Industry News

On April 14, 2021, the U.S. Department of Labor (DOL) issued new guidance to address the cybersecurity practices of retirement plan sponsors, plan fiduciaries, record keepers and plan participants. The DOL’s first cybersecurity guidance package provides three separate documents, including: 1) Tips for Hiring a Service Provider, 2) Cybersecurity Program Best Practices, and 3) Online Security Tips. 

While the guidance is applicable to ERISA plans, it also highlights that responsible plan fiduciaries have a duty to mitigate cybersecurity risk. As a result, the new guidance may potentially affect how all plan fiduciaries are viewed. Plan sponsors are also being warned of a rise in retirement plan litigation related to cyberattacks.

The DOL press release is available here.