It’s hard to imagine that a commanding general would try to guide an army without a battle plan. It’s equally unimaginable that a quarterback of a football team would not communicate with teammates on the field. It’s just as difficult to imagine that an enterprise would lack a proper compliance framework for its retirement plan operations.
Any organization that sponsors a retirement plan needs a compliance system for governing the plan that integrates with its overall business risk strategy.
Below are five tips that are fundamental to an integrated compliance solution:
- Test your current situation.
It’s vital that you understand how your organization’s fiduciary risk approach matches up with legal principles and industry best practices. An assessment would not only give you a better understanding of what you should be getting from your governance, risk management, and compliance (“GRC”) system but it would also identify any weaknesses that may have escaped earlier detection. Investment risk is an emerging sensitivity especially among higher education institutions and nonprofits. (Now’s a good time for a second opinion.)
- Install a controls framework that’s customized for ERISA.
Just as human resource activities, which are regulated by HIPAA, and workplace safety rules that are under the jurisdiction of OSHA demand specialized governance attention, retirement plans regulated under ERISA face unique risk management objectives, too. If the assessment shows that your fiduciary governance system lacks specialization, FiduciaryGRC™ is an ideal solution.
- Reduce your organization’s exposure by delegating its riskiest functions to a third party professional.
Assign your organization’s duty as the ERISA Section 3(16) plan administrator to a firm that specializes in that role. Any provider that claims qualification as a 3(16) plan administrator that you might consider should not offer any other services that ERISA plans require such as recordkeeping, TPA, and investment advice. The U.S. Supreme Court has warned plan sponsors about the danger of using “multiple hat” vendors.
- Make fiduciary training mandatory.
Ever wonder what retirement plan fiduciaries are required to know? All individuals who serve as in-house fiduciaries should be required to participate in training on an annual basis. Insurance companies are basing their fiduciary insurance coverage and pricing decisions on an ERISA plan sponsor’s training policy.
- Enforce governance from within the organization.
Fiduciary risk management is not satisfied with a “set it and forget it” mindset. Ongoing accountability among the stakeholders should be a basic feature of the fiduciary risk management system.
