Retirement Savings Lost and Found: DOL Needs Plan Info for Database
The DOL has begun to roll out its Retirement Savings Lost and Found. It’ll be populated with information from plan sponsors and administrators.
The Secure 2.0 Act required the DOL to get the database up and running by the end of 2024.
The agency plans to go live by then. In fact, it started collecting data on November 18, 2024.
The purpose of the database? To allow individuals who participated in a retirement plan — e.g., pension or 401(k) — to locate any retirement plan benefits owed to them by providing their plan administrators’ contact information. Missing participants’ beneficiaries could also search the database.
The DOL’s Employee Benefits Security Administration first published a proposed information collection request in the Federal Register on April 16, 2024. It contained an extensive list of data elements.
That lengthy list, combined with other concerns, led commenters to push back — despite the information collection request being voluntary.
So, in a revised request published in the Federal Register on September 12, 2024, the DOL made dramatic cuts, taking its list down from three pages to one.
What’s Included Now
Here’s a current look at what details will be reported and included in the Retirement Plan Lost and Found, as released in a Federal Register notice on November 20, 2024:
- Name and plan number of plan as reflected on the most recent Form 5500, Annual Return/Report of Employee Benefit Plan, or Form 5500-SF, Short Form Annual Return/Report of Employee Benefit Plan
- Name, employer identification number (EIN), mailing address and telephone number of the plan administrator as reflected on the most recent Form 5500
- Name, EIN and telephone number of the plan sponsor as reflected on the most recent Form 5500, and
- Name and Social Security number (SSN) of any separated vested participant aged 65 or older who’s owed a vested benefit. This includes deceased participants who would have been age 65 or older if they’d survived and whose beneficiaries are entitled to a benefit; separated vested participants in that age range whose benefits were conditionally forfeited under Treasury Regulation Section 1.411(a)-4(b)(6); and separated vested participants in that age range who are in pay status.
Furthermore, in the case of any individuals who, after being reported to the Retirement Savings Lost and Found, received their benefit, indicate that their benefit has been paid and the date of the payment.
Retirement Plan Data
The federal government already possesses some of the data being requested, the ERISA Industry Committee (ERIC) pointed out to the DOL in its comments following the September information request.
Specifically, ERIC stated that retirement plans must report the name and SSN of separated vested participants on Form 8955-SSA, Annual Registration Statement Identifying Separated Participants With Deferred Vested Benefits. Plan administrators must file this form with the IRS generally by the last day of the seventh month following the last day of the plan year — the same deadline as Form 5500.
Initially, when the DOL asked the IRS to share the information in Form 8955-SSA, the IRS hesitated due to confidentiality concerns. Although the agencies are now in the process of resolving the matter, the DOL has opted to move forward with the voluntary information collection for several reasons, including the end-of-year database deadline established by the Secure 2.0 Act.
Another industry group, the American Benefits Council, saw the voluntary nature of the information request as problematic. Employers and service providers guard employees’ personal information, so they’d hesitate to share the data unless required by law, the council told the DOL in response to the September information request.
For instance, a DOL data breach might create liability for an employer that submitted info to the lost-and-found database on a voluntary basis. In fact, liability would be a concern even aside from cybersecurity issues, the council explained. That’s because data privacy laws may require employee consent before an employer can disclose their information.
In its November notice in the Federal Register, the DOL went into more detail than it had in the past on its security protocols. As for reassurance regarding state data privacy laws, the DOL said the sensitive data that retirement plan sponsors and administrators would upload to the database — name and SSN — is currently reported to the federal government for purposes integrated with the database.
Free Training & Resources
Resources
The Cost of Noncompliance
Case Studies
What Would You Do?
You Be the Judge