On May 21, 2020, the U.S. Department of Labor (“DOL”) published the final rule on Electronic Disclosure Safe Harbor options for retirement plans (“eDisclosure Regs”).  It is important to note that these new eDisclosure Regs don’t replace the original eDisclosure Regulations issued on April 9, 2002 (“2002 Regs”), but rather prove additional options for plan sponsors.

This FlashPoint will review the new final rules, and will also discuss how eDisclosure meets (or doesn’t meet) the “actual knowledge” standard set up by the Supreme Court in the Intel Case for purposes of starting the statute of limitations on lawsuits for fiduciary breach.

Take a Trip Down 2002 Memory Lane

The original 2002 Regs permitted plan sponsors and administrators to electronically distribute notices to current employees provided that certain requirements are met.  In addition to requiring that the electronic notice clearly apprise participants of the importance of the materials being distributed and advise them that they can always obtain paper notices at no cost, the 2002 Regs required that the recipient employees either affirmatively agree to electronic communications or have an electronic mail system provided by the employer that is an “integral part” of the employee’s duties (i.e., that the employee is “wired at work”).

A non-active employee, including a terminated or retired employee, alternate payee, or beneficiary, may provide affirmative consent to receive electronic notices via his or her personal email address.  As long as the plan sponsor gets clear instructions as to which documents the non-active employee agrees to receive electronically, and provides clear guidance that consent may be withdrawn anytime, the plan sponsor can move to a paper-free environment.

For most recordkeepers and large plan sponsors, the 2002 Regs have provided ample ability to manage the distribution of mandatory disclosures and notices.  However, organizations with a large percent of their workforce not wired at work found the 2002 Regs hard to manage.

And Along Comes 2020 and the New eDisclosure Regs

As I was digesting the 150+ pages of the new eDisclosure Regs, my 17-year old daughter asked me what I was reading on a holiday weekend.  (She is well aware that I’m a huge pension nerd.)  I told her that the DOL just acknowledged that nearly 90% of people now have internet and electronic devices, so we can now distribute required notices electronically.  Her response, said with typical teenage sarcasm, “Wow.  Better late than never, I guess.”

Based on an informal poll question taken during the recent virtual Pensions on Peachtree conference, the majority of attendees didn’t think the eDisclosure Regs were a big deal.  Sort of like my daughter.  (She was also confused when I showed her the reference to “long-distance” calls.  “What’s that?” she asked.)  Proof that the law falls grossly behind the development of technology.

Notwithstanding the “we’re over it” emotions of most of us, the new eDisclosure Regs permit the plan to provide disclosures electronically to “Covered Individuals.”  The disclosures may be placed on a website or may be attached to a communication, such as an email or text message.  And, the rules are more easily complied with than the 2002 Regs, permitting a broader availability of electronic communications, saving paper and mail costs.

What and to Whom?

A “Covered Individual” is any participant, beneficiary, or other individual (such as an alternate payee) entitled to a Covered Document who voluntarily provides the employer, plan sponsor, or administrator with an email address or smartphone number at which the individual can receive a written Notice of Internet Availability (“NOIA”).  The internet address may be provided by the Covered Individual or it may be assigned by the employer to an employee for employment-related purposes (although not solely for the purpose of receiving such communications).  For example, if a grocery store doesn’t normally provide an email address to its grocery clerks as part of the job, it can’t suddenly start doing so solely to comply with the eDisclosure Regs.

The documents that may be provided in this fashion (called “Covered Documents”) include “any document or information that the Plan Administrator is required to furnish to participants and beneficiaries pursuant to Title I of the Act, except for any document or information that must be furnished only upon request.” (Emphasis added.)   The documents that are excepted include plan documents, the latest annual report, etc., as listed in ERISA §104(b)(4).  The DOL notes that these excepted documents can be distributed electronically under the 2002 Regs.

How the e-Disclosure Regs Work

Prior to using the eDisclosure Regs to provide electronic notifications, the Plan Administrator must provide each Covered Individual with a paper notice (“Initial Notification”).  The purpose of this Initial Notification is to advise Covered Individuals of the framework for disclosures and of their rights under the new framework.  If the Covered Individuals are existing (as opposed to new) participants, the notification also lets them know that things are changing.   The Initial Notification must include:

• A statement that the Plan Administrator will send information electronically to an electronic address (and identifies that electronic address);
• Any instructions needed about how to access the provided information (such as passwords, a need to download a mobile application, or the need to set up an on-line account to view secure documents);
• A statement that information posted on a website is not required to be available for more than a year or, if later, after it is replaced by a newer version of the document;
• A statement that the participant has the right to request and receive (at no charge) a paper version of any such document and an explanation of how to exercise that right; and
• A statement of the right, free of charge, to opt out of all electronic delivery and to receive paper versions of all Covered Documents, and an explanation of how to exercise that right.

Once the Initial Notification is provided, whenever a Plan Administrator provides a new disclosure on a website, it electronically sends Covered Individuals an NOIA, advising them that the document is available online.  Alternatively, the Plan Administrator may attach the document to the email and include in the email the information that is normally in an NOIA (except the portion that discuss where and how long the notice is available on line).

The NOIA must be furnished to each Covered Individual for each Covered Document at the time that document is made available on the website.  The NOIA is intended to be very short, and cannot contain anything but what is required, other than logos, pictures, or similar design elements.  Those elements cannot be inaccurate or misleading.

The NOIA must contain only the following elements (where items are in quotes below, that specific language must be used):

• A prominent statement, such as a title or subject line, that reads: “Disclosure About Your Retirement Plan.”
• A statement that reads: “Important information about your retirement plan is now available. Please review this information.”
• Identification of the Covered Document by name and, if not self-evident by the name, a brief description of the document.
• Unless the document is attached, the website address with sufficient instructions as to how to locate the Covered Document on the web page to provide ready access, or a direct hyperlink to the Covered Document.
• A statement of the right to request and obtain a paper version of the Covered Document, free of charge, and an explanation of how to exercise this right.
• A clear statement of the right, free of charge, to opt out of the electronic delivery method and an explanation of how to exercise this right.
• A cautionary statement that the Covered Document is not required to be available on the website for more than one year or, if later, after it is superseded by a subsequent version of the Covered Document.
• The telephone number to contact the Plan Administrator or other designated representative of the plan.

The Plan Administrator may add a statement as to whether action by the Covered Individual is invited or required and how to take such action, or that no action is required.

Annual Combined Notices

Recognizing that there are several documents that are provided annually, the eDisclosure Regs provide a special procedure for them to be combined into one notice.  The items that may be provided by this annual notice are:

• The SPD;
• Any Covered Document that must be furnished annually, rather than because an event has occurred, and that does not require the Covered Individual to take action;
• Any Covered Document not specifically included above that is authorized in writing by the DOL; and
• Any notice required by the Internal Revenue Code, if authorized by the IRS.

The preamble to the eDisclosure Regs specifically mentions the following as acceptable under the second category above:  summary annual reports, QDIA notices, annual (but not quarterly) participant statements, and the annual 404a-5 investment option disclosure chart, general plan information, and description of fees.  The preamble further provides that the final bullet category is intended to permit inclusion in the annual disclosure package of the notices that may be disclosed electronically under Treas. Reg. §1.401(a)-21(c).  The preamble notes a specific intention to permit the inclusion of automatic contribution arrangement notices.

The NOIA relating to the combined notice is required to be furnished each plan year, no more than 14 months following the date the prior plan year’s notice was furnished.  For example, suppose the plan sponsor distributes the Summary Annual Report, the annual Participant Statement, and the 404a-5 investment and fee disclosures each year.  One year, they are posted on October 15.  The following year, they can be posted at any time before December 15.  The 14 months provide the plan sponsor with flexibility as to actual distribution.

“Written in a Manner Calculated to be Understood by the Average Participant”

The proposed regulations that preceded the eDisclosure Regs required that the NOIA earn a Flesch Reading Ease test score of no less than 60 to ensure that it could be understood by the average plan participant.  (The higher the score, the easier the item is to read.)  Ironically, the DOL’s own language describing understandable language rates a Flesch Reading Ease score of 22.4.  So, this requirement was excluded from the eDisclosure Regs in favor of the more general language that notices under these regulations be written in a manner calculated to be understood by the average participant.

Timing:  When to Post, When to Remove

The eDisclosure Regs make it clear that nothing changes the deadline for the provision of notices under ERISA.  Posted documents must be put on the website on or before they are due.  Posted documents must be provided in a widely available format that permits downloading, printing, and searching.

Once posted on the website of choice, the Covered Document must be available on that website for at least one year from the date on which it is posted, or, if later, the date it is superseded by a subsequent version of the Covered Document.  For example, suppose a Summary Plan Description is posted on the website (and a NOIA is provided to participants) on January 1, 2025.  When a new SPD is posted on January 1, 2030, the old SPD is superseded and may be taken off the website.  On the other hand, if a quarterly statement is made available on the website, it must continue to be available for one year, even though another quarterly statement is posted three months later.

Return to Sender … Address Unknown

The disclosure system adopted by the Plan Administrator must be designed to provide an alert if the Covered Individual’s electronic address is invalid or inoperable.  If that occurs, the Plan Administrator must promptly take reasonable steps to cure the problem, such as sending the notice to a valid secondary electronic address that has been provided, asking the Covered Individual for a new address, or treating the Covered Individual as if he or she has opted out of electronic delivery (and providing a paper version of the Covered Document).

Similarly, an issue arises when an employee receiving disclosures at his or her company-provided email terminates employment.  At that time, the Plan Administrator must take measures reasonably calculated to ensure continued delivery – or, in easier words, get a new email address or start delivering paper documents.

Programming May Be Involved

There are a number of programming decisions for service providers to consider.  A hyperlink on a notice will often land first on a service provider’s login page, requiring the Covered Individual to enter his or her login ID and password.  Once that is entered, the website needs to either automatically take the user to the specific Covered Document or provide easy access to the document.  The Covered Individual cannot be forced to go searching through all sorts of sub-menus trying to find the document.  Furthermore, the eDisclosure Regs require that the procedures protect the participant’s confidentiality, which makes links to participant statements or other personal information more complex to program.

Effective Date

The eDisclosure Regs become effective 60 days after they are officially published in the Federal Register, which is currently scheduled to be May 27, 2020.  (By the way, this regulation doesn’t apply to welfare plans, which must remain either compliant with the 2002 Regs or provide paper disclosures.)

How Does This Tie Into the Intel Case?

Those who follow the Supreme Court’s ERISA decisions know that a recent court case involved disclosure and participant receipt of information.  Let’s first dive into the details of Intel Corporation Investment Policy Committee et. al. v. Sulyma (“the Intel Case”) to better understand why this is relevant when considering the new eDisclosure Regs.

The issue brought before the U.S. Supreme Court was whether Sulyma was prohibited from bringing his suit for alleged fiduciary breach due to imprudent investments selected by the retirement plan committee due to a lapse in the statute of limitations.  ERISA Section 413 contains the statute of limitations on fiduciary breach lawsuits, which is the earlier of (a) six years after the last action of breach or when breach by omission could have been cured, or (b) “three years after the earliest date on which the plaintiff had actual knowledge of the breach or violation.”  (Emphasis added.)  It is the two key words “actual knowledge” that lie at the heart of the matter.

Intel provided evidence in the District Court that Sulyma repeatedly visited the website that served as the host site for required notices for the retirement plan, just like the website posting permitted by the original 2002 Reg. and the new eDisclosure Regs.  Sulyma testified that he didn’t remember viewing the relevant disclosures.  And the question became: what constitutes “actual knowledge” for purposes of starting the statute of limitations?  The Court found that, throughout ERISA, Congress used the phrase “know or should know” to require either actual knowledge or constructive knowledge (see, for example, ERISA §406, which deals with prohibited transactions).  However, in this particular section, Congress specifically required actual knowledge by the participant.  The Court assumes that, when Congress uses specific language, it does so with intent (insert your snarky remarks here).  Therefore, Congress must have meant that the participant had to actually know of the breach for the statute to begin.  All of Intel’s proof that Sulyma had visited the website and looked at the relevant documents was irrelevant for this purpose; all that mattered was what Sulyma actually knew.

Interestingly, the DOL submitted an amicus brief supporting the strict interpretation of the statute to provide it more time to pursue wayward fiduciaries.  If the knowledge standard for the statute was constructive, then the clock would start running for the DOL the moment any report was filed, even if the DOL didn’t actually review the report.

What does this all mean for retirement plan sponsors?  Under Intel, even if the plan sponsor adheres to every bit of the eDisclosure Regs with absolute perfection, the three-year statute of limitations that could protect the fiduciary from lawsuits (frivolous or valid) will not begin unless the plaintiff-participant actually read the disclosure being given out and the plan can prove that. If the plan cannot provide actual knowledge, the statute of limitations that will apply will be one that lasts six years after the last action of breach.  This means that participants have longer to file lawsuits, and the new eDisclosure Regs will not modify how these rules operate.  The preamble to the eDisclosure Regs even cites the Intel Case and explicitly notes that these new rules do “not address issues such as whether a covered individual read, understood, or had actual knowledge of the contents of the covered documents accessed.”  EDisclosure does not make the situation worse – a participant could just as easily deny having read a paper document that he or she received – but it does not improve the situation, either.

What should a Plan Administrator do?  A concerned Plan Administrator may conclude that the solution is to have participants sign an acknowledgement for every disclosure, reflecting that they not only received the document, but read it and knew of its contents.   Such a mandatory process may have limited probative value, but it also defeats the purpose of the drive towards paperless notifications.  Alternatively, it is possible that a technically sophisticated disclosure program would require a participant to click to acknowledge when a document is closed that he or she opened and read the notice, and then would store that data for an indefinite period of time.  Should we be recommending that level of electronic oversight?

One can only shake one’s head at the idea that, despite all of the time, money, and effort spent on ERISA disclosure by both the government and the private sector, a participant can extend the statute of limitations on fiduciary breach by simply disclaiming having read what he or she admits to having received.  Perhaps it is time to have Congress revisit the language in ERISA §413.

Some Concluding Thoughts

In the final analysis, eDisclosure should save millions of dollars and perhaps millions of trees spent on the provision of paper documents to participants.  The achievement of that goal should not be understated, nor should the long-delayed emergence of the DOL into the 21^st Century.

If service providers are going to be able to facilitate the optimal use of the eDisclosure Regs, they will need to invest in system enhancements and modify enrollment processes to capture email addresses (and possibly secondary addresses, in case the first one fails) and participant opt-out elections.  This also means that, as plan sponsors move from service provider to service provider, there needs to be a comprehensive data file of this information and modified notifications to ensure that Covered Individuals can continue to access provided information on subsequent websites.

However, if plan sponsors and administrators are seeking to use electronic systems to provide usable information about the actual receipt of information by participants, more steps are needed, at least in relation to the ERISA statute of limitations on fiduciary breach lawsuits.  If a service provider wants to help provide information to show the potential start of the statute of limitations (à la the Intel Case), the system should ask for and retain data about what participants read while on the website. Whether that is practical or probative in a lawsuit situation remains to be seen.