Compliance September 27, 2017

IRS Says 403(b) Plans May Use Effective Date Addendums

Some sponsors that want to use a pre-approved plan have certain provisions that were not in effect for the plan for the entire restatement period or options that have changed during the restatement period.
Reported by

Without much fanfare, the Internal Revenue Service (IRS) opened its pre-approved plan program for 403(b) plans by issuing a list of providers of pre-approved plans.

Employers may adopt pre-approved 403(b) retirement plans through March 31, 2020. Though 403(b) plan sponsors had to adopt a written plan by December 31, 2009, under regulations passed in 2007, the IRS announced a remedial amendment period during which they would be able to restate their plans to adopt one of the prototypes. Employers may adopt these plans as restatements to correct any form defects from January 1, 2010, to the end of the remedial amendment period. 

Never miss a story — sign up for PLANADVISER newsletters to keep up on the latest retirement plan adviser news.

The IRS notes that this raises an issue for adopting employers that want to use a pre-approved plan with certain provisions that were not in effect for the plan for the entire restatement period (effective date of the pre-approved plan to the adoption date), or options that have changed during the restatement period.

To address this issue, the IRS says an adopting employer’s reliance on a pre-approved 403(b) plan’s opinion or advisory letter is not affected simply because the employer uses an effective date addendum—a list of effective dates for certain plan provisions different from the plan’s general effective date—if the addendum lists dates that accurately reflect the plan operation, and complies with the scope of the plan’s letter.

More information is here.

Products September 27, 2017

SPARK Offers Best Practices for Recordkeepers to Report Cyber Security Capabilities

Last year, The SPARK Institute formed a Data Security Oversight Board (DSOB), comprised of both recordkeepers and members of the plan adviser community.
Reported by

The SPARK Institute announced the development of industry best practices for how recordkeepers should report their cyber security capabilities to plan sponsors and plan consultants.

Last year, The SPARK Institute formed a Data Security Oversight Board (DSOB), comprised of both recordkeepers and members of the plan adviser community. “Our original focus was trying to create a data security standard that all industry players needed to meet. However, we quickly realized that one overarching standard was not only unattainable given the different security frameworks each recordkeeper uses, but also was bad security policy. If that one standard was breached then everyone’s systems would be at risk” says Doug Peterson, the chief risk officer for Empower Retirement and the chair of SPARK’s DSOB. “In the end, we chose to standardize how security capabilities are reported, so the plan sponsor would have a uniform way to better compare each vendor.”

For more stories like this, sign up for the PLANADVISERdash daily newsletter.

When a member firm uses SPARK’s best practices to describe their overall data security capabilities they must use the 16 identified critical data security control objectives, defined by the DSOB. These best practices also require members to use an independent third-party auditor. Each audited report, regardless of the security framework used, must include a detailed report showing identified controls mapped to one of SPARK’s 16 control objectives.

“Cyber security is becoming a significant concern for everyone, especially plan sponsors. Plan sponsor governing bodies may not have cyber security expertise, and most plan sponsors outsource their recordkeeping, customer service and marketing services. So, the establishment of standardized reporting of best practices for cyber security with independent certification can be a great comfort and great assistance to plan sponsors” says Keith Overly, executive director of the State of Ohio’s Deferred Compensation Plan.

The best practices report may be obtained by SPARK members here or upon request by contacting Tim Rouse at tim@sparkinstitute.org.

«