A few years back, I was representing a plan sponsor under a Department of Labor (DOL) audit for very frequent late deferral deposits. They were asking questions regarding an investment policy statement as well as the selection of the fiduciary advisor and these were questions that they never asked before. Thankfully, I was prepared.
With a focus on cybersecurity, it can come as no shock that DOL auditors have been asking about it. The DOL auditors on audit, have been asking plan fiduciaries to produce “all cybersecurity and information security program policies, procedures and guidelines that relate to the plan, whether applied by the plan sponsor or by a vendor, as well as detailed documentation evidencing specific actions taken by the plan’s fiduciaries and vendors.”
What does that mean? It means you need to know the answers and ask your plan providers about cybersecurity.