The ERISA Advisory Council1 recently announced that, as part of its goals for 2016, it will be focusing on cybersecurity issues affecting retirement plans and, in particular, the extent to which such issues relate to third-party administrators and vendors (TPAs) of retirement plans. By shining the spotlight on the role of TPAs in combatting cyber-related threats to retirement plans, this announcement demonstrates that retirement plan sponsors would be well-served to proactively assess the cyber risk profiles of their retirement plans. Specifically, retirement plan sponsors should focus on developing and implementing a comprehensive and effective risk management strategy that includes, among other actions, the implementation and periodic review of contractual protections in arrangements with their plans’ TPAs.
Please see full publication below for more information.