Seven Key Topics Every Retirement Plan Oversight Meeting Should Address

If your organization lacks an employee benefit plan oversight committee, establish one now to comply under the Employee Retirement Income Security Act (ERISA) fiduciary requirements and strengthen governance. The committee should ideally include senior leaders from finance, HR, IT, the board (if relevant), financial reporting, and any external advisors.  

For the oversight committee, conducting regular meetings is essential as a fiduciary responsibility. These meetings are critical to maintaining compliance with Department of Labor (DOL) and Internal Revenue Service (IRS) regulations, promoting operational efficiently, and safeguarding the interests of plan participants. Failing to conduct these meetings may result in fiduciaries facing legal and financial liabilities. Maintaining an organized and thoroughly documented governance process is fundamental to fulfilling your obligations under ERISA. 

Significance of These Meetings  

• Fiduciary Responsibility: ERISA mandates that fiduciaries act prudently and prioritize participants’ interest. 

• Regulatory Compliance: Laws and regulations are subject to change, and plans may require updates to remain compliant.  

• Risk Management: Identifying issues at an early stage helps mitigate the potential for significant costs of complications in the future. 

• Defense in Case of Litigation: Comprehensive records of these meetings may provide strong evidence that fiduciaries exercised due diligence and fulfilled their duties should participant litigation occur. 

Items to Include on the Agenda  

1. Investment Performance

• • Analyze the performance of each fund in comparison to establishing benchmarks and industry peers. 

• • Ensure the investment lineup is diversified and aligned with your investment policy. 

• • Keep a record of all decisions regarding the retention, replacement, or ongoing review of specific funds. 

2. SOC 1 Report Review

• • Obtain a report of the SOC 1 Type II reviews for third-party administrators (TPAs) from your management team and conduct a thorough analysis of their contents. 

• • Carefully review any exceptions or control issues identified within the report. 

• • Promptly resolve any identified issues and ensure that complementary user entity controls (CUECs) are implemented and properly documented. 

3. Regulatory Updates

• • Stay informed about new laws and regulations impacting retirement plans, including SECURE 2.0 and prospective legislative developments. 

• • Ensure that required provisions are implemented in daily operations prior to the completion of formal plan amendments. 

• • Coordinate with your recordkeeper or TPA to ensure readiness. 

4. Cybersecurity Oversight

• • Review the plan’s cybersecurity framework to ensure consistency with DOL guidance. 

• • Ensure service providers conduct regular risk assessments and audits. 

• • Address controls like multi-factor authentication, encryption protocols, and comprehensive incident response plans. 

5. Audit and Compliance Reporting

• • Engage auditors with relevant knowledge and experience in auditing employee benefit plans. 

• • Thoroughly review the audit report and ensure that any identified issues are addressed in a timely manner. 

• • Ensure that Form 5500 and other required filings are completed accurately and submitted within the designated deadlines. 

6. Reasonableness of Fees

• • Compare plan fees including investment, administrative, and advisory costs to prevailing industry standards. 

• • Conduct a thorough review of 408(b)(2) disclosures to ensure that all fees paid from plan assets are reasonable. 

• • Engage a fiduciary advisor to assist with fee analysis and documentation. 

7. Prohibited Transactions

• • Review all party-in-interest transactions and confirm they are not prohibited under ERISA. 

• • If corrections are needed, use the DOL’s Voluntary Fiduciary Correction Program. 

Governance Action Plan

1. Set a Regular Meeting Schedule: Start with quarterly meetings as a framework and have additional sessions as needed to address urgent matters.
2. Implement a Standing Agenda: Rotate deep dives into different areas such as investments, cybersecurity, and compliance to ensure nothing is overlooked.
3. Assign Clear Roles: Designate who is responsible for reviewing SOC reports, regulatory tracking , and investment oversight.
4. Document All Activities: Maintain organized records of meeting minutes, decisions, and supporting documentation. Comprehensive record-keeping is essential in the event of an audit or investigation.
5. Consult Experts as Necessary: Should your team require specialized knowledge in a particular field, it is advisable to engage external consultants.

How Can Our Unique Perspectives Assist You? 

Establishing and maintaining a diligent retirement plan oversight process is not just a regulatory requirement—it’s a foundation for safeguarding your organization and supporting your employees’ financial futures. By addressing the seven key topics in every retirement plan, you ensure compliance, enhance operational effectiveness, and mitigate risks that could lead to costly complications.  

We believe that effective governance goes beyond meeting minimum standards—it’s about fostering confidence, protecting participants, and building a resilient future for your organization. To learn more or schedule a consultation regarding your benefit plan’s oversight needs, contact Sharjeel Ahsan at sahsan@mjlm.com. 

Related Guidance:  

• ARTICLE: Five Practical Steps to Evaluate Investment Options for Your Benefit Plan 

• ARTICLE: Five Practical Steps to Stay Compliant with Notice Requirements for Your Benefit Plan 

• ARTICLE: Enhancing Cybersecurity Measures in Benefit Plan Operations