Latest Thinking

ERISA Fiduciary Liability and the Year 2000

By Jeffrey S. Klein, Nicholas J. Pappas and J. Joshua Scribner, Jr.

Many in the employment field have concluded that the horror predictions relating to the so called “Y2K bug” are too theoretical and attenuated to deserve closer scrutiny.  However, consider just the following two scenarios:

  • Pension benefits are directly deposited by a pension plan into the individual participant’s retirement account; however, the plan’s bank fails to process the wire transfer because it cannot recognize the date.  Or, consider that the plan’s bank accomplishes the transfer but the receiving bank rejects the transfer as a result of that bank’s computer system inaccurately reading January 1, 2000 as January 1, 1900.  
  • A plan participant was born on May 28, 1929.  Pursuant to government regulations, he must begin withdrawing money from his retirement plan by April 1, 2000 (the year after he reaches age 70 1/2).  As a result, he decides to receive his distribution monthly, starting in January, 2000.  However, because his retirement plan’s computer system is not Year 2000 ready, it reads April 1, 2000 as April 1, 1900,  and bypasses distribution to the participant.  Thus, the participant fails to receive his monthly checks.  He is also potentially liable for a tax penalty on the amount that should have been withdrawn.  The participant now makes a claim against his retirement plan for indemnification.

The potential effects the Y2K bug might have on employee benefit plans are very real and require immediate focus.

The Problem
Like most business operations, employee benefit plans rely heavily on computers to perform critical operations, such as benefit calculations and the processing of participant and/or beneficiary payments.  Given the nature of employee benefit plans, these calculations are extremely date sensitive.  As the examples above illustrate, certain benefit calculations are based on year of birth, service anniversary dates, retirement dates and disability dates.  If computers fail to recognize the year 2000 and read these dates as “1900”, the resulting impact on plan participants will be enormous.  Moreover, because the effects of computer malfunctions may not be immediately seen, plan participants may assert claims for restitution and reimbursement for potential tax penalties resulting from computer malfunctions years after the fact and in potentially staggering amounts.  

Year 2000 problems for employee benefit plans are further exacerbated by the fact that such plans not only rely on their own internal computer systems, but also on the systems of  outside service providers, including banks, insurance companies, actuarial firms and investment management companies.  Therefore, in order to assess the full potential ramifications of the problem to plan participants, plan administrators may need to review and assess the systems of outside providers.  

The task of preparing employee benefit plans for the new millennium is not easy. Immediate action is required to determine if system failures have been detected in vendor systems, and whether it is necessary for the plan administrator to consider switching to a new service provider that is Year 2000 compliant.  Given that such a switch may take several months, assessments need to be completed as soon as possible in order to protect participant investments.

Under the Employee Retirement Income Security Act of 1974 (“ERISA”),1# employee benefit plans are subject to a complex body of law governing both the structure and administration of employee benefit plans.  ERISA covers employee pension benefit plans and employee welfare benefit plans.

The Pension and Welfare Benefits Administration (“PWBA”) of the United States Department of Labor (“DOL”) is the agency charged with administering and enforcing the fiduciary obligations under ERISA.  Pursuant to its mandate, the PWBA has issued strong warnings to plan fiduciaries, designed to notify them that they should take steps now to ensure that employee benefit plans, participants and beneficiaries are not adversely affected by the Y2K bug.

ERISA Fiduciary Liability
Title I of ERISA governs the administration of benefit plans and imposes duties and obligations on those persons who may be deemed “fiduciaries” as defined in the statute.  The term fiduciary is broadly defined in ERISA to encompass any person or entity that (1) exercises any discretionary authority or control with respect to management of an employee benefit plan, or exercises any authority or control with respect to the management or disposition of its assets; (2) renders investment advice as to the plan’s assets for a fee or other direct or indirect compensation, or has any authority or responsibility to do so; or (3) has any discretionary authority or responsibility in the administration of the plan.#2

The definition generally includes plan trustees, plan administrators, members of plan investment or administrative committees, investment managers, and any person who selects or appoints such individuals.  The term is expansive enough to cover a potentially broad range of individuals and entities who may thereby become subject to ERISA’s fiduciary standards.  In determining if a person or entity is a fiduciary, courts apply a functional test.#3  This test requires courts to focus on whether any of the functions described in ERISA Section 3(21)(A) were performed.#4  Under ERISA, anyone, irrespective of title with regard to a plan, is subject to becoming a fiduciary if the requisite amount of discretionary authority is exercised.#5  Thereafter, if deemed a fiduciary, liability may extend to claims to reimburse the plan for losses resulting from such breach.#6

An employer may be considered a fiduciary if it performs, or is required to perform, any of the duties described in ERISA § 3(21)(A).  An employer is not a fiduciary solely by virtue of being the plan sponsor.  But, if an employer maintains authority over the management of plan assets or the administration of the plan, then the employer may be deemed a fiduciary.  However, courts have repeatedly recognized that employers may not be held as fiduciaries for the performance of “settlor” functions.#7  These functions include establishing, terminating or amending a plan.  Because determining fiduciary status is so fact-intensive, employers should consult with their legal advisors on this subject.

ERISA § 404 prescribes the general duties that are applicable to all fiduciaries.  Specifically, § 404(a)(1) of ERISA requires a fiduciary “to discharge his duties with respect to a plan”:

(i)  with the “care, skill, prudence and diligence under circumstances then prevailing that a prudent man acting  in a like capacity and familiar with such matters would use in the conduct of an enterprise of a like character and with like aims;”#8  and

(ii) in accordance with the documents and instruments governing the plan.

This section imposes an extremely high standard of care on fiduciaries. The Second Circuit Court of Appeals has described ERISA’s fiduciary duty as “the highest known to the law.”#9

ERISA employs a “prudence standard.”  This standard “imposes an unwavering duty on an ERISA trustee to make decisions with single-minded devotion to a plan’s participants and beneficiaries and, in so doing, to act as a prudent person would act in a similar situation.”#10  Moreover, while prudence with respect to plan investment matters is of high importance, prudence is also relevant in considering decisions relating to plan managementand administration.#11

In the circumstances of Year 2000 ERISA plan compliance, fiduciaries can expect the DOL and plan participants to argue that there exists an affirmative duty to take action to protect plans from the Y2K bug.  Moreover, given the fact the PWBA has indicated in its warnings that it intends to hold all fiduciaries to the prudent person standard in assessing whether appropriate steps have been or were taken to insulate plans from Year 2000 problems, fiduciaries would be wise to take prophylactic measures now to avoid such claims before they are asserted.  

PWBA’s Warnings
The PWBA’s February 9, 1998 national warning stated that plan fiduciaries are absolutely responsible for ensuring that plans and their participants and beneficiaries are protected from Y2K problems.  Such protection, according to the PWBA, includes the establishment  and implementation of a prudent procedure for ensuring that plan computers are ready for January 1, 2000.  In addition, such a prudent procedure also requires making sure that the computer systems of the plan’s service providers are also Year 2000 compliant.

Following the release of the PWBA’s national press release in February, 1998, the PWBA was flooded with inquiries from the benefits community relating to potential fiduciary liability for a particular plan’s failures as a result of the Y2K problem.  In an attempt to assist plan administrators, the PWBA issued a second national alert, and guidance, in the form of questions and answers, on July 23, 1998.  In this alert, the PWBA reaffirmed the need for employee benefit plan administrators and service providers to act to protect workers’ benefits against the looming Year 2000 problem.

1. Prudent Procedures Required
In this alert, the PWBA again affirmed that prudent procedures must be put into place.  However, the PWBA did not specifically define what constitutes prudent procedures for ensuring Year 2000 compliance.  Nevertheless, the PWBA did state that, at a minimum, given the potential for a significant impact on plan investments, benefit payments and other essential plan operations, fiduciaries are responsible for establishing some type of strategy to evaluate and ensure compliance.  To this end, the PWBA recognized the extremely technical nature of this task and advised plan administrators and other fiduciaries to seek the guidance of outside consultants and experts to inventory, review, assess, convert and test the computer systems of the plan and the systems of its service providers.  Moreover, in determining the scope of  prudent procedure, and if the fiduciary duty requirements of ERISA have been met, the PWBA also stated that the selection of the service providers chosen to review Y2K compliance would also be

subject to the same fiduciary consideration as the selection of other plan service providers.

2. Duty To Investigate And Monitor Outside Service Providers
In determining whether the computer systems of the plan’s outside service providers are compliant, the PWBA warned that plan fiduciaries have a responsibility to obtain information sufficient to evaluate each such service provider’s Year 2000 compliance programs.  In addition, the PWBA stated that fiduciaries have a duty to monitor and follow that compliance to ensure that the plan’s ultimate investments are protected.  In addressing the extent of fiduciary liability for a Year 2000 problem caused by a plan’s unrelated service provider, the PWBA emphasized that plan fiduciaries are responsible for obtaining such compliance information in a timely fashion and determining what action is appropriate to ensure that the interests of the plan and its participants are protected.

3. Contingency Plan Required  
The PWBA did recognize that, given the pervasive nature of the problem, some disruption of computer systems should be expected.  However, in recognition of this fact, the PWBA suggests that fiduciaries establish a contingency plan to protect the plan and its participants in the event the plan’s critical operations are affected by Y2K malfunctions.

4. Plan May Reimburse Direct Costs Associated With Y2K Compliance
The task of ensuring compliance is expensive.  To this end, the PWBA has also stated that certain expenses relating to the costs of bringing a plan into compliance are proper expenses that can be charged to the plan.  ERISA provides that reasonable expenses relating to the administration and operation of a plan may be charged to the plan.12#  However, the plan document must provide for the payment of these expenses.  Thereafter, assuming the plan document provides for the reimbursement of such expenses, the cost must be a reasonable administrative expense relating directly to the plan.  Plan administrators should review their plan documents and consult with legal counsel regarding the propriety of paying such expenses from the assets of the plan.

5. Participant Disclosure Is Suggested
In keeping with the principle that plan participants and beneficiaries should be informed about their investments and assets, the PWBA strongly encourages plan administrators to disclose the extent to which their plans are ready for the Year 2000.  The PWBA advises that administrators inform participants as to the steps being taken to ensure that Y2K problems do not disrupt the operation of the plan or the participants’ access to their individual accounts.  Additionally, administrators are strongly encouraged to inform their participants and beneficiaries about:

•        The plan’s current level of readiness.
•        The strategy for bringing the plan’s systems into Y2K compliance.
•        A timetable of when critical systems will become compliant.
•        The level of compliance of service provider companies.
•        Possible effects on individual accounts should the plan become impaired in any way due to the Y2K problem.
•        Any contingency or back-up plans that have been devised in the event the plan is not Y2K compliant in time.

6. No Reliance On Plan Auditors  
In its July 23, 1998 press release, the PWBA also disclosed the role of the plan auditors and the extent to which their current engagements require them to detect potential record-keeping problems with respect to the Year 2000 problem.  However, while agreeing that it is the plan administrators’ responsibility to assess and remedy problems associated with the Y2K situation, the PWBA did note that administrators should have language in their engagement letters with auditors which clarifies the auditor’s responsibilities with respect to the Year 2000 problem.  Further, the PWBA indicated that administrators cannot rely on the plan’s auditors to list current system failures as reportable conditions, unless spelled out in the engagement letter, because under Generally Accepted Auditing Standards (“GAAS”), they are not obligated to forecast future system failures.  To this end, the auditor’s responsibility is limited to performing an audit to ensure that the plan’s financial statements are free of material misstatements.

7. Y2K Compliance Will Be The Subject Of Enforcement Actions.
Since the issuance of the DOL’s July 23, 1998 press release, the Department’s investigators have begun addressing the Year 2000 problem in the course of all new and ongoing investigations.  In keeping with the PWBA’s clear mandate to protect plan participants from significant disruptions caused by system failures, in December 1998, the PWBA released the guidance and had it issued to field offices.  This guidance provides useful insight into what investigators will be looking for in future investigations, as well as guidance for administrators dealing with the issue of Year 2000 compliance from a more practical level.

Field investigators are now required to conduct Y2K reviews in all new and ongoing investigations.  To assist the investigators in the initialstages of their Y2K investigations, a sample list of fiduciary questions was provided to them.  In addition, field offices have been advised to issue a Y2K warning in cases where a determination is made that a plan fiduciary has failed to take appropriate measures to protect plan investments.  The warning will place fiduciaries on notice that corrective action must be taken.  However, the PWBA cautions that, even if a warning is not issued, fiduciaries remain ultimately responsible for ensuring a plan’s Y2K readiness.  If a fiduciary fails to act prudently, appropriate enforcement action may be pursued by the PWBA.  Moreover, in cases where no enforcement action is pursued, fiduciaries nonetheless will be subject to litigation and/or ERISA liability for their failures if plan investments or participant and beneficiary interests are adversely affected by the Year 2000 problem.  

Pointers For Fiduciaries
The Y2K problem has the potential to cause significant problems for ERISA plan fiduciaries.  While no particular course of action can guarantee protection for such fiduciaries, simple information gathering and contingency planning can demonstrate a plan fiduciary’s good-faith efforts to prepare for potential problems.  Now is the time to act.  Fiduciaries may wish to consider doing some or all of the following:

1.        Review the information systems used to administer and manage benefit plans and other human resources functions to determine which, if any, have potential Y2K problems.

2.        Assess whether the organization can address its internal Y2K problems with existing personnel or whether it must outsource to address potential problems.

3.        Hire technical experts to audit plan systems and correct potential problems.

4.        Review the work performed by outside providers in maintaining or processing any employee benefit plan.

5.        Question outside service providers as to their Y2K compliance and procedures and require them to provide a written statement outlining their Y2K readiness.  Consider the possibility of obtaining indemnification from service providers.

6.        Consider whether the plan needs to switch contracts to other service providers.  However, be mindful that switching providers may take several months.

7.        Consider the viability of fiduciary and/or Directors’ and Officers’ Liability Insurance.  If insurance is already in place, determine whether it covers the Y2K issue.

8.        Determine whether compliance costs can be reimbursed by the plan.

9.        Establish contingency plans.

10.        Notify participants and beneficiaries of Y2K readiness.

The sound of popping champagne corks signaling the start of the next one thousand years is just months away.  Taking steps to minimize Y2K problems now can make the day after the new year stress-free, and the years following, litigation-free.  

#1.   29 U.S.C. § 1001 et seq.
#2.   ERISA § 3(21)(A), 29 U.S.C. § 1002(21)(a).
#3.   Blatt v. Marshall & Lassman, 812 F. 2d 810 (2d Cir. 1987).
#4.   Id.
#5.   Id.
#6.   ERISA § 409(a), 29 U.S.C. § 1109(a).
#7.   Lockheed Corp. v. Spink, 517 U.S. 882 (1996); Curtiss-Wright Corp. v. Schoonejongen, 514 U.S. 73 (1995); Siskind v. Sperry Retirement Program, 47 F. 3d 498 (2d Cir. 1995).

#8.   ERISA § 404(a)(1), 29 U.S.C. § 1104(a)(1).
#9.   Donovan v. Bierwirth, 680 F. 2d 263, 272 n8 (2d Cir. 1982).
#10. Morse v. Stanley, 732 F. 2d 1139, 1145 (2d Cir. 1984).
#11. Brock v. Henershatt, 840 F. 2d 339 (6th Cir. 1988).
#12. ERISA §§ 403(c)(1) and 404(a)(1)(A), 29 U.S.C. § 1103(c)(1) and 29 U.S.C. § 1104(a)(1)(A).