Insurance for Retirement Plan Fiduciaries: Liabilities, Limits & Lawsuits
NEW: Bonus Question
Question: Who should pay the cost of fiduciary liability insurance, the employer or the plan? Does it matter?
Reid Eanes: The short answer is the 401(k) Plan (or other workplace retirement plan) can’t pay the premium, the Sponsor needs to. ERISA forbids Plans from paying premium directly unless the policy includes “recourse” which a standard Fiduciary Liability policy does not.
If you enter the multi-employer plan space which is often associated with union plans, sometimes the Plan itself will pay rather than the Sponsor, since there isn’t a single Sponsor. When that happens, you must secure what’s called a “waiver of recourse” endorsement that waives subrogation rights of the Insurer, with specific additional premium paid personally by the individual Plan Fiduciaries in order to comply with ERISA an allow Insured Person coverage.
Senior Vice President, Lockton Insurnace Brokers
Reid is a Senior Vice President and Practice Leader for the Pacific South region of Lockton Financial Services, the National D&O and Governance Risk Management Group. Reid has responsibility for the Los Angeles, Irvine, and San Diego LFS teams.
Lockton is the world’s largest privately-held risk and insurance management services firm with almost 7,500 employees providing services to over 50,000 clients in 100 countries.
Reid is responsible for operations and client servicing for Executive Liability coverages. He provides full contract analysis, coverage negotiation, claims advocacy, and alternative program design. Reid is well versed in the financial and analytical review of companies, from a risk management perspective.
Reid is a regular pubic speaker on the topic of Executive Risk insurance and Governance Risk Management.
Reid works with a diverse set of clients, especially those with more complex risk needs. His expertise includes public and private companies, financial institutions, and healthcare risks
Recap, Highlights, and Thoughts
Depending on who you ask, fiduciary liability insurance might not be on the top of their list as the most exciting topic, but it is important. For my guest today, Reid Eanes, a Senior Vice President with Lockton Insurance Brokers, helping insure fiduciary is from workplace retirement plans is a key part of his day job. We start with a few basics on how fiduciary liability insurance works and differs from other types of insurance programs a company might have, we then delve into what types of “issues” can be covered, thoughts on how to determine the amount of fiduciary liability insurance and what types of plans are harder or more expensive to insure. Finally, with all the talk of cyber liability we hit on what employers can do to insure potential risk there. Oh, and don’t miss the part where we talk about what to do if you think you want or need to make a claim on your fiduciary liability insurance policy, some definite do’s and don’ts.
Before we get started, if you have been enjoying the podcast if you could either go to your favorite podcast app and either like or leave a comment. Based on the way their technology works, that goes a long way in helping other people find the podcast. As our audience grows, it helps me continue to attract great guests and bring you their unique perspectives on workplace retirement plans.
Thanks for listening!
Sincerely Your Host,
NEW: Episode Transcript
Rick Unser: Thanks for joining me. I'm looking forward to chatting with you today about fiduciary liability insurance and all of the intricate ins and outs there. So, looking forward to what you have to say.
Reid Eanes: Thanks, appreciate you having me on.
Rick Unser: All right, one thing I've heard from multiple guests, is it's really important for an employer, a plan sponsor, to have a quote, unquote, and these are the words they used, 'well-crafted fiduciary liability insurance policy'. So, that gets me thinking a little-bit, I think most people will have maybe gotten to the point where they're like, 'yes, we need one', but what's the difference between just buying the first policy that you see versus a well-crafted fiduciary liability insurance policy?'.
Reid Eanes: Yeah, that's a great question, and I'll try to answer from a high-level perspective without getting too far into the weeds. We don't recommend off-the-shelf insurance for, really, any end-client. It's a matter of making sure that the broker who's negotiated the coverage knows about ERISA, knows about the real world claims and knows how to tweak the policy language to maximize the coverage for the insurer. There's a few specific areas that we've seen some fairly major case law around, things like settlor capacities for amending or terminating a plan, that may be considered outside of the specific fiduciary capacities that are assigned in ERISA.
Reid Eanes: There's a few sub-limits within the policy for things like voluntary compliance or certain civil monetary penalties that if you don't know how to negotiate them, the carriers will try to give you the lowest coverage possible and sometimes it's as simple as knowing what to ask for and you can improve those certain facets of the policy that we see come into play in the real word more often than not. So, just making sure that you're dealing with a broker who knows this space and has some experience with real world claims, we think is critical in making sure that you have the breath of coverage necessary.
Rick Unser: And that probably is one of the bigger questions that we get, is how much coverage, or what, again I think using a technical term, what amount of limit do I need on fiduciary liability insurance policy? Is that something there's a rule of thumb of 'hey, you have a ten million dollar retirement plan or ten million dollars of assets in your retirement plan so that equates to x in limit', or is it just not that easy to say or create those types of rules of thumb?
Reid Eanes: Yeah, it's a little-bit of both. We encourage our clients to look both through quantitative, as well as, a qualitative lens. On the quantitative side, there are benchmarking tools that are exactly what you just mentioned. Things like based on plan assets, based on number of plan participants, based on the type of plan, whether it be defined benefit or defined contribution, showing you what like-sized plans are purchasing from a fiduciary liability standpoint. But because these policies also protect the personal assets of the individual plan fiduciaries and members of the fiduciary board some subjective risk tolerance also comes into play, and some cases even how have high net worth those individuals who are sitting on that fiduciary board are. Since they do have personal liability, in addition to the corporate liability so when the quantitative side, based on plan assets but also really understanding the individuals and how many people sit on that board and what their personal risk tolerance is, is an important factor to consider, and we definitely have clients that buy high limits that are on the conservative side based just on their plan assets, and we have large plan clients that buy not very much limit because they feel like they run a very tight ship.
Reid Eanes: So, a bit subjective, you know, the other thing I'd note, with any benchmarking tool, it is like trying to make a decision looking through the rear view mirror. It doesn't really capture up to date, real world trends, increases in litigation that we're seeing out there around specific topics, and those should be considered as well. Some fiduciary plan board feels like they have exposure to a certain segment that we're seeing increase litigation in and perhaps that's a reason to increase the limit that wouldn't necessarily be captured solely through a quantitative benchmarking tool.
Rick Unser: And you bring up a really good point there and, I think, as we do fiduciary training or, kind of, help employers understand their fiduciary duties and responsibilities, that there's that inevitable conversation about the liability that comes with being a fiduciary to a workplace retirement plan and usually where you see people starting to squirm or shift a little uncomfortably in their seats is when you start talking about how there is personal liability, your personal assets are at risk for being a fiduciary to a retirement plan. So, how does that work? How does fiduciary liability insurance, as you said, kind of protect or provide some level of protection for personal assets that someone might have, if they were found to be in breach of their fiduciary duty to their company retirement claim?
Reid Eanes: Yeah, so absolutely, there's kind of two sides to that equation. You know ERISA, as a law, absolutely applies personal liability to the individuals making the decision so, it's not all on the shoulders of the company. The companies will generally provide indemnification to their individuals that sit on the board. So that means the company is essentially saying 'we've got your back' in the event that something goes wrong, in the event that someone alleges that you are negligent or breached your fiduciary duties, the company will defend you. Where that can present problems though is if that company indemnification is in question or somehow impaired. So, in the event of an insolvency, for example, even though the company would be agreeing to indemnify; if the money's not there, it's not there.
Reid Eanes: That's where fiduciary liability insurance becomes very, very critical because the policy does cover the plan, as well as the plan's sponsor, but also covers the individual fiduciaries on a personal basis and generally that's at a first dollar basis meaning that the individual wouldn't need to come out of pocket to fund any type of deductible. For certain types of plans, and this is especially prevalent in the multi-employer world, you want to get, as the policy would call, a waiver of recourse and that's a way to, in a compliant way, make sure that those individual plans fiduciaries have the highest degree of coverage available from the insurance policy and making sure that any issues between the company sponsor and the plan fiduciary, from an indemnification standpoint, don't get in the way of the policy's funding defense for that individual.
Rick Unser: And do individuals actually need to be named in a fiduciary liability insurance policy?
Reid Eanes: Generally not. There's always the nuance depending on individual capacity, but most fiduciary liability policies cover all past, present, and future plann fiduciaries on a blanket basis without the need to have that administrative burden of changing peoples names. The underwriter might ask for an updated list of those planned fiduciaries that were null and in some cases, the coverage can expend to outside service providers as well in certain capacities. But yeah, they're covered on a blanket basis to make it easy for both the carrier, and the insured.
Rick Unser: And what I think about other types of insurance that companies or individuals carry, whether it be at the company level, E&O, D&O, employee practice liability insurance or if I flip over to the personal side 'Hey, I've got a personal umbrella policy' or something else like that. Do any of those types of policies come into play if there was an ERISA fiduciary liability issue that we needed a policy to respond to?
Reid Eanes: Generally speaking, no. Because ERISA is a very specific law in the duties that it applies to plan fiduciaries most of those policies that you mentioned, although there are some parallels, and some intuitively we think of as D&O also responds to breaches in fiduciary duty but not specific ERISA fiduciary duties. And that's the key because those policies will generally have a broad ERISA exclusions, and so they're covering everything except ERISA, whereas the fiduciary liability policies specifically designed to cover those ERISA liabilities. And so they're complementary coverages. We definitely recommend that our clients maintain both directors and officers liability and fiduciary liability.
Reid Eanes: Certainly in really nasty claims situations, like a total meltdown of the company, both policies will come into play. But really if you're focused on the ERISA side of things, and those specific fiduciary responsibilities, it is the fiduciary liability or penchant trust liability policy that they would respond.
Rick Unser: And is there, I guess, such a thing as a individual fiduciary policy that somebody could buy or is there a way someones individual liability insurance, and I read again, I might not be using the right words here, but like an umbrella policy that an individual might have to protect themselves financially from various circumstances? Does that have any bearing or is that again something that would either have specific exclusions or just would not respond if there was an issue on the fiduciary side caused by an ERISA plan?
Reid Eanes: Yeah, typically not. There are certain home owners policies that will have like a directors and officers type extension in them, but that's generally limited to non profit capacities. But the intent of those writers is to cover, charitable boards or foundation capacities that you might serve in. But if you're serving on a planned committee, especially for a company that you work for, that's gonna be outside of the scope of those personal or HOA liability writers, and really the fiduciary liability policy that's generally purchased by the company will be your sole source of defense and recourse, outside of that company indemnification, which is something that all plan fiduciaries should be cognoscente of, is understanding the scope of the company's indemnification and understanding the format of that indemnification, whether it's the plan charter, or bylaw based, or contractually based.
Rick Unser: And let's drill into that, because I feel like the approach to indemnification varies dramatically by company. I feel like we mention it at some employers, and it's like 'oh, yeah, we got that, and all good', and then you mention it in others, and it's 'what's that, how does that work?'. So, maybe just fly me over the trees and whether it's big picture indemnification and then maybe how that relates to ERISA or fiducial liability; but just give me your sense of what that looks like, how it works, and maybe, what people should know about as it pertains to serving on a retirement plan committee.
Reid Eanes: Sure. So, absolutely most retirement plan committees do have corporate indemnification and again, the company telling those individual members 'as long as you're acting in good faith, as long as you're acting within the powers that have been ascribed to you, that we will indemnify you in the event of a claim'. Sometimes that indemnification can come into question though and that's where the actual mechanism of the indemnities really matter. The legal ease, so to speak, whether its within that planned charter or that committee charter, whether it's within corporate bylaws or, what we recommend to our clients, which is individual contractual indemnity agreements. An individual contract between a person and the company that much more specifically spells out the scope of that indemnity and it generally will make it more difficult for the company to deny that indemnity. So although it's fine to really on that indemnification on a blanket basis within a charter or bylaw, we do recommend taking that one step further and seeking out an individual contractual indemnity agreement, which will make that planned fiduciary much more comfortable about the obligations of the company to them.
Rick Unser: And give me a sense for this because, I think, you've been party to a lot more of these conversations. If, I don't know, a new committee member, let's call it the controller for the organization is asked to serve in a fiduciary capacity on the retirement plan committee and they go ask “the company”, you know, that's in air quotes, I mean, I'm not sure, maybe it's the owner, maybe it's the CEO, maybe it's a CFO, maybe it's the legal department... if they say 'Hey, I'm all in. I'm happy to be a fiduciary, but I'd like an individual indemnity contract between myself and the company to protect me from acts of good faith that I'm making in relation to this, my duties on this committee'. Is that something worthy of like 'Oh yeah, no we got it, right here; just we're gonna pull it off the shelf and just go ahead and we'll sign it', or is that a much bigger conversation that their gonna have to get into with their employer?
Reid Eanes: I'd say, to some extent, it does depend on the sophistication of the organization. Many organizations who understands the benefits to those individual contractual indemnity agreements would have them ready to go. It's something directors and officers of many organizations would require before agreeing to take any type of director or officer or planned fiduciary role that carries individual personal liability with it. So for organizations like that, I think it is essentially a default. For less sophisticated organizations, you know, middle market, private companies, it can be a bit more of a conversation because there's an educational aspect.
Reid Eanes: Ultimately, with an individual contractual indemnity agreement, you are increasing the liability of the company to the person but generally both company and individuals interests are aligned and really spelling out the scope of that indemnity and removing ambiguity. And that's really the intent of these contracts is to take ambiguity that can exist in general high level indemnity statements and really hammer out the specifics, and I think once you get over that initial education hurdle both parties will see the benefits to removing ambiguity on the front end so that the organization and the individual don't end up in some sort of dispute on the back end.
Rick Unser: Really good point and I think that, I don't know, when you use words like indemnification, I think some people have different reactions to that. So, I was just curious in terms to what your input would be if someone was to kind of walk down the hall, so to speak, and seek one of these out. Are they going to, you know, do you have three heads or is it usual and customary.
Reid Eanes: Right, right. It's something that an experienced broker can help with. Understanding that there's some political dynamics that between the individual and the company and those types of conversations. Sometimes it helps to have someone, like myself or a member of my team on the line, who can educate a bit about why we're recommending this, what we've seen play out in the real world and why this approach really benefits both parties and that's a service that we provide to our clients regularly.
Rick Unser: Awesome, you mentioned a minute ago public, private, as we get thinking about fiduciary responsibility, fiduciary liability, is there any increased exposure or any difference in the way that either you're seeing the insurance markets look at fiduciary liability insurance or just what you're seeing in your experience in getting policies placed or the quotes, et cetera, between a public company seeking fiduciary liability insurance and a private company going through the same process.
Reid Eanes: I'd say there's some slight differences there but on the fiduciary liability side not as many differences as what we see on the directors and officers liability side where there's a whole-lot of difference. I mean really an apples and oranges situation. On the fiduciary liability side, it more has to do with the types of plans that we're talking about whether you're talking about a 401-K, Defined Contribution Plan, or a penchant, or a defined benefit plan; whether you're talking about a multi employer or Taft-Hartley type plan. Those are gonna drive more of a difference on the fiduciary side versus the public or private.
Reid Eanes: That said, being a public company a lot of times, the plans going to include company securities and that does change the risk a little-bit because if the asset value of that plan is highly tied to the performance of the public stock, the performance of the company, then any issues with company performance will have a direct impact on the plan and certain plan participants might call into question the decision to load companies securities into that plan.
Reid Eanes: So, there's some things that come up in the public company side that I'd say would be increasing the risk versus a standard private company where the plan is unlikely to include company securities and there's also some changes on the requirements for ERISA fidelity bond and/or crime insurance. If that plan does include company securities, you have to purchase the, a larger bond than otherwise, so a little-bit of nuance in the public company space but I'd focus more on the type of plan, and plan mix and number of plan participants versus just the strict public versus private company.
Rick Unser: And since you brought it up, that is one of the confusion points out in the market. I'm going to give you a two part-er here. What is that difference between fiduciary liability insurance and an ERISA bond and then the second part of that is, I think you made a really good point, focus more on the types of plans and this is a 401-K podcast but certainly as we think about other workplace retirement plans, penchant or Taft-Hartley, or some of the others that you mentioned, why does that increase the complexity outside of what you just said about the having company securities as part of the plan assets?
Reid Eanes: Sure, so on the first question, you're absolutely correct. That's a confusion that we run into very, very regularly out in the marketplace. It's the difference fiduciary liability and an ERISA bond. So, to be clear, fiduciary liability is not required by law. It's a voluntary coverage that most companies with a 401-K or penchant plan do decide to purchase, but its not required. It's to protect the liability side but generally speaking the plan participants, or a regulator like the department of labor come in and actually bringing some sort of civil action against the plan, against the plan committee. That's where fiduciary liability steps in.
Reid Eanes: An ERISA bond, or an ERISA fidelity bond, which is often included within commercial crime insurance is required by law. Every single ERISA plan must carry this or you are out of compliance. It's likely something that your plan auditors ask about every year and would pick up on because it is a strict compliance issue. And what that does is, reimburses the plan for theft and embezzlement. And the reason that's required by statute is to protect the plan participants if someone on that fiduciary committee were to steal and so that bond comes in and, at least in theory, would make the plan whole for some sort of embezzlement situation. And that must be maintained but it is a totally separate and distinct type of insurance, although the names are similar. It definitely gets confusing for a lot of folks.
Rick Unser: It's funny, as I think about it and you talk to committees and you talk to companies and usually those are employers that have, let's call it, some more sophisticated processes so to speak. So the idea of stealing money from 'Hey, our plans with Fidelity and I'm going to steal money out of our Fidelity Plan for my personal or company benefit or my plans with another reputable provider'. I think that's a very tough thing, maybe, for some people to get their heads around, but do you have any examples or instances of how a company might steal money from a 401-K plan?
Rick Unser: Could, cause I feel like I bring that up every now-and-then someones like 'oh, well, how would that happen in the real world?'.
Reid Eanes: Sure, and, first of all, let me say, I think that you're right. It happens very rarely in the real world, and though it's something that the government is concerned enough about to make it a compliance issue and to statutorily require these bonds, we don't see it very often. The few instances where we've seen something were generally be someone who is in control of the plan and somehow able to create a fictitious plan participant. So having the plan payout what appears to be legitimate retirement benefits but to someone who doesn't exist or to a social security number that someone bought from a dark website or somewhere on the internet, and if they're able to control the paper work to an extent, that they would actually have that fictitious plan participant receiving funds from the plan itself.
Reid Eanes: Other than that, most plans that we see do have a lot of checks and balances in place. This is really part of the reason that the fiduciary committee exists and part of the reason why we recommend very reputable investment advisors, plan administrators, and all of those third party vendors, including plan auditors who touch the plan. With the right mix of vendors and the right mix of people on the board, the likely hood of a theft or embezzlement is pretty small and, I'd say, we see maybe one or two every decade or so. It's a very low frequency event in the real world. But regardless, if the government is concerned, then we must comply.
Rick Unser: And let me throw this scenario out there. You got a company, hey, maybe they got a couple hundred employees, they hit hard times, they're having problems making ends meet and their employees are deferring a hundred thousand dollars a month into their retirement plan and obviously that money has to get from payroll to the 401-K. If an employer says, 'Hey, well let's let us hold on to that money for a little while to pay some bills and get through this rough time', obviously that's a bad thing and the department of labor. Those are late contributions, there's all sorts of regulations around that. But if that money never made it to the plan, would that be considered theft and is that something that might be covered under an ERISA bond?
Reid Eanes: Yeah, that would have to be a maybe. To me, the scenario described probably sounds more like a liability situation, a breech of fiduciary duty situation versus a theft. When the carrier is looking at whether something is a theft or not, they're gonna wanna see who the ultimate beneficiary of those funds were and so if it was the company holding back funds, to me, company expenses are liabilities, I think that it's unlikely that they would consider that a theft versus a scenario where an individual is diverting funds into like a personal bank account and using that money for personal expenses that have nothing to do with the company and nothing to do with the plan. I think that the former scenario is more likely to fall into the liability bucket and the latter scenario is likely to trigger that ERISA bond and be considered a criminal theft. Yeah, the criminality of the theft, does come into play in the carrier's analysis of it.
Rick Unser: Huh, oh, interesting points. All right, so, sorry I diverged you there a little bit. Back to, maybe, how some of those, let's call them, non 401-K plans, how they maybe add complexity or how they might be a little more important factor than whether you're a public or private company as it relates to obtaining or placing fiduciary liability insurance?
Reid Eanes: Yeah, so, that's a really good question and although the 401-K's are definitely the norm these days, and the majority of our clients do maintain defined contribution plans and that's what we deal with mostly. The few outliers that I'd like to touch on would be penchants and ESOPs; both of which really greatly increase your fiduciary liability and so the decision filter for a 401-K looks a lot different then for a penchant or for an ESOP; penchants in particular, because it is that defined benefit where you must pay out a guaranteed amount on the back end regardless of what the actual assets in the penchant look like.
Reid Eanes: The investment management side of it, the company contraption side of it, and making sure you're meeting that minimum funding level, which is generally set at eighty percent. It's really, really important and as penchants fall below that level, the likely hood of litigation from those plan participants who ultimately may not receive the retirement benefits that they were guaranteed goes way up and when we do see those types of penchant litigations they tend to be expensive types of claims, as well; expensive to defend and expensive to ultimately make right if they're to find enough damages.
Reid Eanes: The other category of plan that definitely needs special consideration would be ESOP's. As you take a private company and convert it to an ESOP, or employee stock ownership plan, you're essentially taking all of your employees and turning them, not just from plan participants, but also into share holders of the organization and they can bring action as share holders of the organization and so it really blends the fiduciary liability, the ERISA liabilities, with the directors and officers liability of running the company. When it's an ESOP and the shares of the company themselves are held in a retirement plan and those shares are either voted by a trustee or, in some cases, voted by the employees themselves it takes the walls that I was speaking of between the company liabilities and the ERISA liabilities and really breaks that wall down and so what with see there is a blending of the D&O and fiduciary worlds and it does take a special type of coverage and a broker who is very knowledgeable about how to negotiate those policies because with ESOPs in particular, there's a lot of pitfalls out there and if you don't have the policies structured the right way, you might find that in the event of a claim it doesn't work exactly how you thought it was going to.
Rick Unser: Let me have you come back to the penchant thing for a second because one thing, I get this question every now-and-then, it's like, okay I get it, in the 401-K world we pick a bad fund, we don't done an RFP, we, you know, have the wrong share classes whatever it is, we stand the risk of being sued and for our actions as a planned fiduciary. But if you think about some of those, quote-un-quote 'fiduciary issues', and you translate that to the penchant world, really all you're doing is you're putting more financial pressure on the company to keep that funding status eighty percent or higher, as you were saying.
Reid Eanes: Yep, that's exactly right.
Rick Unser: When you think about fiduciary liability insurance in the penchant world, is it really just, and I hate to use this word and so please correct me, please rephrase or say better if you could, is it really just lawyer insurance or is there a broader purpose to fiduciary liability insurance for people that have active or frozen penchant or defined benefit plans?
Reid Eanes: So, yeah, I think, it's a little-bit of both. I mean you're absolutely correct that in many ways a penchant, a fiduciary liability policy is gonna be driven by company performance in a way that a 401-K fiduciary liability policy isn't because the company's ability to actually meet those obligations and the company's ability to take free cash flow and put it into that penchant's plan very much comes into play on the liability side, and in some cases, companies that do have the free cash flow, where they could put it into their penchant and for whatever reason chose not to, that can also come into play in penchant litigation. But I would also say that, all of those things that you talked about on the 401-K side as far as choosing and investment advisor, choosing the right fund mix and investment mix and making all those decisions, the stakes are higher in a penchant because certainly every planned fiduciary wants their plan to perform well, wants the investments from that plan to perform well.
Reid Eanes: But in the context of a 401-K, that performance is ultimately more on the individual than on the company. You're making sure you have the right mix but 401-K participants are embowered generally to chose their own investments, have some say over it and ultimately the company is making no promises of performance, no promises of what will be left over at the time of retirement. The only promises from the company are on the actual defined contribution, what goes in on the front end.
Reid Eanes: Versus a penchant, which is a defined benefit plan, where the company has made a specific representation to that plan participant about what will be paid out in retirement and so all of those investment decisions which ultimately either lead to an underfunded penchant or a fully funded penchant increase the liability for penchant plan fiduciary versus the 401-K and I think a lot of these things we're talking about on the liability side are a big part of the reason why 401-K has now become the preferred retirement plan and a much more common approach in modern times versus penchants which many years ago were what most companies decided to provide.
Rick Unser: And here's a fun question that I feel like I get maybe once a quarter from people that are involved in various M&A type transactions or are maybe new to the world of penchants. Is there any type of insurance that will cover a short fall in a penchant plan or is that just a fairy tale?
Reid Eanes: The short answer is no. All fiduciary liability policies have what's called a 'benefits due' exclusion and that says that if it's something that should have been paid out by a plan but isn't, their insurance is not going directly fund that planned liability. Now, let me say that there's a little bit of nuance when you get into the real world because these policies are absolutely designed to pay damages, and if you do end up settling a fiduciary liability claim law-suit with planned participants, the way that you characterize them money being exchanged comes into play. Whether it's characterized as damages or whether it's characterized as benefit due.
Reid Eanes: And in some cases we ask the insurance carriers willing to participate in settlements where you're at least floating with the line of it being an actual funding shortfall in order to avoid ongoing defense costs. So, there are pragmatic business decisions that come into play, and the way that the carrier sometimes views these matters in the real world but by the letter of the contract and within the four corners of that insurance policy there are clear exclusions on all of these policies for any benefit due, which would include a penchant shortfall. So, not something you can affirmatively insure although, again, a skilled broker and a skilled claims' advocate in a real world scenario might be able to find out a little-bit of wiggle room with that.
Rick Unser: Awesome, and you gave me a great pivot point there so, let me just give you, kind of, a little-bit of an open question here. If an employer thinks there's an issue or if they have an issue relating to a participant complaint or something else that they would want to get some relief or get some financial assistance from their fiducial liability insurance policy, what do they do, or maybe more importantly, what don't they do if they're looking for that policy to respond?
Reid Eanes: So, that there's two main ways in which the fiduciary liability policy would respond and the first I'll touch on is the traditional claim, which I think is what you're talking about. And that's generally defined as any written demand for monetary damages or non-monetary relief and so if you do get an attorney letter or a lawsuit from any plan participant saying you've done something wrong and you need to make it right. That's the type of thing that's gonna trigger the policy, and if there's ever a question about whether something in writing constitutions the formal claim or not, I would definitely recommend submitting it to your broker, they can provide guidance on that point.
Reid Eanes: But fiduciary liability policies also have a unique element for a liability policy where it'll trigger not just upon a claim, but also from a voluntary compliance standpoint. So, if the plan's fiduciaries, and in some cases the plan auditor, determines that there's an issue; for example, a compliance issue and the organization decides to affirmatively wave that flag themselves and, for example contact the DOL and say 'Hey, we got an issue here', fiduciary liability policies will also trigger with that. Though the carrier wants to encourage good faith action and good behavior on the behalf of their insurers and if companies do decide to go down that voluntary compliance path, you should definitely be looking at your insurance policy to provide an element of coverage there. Don't wait until there's a lawsuit or there's and issue with you. You find an issue, pick up the phone and call your insurance broker and at least be having that conversation because that voluntary compliance aspect of coverage is something that's included in many policies but that many people don't know is there and in many cases don't utilize the policy to its fullest extent.
Rick Unser: And that's a really interesting point because I think that, coming back to real world for a second, if you think about 'I've got a thousand companies and a thousand plans', the odds of one of them being part of a class action lawsuit versus one of them having some sort of compliance or other defect that would require self reporting or some type of corrective action with the Department of Labor, for example, probably the latter's a lot higher, that's probably a lot more of a real world situation. So if somebody has that situation and they have fiduciary liability insurance, is that just automatically baked in there or is that something that, again, comes back to this well crafted fiduciary liability insurance policy discussion?
Reid Eanes: Yeah, it's more of the latter, more of the well-crafted, making sure that the policy is being properly negotiated. Many off the shelf policies will have some element of voluntary compliance coverage but the carriers will generally look to sub-limit that coverage and so a sub-limit of ten thousand or 25 thousand dollars might be nice and might fund a little-bit of your legal bill to respond to a voluntary compliance issue but many carriers will go as high as 100 thousand or 250 thousand and even in some cases 500 thousand if you simply ask for it. And so getting that voluntary compliance sub-limit up to the highest level possible is something that you should definitely should be paying attention to because you get to that 250 thousand dollar level and for many companies, especially in the middle market, that becomes a very significant cost item and something that can be offset by insurance. And again that's an element of coverage which is generally speaking not subject to any type of deductible and so the voluntary compliance coverage from your fiduciary policy would pay those extra expenses on a first dollar basis up to the policy sub-limit.
Rick Unser: And again, to be clear what we're talking about here, and correct me if I'm hearing you incorrectly, are the legal costs versus the 'hey, we forgot to enroll a division and our retirement plan and now we have to contribute missed contributions, missed matching', things like that.
Reid Eanes: That's correct. It would be legal costs, not the next missed contributions and which mismatching which would generally fall under that's benefits due exclusion that I mentioned. But in some cases, certain civil penalties can also be covered by the policy. That's true of DOL issues, it's true of HIPAA or data issues or penchant protection act issues, and so the policy will also have sub-limits for civil fines and penalties under certain law. Now again with the good faith element, meaning nobody willfully decided to break the law, it was simply an honest mistake that was made, but if that's the case then the carrier where insurable by law, will cover certain civil penalties in addition to the legal costs.
Rick Unser: Perfect. Let me pivot you back to, I think, what most people are more concerned about or are more, I don't know if afraid is the right word, but that class action lawsuit or that really large complex claim where you need fiduciary liability insurance to pick up several hundred thousand dollar or maybe millions of dollars in legal or other expenses. Are there any do's or don'ts as you think about somebody wanting to activate or rely upon their fiduciary liability insurance? Are there certain things that you advise clients to make sure they do or make sure that they don't do?
Reid Eanes: Yeah, definitely. The rule of thumb is earlier is better. All of these policies have consent cooperation and control provision and what that ultimately says is you and the carriers interests are aligned. They demand a seat at the table if their money is at stake and so the company really shouldn't be making defense decisions or moving forward in any meaningful way without the carrier having a voice. Because you wanna cooperate with them, you wanna tell them about the issue as early as possible, include them in the process, include them in council selection, in some cases, and really treat the carrier as a partner because where it goes right is where you're communicating and keeping those lines open throughout the process.
Reid Eanes: And where it goes wrong is that a company goes out and defends themselves and even as going down the road and negotiating a settlement for example and then all of a sudden dumps it on the carriers plate and says 'we're going to need you to pay for this'. So, involving the broker and involving the carrier from the jump is really critical in these situations. And absolutely, those types of large class action claims for some of the things that you mentioned earlier like, selection of outside service providers and fees and some of the big things that were seen drive litigation, especially for large plans and large companies can be very, very expensive and very, very complex; millions, or in some cases even tens of millions dollars that we've seen. So making sure that the lines of communication are open is really, really critical with the carrier.
Rick Unser: No, yeah, and I think that idea, I can just see this, where you have the dutiful company who is like 'hey guys we just saved you a bunch of time and we negotiated this great settlement over this lawsuit from one of our employees and here's the bill'. I can see how somebody's like 'well we just saved these time and resources and all they have to do is just pick this up, it's within our policy limit' but that doesn't sound like the right way to approach it.
Reid Eanes: No, not at all and in fact you might be giving the carrier an out inadvertently, I mean they can actually deny an otherwise public claim for things like wait notice, for things like lack of cooperation, and especially if you have a carrier that has a lot of experience in the fiduciary liability world, which we think is important in selecting a carrier partner, you really should rely on their expertise. Even a company that has a lot of internal legal resources, has some of the best lawyers around, they haven't experienced the thousands of these lawsuits that the carriers have. And especially the large carriers like the Chubs and the AIGs of the world who have significant fiduciary liability market share, we encourage our clients to view that carrier as a resource. Now they can really help see you through the fire, so to speak, because they know exactly how to analyze potential damages, exactly how to put together a defense project, make sure that the attorney are behaving properly and not over charging or over billing the case, and really just make sure that everything stays on the tracks until a positive resolution.
Reid Eanes: And so having that carrier partner lock stuck with you throughout the process and using their expertise and experience is a benefit of the policy, and a benefit of being one of their insurers, that's something that we definitely want to encourage.
Rick Unser: And please correct me if I screw this up, but I think that fiduciary liability insurance is one of those low instance, high utilization, I think I messed that up. But maybe fix that one for me, but on that note, have you seen any really interesting claims or really interesting applications of how companies have benefited from fiduciary liability insurance and whether it's stories or antidotes that might be of help or interest to people?
Reid Eanes: Yeah, absolutely. I mean, in the large complex claims scenarios, it really does get critical and as I mentioned earlier, we're dealing actively right now with penchant litigation that's likely to go into the tens of millions of dollars in settlement value. So, some of these can be large and really have significant financial implications for the individual defendants who are named on the board, the plan committee. Excuse me, you know, the more mundane uses of the policy, I think are important too because these are the areas where sometimes people miss and don't fully utilize the extent of the policy and so although those large complex class action claims, likely the attorneys or the board itself will realize that they should include the fiduciary liability carrier, look to trigger the policy but the policy also triggers from even more mundane errors and omissions, administrative errors for example.
Reid Eanes: We had a client who was collecting premiums from an employee for life insurance but had mad a mistake within the paperwork and had never signed that person up for the life insurance plan despite collecting premiums from every pay stub and when unfortunately that person passed away and looked, their family looked to make a life insurance claim, the carrier, of course, denied it. And that was a scenario where the fiduciary liability policy stepped in and really helped resolve the whole situation to both sides satisfaction. And so if you do experience those day-to-day issues or single plaintiff, single plan participant issues as opposed to the large complex class action, it's worth having the conversation with your broker and it's worth looking at the policy to see if there's some of the ancillary coverages within there that you might be missing otherwise.
Rick Unser: All right, and just for my own mental satisfaction, what's the right way to say that thing that I was trying to say that thing I was trying to say? Low instance, high...
Reid Eanes: Yeah, low frequency, high severity and that's definitely the case with fiduciary liability. It's a very affordable insurance policy. It's not super expensive because the claims don't happen as much. Although I'll caveat that by saying we have seen an uptick in litigation within probably the past probably two or three years, so something the carriers are focused on because fiduciary litigation does seem to be increasing rather than decreasing. But historically speaking, definitely low frequency but high severity, so it doesn't happen very often but if it does happen, especially for that large class action scenario, it tends to be a multi year and complex process to resolve.
Rick Unser: Yeah, and I'm going to come back to one point you just made a minute ago where in these lawsuits, certainly they're naming the company, their naming the plan, but they're also naming individuals and I had a fantastic conversation on the podcast earlier this year where we talked to Diane Gallagher who was the chair of the investment committee at American Century, who was subject to a class action lawsuit, she was personally named in the lawsuit; we also had their defense attorney, who did a fantastic job just talking about the nuances of the case. Ultimately, they won a dismissal of the lawsuit but it was a really an interesting conversation so if anybody wants to check that out, that was a great conversation. Just called it 'Defending a 401-K Lawsuit'. You can scroll through your podcast app and find that. But just since you mentioned that, I remembered that was one of the things that Diane said really just kind of struck her to the core was seeing her name attributed to a multi-million, tens of millions of dollar lawsuit.
Reid Eanes: Yeah, all right I think I'll check that podcast out myself. That's a great point because even if you did absolutely nothing wrong and even if you're completely vindicated on the back end with a dismissal and no finding of liability, these things are simply expensive to defend and it's not just the damages of the settlement value that the policies respond to. It's the defense cost and when you have skin in the game personally, you're named, making sure attorney, making sure that it's being defended the right way, that's critical. And even for that scenario where you win, it can also take millions of dollars to get there and that's really, the, one of the main reasons that people buy this insurances is for the defense aspects, I'm glad you mentioned them.
Rick Unser: One more thing that we get and I'm just curious if there's any sort of insurance remedy: employers are hiring many different service providers, record keepers, sometimes specific administrators, auditors, advisers, et cetera. And to the extent that one of those service providers causes damage to the plan, to the extent that there's something that happens that is attributable to one of those providers that now, either the employees are coming back, or there are financial damages that need to be paid for, does fiduciary liability respond or is there a potential that, that might be able to respond if there was no clear fault of the employer that caused the damage to the plan?
Reid Eanes: Yeah, absolutely, fiduciary would respond in that situation but there's a bit of nuance to it because the policy would protect the selection and oversight type allegations; that the plan or the company or the sponsor itself was negligent in selecting that outside service provider, wasn't providing the proper oversight as ERISA requires them to, and that type of selection or oversight would trigger the companies fiduciary liability policy.
Reid Eanes: Now the other side of that, is that the company might have recourse against that third party vendor and should be looking very specifically at the contract to understand what liabilities and indemnities exist in the contract or what limitations on liabilities exist because most of those outside service providers are going to maintain their own errors and omissions insurance policy, and you know the company and the plan as a client could have standing to bring a claim directly against them for their own alleged negligence. And so the fiduciary liability policy for the company or planned sponsor would be working to defend the company against the negligent oversight, negligent monitoring-type allegation, and we would recommend that the company pursue whatever remedies they can against that outside service provider, assuming that the fault was theirs. So, it's essentially a multi-front war situation.
Rick Unser: Nice image there. Reid, we've covered a ton of ground today and I think you've shared a lot of great information. Is there anything that we haven't talked about relating to ERISA, specific fiduciary liability or insurance that would be good to mention or are there, maybe, a few things as companies think about broader fiduciary responsibility that you're seeing that people might be interested in?
Reid Eanes: Yeah, one thing I think I'd be remise in not mentioning, is the developing world of cyber liability, as it pertains to plans. This is such a deep topic that you could probably do a whole podcast just on this but as HIPAA as well as high tech and privacy laws have expanded, with both the federal government and state government putting a very high emphasis on privacy, on employee privacy, on employee data; it's something that all plan fiduciaries should be keenly aware of, because although the fiduciary duty element of these policies is covered by fiduciary liability, the actual loss of personally identifiable information, personal health information, is not covered by fiduciary liability, except in very small and supplemented ways. We would absolutely recommend that all plans sponsors carry a broad and robust network security cyber liability policy, which is specifically designed to respond to that type of data breach or data loss situation.
Reid Eanes: It's common to have Social Security numbers, medical information, retirement information, all this in these plans and the way that the organization treats and protects that data can absolutely present liabilities. And if there is a breach or a loss of that data, there's a lot of compliance hoops to jump through, there's a lot of additional cost that come into play, all of which are insurable under a well crafted cyber liability policy. So although a different type of insurance, something we're seeing come into play more and more, and something we would recommend show up on the agenda of every fiduciary plan committee meeting if it's not there already.
Rick Unser: And that's a really good point and we do see that, I would say, kind of flair up as a topic of interest in retirement plans. And I think the one instance may be coming back to our theft conversation, where we have seen retirement plans breached, for lack of a better word, is not maybe where, I think, some people would think about it; which is ACME record keeper had a broad hacking attack, millions of account numbers were compromised and people had money stolen out of their 401-K on a broad basis, we're not seeing that. But I think as you were mentioning there, what we have seen are some select instances of phishing or other more small attacks on some of these record keepers where people are able to get enough personally identifiable information to request a loan payment and have a check sent somewhere, that is not to the participant, or they get a distribution routed to a bank account that is not affiliated with the actual employee. Are those things like that, are those types of breaches? Is that something that a cyber policy might respond to, if an employer had employee that was impacted by that? Or is that something that the record keeper, or the person who is in charge of those assets, they would have to have a policy that would need to respond to something like that?
Reid Eanes: Yeah, potentially both. And that exact scenario is something that we're seeing all the time these days. The FBI even maintains statistics on this and it's something crazy like over five billion dollars of loses to U.S. companies in the past three years from that type of fraudulent instruction, or sometimes called social engineering, and you're correct that it doesn't stem generally from a traditional hack where you have a technically sophisticated hacker actually breaching a system.
Reid Eanes: They call it social engineering because you're essentially being tricked. You know, someone is convinced that the person that their communicating, typically via email, is someone who they aren't, someone, you know, they claim to be an executive or they claim a plan participant and they have just enough details to, like you said, get that wire transfer sent or get that check sent and a lot of times those monies are sent to foreign bank accounts where there's low likely hood of recovery.
Reid Eanes: So in those situations, all of those policies can be implicated; it can be a cyber issue, it can be a crime issue, it can be something on the crime or cyber policy of your outside service provider and depending on a specific facts, and these situations do get complex, all or none of those policies can potentially respond. But it's something that everyone should be keenly aware on because it's a big business for the criminal organizations and given the amount of revenue that they're generating from these schemes, we don't expect it to stop anytime soon.
Rick Unser: Yeah and come back to the cost benefit, is, doesn't take them a lot of money to potentially create a very large windfall from a social engineering scam like that. So probably will continue for the foreseeable future and on a side note, it's funny, a lot of the providers have really stepped up with multi-factor authentication and other things that, on the surface, some employees can view as annoying or pesty or some providers have actually put some 'Hey, if you change your address and request a distribution, we're going to put a 30 day hold on getting your check'; so, it's interesting. I think there have been some, let's call it quote unquote, 'annoying' policies that have been put in place, but I think that if people take a step back for a second, there is a rational here where they're actually trying to protect the end user versus just add layers of complexity for no reason.
Reid Eanes: Oh, absolutely, and I think that if people were educated and aware on how often these types of thefts are occurring the real world, I would think that they would be more tolerant of those extra diligent security steps because they're there for a reason and this stuff is definitely happening in the real world.
Rick Unser: I'm with you there. Well Reid, this has been a ton of fun. I appreciate you taking some time to talk to us about fiduciary liability insurance. I do agree with you and we have talked about cyber liability; and we'll probably need to do that again. So, hopefully, we'll hit you up for that sometime down the road.
Reid Eanes: Yeah, my pleasure. Thanks for having me, Rick. Really appreciate it, and have a good rest of your day.