Posted on June 03, 2019
If news headlines about cyber-attacks and data breaches have not yet frightened you to examine and bolster the security measures protecting your retirement plan assets, what kind of an epiphany are you waiting for?
See 21 Terrifying Cyber Crime Statistics. The current magnitude and frequency of cyber-crime is alarming, but the projected growth is staggering. When asked why he robbed banks, notorious robber Willie Sutton replied, “that’s where the money is.”
As of December 31, 2018, 401(k) plans held an estimated $5.2 trillion in assets of the $27.1 trillion in US retirement assets, which includes employer-sponsored retirement plans (both defined benefit and defined contribution plans sponsored by both private and public-sector employers), individual retirement accounts (IRAs), and annuities [Source]. Retirement plan assets are a very rich target for cyber criminals.
When it comes to your company’s retirement plan assets, have you as the employer plan sponsor:
Threats that you may not perceive as real to your business, are very likely only clicks away from retirement assets. As the plan sponsor, the employer is a fiduciary and has the duty to act with prudence and diligence and to monitor service providers.
The failure to examine the security measures protecting plan assets, the failure to investigate the security measures of the custodian and third party administrator, the failure to adopt and apply reasonable security protocols and/or the failure to reasonably invest in appropriate hardware and software could all result in a breach of fiduciary duty and employer liability for plan assets fraudulently diverted to bad actors.
There is no foolproof procedure to safeguard retirement plan assets. However, a similar basket of security measures to those applied to your business should be implemented. These include:
If you are still not convinced that you should examine your retirement plan’s security measures, do an internet search for malware, phishing, spoofing, account takeover and then let’s ask again: what kind of an epiphany are you waiting for?