Operational Risk: A Key Concern for Plans
Investment risk is not the only type of risk that plans need to worry about – operational risk is also critical for retirement plan sponsors to consider. The potential consequences of failing to adequately address operational risk can include compliance failures, reporting errors and data breaches. Mistakes like these can lead to big losses or litigation, which then becomes a source of reputation risk.
This is why developing a strategy for mitigating operational risk is one of the most important things a defined contribution plan can do for its participants.
Operational risk and how to best manage it is the topic of the new Public Sector Letter, “Operational Risk Is the Achilles’ Heel of DC Plans: A Framework for Managing It.” On the bright side, plans that manage operational risk well have an opportunity to improve in several important ways.
Managing operational risk effectively can lead to better service quality and reduced costs. Moreover, it can help to improve stakeholder confidence, which, in turn, may help position the plan for continuously improved outcomes for participants.
As defined contribution (DC) plans continue to grow in size and complexity, DC plan sponsors in particular need to strengthen their focus on operational risk. Despite delegating risk-management tasks, DC plan sponsors remain responsible as fiduciaries for broad plan oversight across all functions.
If they have not already, plan sponsors, their staff and service providers must maintain a framework to minimize the probability and severity of loss related to operational-risk events.
Within the DC landscape, consequences of operational risk events are well documented:
- The Internal Revenue Service (IRS) recently identified excess contributions and participant eligibility issues as among the top 3 issues that surfaced during IRS audits of Internal Revenue Code 403(b) and 457 Plans. These findings can result in costly fines to the plan or loss of the plan’s qualified status.
- Instances of stolen or lost participant data and data security breaches have occurred in the past and have the potential to impact tens of thousands of participants in the future, if they are not mitigated.
- In recent years, scores of fiduciary breach suits have been filed against service providers and plan sponsors of defined contribution plans alleging that lapses in oversight have cost participants millions of dollars due to excessive fees and/or poorly performing investment options.
Many state and local jurisdictions that offer DC plans already have in place some operational risk management strategies. However, it’s important to remember that using an integrated approach to managing operational risk can benefit all kinds of plans, including both defined benefit (DB) and DC. It demonstrates an awareness of risk and an understanding of the importance of addressing it, which stakeholders may find reassuring.
Segal offers a range of consulting services for state and local governments that sponsor DC plans. Segal Marco Advisors, the SEC-registered member of The Segal Group, also offers investment solutions for DC plan sponsors. Segal Select Insurance Services, Inc., insurance brokerage member of The Segal Group, can help plan sponsors obtain fiduciary liability insurance, cyber liability insurance and crime insurance.