Employee benefit plan sponsors are advised to expect an increase in enforcement activity by the Employee Benefits Security Administration (EBSA) in 2023. The ESBSA has seen a major decrease in enforcement actions for two consecutive years, resulting in a decrease of nearly 50% in the amount of funds recovered for plans, participants, and beneficiaries. The amount recovered decreased to $1.4 billion in 2022—down from $2.4 billion in 2021 and $3.1 billion in 2020.  

The slowing of enforcement activity may be attributed to the COVID-19 pandemic, during which the Department of Labor’s (DOL) issued Notice 2020-01, which relieved employers from enforcement actions if they made a good faith effort to comply with rules during the height of the pandemic. However, since the COVID-19 Public Health Emergency officially came to an end on May 11, 2023, standard enforcement activities are expected to resume.  

With increased levels of scrutiny expected, it is important that plan sponsors review their plans to ensure compliance with EBSA’s regulations and avoid penalties. Read on for a summary of recent enforcement activity and key concerns that plan sponsors should be aware of as enforcement intensifies.  

2022 DOL Enforcement Trends 

While activity has been down in previous years, the EBSA has still been conducting investigations, working to remove bad actors and improve processes. In 2022 the EBSA reported closing 907 civil investigations and returning money to wronged participants in 66 percent of these cases. In addition, the agency produced 402 non-monetary civil corrections, which included: 

  • removing 29 fiduciaries (up from six in 2021);  
  • appointing 30 fiduciaries; 
  • banning 35 people from becoming fiduciaries; and 
  • improving missing participant procedures for 50 plans. 

Overall, the EBSA enforcement program is broken into four areas:  

  • Recoveries from Enforcement Actions ($931 million recovered in 2022) 
  • Voluntary Fiduciary Correction Program ($8 million recovered in 2022) 
  • Abandoned Plan Program ($84 million recovered in 2022) 
  • Monetary Benefit Recoveries from Informal Complaint Resolution ($422 million recovered in 2022)

The majority of recoveries during the past several years have come from efforts to help collect benefits for terminated vested or missing participants in defined benefit plans. While only $542 million was recovered for such participants in 2022 — just over one-third of the $1.5 billion recovered in 2021 — the data illustrates the DOL’s prioritization of its missing participants program. 

Plan sponsors with missing participants are encouraged to carefully review the DOL’s “Missing Participants – Best Practices for Pension Plans” which contains potential warning signs for missing participant issues and examples of best practices, such as: 

  • Maintaining accurate census information 
  • Creating effective communication strategies 
  • Searching for missing participants 
  • Documenting procedures and actions 

In addition, the SECURE 2.0 Act passed in 2022 instructed the DOL to create a lost and found database so missing participants can find contact information for their plans. 

Steps To Limit the Risk of Enforcement Attention 

Though the only way to fully prevent unwanted scrutiny is through compliance, there are still steps that plan sponsors can take to avoid enforcement attention. One is to become familiar with the   DOL’s enforcement focus areas. Plan sponsors should also avoid improper activities that are likely to draw investigators’ suspicions, such as late deposits, self-dealing transactions, and improper payments or compensation.  

Recently, the DOL has increased its focus on cybersecurity. The DOL has provided informal guidance on cybersecurity, which includes three documents that outline best practices for hiring a service provider, implementing a cybersecurity program, and security tips for online users.  

One example of a best practice recommended by the DOL can be found in its section for hiring a service provider, which states that plan fiduciaries should use an outside auditor to review and validate a vendor’s cybersecurity practices and determine whether the vendor carries insurance to cover losses caused by a breach. While these suggestions are not formal regulations, plan sponsors looking to ensure compliance will use these recommendations to develop policies and procedures to decrease the likelihood of negative repercussions.  

Bottom Line: Be Prepared for Increased Enforcement Activity 

Notice 2020-01 stipulated that its guidance would be effective from March 1, 2020, until 60 days after the announcement of the end of the Covid-19 National Emergency, which occurred on May 11, 2023. This means grace periods and other relief efforts will no longer be available to plan sponsors. 

Additionally, the DOL has recently increased its penalties for violations, making noncompliance more costly than ever.     

While many plan sponsors may have enjoyed a reprieve from enforcement over the past several years, with normal activity resuming, now is the time to revisit plan operations and ensure that everything is in order. For questions related to DOL enforcement activity, please reach out to your advisors at Newburg CPA.