such as keeping good records, to an examination of how plans are governed, with performance measured against the very high standards of fiduciary duty.

Little can be done to mitigate participants' perceptions about market performance, but the sponsor and plan fiduciaries can do plenty to protect against and manage their risks. At a minimum, the sponsor should look to four areas of available protection and fill gaps in those areas where gaps are found to exist; otherwise, the sponsor and its fiduciaries could find themselves lying on a burning bed with the house afire around them. The four areas of protection are plan governance, fidelity bonds, fiduciary insurance and Employment Practices Liability Insurance (EPLI).

Risk Management

There are a number of actions a sponsor and plan fiduciaries can take in terms of day-to-day management of a plan to help protect against or prevent claims. These are generally beyond the scope of this article other than the following fundamental structural governance measures, including the self-help device of obtaining indemnity for the plan's fiduciaries.

The definition of “administrator” under ERISA ' 3(16)(A) includes the named administrator or the sponsor itself if no administrator is named, but ERISA does not impose fiduciary duties only on the administrator. Plan fiduciaries can include the sponsor's officers, directors, partners, managers, members and even ordinary employees who provide assistance with plan administration, including members of a benefits or plan administration committee or the like.

The first step in proper risk management is to implement and to actually engage in a good plan management system. Many sponsors allow their officers to delegate plan management to a plan administrator, either a company employee or an outside vendor, and then assume all is being taken care of and all is well. This is not a good approach. Rather, the sponsor should formally create a Plan Committee, general company or sponsor Benefits Committee or the like through documented formal action of its board or management committee or equivalent. There should be a charter of authority for the Committee and a clear description of its duties and responsibilities. The point is to create a documented trail of authority.

The Committee members should receive training (that is itself documented) on their duties and responsibilities. There are vendors which can provide such training and the documentation of that training. In addition, the sponsor should also retain a qualified investment advisor to assist the Committee with its investment selection and monitoring duties. A qualified adviser can help develop a plan that is ERISA
' 404(c) compliant.

The adviser can also provide governance advice to assist the committee in staying in compliance with ERISA and fiduciary standards. Having a well-qualified adviser (in terms of ability, resources and insurance coverage along with deep pockets) is important. A more detailed discussion of ongoing services of the adviser is also beyond the scope of this article, but would include obtaining advice on plan investment alternatives, developing a menu of available investment choices, monitoring plan investments and fees and monitoring individual participants' results.

The chartered Committee process should be consistently followed and documented. The existence of a governance model that is shelved and not observed could be worse from a future liability risk standpoint than having no governance model at all.

Finally, the individual officers, directors, partners, members, employees, etc. and other individuals participating in plan management and administration (including Committee members) should be fully indemnified by the sponsor and, in the case of, for example, a law firm partnership or limited liability company, indemnified by the individual partners or members. In the case of corporations and other state law-governed entities, provisions applicable to the scope and extent of the indemnity (including any minimum required or mandated indemnity) of officers, directors, members or managers will be a matter of statute. As to others, it will be a matter of contract. The agreement should also mandate insurance coverage for the benefit of the indemnified parties, as discussed below. (Careful drafting should provide that resort to insurance is not the sole remedy of the indemnified party.) It would unwise for an individual to participate in plan management and administration or to serve on a plan committee without an indemnity while relying on fidelity bond or insurance coverage alone.

External Measures

There are also external measures that can be taken to manage the risk.

The most fundamental measure is actually mandatory under ERISA. Section 412 requires that the plan be bonded. The amount of the bond is dictated by ERISA, generally 10% of the plan's assets determined at the beginning of each plan fiscal year, with a bond cap of $500,000. Many sponsors assume because the bond is mandatory, it is sufficient for all risks. It is not. ERISA provides that the bond must ” ' provide protection to the plan against loss by reason of acts of fraud or dishonesty on the part of the plan official, directly or through connivance with others.” Thus, the scope of the required bond is limited as to both the protected loss and amount of coverage.

As a simple example, a plan official embezzles money from the plan. The bond will cover the loss up to the amount of the bond. But the bond will not cover claims in excess of the bond amount or against claims that plan fiduciaries or the sponsor's officers or directors failed to supervise the embezzler or against other alleged breaches of duty. Other possible claims not covered by the bond include noncompliance claims (discrepancies between the summary plan description and the plan or ERISA or Internal Revenue Code noncompliance); negligence (improperly calculated benefits, improper expenditures, failure to supervise); employment (discrimination, harassment, retaliation, wrongful termination); investments (investment choices, fees incurred or asset allocations); third-party fraud or dishonesty losses including those due to poor computer security (hacking); and claims arising due to theft, fraud or dishonesty by investment advisers and benefits professionals.

When such claims occur, one of the first questions asked by the sponsor and the plan's fiduciaries is, “Are we covered?” Better to ask that question now rather than after a claim arises. The answer is to obtain appropriate coverage now. Working to manage and mitigate the chance of a claim is certainly a priority, but having adequate coverage in place for a claim, both for any possible liability and for defense costs, is of equal importance.

Insurance Coverage

Available insurance covers general liability policies including errors and omissions or fiduciary liability type coverage, plus Employment Practices Liability Insurance (EPLI) coverage for employment related claims. Do not assume existing D&O coverage is sufficient or that it provides any coverage at all for plan-related matters.

Fiduciary insurance policies are essential to provide an umbrella over the ERISA-required bond and existing D&O coverage or coverage limits. As with any insurance, its terms and conditions must be carefully shopped ' coverage limits, deductibles, etc., and a primary concern should be coverage that includes defense costs. Determine if the deductible applies to the defense costs or only to any eventual indemnity. The named insureds should be broad enough to cover the plan, its administrators and other fiduciaries, and the sponsor, its subsidiaries, partners (i.e., in the case of a law firm partnership). Coverage and exclusions, and policy definitions, require special scrutiny in this area. For example, a policy or bond providing coverage against theft or dishonesty might not cover negligent acts that border on or appear to be fraud. Obtain coverage for fines and penalties if possible, perhaps through a rider. Look for the scope of third-party coverage of outside advisers or for coverage of the named insureds because of the acts by third-party advisers. Of course, you can demand that such third parties provide coverage that extends to the plan and its sponsors as well as its administrators and fiduciaries, but careful monitoring to insure such coverage is both adequate and remains in place is essential (and in fact will usually be overlooked).

Conclusion

Market performance disappointments and fears of the future, including general economic fears, and other threats to retirement resources emanating from Washington, have increased the likelihood of claims against qualified plan fiduciaries. Plaintiffs' lawyers, ever casting about to exploit the current economic times, may find willing clients among disappointed and even angry plan participants. Now is the time to protect against these threats with effective plan administration and prudent insurance coverage and indemnification.

Bruce Jackson, a member of this newsletter's Board of Editors, is a partner with Arnall Golden Gregory LLP, Atlanta, where he is a member of the firm's Benefits Committee. He can be reached at 404-521-3985 or at [email protected]. Warren Kingsley is also a partner at the same office, where he practices employee benefits law. He can be reached at 404-873-8636 or at [email protected].