Deals and People May 23, 2023

GSAM Adds to Multi-Asset Solutions’ Resources

Goldman Sachs Asset Management continues to add resources to outsourcing business with appointments to leadership roles.

Reported by

Noah Zuss

Goldman Sachs Asset Management appointed Ashish Shah and Greg Calnon as co-heads of public investing, effective June 1, the firm announced in an email on Tuesday.

Shah and Calnon will be responsible “to further advance our public investing capabilities across fixed income, public equities and multi-asset solutions, focusing on alpha generation and delivering holistic client solutions,” Julian Salisbury, CIO of asset and wealth management, said in an email announcing the promotions. “Their decades of combined investing experience will help us to identify new opportunities and drive further growth and innovation across our global platform.”

For more stories like this, sign up for the PLANSPONSOR NEWSDash daily newsletter. 

Both will continue to report to Salisbury, according to a spokesperson.

“The combined investing and leadership experience of Ashish and Greg will benefit both businesses— from identifying new opportunities, driving growth and driving innovation across the combined platform so that we can deliver the best of Goldman Sachs to our clients,” Salisbury said in an internal Goldman email announcing the promotions. “Adding leadership to the platform is a testament to its importance within our overall firm strategy. “

Shah will continue his role as CIO of public investing, according to Goldman. Calnon is a Goldman partner and was previously global head of multi-asset solutions.

Goldman promoted Carolyn Tavares to lead the multi-asset solutions advisory, earlier this month. She is responsible for executing Goldman Sachs’ multi-asset advisory strategy and managing a team of analysts and consultants.

“The [multi-asset] solutions business is an area of focus for the firm as we further deepen our relationships with large institutional clients by delivering them holistic portfolio advice,” the spokesperson said, earlier this month. “We will add resources as necessary to support our continued growth in this area.”

Tavares’ role is in addition to her position as the head of nonprofit outsourced CIO for retirement plans at Goldman Sachs.

Goldman announced in a separate memo the firm promoted Tim Braude and Valentijn van Nieuwenhuijzen to become co-heads of multi-asset solutions.

“MAS represents a key growth engine of our public investing franchise and engages with a diversified set of clients on their holistic portfolio needs, including asset allocation, portfolio construction and risk management,” says Marc Nachmann, global head of asset and wealth management, in a memo.

As co-heads, Braude and van Nieuwenhuijzen will continue to grow the global business with across outsourced CIO, third party wealth, defined contribution and retirement solutions and strategic partnerships, according to the memo.

Goldman also announced Neill Nuttall will continue to serve as CIO for MAS and will be joined by Alexandra Wilson-Elizondo, who will become deputy chief investment officer of MAS and co-chair of the MAS investment core, according to Goldman Sachs.

You Might Also Like:

Opinions | March 19th, 2025

Selecting an OCIO: What Every Organization Needs to Know

The right provider will bring education and insight that enable institutional asset allocators to make confident investment decisions.

Compliance | November 27th, 2024

Republican AGs Allege Asset Managers Misled Investors in Coal Stock

11 states accused BlackRock of offering coal funds while undercutting the industry and both State Street and Vanguard of suppressing...

Deals and People | October 21st, 2024

Consultant NEPC Sells Majority Stake to Advisory Firm Hightower

The deal, expected to close in 2025, aims to combine NEPC's institutional investment, research and OCIO capabilities with Hightower’s rapidly...

Compliance May 23, 2023

Participant Data Breach Hits Retirement Clearinghouse

The clearinghouse alerted more than 10,000 people that private information, including IRA account data, may have been stolen.

Reported by

Alex Ortolani

Retirement Clearinghouse LLC, an industry leader in driving forward the automatic portability of retirement plans, has alerted more than 10,500 individuals that their personal data, including individual retirement account numbers, may have been compromised.

The organization alerted individuals with written notice, dated May 12, that their information may be at risk for fraud, according to public filings in the states where they are located.

Never miss a story — sign up for PLANSPONSOR newsletters to keep up on the latest retirement plan benefits news. 

“We identified that between March 15 and 16, 2023, a small number of files were at risk of access without authorization,” the firm wrote in the letter. “Because of this, we took measures to ensure the security of the files and notify potentially affected individuals about this matter.”

According to the firm, the files included people’s names, Social Security numbers and IRA account numbers held by Matrix Trust Co., a division of Broadridge Financial Solutions that provides services including IRA administration, rollovers and third-party administration recordkeeping. The letter sent by Charlotte, North Carolina-based Retirement Clearinghouse offered a complimentary, three-month membership to an identity protection product to help monitor identity theft or fraud.

“The phishing incident did not affect the network that the firm is establishing with large retirement recordkeepers to reunite small 401(k) balances with their owners,” Retirement Clearinghouse CEO Spencer Williams said in an emailed statement.

Broadridge wrote in a statement that it is “coordinating with Retirement Clearinghouse in their efforts to inform all impacted individuals of this situation and the services being offered to protect their data.”

Ignites first reported the breach notifications.

Protection of consumer information within retirement savings plans has been a key focus for the industry in recent years, with the Department of Labor’s Employee Benefits Security Administration issuing cybersecurity guidance, tips and best practices regarding retirement benefits in April 2021. The SPARK [Society of Professional Asset Managers and Recordkeepers] Institute has also been focused on improving cybersecurity in the space, including a November 2022 plan sponsor and adviser guide to cybersecurity best practices.

“We see the cyber breaches across our lives almost every day; we have, in fact, gotten immune to new news,” says Jay Gepfert, CEO of DOL Cybersecurity LLC, which provides third-party evaluation of the DOL’s cybersecurity guidelines.

Gepfert notes that there are two levels of potential breaches: a “breach by the recordkeeper directly” and a “breach into an account due to participant fault.” He notes that his firm’s research shows that more than 75% of breaches come from individual human error, usually due to one of the various methods to gain access being compromised.

“Most of the large, national recordkeepers have for years spent large amounts of money on their cyber systems and procedures,” Gepfert says. “This includes both from a technical perspective and training of employees on how to handle the expanding volume of attempts to gain access. … The real weak point for gaining access is through employees and participants.”

The Retirement Clearinghouse’s auto-portability network has brought together retirement recordkeepers, retirement solutions providers and plan sponsors to improve auto-portability among retirement plan participants and reduce savings leakage. The network includes financial firms such as Empower, Fidelity Investments, TIAA and Vanguard and represents about 62 million workers and 139,000 employer-sponsored retirement plans.

The clearinghouse “involves collecting information about the individuals from organizations to facilitate the transfers,” the Retirement Clearinghouse wrote in the letter notifying impacted individuals.

According to the public filings, Retirement Clearinghouse saw suspicious activity on one email account on March 15 and 16 and alerted the organization most likely to be affected by the breach. After an investigation, Retirement Clearinghouse reported the breach and began contacting participants with the offer of complimentary use of Experian’s IdentityWorks product to detect and resolve identity theft. The firm also provided the individuals with information on how to place a fraud alert and credit freeze on their finances and with contact details for national consumer reporting agencies.

The states involved in the breach included Maine, Maryland, New York, North Carolina and Rhode Island, as well as Washington, D.C., according to the public filings.

The Retirement Clearinghouse also wrote in the letter that it is “evaluating additional safeguards to mitigate recurrence of this type of event.”

Retirement cybersecurity expert Gepfert notes six key tactics to help people avoid becoming part of the 75% of human mistakes that let in bad actors. They are: changing privacy settings on phones and computers; keeping software applications and operating systems up-to-date; creating strong passwords; using two methods of verification; learning about phishing email scams; and not sharing login information with other individuals.

Gepfert expects more cybersecurity guidance on retirement plan protection coming from the DOL in the near future. That is in part because plan sponsors are still in the process of reacting to the initial guidance, and further nudges may be needed for the guidance to “run downhill.”

You Might Also Like:

Administration | March 14th, 2025