What Took So Long? Democrats Quickly Introduce Pension Relief Bill

House Ways and Means Committee Chairman Richard Neal (D-Mass.) introduced the Emergency Pension Plan Relief Act of 2021 (EPPRA) on January 21, 2021. EPPRA represents the latest legislative attempt to address the well-documented multiemployer pension crisis.

EPPRA is significant in that it is the first legislation introduced by Chairman Neal under the Biden administration, signaling a possible renewed emphasis on solving the multiemployer pension crisis by the incoming administration. (A summary of EPPRA is available.) More…

BlackRock 401(k) Plan Class Action Headed for Trial

A class action alleging that BlackRock entities favored their own proprietary funds when selecting investment options for BlackRock’s 401(k) Plan is headed for trial after Judge Haywood S. Gilliam, Jr. denied both parties’ motions for summary judgment on January 12, 2021. Baird v. BlackRock Inst’l. Trust Co., No. 17-1892 (N.D. Cal. Jan. 12, 2021).

BlackRock sought summary judgment on Plaintiffs’ claims for breaches of fiduciary duty. The court denied the motion for several reasons. First, the court held that summary judgment was precluded because a genuine dispute of a material fact existed as to whether BlackRock complied with the Plan’s Investment Policy Statement. Next, the court held that Defendants’ “loss causation” arguments involved weighing the parties’ respective experts and their methodologies, “a task which is inappropriate at the summary judgment stage.”

The court then turned to whether certain of Plaintiffs’ prohibited transaction claims were time-barred because they were not brought within six years after “the date of the last action which constituted a part of the breach or violation.” 29 U.S.C. § 1113(1). BlackRock argued the only relevant transaction for claims based on including a fund in a plan line up is the date the fund is initially added. The court rejected the argument, reasoning that (1) the case law did not support such a broad proposition, and (2) Plaintiffs’ claims were not based solely on including the challenged funds, but also involved the fees paid to BlackRock affiliates.

Finally, the court found that summary judgment was inappropriate on the merits of Plaintiffs’ prohibited transaction claims, maintaining the prohibited transaction exemptions required examination of the reasonableness of compensation received by the Defendants, which required resolution of disputed issues of fact.

The court likewise denied Plaintiffs’ motion for partial summary judgment as to liability. Trial is scheduled to begin on March 1, 2021.

Mandatory COVID-19 Benefits Under Families First Coronavirus Response Act Have Ended, Now What?

In March 2020, when Congress passed the Families First Coronavirus Response Act (FFCRA) with a sunset date of December 31, 2020, few anticipated the COVID-19 pandemic would be ongoing into 2021. Several similar state and local laws also sunset at the end of 2020. But the pandemic has not slowed, and requests for COVID-19-related leave (along with the corresponding tax credits) continue.

Here’s What We Know

The new stimulus bill (Consolidated Appropriations Act, 2021) passed on December 27 did not extend the FFCRA obligations. Employers who were covered under the FFCRA are no longer obligated to provide their employees leave.  More…

Wellness Programs and Water Bottles, the EEOC Proposes New Rules under the ADA and GINA

Since 1996, when Congress passed the Health Insurance Portability and Accountability Act (HIPAA), employers have been struggling with whether and to what extent they could offer incentives to employees to participate in certain “wellness programs.” The Equal Employment Opportunity Commission’s (EEOC) position on these programs has been a significant driver of those struggles, primarily due to concerns about whether such programs are “voluntary.”

On January 7, the EEOC proposed a new approach that may provide employers some certainty, particularly as many employers are wondering about incentives to encourage employees to receive a COVID-19 vaccine. The agency proposed regulations under the Americans with Disabilities Act (ADA) and the Genetic Information Nondiscrimination Act (GINA) which, for those interested, provides a brief history of wellness programs, and EEOC’s evolving position concerning same.

A (Very) Brief History

In short, the EEOC stated its position on voluntariness in 2000, in its Enforcement Guidance on Disability-Related Inquiries and Medical Examinations of Employees Under the Americans with Disabilities Act: a wellness program is “voluntary” as long as an employer “neither requires participation nor penalizes employees who do not participate.” See Q/A 22.

During that time and moving forward, however, other federal agencies which regulated group health plans (Health and Human Services, Department of Labor, and Internal Revenue Service) provided a regulatory path for employers to incentivize employees to participate in certain wellness programs. A version of those rules were codified in the Affordable Care Act (referred to herein as the “ACA/HIPAA rules”), evidencing Congress’ intent to permit such incentives, albeit subject to other federal laws, such as ADA and GINA. The EEOC’s initial attempt to harmonize by regulation its position on wellness programs with the ACA/HIPAA rules failed when its regulations addressing incentives were judicially vacated. These new proposed regulations take a different approach.

The Proposed Regulations.

The EEOC proposed two sets of regulations – one under the ADA and one under GINA:

ADA.

Under the ADA proposed rule, a wellness program is a program of health promotion or disease prevention that includes disability-related inquiries or medical examinations. Disability-related inquiries, such as health risk assessments and biometric screenings, generally include a series of questions “likely to elicit information about a disability,” while medical examinations are procedures or tests that seek information about an individual’s physical or mental impairments or health. Programs that do not include disability-related inquiries or medical examinations (e.g., rewarding employees for attending a smoking cessation class) would not be subject to the ADA proposed rule. The rule also would incorporate essentially the same subcategories of wellness programs as under the ACA/HIPAA rules – participatory and health contingent. Read More

Consolidated Appropriations Act, 2021: PPP and Tax Provisions

The Consolidated Appropriations Act, 2021 (Act) generally provides the annual funding for the federal government and contains several important rules giving further COVID-19 relief. These include, among other things, revisions to the Paycheck Protection Program (PPP), expansion of the employee retention tax credit, and changes to other employer-related tax provisions.

The Act was passed by Congress on December 21, 2020, and signed by President Donald Trump on December 27, 2020.  More…

Consolidated Appropriations Act, 2021: Employer-Sponsored Retirement Plans

The Consolidated Appropriations Act, 2021 generally provides the annual funding for the federal government and also contains several important rules giving further COVID-19 relief. The comprehensive relief package funds certain hard-hit industries, expands eligibility for the Paycheck Protection Program (PPP), and extends and expands the Employee Retention Tax Credit.

The Act also relaxes several normally rigid health, welfare, and retirement plan rules in light of the on-going COVID-19 pandemic, easing the financial impact of pandemic-caused employment changes, while instituting new rules related to surprise medical billing.

The Act was approved by Congress on December 21, 2020, and signed into law by President Donald Trump on December 27, 2020.  More…

Personal Data from Thousands of Pension Plan Accounts Breached…Third-Party Service Provider Blamed

One of the last things pension plan participants would want to learn as they get ready to celebrate the Christmas holiday is that personal data from their pension accounts may have been compromised. This is the case, unfortunately, for approximately 30,000 Now:Pensions customers whose names, postal and email addresses, birth dates and the equivalent of Social Security numbers were hacked and posted on line. According to reports, the UK company, which helps to administer millions of workplace pensions, attributed the incident to a third-party service provider.

Of course, the challenge of managing the cybersecurity risk of third-party service providers does not exist solely across the pond. During a recent SPARK Cybersecurity Virtual Event, Tim Hauser, Deputy Assistant Secretary for National Office Operations at DOL’s Employee Benefts Security Administration (EBSA), observed

When a plan fiduciary is hiring somebody who is going to be responsible for confidential, personal information, or who’s going to be running systems to keep track of people’s account balances and the like, there’s a responsibility to make sure that you’ve hired that person prudently, that firm prudently…And if you think about plans and the universe I described, that’s just shy of $11 trillion, and with personal health and pension data, there are a lot of tempting targets there and what we’ve seen in our own enforcement actions, especially in our criminal programs, vulnerabilities are taken advantage of.

According to Hauser, the U.S. Department of Labor is developing guidance for plan sponsors in the U.S. that would cover cybersecurity issues and third-party service providers for retirement plans.

Just as so many other organizations affected by a breach experienced by one of their third-party service providers, Now:Pensions has provided notification to pension account holders and regulators. Reports indicate the breach occurred over a three-day period in mid-December and the compromised data had been obtained “by an unknown third party.”

At this point, similarly-situated organizations might be considering whether to move away from the service provider that caused the incident. Here are some reasons why that may not be the best course of action. However, one to-do list item that should be a given following a breach like this is to revisit the procurement process for selecting service providers, update it as needed to make sure it appropriately addresses cybersecurity risks, and ensure it is prudently implemented.

When it comes to ERISA employee benefit plans, hiring a service provider is in and of itself a fiduciary function. When considering a plan service provider’s level of cybersecurity, there are a number of steps plan sponsors and administrators can take to prudently assess the data privacy and security capabilities of potential plan service providers. Some examples include:

  • Take the general threats and vulnerabilities of plan service providers into account when conducting the organization’s enterprise data security risk assessment.
  • Meet with the service provider’s IT lead, but also others in the service provider’s organization – legal, accounting, HR, sales, etc. This will give you a better sense of the culture of privacy and security at the service provider.
  • Require the service provider to complete a detailed list of pointed data privacy and security questions, the answers to which to be actively evaluated by your IT team, counsel, and/or consultant.
  • Ask about prior data security incidents and how they were handled.
  • Review the service provider’s policies and procedures.
  • Require the service provider to submit to an independent data security audit/review, penetration test.
  • Ask the service provider about its data breach response plan, and how often it is practiced. Plan to include the service provider when you practice your own response plan, and gauge their openness to that.

This is not an exhaustive list, and each step could be fleshed out more or less depending on the risk the service provider presents. In addition, it is appropriate to incorporate appropriate representations and additional protections concerning data privacy and security in the ultimate services agreement. The point is that because of the critical role service providers play, and the information they have access to (which may include not just personal information but also company proprietary data), the measures taken to evaluate plan service providers privacy and data security risk should happen at the procurement stage and on an ongoing basis, not just when a breach happens.

The IRS Released the Final Regulations for Plan Loan Offset Rollovers

The IRS released final regulations on the provisions of the Tax Cuts and Jobs Act (“TCJA”) that added Section 402(c)(3) of the Internal Revenue Code, effective January 1, 2018, special rollover relief for qualified plan loan offset (“QPLO”) amounts.

As per our initial blog on the TCJA change, distributing a plan loan offset occurs under the terms of a plan when a participant’s accrued benefit is reduced (or offset) to repay the loan. Distributing a plan loan offset amount may occur, among other circumstances, where the plan terms require that, if the participant’s request for a distribution occurs, a loan be repaid immediately or treated as in default. However, the  TCJA provisions for QPLOs apply to unpaid accrued loan amounts that are offset from the participant’s plan account at plan termination or at or after severance from employment if the plan provides that the accrued unpaid loan amount must be offset because of such events.  Before this law change, the deadline to roll over any plan loan offset was the 60th day after the date the loan offset arose.  But for QPLO amounts, as of January 1, 2018, the deadline is the filing due date (including extensions) for the participant’s tax return for the year in which the loan offset amount arises.

The main highlights of the final regulations are:

  1. No changes were made to the originally proposed regulations except that the terms of the final regulations are only required to be applied to QPLO amounts that are treated under the regulations as distributed on or after January 1, 2021.  This means that the properly coded Form 1099Rs for QPLO amounts treated as such under the regulations would not be due until 2022 and later years. Note this does not change the general 2018 effective date of the TJCA amendment adding QPLO provisions to the Code.
  2. The regulations specifically define a plan loan offset occurring because of severance from employment as an offset for failure to timely repay a loan that occurs by the first anniversary of the date of the employee’s severance.
  3. Several helpful examples are given that illustrate the operation of the QPLO rules in a variety of distribution and repayment failure circumstances.

We are available to help plan administrators understand and implement these final regulations.  Please contact a team member or the Jackson Lewis attorney with whom you regularly work if you have questions or need assistance.

LexBlog