Compliance February 4, 2025

Retiree Advocacy Group, Public Employee Unions Sue Treasury due to ‘Illegal DOGE Data Access’

The Alliance for Retired Americans and two union groups accused Secretary of the Treasury Scott Bessent of violating the privacy rights of millions of Americans.

Reported by

The Alliance for Retired Americans, the American Federation of Government Employees and the Service Employees International Union, filed a lawsuit Monday against the Department of the Treasury for sharing confidential data with the Department of Government Efficiency Service Temporary Organization, run by Elon Musk at the direction of President Donald Trump. The Treasury data likely include Social Security and Medicare customer payment systems, according to the complaint.

The plaintiffs’ complaint—which names Secretary of the Treasury Scott Bessent, the Department of the Treasury and the department’s Bureau of the Fiscal Service—argues that instead of protecting the private information of Americans, as required by law, Bessent is taking “punitive measures against officials who sought to protect that information from improper access and allowed DOGE full access to the data.”

Never miss a story — sign up for PLANSPONSOR newsletters to keep up on the latest retirement plan benefits news.

The case was filed in U.S. District Court for the District of Columbia.

The data in question can include names, Social Security numbers, birth dates, birthplaces, home addresses, telephone numbers, email addresses and bank account information, according to the complaint. Federal law protects sensitive information from improper disclosure and misuse, including by barring disclosure to individuals who “lack a lawful and legitimate need for it,” according to the complaint.

“Elon Musk and/or other DOGE members had sought access to the Bureau’s records for some time, only to be rebuffed by the employee then in charge of the Bureau,” the lawsuit stated. “Within a week of being sworn in as Treasury Secretary, Mr. Bessent placed that civil servant on leave and granted DOGE-affiliated individuals full access to the Bureau’s data and the computer systems that house them.”

The civil servant placed on leave was former Fiscal Assistant Secretary of the Treasury David Lebryk, who had served in that role since 2014 and served as acting secretary of the Treasury until Bessent’s confirmation on January 27. Lebryk reportedly resisted the DOGE’s access to the Treasury payment system. Lebryk suddenly retired on January 31 in reaction to the dispute.

Bessent also granted the DOGE access to the federal payment system without making any public announcement, providing any legal justification or explanation for his decision or “undertaking the process required by law for altering the agency’s disclosure policies,” according to the complaint.

“The scale of the intrusion into individuals’ privacy is massive and unprecedented,” the complaint states. “Millions of people cannot avoid engaging in financial transactions with the federal government and, therefore, cannot avoid having their sensitive personal and financial information maintained in government records.”

As the DOGE has been granted access to this information for an unspecified period of time, the advocacy group and labor unions argue that retirees, taxpayers, federal employees, companies and other individuals have “no assurance that their information will receive the protection that federal law affords.” In addition, affected individuals do not have information about what personal or financial information the Treasury is sharing with outside parties or how their information is being used, the complaint states.

The complaint also argues that the Privacy Act of 1974 and the Internal Revenue Code make it “unlawful” for Bessent to allow the DOGE to access the bureau’s records with respect to taxpayer information.

The advocacy group and unions, represented by the Public Citizen Litigation Group and State Democracy Defenders Fund, are seeking that the district court prohibit Treasury from continuing to permit such access to or transfers of such personal information and to ensure that future disclosure of individual records will occur only in accordance with the Privacy Act and the IRC.

“We are outraged and alarmed that the Trump Administration has allowed so-called DOGE staff to violate the law and access millions of older Americans’ sensitive personal and financial data,” said Richard Fiesta, executive director of the Alliance for Retired Americans, an advocacy organization with 4.4 million members nationwide, in a statement. “Seniors are already the most vulnerable Americans to fraud and scams, with FBI data showing losses of $3.4 billion in 2023 alone. We urge the court to quickly act to stop this unlawful theft of our data.”

The ranking member of the Senate Committee on Finance, Ron Wyden, D-Oregon, published a letter to Bessent on Friday in which Wyden expressed concern about officials associated with Musk gaining access to payment systems to “illegally withhold payments to any number of programs.”

“To put it bluntly, these payment systems simply cannot fail, and any politically-motivated meddling in them risks severe damage to our country and the economy,” Wyden wrote.

The Department of the Treasury did not immediately respond to a request for comment.

Compliance February 4, 2025

Study Finds Fiduciary ‘Red Flags’ Are Widespread for Corporate Plans

Abernathy Daley 401k Consultants' 5500 review finds that most corporate retirement plans have regulatory or fiduciary violations.

Reported by

More than 84% of retirement plan sponsors have at least one likely Employee Retirement Income Security Act “red flag” violation in their plan that puts them at regulatory risk or indicates their failure as a fiduciary, a survey by Abernathy Daley 401k Consultants found.

To come to this conclusion, consultants at Abernathy Daley analyzed the most recent Form 5500 filings for 764,729 employers’ plans. The consultants looked for what the firm considered “red flag violations,” which Abernathy Daley defined as “infractions, fineable offenses, fiduciary failure, or plan malpractice” in two categories: regulatory infraction red flags and egregious plan mismanagement red flags.  

For more stories like this, sign up for the PLANSPONSOR NEWSDash daily newsletter.

Regulatory infraction red flags were found at 43% of companies across the U.S., and egregious plan mismanagement red flags at 76% of U.S.-based companies, per the Abernathy Daley study. Therefore, the consultancy states, in its opinion, more than 600,000 American companies could be at potential risk of fines, legal penalties and fiduciary failure.

According to Abernathy Daley, regulatory infraction red flags are “the most severe violations, which represent issues within the retirement plan that can result in civil legal penalties, discovery leading to trial, or both.” The categories of plan failures the firm considered were:

  1. Loss from fraud or dishonesty;
  2. Not offering qualified default investment alternatives;
  3. An insufficient fidelity bond; and
  4. Not 404(c) compliant.

The egregious plan mismanagement red flags might not necessarily result in a fine, but they represent failure of the plan administrator in its fiduciary duty to the plan sponsors, and the plan sponsors in their fiduciary duty to employees. The firm reported at least 584,113 retirement plans were found to have at least one egregious red flag. These infraction categories were:

  1. Not including automatic enrollment;
  2. No corrective distribution of excessive contributions;
  3. No 404(c) with participant-directed accounts; and
  4. Failure to transmit payments on time.

Abernathy Daley in 2024 released a study showing that it believed nearly 80% of companies with at least 100 employees are overpaying on administrative fees for their 401(k) and 403(b) plans. 

“Retirement plans represent a fiduciary duty toward employees and provide an essential competitive advantage for talent acquisition and retention,” said Abernathy Daley President Matthew Daley in a statement. “Yet, these alarming findings clearly show that administrators are not keeping plan sponsors out of harm’s way and plan sponsors are not offering their employees a bulletproof retirement plan.”

«