Washington, D.C., June 17, 2024 – The ERISA Industry Committee (ERIC) today pressed the Employee Benefits Security Administration (EBSA) at the Department of Labor (DOL) to redraft its proposed guidance implementing the Retirement Savings Lost and Found created by the SECURE 2.0 Act. ERIC called on the agency to reissue a request that adheres to the statutory requirements outlined in SECURE 2.0, safeguards worker data, and avoids needless costs.
As prescribed in SECURE 2.0, Congress intended the Lost and Found database to help retirement plan participants locate a plan administrator so they can claim their retirement benefits. The law outlines the necessary information DOL is authorized to request from plan administrators. However, the DOL’s proposal asks for plans to provide excessive amounts of additional information outside the scope of SECURE 2.0, unrelated to the purpose of the database. Furthermore, the proposal raises significant privacy concerns and questions about efforts to coordinate with the Internal Revenue Service (IRS) to access existing information needed to build the database.
“While creating tools to reunite participants with their retirement benefits is a key priority for ERIC and our member companies, the DOL’s Lost and Found proposal needs to be significantly restructured to create a secure, focused, and useful tool for participants that adheres with the law,” said Andy Banducci, Senior Vice President of Retirement and Compensation Policy at ERIC. “Unfortunately, the proposal overreaches by asking for too much information and failing to detail the cybersecurity measures needed to protect the data and privacy of plan participants. ERIC looks forward to working with the agency to make these needed improvements.”
ERIC highlighted several areas of concern identified in the proposal. Those include:
- The proposal requests far more information from plan administrators than necessary and exceeds the authority permitted under the statute.
- The proposal lacks details about how the DOL will safeguard worker and retiree data and does not include a process for notifying plan administrators and plan participants in the case of a data breach.
- The proposal does not coordinate with the IRS to integrate existing data into the building of the database.
- Despite the “voluntary” nature of the request, the proposal threatens potential enforcement actions against plan administrators who do not fully participate.
ERIC member companies sponsor retirement plans, including defined benefit and defined contribution plans, governed by the Employee Retirement Income Security Act of 1974, as amended (ERISA).
Click here to read ERIC’s comments.