Products June 4, 2019

Clear Disclosure Partners Offers Cybersecurity Program for Retirement Plans

Among other things, the Cybersecurity Risk Management Program, in consultation with the plan sponsor and fiduciaries, includes the development of a prudent process for cybersecurity management including policies and procedures and a cybersecurity manual.

Reported by

Rebecca Moore

Clear Disclosure Partners introduced a new service for retirement plan sponsors and fiduciaries—the Cybersecurity Risk Management Program for Retirement Plans.

Get more! Sign up for PLANSPONSOR newsletters. 

Developing a prudent process for reviewing and improving retirement plan cybersecurity is one of the biggest emerging issues in the retirement industry. While the Employee Retirement Income Security Act (ERISA) does not mandate a written cybersecurity policy, plan sponsors are required to always act prudently and to document that process. Creating a cybersecurity risk management program for the unique requirements of individual plans is increasingly seen as a fiduciary “best practice” for retirement plan sponsors and fiduciaries, according to Clear Disclosure Partners.

Recently, cybersecurity concerns about retirement plans have been getting some high-level attention. At the end of 2018, the ERISA Advisory Council asked for guidance from the Department of Labor (DOL) about how plan sponsors should evaluate cybersecurity risks and requested they mandate that employers create a process to manage cybersecurity. This past February, Senator Patty Murray, D-Washington, and Congressman Bobby Scott, D-Virginia, sent a letter to the Government Accountability Office requesting that the GAO examine the cybersecurity of the retirement system.

“It’s our view, that by either regulatory mandate or “prescribed best practices,” retirement plan sponsors and fiduciaries will soon be compelled to oversee a cybersecurity program for their retirement plans similar to the cybersecurity program demanded of registered investment advisers,” says Dave Dickinson, president of Clear Disclosure Partners.

The Cybersecurity Risk Management Program develops and manages an ongoing cybersecurity program for retirement plans, including:

A review of the cybersecurity risks and the unique “cyber circumstances” particular to each employer’s retirement plan.
In consultation with the plan sponsor and fiduciaries, development of a prudent process for cybersecurity management including policies and procedures and a cybersecurity manual. The program must be tailored to the plan and not boilerplate.
Review of plan provider cybersecurity policies and procedures including a review of contractual provisions relating to cybersecurity.
Employee education about cybersecurity risk and best practices.
Annual cybersecurity review and compliance meeting.
Creation and maintenance of a cloud-based cybersecurity risk management program compliance file.

You Might Also Like:

Compliance | May 3rd, 2024

How Should a Plan Sponsor Respond to a Data Breach?

Given the recent data breach at J.P. Morgan, plan sponsors should evaluate their recordkeepers’ cybersecurity practices and ensure there is...

Benefits | December 29th, 2023

EBSA’s Lisa Gomez Talks DOL 2024 Agenda

The Department of Labor keeps working to implement provisions of 2022’s SECURE 2.0 Act alongside further rules for retirement and...

Compliance | December 13th, 2023

Report: DOL Information Security Needs Improvement

An audit of the Department of Labor’s program determined it is ineffective.

Products June 4, 2019

Ubiquity Offers Financial Wellness Tool Catered to Small Businesses

CensiblyYours designates a 3(38) investment adviser to assist plan sponsors and offers participants access to the financial education platform Edukate.

Reported by

Amanda Umpierrez

In partnership with Kaye Capital Management, Ubiquity Retirement + Savings has created a two-part financial wellness program tailored to small business owners and employees.

The feature, named CensiblyYours, designates a 3(38) investment adviser to assist plan sponsors with their investment fiduciary responsibility, and provides access to five custom target-risk portfolios, according to Ubiquity. Portfolios are classified by risk level and built with low-cost mutual funds, index funds and exchange-traded funds (when appropriate) from Charles Schwab, J.P. Morgan, Principal, TIAA, Fidelity, Vanguard and DFA, and hold expense ratio rates from 4.8 basis points (bps) to 8.1 bps.

Get more! Sign up for PLANSPONSOR newsletters. 

“Many small business owners are hesitant to offer a retirement plan because they do not have the time, resources or knowledge to take on the investment fiduciary liability,” says David Hilton, head of Retirement Consulting at Kaye Capital Management. “By serving as a 3(38) advisor for Ubiquity’s clients, we are reducing this burden for small businesses and simultaneously providing affordable investment options that are in the best interest of the plan participants.”

The tool is offered to workers for a capped fee of $3 or less per month per participant and does not include the portfolio expenses.

In addition to the professional investment selection and monitoring offered by Kaye Capital Management, participants in CensiblyYours Financial Wellness Tools will have access to the financial education platform Edukate. The platform, designed to help employees achieve their financial goals, offers an intuitive and interactive approach to financial education.

“The average saver should not be burdened with managing their financial health entirely on their own,” says Chris Whitlow, CEO and Founder of Edukate. “Plan sponsors on the Ubiquity platform can now better promote financial wellness by engaging participants in their retirement plans through contests, educational content and an interactive leaderboard.”

For more information on CensiblyYours Financial Wellness Tools, visit myubiquity.com.

You Might Also Like:

Benefits | January 29th, 2025