September 3, 2019

Compliance Is a Critical Component of Operational Risk in DC Plans

This Public Sector Letter, on operational risk in defined contribution (DC) plans, covers a range of topics including:

  • Internal controls for compliance,
  • Operational compliance reviews,
  • Keeping plan documents up-to-date and error-free, and
  • Governance strategies for managing compliance risk.

Download Now ›


Get Your Compliance Checklist

This publication also includes a compliance checklist for common DC plan operational errors.

It covers key points like:

  • Giving eligible employees the opportunity to make elective deferrals,
  • Ensuring correct timing and amount of contributions,
  • Complying with a 457(b) plan’s “first-of-the-month rule,”
  • Processing required minimum distributions on a timely basis, and
  • Exercising due diligence in searching for lost participants and beneficiaries.

Download Now ›


Internal Controls and Governance Strategies Can Manage It

For DC plans, the effective management of risks related to compliance are critical to plan operations and form a key component of the plan’s overall approach to operational risk.

The repercussions of failing to comply with applicable federal and state laws, rules and regulations can be severe. The principal consequences of noncompliance are the administrative burden and monetary costs of correcting errors.

For example, DC plan compliance errors may significantly increase the likelihood of lawsuits against plan fiduciaries.

There is also the possibility that such errors will be discovered through an Internal Revenue Service (IRS) audit, which may result in fines and penalties.

Perhaps most important, operational and documentation failures may lead to reputational damage incurred by the plan sponsor when participants and other stakeholders learn of mistakes.

The ultimate risk of regulatory compliance errors is the potential loss of the special tax benefits for DC plans that do not satisfy applicable requirements under the Internal Revenue Code (IRC).

That scenario, while rare, is more likely when errors are egregious and there has been minimal effort to correct them.

Risks associated with compliance failures are a type of operational risk. Operational risk is the risk of direct or indirect loss resulting from external events or inadequate or failed internal processes, people and systems.


Questions? Contact Us.

This Public Sector Letter is the fifth in a series on managing operational risk in DC plans.

For more information about managing operational risk or other risks DC plans face, contact us.

Melanie Walker, JD
Contact Melanie

Wendy Carter
Contact Wendy

Julian Regan
Contact Julian

Share this page