Retirement plan sponsors have become the subject of unprecedented scrutiny from plaintiffs’ lawyers and Department of Labor (DOL) regulators. Litigators review filed Forms 5500 and look for plans with inadequate due diligence, poor fund performance, and excessive fees, while the DOL has broad authority, vast investigative staff, and extensive enforcement resources dedicated to seeking civil remedies for breaches of fiduciary duties [ERISA section 502(a)(2), 29 USC section 1132(a)(2)].

Thank you for reading this post, don't forget to subscribe!

The fiduciary responsibility of ERISA-governed retirement plan sponsors to select, monitor, and terminate the investment choices available to participants is enormous, and has led employers to seek assistance from outside investment advisors (Newsletter, Wagner Law Group, Sept. 5, 2018). Any 401(k) plan fiduciary who breaches any of the responsibilities, obligations, or duties imposed upon plan fiduciaries will be personally liable to make good any losses to the plan resulting from each breach (ERISA section 409, 29 USC section 1109). In addition, employers face compliance, reputational, and business risks when they fail to act prudently with respect to their 401(k) plans.

Investment advisors, investment fiduciaries, ERISA lawyers, and CPAs can protect their 401(k) plan clients from monetary sanctions and costly lawsuits by developing an effective plan governance strategy. A review of the evidentiary record in 401(k) fiduciary breach lawsuits provides the procedural steps necessary for plan fiduciaries to mitigate the risk of fiduciary breach and the documentation necessary to support a prudent plan management process. High fees and poor fund performance are a basis for litigation and investigation; however, prudent decision making enables employers to defeat claims and sanctions.

Fiduciary Breach Violations

Litigation is brought against employers for three main reasons: excessive fees, inappropriate investment options, and self-dealing (George S. Mellman and Geoffrey T. Sanzenbacher, “401(k) Lawsuits: What Are the Causes and Consequences?” Boston College Center for Retirement Research, May 2018, Most lawsuits focus on an employer’s breach of fiduciary duty due to the unmonitored use of revenue sharing payments, resulting in excessive fees paid to recordkeepers and the retention of an investment fund with poor performance. High fees become legally problematic if an employer is unable to demonstrate it engaged in prudent decision making when it selected the fund or share class; recurring violations in DOL investigations include the failure to timely deposit participant contributions, the failure to maintain a fidelity bond meeting statutory requirements, and the failure to carry out proper plan governance activities.

Many plan fiduciaries are unaware of the plan governance practices necessary to comply with ERISA, and become aware of an alleged violation as a result of a DOL investigation or participant lawsuit. Two employers can select the same fund and face different liability risks if one follows a prudent decision-making and monitoring process and the other does not. A prudent process would include an analysis of the performance, portfolio statistics, and expense of other funds in the same asset category. Plan fiduciaries who do not replace funds that consistently underperform are at greater risk of an investigation or a lawsuit.

Plan Fiduciaries

Plan fiduciaries include plan administrators, trustees, and retirement plan committee members. CFOs, human resource managers, and board members are also fiduciaries to the extent they exercise the requisite authority or control over plan management (29 CFR section 2509.75-8, D-4, D-5). A CEO is considered a fiduciary to the extent that he selects the plan’s administrator [Chao v. Crouse, 346 F. Supp. 2nd (S.D. Ind. 2004)]. ERISA requires that fiduciaries follow a careful, prudent process to ensure that their plans offer appropriate funds and pay no more than reasonable fees for necessary services. Plan fiduciaries are legally required to act in the best interest of plan participants, which is not required of nonfiduciaries, including recordkeepers and brokers. Best practices dictate a review of the plan’s investment policy statement at least annually, particularly if fund replacements were made during the year (2018 Defined Contribution Trends, Callan Institute Survey).

Directed Trustees

Trustees have exclusive authority and discretion to manage plan assets, making them fiduciaries; however, not all trustees have the same degree of authority or control. A 401(k) trustee whose control over plan assets is made solely subject to the direction of a named plan fiduciary is referred to as a “directed trustee.” Most 401(k) recordkeepers offer directed trustee services as a part of their bundled services at no additional fee. The directed trustee does not relieve the named plan fiduciary of his fiduciary duty to monitor fund performance and use plan assets to pay reasonable fees. Nevertheless, an individual trustee is personally liable and must defend a lawsuit in which he is named. A directed trustee also issues an asset certification enabling employee benefit plan auditors to conduct less costly limited scope audits.

Robotic Fiduciary Advisors

Most 401(k) recordkeepers offer online 3(21) fiduciary advisory services to assist plan sponsors in fund selection and fund performance monitoring for a nominal fee; the advisory firm makes replacement recommendations via email that the employer is required to follow. This author has experienced conflicted advice in the form of a fund replacement recommendation that decreased fund expense by four basis points, increased recordkeeper compensation by 10 basis points, and had consistently underperformed. Plan fiduciaries who accept a conflicted fund recommendation are considered to have embraced it as their own and are therefore held to have selected that fund investment. Robotic advisor services are customarily offered by nonfiduciary brokers to supplement their service deliverable, since brokers cannot assume responsibility for fund selection and cannot make fund recommendations.

Fund Selection

The DOL’s position, consistent with case law, is that the decision-making process leading up to the challenged conduct is reviewed in order to determine whether an ERISA fiduciary’s investment was prudent [Tibble v. Edison Int’l, No. 13-550 (S. Ct. filed Dec. 1, 2014)]. After an investment decision has been made, the plan fiduciary has a duty to review and monitor the continuing prudence of the investment (Tibble Amicus Brief at 12-13). Plan fiduciaries should incur costs that are reasonable in amount and consistent with the responsibilities of the plan. Plan fiduciaries must periodically review and monitor investments and remove imprudent investments from a participant directed 401(k) investment menu. Prudence involves making informed and reasoned decisions based upon empirical data; 47% of plan sponsors reported making a fund change due to performance related reasons in 2017 (Callan Institute Survey).

Trustees have exclusive authority and discretion to manage plan assets, making them fiduciaries; however, not all trustees have the same degree of authority or control.

Plan fiduciaries who offer inappropriately higher-expense-share-class funds either have not conducted due diligence and are unaware of lower-expense share classes, or have dealt with a broker who did not benchmark fees, leverage the plan’s profile, and minimize plan cost. In one case, plan fiduciaries breached their duties in failing to remove certain mutual fund investments more than six years after they were added to the 401(k) plan’s investment lineup [Tibble v. Edison Int’l, 135 S. Ct. 1828, 1829, 59 EB Cases 2461 (2015)]. The DOL’s position is that plan fiduciaries need to remove an imprudent investment within a reasonable period of time.

The DOL’s long-established interpretation has been that the 404(c) safe harbor does not insulate from liability plan fiduciaries who select imprudent investment options and does not relieve plan fiduciaries from their duty to prudently select and monitor investment funds offered under their 401(k) plan [29 CFR section 2550.404c-1(d)(2)(iv)].

Investment Consultants

A broker is not a fiduciary and assumes no responsibility for fund selection and ongoing fund performance monitoring. A 3(21) nondiscretionary investment advisor monitors fund performance and recommends fund changes as a cofiduciary, whereas the plan sponsor selects investments. A 3(38) discretionary investment fiduciary selects and monitors funds and acts as a cofiduciary, assuming responsibility for fund selection and share class selection. The 3(38) investment fiduciary service model is designed to protect plan fiduciaries from excessive fees and poor fund performance. More than 80% of plan sponsors say they engage an investment consultant; however, most do not know whether their advisor assumes responsibility for fund selection and reasonable fees (Callan Institute Survey).

Service Provider Selection

The DOL enforces fiduciary duties in connection with the retention of service providers by plan fiduciaries. The service provider’s fee must be reasonable if paid with plan assets. Plan fiduciaries must know the prevailing rates for similar services to be able to determine reasonableness; therefore, soliciting bids is necessary in connection with the selection and retention of service providers (e.g., recordkeepers). Plan fiduciaries need to benchmark their plan’s recordkeeping fee in the marketplace every three years [George v. Kraft Foods Global Incorporated, 641 F.3d 786 (7th Cir. 2011)]. The DOL takes the position that plan fiduciaries must adopt and adhere to routine procedures, including receiving reports from their fiduciary advisor about their activities, decisions, recommendations, and performance at least annually (Interpretive Bulletin 75-8, codified at 29 CFR section 2509.75-8). Plan fiduciaries cannot defend actions they have taken if they have failed to conduct due diligence, maintain adequate records, and memorialize plan decisions.

Fiduciary Positioning

The most important step plan sponsors took within the past 12 months to improve their fiduciary position was to review plan fees. This action ranked significantly higher than any other action undertaken by plan fiduciaries; approximately 83% of employers assessed their 401(k) plan fees in 2017, and more than 40% of those employers reduced plan fees. The second most important action taken was to update or review their investment policy statement. Most plan sponsors maintain an investment policy statement, and more than 20% of those employers without an investment policy statement anticipated adopting one. Plan fiduciary decision makers include human resource and finance executives as well as in house legal counsel (Callan Institute Survey).


Plan fiduciaries can be held liable for permitting their 401(k) plans to inure to the benefit of the employer [ERISA Section 403(c)(1)]. Plan fiduciaries for financial firms have had to defend the selection of their employers’ own funds that had poor performance, excessive fees, or insufficient performance history.

Timely Deposit of Participant Contributions

The DOL has previously determined that an employer did not have policies and procedures in place in the event the person responsible for submitting participant contributions was unable to do so, and that this lack of proper procedures and written guidelines contributed to the untimely contributions. The DOL also stated that the employer was notified in comment letters from the employee benefit plan auditor that contributions were untimely and inconsistent, and that the employer failed to adopt procedures or correct the deficiency (DOL Letter to Plan Administrator, Dec. 26, 2018).

Fidelity Bond

Plan fiduciaries are required to maintain a fidelity bond for their 401(k) plans that complies with ERISA. An investigation of a fidelity bond made a part of a crime policy was found to exclude losses required to be covered by ERISA; therefore, the DOL concluded that the fidelity bond provisions failed to satisfy ERISA (DOL Letter, Dec. 26, 2018). Employers should obtain a copy of their fidelity bond policies and a written representation from their brokers that the fidelity bond meets statutory requirements in the event of an investigation, and prior to signing a management representation letter requested by their employee benefit plan auditor.

Department of Labor Investigations and Enforcement

Employers who do not monitor the delegation of fiduciary and nonfiduciary responsibility to their advisors and record-keepers are held liable for plan governance lapses, conflicts of interest, and unreasonable fees. DOL letters routinely caution that the failure to properly select and monitor service providers exposes the plan administrator to potential fiduciary violations and civil penalty assessment (DOL Letter to Plan Administrator, Dec. 20, 2017).

The DOL imposes penalties for a failure to respond to a request for information, file Form 5500 annual reports, provide required disclosures and notices, or maintain a fidelity bond, as well as for prohibited transactions and fiduciary violations. There are discretionary penalties for prohibited transactions, which include the failure to timely deposit participant contributions, and mandatory penalties for fiduciary violations, which include using plan assets to pay excessive fees and failing to monitor investment performance.

IRS agents refer concerns regarding plan expense reimbursements, defaulted participant loans, delinquent participant contribution deposits, and fidelity bonding to the DOL, whereas DOL investigators refer concerns regarding late Form 5500 filers, Form 5500 nonfilers, delinquent participant contribution deposits, and discrimination rule compliance to the IRS.

Department of Labor Investigative Projects

The DOL has developed specific national investigative projects, which are designed to detect and correct ERISA violations, and has designated national enforcement priority to these investigative projects (Pension and Welfare Benefits Administration: Strategic Enforcement Plan, 63 Federal Register 18, 207–208, Apr. 6, 2000).

The Plan Investment Conflicts Project investigates imprudent application of investment guidelines, monitoring of plan investments and service providers, selecting and retaining of service providers, and payment of excessive fees with plan assets. The objective is to cause plan fiduciaries to be personally liable for any losses to the plan resulting from each breach of the responsibilities, obligations, or duties imposed upon plan fiduciaries.

The Employee Contributions Initiative investigates the failure to timely deposit participant contributions. The objective is to protect employees who have 401(k) contributions withheld from their paychecks that were not deposited to the plan on a timely basis in accordance with DOL regulations.

The DOL engages in efforts to compel plan fiduciaries to restore participants to the position they would have been in absent the breach, including the deposit of lost earnings. The DOL is often successful in obtaining compliance, but may resort to litigation or criminal enforcement to achieve compliance.

Department of Labor Notice of Rejection of Form 5500

This letter notifies the plan administrator that the DOL has rejected the Form 5500 filed due to a failure to provide an audit report. The notice cautions that the failure to properly select and monitor service providers, including employee benefit plan auditors, exposes the plan administrator to potential fiduciary violations and civil penalty assessments.

The DOL has found that 39% of plan audits contained major deficiencies with respect to one or more relevant GAAS requirements, which would lead to rejection of a Form 5500 filing. The DOL also found that there is a clear link between the number of employee benefit plan audits performed by a CPA and the quality of the audit work performed. CPAs who performed the fewest number of employee benefit plan audits annually had a 76% deficiency rate, whereas firms performing the largest number of plan audits had a deficiency rate of only 12% (Assessing the Quality of Employee Benefit Plan Audits, May 2015,

Employee benefit plan audits are specialized engagements requiring informed auditors with employee benefit plan–specific training, whose firm is subject to peer review ensuring compliance with professional standards. Members of the AICPA’s Employee Benefit Plan Audit Quality Center (EBPAQC) tend to have fewer audits containing multiple GAAS deficiencies.

Plan fiduciaries need to conduct due diligence and document the process by which they retain an employee benefit plan auditor. The annual reporting civil penalty in the amount of $1,100 per day is assessed against the plan sponsor if the plan’s annual report is rejected due to a deficient audit or because the accountant failed to meet the standards for qualification to perform an ERISA plan audit. A rejected annual report means plan fiduciaries may need to retain a new plan auditor and, in any event, file an amended Form 5500 with a new plan audit report.

Sources of Department of Labor Investigations

Many DOL investigations are triggered by complaints or inquiries from employees (EBSA Enforcement Manual, Complaints). The DOL also engages in targeting direct searches of specific data in Forms 5500 and audit report financial statements to identify plans that are not compliant (EBSA Enforcement Manual, Targeting and Limited Reviews). The targets of fiduciary investigations are individuals who are or are considered to be named plan fiduciaries or functional plan fiduciaries. The DOL investigator may contact plan fiduciaries, as well as corporate officers and employees of the plan sponsor involved in plan administration or management, for interviews or depositions.

DOL investigations also result from a Form 5500 annual report that is rejected due to a deficient audit or because the accountant failed to meet the standards for qualification to perform an ERISA plan audit (Assessing the Quality of Employee Benefit Plan Audits).

Scope of 401(k) Plan Investigations

Regardless of the reason for opening a DOL investigation, the investigator will conduct an expansive investigation of the 401(k) plan’s administration, management, and operations, with specific focus on missing participants, participant loans, plan investment performance monitoring, investment policy statement application, plan fiduciary conflicts, service provider conflicts, plan investment fees and expenses, service provider compensation, service provider selection and retention, plan investment selection and retention, compliance with bonding requirements, compliance with reporting requirements, and compliance with disclosure requirements.

The DOL investigator obtains plan documents and reports to identify named fiduciaries, examines whether other individuals are functional fiduciaries and cofiduciaries, and identifies all service providers. The investigator also determines the allocation of responsibilities for plan administration, whether expenses paid by the plan are reasonable, whether expenses were incurred for the exclusive benefit of plan participants, and the extent to which plan expenses compare to the expenses of a comparable plan.

In evaluating plan management, the investigator determines whether participant contributions and loan repayments are collected in a timely manner, whether withheld participant contributions and loan repayments are deposited promptly, whether plan investments are properly insured, whether tax qualification provisions are properly administered, whether plan investments are prudently selected and monitored, and whether plan investment options are consistent with the plan document and investment policy statement.

Document Requests in 401(k) Plan Investigations

The most cumbersome, costly, and time-consuming aspect of any DOL investigation is compliance with the DOL’s expansive request for documents and reports. The investigator routinely interviews corporate officers, employees, plan fiduciaries, and plan administrators. The plan fiduciary target of a limited review may receive an inquiry letter and request for documents directed to the specific issue under examination, in contrast to other program enforcement investigations, where the investigator reviews documents with respect to every aspect of plan operation.

Concluding Department of Labor Investigations

An investigation may conclude through the issuance of a closing letter, successful voluntary compliance, or referral for litigation. Working cooperatively and cautiously with the DOL investigator from the outset to respond to requests for information and documents is the best approach.

If plan fiduciaries have corrected the violation or are in the process of doing so, the DOL may determine it appropriate to issue a “no action” letter, which describes the findings of violation, indicates the corrective measures, and concludes the investigation without dedicating further resources. A no action letter advises plan fiduciaries that the DOL has concluded its investigation and is taking no further action, limits the application of the letter to the specific issues reviewed during the investigation, and states that findings and the absence of findings do not bind the DOL in a subsequent investigation (EBSA Enforcement Manual, Voluntary Compliance Guidelines).

Plan fiduciaries may correct late participant contribution deposits and deposit lost earnings; however, they need to file a Form 5330 in order to notify the IRS that a prohibited transaction has occurred and pay an excise tax [IRC section 4975(a)-(b)].

If violations are found and correction is needed, the DOL may issue a voluntary compliance letter describing the facts, notifying plan fiduciaries of its findings of ERISA violations, and requesting that plan fiduciaries take voluntary corrective action. Issues involving benefit disputes, bonding, reporting, and disclosure are suitable for voluntary compliance.

Practical Consequences of Noncompliance

Plan sponsors may need to disclose the existence of a DOL investigation or noncompliance to their lenders in accordance with credit agreement covenants. An employer’s failure to administer a plan in accordance with its terms is a fiduciary breach. Plan sponsors cannot rely on the plan’s opinion letter unless they follow the terms of the plan document in actual operation.

If voluntary compliance with the DOL is successful, the parties generally enter into a written settlement agreement. Such an agreement may be the subject of a press release issued by the DOL’s Office of Public Affairs (EBSA Enforcement Manual, Release of Information). Accordingly, employers need to manage their 401(k) plans pursuant to a disciplined process that is grounded in fiduciary principles to protect their business reputation.

Practical Consequences of Compliance

A recent study found a strong correlation between 401(k) plan performance and corporate financial performance. Employees benefit from well-designed and well-managed 401(k) plans, and the same employees directly affect corporate profitability [Where 401(k) Design and Corporate Profitability Cross Paths, T. Rowe Price Investment Services, Inc., 2018,].

Many plan sponsors and their advisors benchmark plans against self-serving, published industry averages. Plan sponsors and their advisors should benchmark their plans against service and fee quotes obtained in the marketplace, taking into account their plan’s superior profile, because the DOL contemplates marketplace benchmarks, and because excellent 401(k) plans are valued more by employees than average 401(k) plans (Holly Verdeyen, “7 Attributes of an Excellent DC Plan, Russell Investments Research,” Oct. 15, 2018,

A well-structured plan governance process substantially increases the likelihood that a 401(k) plan will be successful. Employers who value operational excellence understand the need to monitor plan expenses, fund performance, and fiduciary compliance, and consequently sponsor successful and compliant 401(k) plans. In measuring the success of a 401(k) plan, investment performance, cost effectiveness, and avoidance of fiduciary issues ranked high (Callan Institute Survey).

Given the critical role that corporate culture plays in driving a company’s performance and reputation, it is not surprising that boards today are reassessing their approach to oversight of culture. Boards have determined that culture and compliance belong on committee agendas (Board Oversight of Corporate Culture, KPMG Board Leadership Center, 2018, Employers have shifted from a financial management role to a fiduciary oversight role. That oversight has become paramount for plan sponsors as their fiduciary responsibility continues to evolve with changing regulations (Defined Contribution Benchmarking Survey, Deloitte, 2017,

Plan Governance: An Actionable Strategy

The DOL’s increased enforcement efforts and the likelihood that 401(k) plan litigation will continue make it clear that plan fiduciaries must manage plan governance effectively or retain a capable fiduciary to do so. Outside fiduciaries assist plan fiduciaries with the search, selection, and monitoring of funds and expenses in a manner designed to ensure compliance with ERISA’s stringent fiduciary standards. Employers need to reduce the risk of regulatory, legal, audit and investment challenges inherent in sponsoring a 401(k) plan, signing a Form 5500, and making a fiduciary decision. Parties charged with plan governance should establish a well-structured process pursuant to which retirement plan committees make informed decisions, receive recurring reports from their advisors, consistently apply investment policy statement criteria, adhere to plan terms, and maintain committee meeting minutes.

Sheldon M. Geller, JD, CPA is the managing member of Stone Hill Fiduciary Management, LLC, Great Neck, N.Y. He is a member of The CPA Journal Editorial Advisory Board.