The Employee Retirement Income Security Act (ERISA) requires plan administrators to disclose certain retirement plan information to participants and beneficiaries. To meet these disclosure requirements, plan administrators must use delivery methods that reasonably ensure participants and beneficiaries will actually receive the information. Historically, that meant distribution by way of first class mail or in-person delivery. In 2002, the Department of Labor (DOL) established a safe harbor for distributing required plan documents through "electronic media" (the "2002 Rules"). To read more about the 2002 Rules click here.
After increasing demand over the years for updating the safe harbor, the DOL has finally released new electronic disclosure rules (the "New Rules") for retirement, but not health and welfare plans. The primary change is to default to electronic distribution, rather than paper, for participants and beneficiaries who are not “wired at work.” Although the New Rules do not officially go into effect until July 26, 2020, the DOL has stated that it will not take any enforcement action against plan administrators operating under the New Rules. In effect, this means the New Rules can be used immediately.
Plan administrators now have the choice to follow either the 2002 Rules or the New Rules or use different safe harbor rules for different groups of participants and beneficiaries. Because the 2002 Rules may be easier to follow for “wired at work” employees, and the New Rules make it easier to use electronic distribution for other participants and beneficiaries, a mixed approach may be best. Other methods of electronic distribution may also be used, as long as the method is "reasonably calculated to ensure actual receipt" by all participants and beneficiaries. Although the use of any safe-harbor is not mandatory, the plan administrator can ensure compliance by following one of the safe-harbors.
Disclosures Covered by the New Rules
Generally, the New Rules allow plan administrators to electronically distribute "covered documents" to "covered individuals."
No matter the type of electronic address a covered individual provides, plan administrators must have a system in place to alert them to any undelivered communications. If a communication is undeliverable, a plan administrator must seek an alternative electronic address or must treat the covered individual as opting out of electronic delivery.
Prior to taking advantage of the New Rules, a plan administrator must furnish covered individuals with an initial notification, on paper, advising the individuals that all future notices will be delivered electronically, unless they exercise their right to opt-out if they prefer paper. This notification must be given before the plan can use the new safe harbor, and it must describe the electronic address to which notices will be sent and the delivery method. Under the New Rules, there are two different delivery methods: (1) the notice and access method; or (2) the direct email method.
Notice and Access Method
Direct Email Method
Under the New Rules, plan administrators may email covered documents directly to participants either in the body of the email or as an attachment. If they email the documents directly to participants, they do not need to include a NOIA, although the email must contain substantially similar information.
Opting Out and Paper Copies
Participants and beneficiaries receiving disclosures electronically can request a paper copy of a specific covered document published electronically. They can also choose to opt out of all electronic disclosures by electing a “global opt-out,” after which they must be provided all disclosures on paper. They cannot elect to have some disclosures made electronically and some made on paper.
Website Accessibility, Privacy and Data Security
Plan administrators must ensure the continued operation and security of the website where they post covered documents, subject to exceptions for temporary unavailability due to maintenance or unforeseeable circumstances. The New Rules also make it clear that the DOL considers protecting participant private information a fiduciary obligation of the plan administrator. The fiduciary plan administrator will need to establish processes to make sure the service provider has adequate controls and contractual obligations with respect to privacy and cybersecurity.
New Procedures Required
The New Rules require the plan administrator to have procedures in place to implement the requirements, such as for processing requests and elections, acting on undelivered communications, and handling severances when employees will no longer be on the employer’s email system.
The New Rules offer plan administrators additional flexibility, but require careful implementation. The fiduciary plan administrator, not the service providers, will be responsible for compliance with the requirements. Although the providers may offer their forms, distribution systems and logistical support, the provider contracts leave the sponsor-appointed fiduciaries responsible for determining whether those offerings comply with legal requirements.
We are here to help sort through the electronic distribution options and requirements and ensure that proper procedures are in place. For more information on this and any other employee benefits matter, please contact Mary Jo Larson, Brianna Richardson or your Warner employee benefits attorney.