Image

Open Recommendations

Defined Contribution Plans: Federal Guidance Could Help Mitigate Cybersecurity Risks in 401(k) and Other Retirement Plans

GAO-21-25
Mar 15, 2021
Show
2 Open Recommendations
Agency Affected Recommendation Status
Department of Labor The Secretary of Labor should formally state whether cybersecurity for private sector employer-sponsored defined contribution retirement plans is a plan fiduciary responsibility under ERISA. (Recommendation 1)
Open
DOL neither agreed nor disagreed. The agency stated that plan fiduciaries must act prudently and solely in the interest of plan participants and beneficiaries, and that these duties require plan fiduciaries to take appropriate precautions to mitigate risks of malfeasance to their plans, whether cyber or otherwise. DOL also cited existing regulations on electronic records and electronic disclosures that include provisions to ensure systems are safe and personal information is protected. While these regulations are important, we believe making a formal statement will help ensure that plan fiduciaries are clear on their responsibility to mitigate cybersecurity risk in private sector employer-sponsored DC retirement plans to better protect PII and plan assets. Without such a formal statement, retirement plan administrators may not be aware of this fiduciary obligation.
Department of Labor The Secretary of Labor should develop and issue guidance that identifies minimum expectations for mitigating cybersecurity risks that outline the specific requirements that should be taken by all entities involved in administering private sector employer-sponsored defined contribution retirement plans. (Recommendation 2)
Open
DOL agreed that increasing awareness of fiduciaries' duties under ERISA with respect to cybersecurity would be helpful. DOL stated it is drafting compliance assistance materials to help (1) increase awareness among plan fiduciaries of DOL's position on cybersecurity risk mitigation and (2) ensure that fiduciaries satisfy their ERISA obligations when selecting and monitoring service providers. We acknowledge these efforts, however, DOL should also identify minimum expectations for mitigating cybersecurity risks for all entities involved in the administration of DC plans. GAO believes that fully implementing this recommendation will provide assurances to the agency, and to DC plan participants and beneficiaries, that PII and plan asset data are being adequately and consistently protected in DC retirement plans.

Elder Justice: HHS Could Do More to Encourage State Reporting on the Costs of Financial Exploitation

GAO-21-90
Jan 19, 2021
Show
2 Open Recommendations
Agency Affected Recommendation Status
Administration for Community Living The Administrator of ACL should work with state APS agencies to develop data fields on the costs of financial exploitation to add to NAMRS to encourage more states to collect these data. This could be achieved, for example, during the stakeholder engagement process ACL is undertaking to discuss potential updates for the NAMRS system. (Recommendation 1)
Open
HHS disagreed with this recommendation. HHS stated it could not guarantee that data elements capturing the cost of financial exploitation would be recommended for inclusion in NAMRS during the next renewal process. It noted that NAMRS is a voluntary data system and that HHS must consider the reporting burden on the state agencies of adding data fields to the system. We understand that HHS must consider the reporting burden on state agencies and cannot guarantee the inclusion of cost data elements in NAMRS. However, some state agencies are already collecting these cost data, and by requesting this information in NAMRS, HHS could move states towards collecting this information more routinely and in more standardized ways. The agency plans to begin a stakeholder engagement process for NAMRS renewal in FY21. HHS expects this process could result in updating or adding data elements to NAMRS based on input from stakeholders, balancing what would be valuable for understanding adult maltreatment with what is feasible for APS to collect and report with reasonable burden. This stakeholder engagement process is a valuable opportunity to engage with state APS agencies as well as other important stakeholders to consider whether to add new data elements to NAMRS about the cost of financial exploitation in the coming years. We continue to believe that working with states to add data elements to NAMRS to capture the cost of financial exploitation would help to determine the scope and magnitude of financial exploitation nationwide-currently a critical gap in knowledge about the costs of financial exploitation.
Administration for Community Living The Administrator of ACL should develop a timeframe to share information and tools that state APS agencies have developed to collect cost information with other states, to provide states with strategies they can use to improve data collection on financial exploitation costs. This could be achieved, for example, by leveraging ACL's existing resource centers such as the APS Technical Assistance Resource Center or the National Center on Elder Abuse to disseminate this information to states. (Recommendation 2)
Open
HHS agreed with this recommendation. The agency stated that it would consider ways to conduct these information sharing activities in fiscal year 2022, when it enters into new contracts with its existing resource centers. We will monitor the agency's progress to address this recommendation.

Retirement Security: DOL Could Better Inform Divorcing Parties About Dividing Savings

GAO-20-541
Aug 28, 2020
Show
2 Open Recommendations
Agency Affected Recommendation Status
Department of Labor EBSA should explore ways to collect information on fees charged to participants or alternate payees by a retirement plan—including plan service provider fees the plan passes on to participants—for review and qualification of domestic relations orders and evaluate the burden of doing so. For example, DOL could consider collecting fee information as part of existing reporting requirements in the Form 5500. (Recommendation 1)
Open
DOL generally agreed with this recommendation and said it would informally engage with interested stakeholders, although the agency expressed concerns about establishing a reporting obligation. In the course of our work, DOL officials told us that the agency has never undertaken an overall examination of plan practices related to fees for QDRO review and qualification. In light of this, we believe exploring ways to collect QDRO-related fees may enable DOL to better understand trends in fees or discern outlier plan fees that warrant further consideration. We encourage DOL to continue to consider options for collecting QDRO-related fee data in the most effective and efficient manner as this key information could enhance agency's ability to conduct its mission of protecting plan participants.
Department of Labor EBSA should take steps to ensure that information regarding the requirements for QDROs is available and easily accessible for participants and alternate payees. For example, EBSA could develop a checklist of documents and information that parties could use to help draft a domestic relations order that would be more likely to be qualified as a QDRO on a plan administrator's first review. In addition, EBSA could conduct outreach focused on QDROs to practitioners, such as members of the family bar who may draft domestic relations orders. (Recommendation 2)
Open
DOL generally agreed with this recommendation and stated it would continue to work with stakeholders, including family law bar practitioners and conduct additional outreach as recommended in our report. We appreciate DOL's willingness to take this step, and we encourage DOL to consider making additional resources available that would better ensure that the process for obtaining a QDRO is clear and accessible for participants and alternate payees.

Retirement Security: BLS Should Explore Ways to Improve the Accuracy, Timeliness, and Relevance of Its Cost-of-Living Measurements

GAO-20-422
Jun 16, 2020
Show
2 Open Recommendations
Agency Affected Recommendation Status
Department of Labor The Secretary of Labor should ensure that BLS explores cost-efficient ways to evaluate the data sources currently used to produce subpopulation indexes, such as by engaging more directly with other stakeholders or seeking input from its advisory groups and other knowledgeable entities about approaches to expand data collection in a cost-efficient manner. (Recommendation 1)
Open
The Department of Labor agreed with this recommendation and stated that it would continue to investigate improvements to subpopulation indexes.
Department of Labor The Secretary of Labor should ensure that BLS explores the use of already collected National Accounts data to produce more accurate, timely, and relevant CPIs. (Recommendation 2)
Open
The Department of Labor (DOL) disagreed with this recommendation, stating that the National Accounts data are not a replacement for Consumer Expenditure Survey data. We agree that the National Accounts data are not a wholesale replacement for the Consumer Expenditure Survey data, but it would still be useful to examine National Accounts data as an augmenting, alternative source of data to supplement or enrich the Consumer Expenditure Survey. Such an effort could potentially lead to more accurate, timely, and relevant CPIs. Although DOL noted that the Consumer Expenditure Survey is a continuous survey and that data are received quarterly, most CPIs still rely on expenditure weights based on Consumer Expenditure Survey data that are up to 4 years out-of-date. In addition, the Consumer Expenditure Survey faces increasing costs and declining response rates. DOL said it is exploring ways to accelerate the data collection and processing time and that it periodically investigates the frequency of updating expenditure weights. This is a laudable effort that we believe warrants further action to explore additional opportunities for improvement, such as researching the extent to which there are instances or categories for which the National Accounts data could be used to produce more up-to-date expenditure weights than the Consumer Expenditure Survey.
GAO Contacts