In 2022, the Employee Benefits Security Administration (EBSA) saw a significant decrease in enforcement actions for the second consecutive year. In total, the EBSA recovered $1.4 billion for plans, participants, and beneficiaries in 2022—down from $2.4 billion in 2021 and $3.1 billion in 2020. This decline in enforcement activity may be attributed to the Department of Labor’s (DOL) Notice 2020-01, which relieved employers from enforcement actions if they made a good faith effort to comply with rules during the height of the COVID-19 pandemic. But now that the Biden administration plans to end the Covid-19 national emergency and public health emergency, enforcement activity is expected to increase.
With greater enforcement action likely on the horizon, plan sponsors should review the EBSA’s focus areas for enforcement and ensure their plans are compliant with current rules and regulations. In this article, we review recent enforcement activity and highlight areas that plan sponsors should be watching carefully.
DOL removes bad actors and helps missing participants in 2022
In 2022, the EBSA reported it closed 907 civil investigations, getting money back in participants’ hands in 66 percent of these cases. In addition, the EBSA produced 402 non-monetary civil corrections, which included removing 29 fiduciaries (up from six in 2021), appointing 30 fiduciaries, banning 35 people from becoming fiduciaries, and improving missing participant procedures for 50 plans. This activity shows that although the EBSA relaxed its attention on monetary recoveries, it was vigilant in removing bad actors and improving processes in 2022.
Overall, the EBSA enforcement program is broken into four areas:
- Recoveries from Enforcement Actions ($931 million recovered in 2022)
- Voluntary Fiduciary Correction Program ($8 million recovered in 2022)
- Abandoned Plan Program ($84 million recovered in 2022)
- Monetary Benefit Recoveries from Informal Complaint Resolution ($422 million recovered in 2022)
Over the past several years, the majority of recoveries came from helping to collect benefits for terminated vested or missing participants in defined benefit plans. While only $542 million was recovered for such participants in 2022 — compared to $1.5 billion recovered in 2021 — the results clearly show the DOL’s continued interest in its missing participants program.
Regardless of whether you manage a defined benefit or defined contribution plan, plan sponsors with missing participants should carefully review the DOL’s “Missing Participants – Best Practices for Pension Plans.” The memo lists a number of warning signs for missing participant issues and includes examples of best practices, including:
- Maintaining accurate census information
- Creating effective communication strategies
- Searching for missing participants
- Documenting procedures and actions
In addition, the SECURE 2.0 Act passed in 2022 instructed the DOL to create a lost and found database so missing participants can find contact information for their plans.
What can plan sponsors do to limit the risk of enforcement attention?
In 2019, the BDO Alliance wrote about the DOL’s enforcement focus areas—and that list still holds true today. Late deposits, self-dealing transactions, and improper payments or compensation will certainly pique investigators’ interest.
One of the DOL’s newer focus areas is cybersecurity. In 2021, BDO covered the DOL’s informal guidance on cybersecurity, which used three separate documents to outline best practices for hiring a service provider, implementing a cybersecurity program, and giving users online security tips.
In its section for hiring a service provider, the DOL said plan fiduciaries should use an outside auditor to review and validate a vendor’s cybersecurity practices and determine whether the vendor carries insurance to cover losses caused by a breach. These and other suggestions should be seen as recommendations and not formal regulations, but plan sponsors would be wise to develop and document their processes when evaluating a potential service provider’s cybersecurity practices.
Prepare for more enforcement activity
Notice 2020-01 stipulated that its guidance would be effective from March 1, 2020, until 60 days after the announcement of the end of the Covid-19 National Emergency. This means that starting in the summer of 2023, grace periods and other relief efforts will no longer be available to plan sponsors.
Many plan sponsors may have taken advantage of the DOL’s recent pause in enforcement. But now that the DOL’s enforcement activity is expected to return to more typical levels, plan sponsors should revisit their operations and ensure policies and filings are current.
BDO has seen many incidents that have attracted enforcement actions in the past, including late deposits, missing audits on Form 5500s, and late Form 5500 filings. The DOL has recently increased its penalties for violations like these, including a daily fine of $2,586 for failing to file a Form 5500 (up from $2,400 last year).
If you are interested in learning more about compliance requirements and how to avoid a DOL investigation, your HBE trusted advisor is able to help.