Plan Sponsor News

How does it help?

While it may seem counterintuitive, creating an online account can actually help combat cyberfraud. Failing to do so may enable cybercriminals to assume a participant’s online identity.¹ A plan participant’s account could be taken over by a fraudster using stolen personal information about the participant.

Simple steps with long-term benefits

Setting up an online account with Mutual of America takes just a few minutes. Participants will be asked to verify their identity and answer security questions before activating via a confirmation email. Multifactor authentication—a two-step verification process using a unique identifier in addition to a password—helps reduce fraudulent access. Once the account is activated, participants can log in regularly to confirm all their transaction history and contact information is accurate.

Encourage participants to set up an account today. Contact your local Mutual of America representative with any questions.

¹U.S. Department of Labor Employee Benefits Security Administration Online Security Tips, https://www.dol.gov/agencies/ebsa/key-topics/retirement-benefits/cybersecurity/online-security-tips

As a plan sponsor with fiduciary responsibilities under ERISA, you’re obligated to protect your organization and employees from cybersecurity risks. This extends to ensuring that any service providers you work with also have robust cybersecurity measures in place.

Protecting plan participants’ retirement account information from cybercrime and fraud is a top priority for Mutual of America. The company leverages a suite of cybersecurity measures to safeguard your retirement plan and employees’ information, but how can you make sure your other providers do the same?

Here are some tips recommended by the U.S. Department of Labor Employee Benefits Security Administration:

Ask about the provider’s information security standards, practices and policies. Compare these standards to what similar institutions have adopted.
Confirm if the provider has insurance policies covering cybersecurity losses and identity theft breaches.
Evaluate the provider’s track record in the industry and whether it’s experienced previous security breaches. If so, how were they handled?

Increasingly, employers are taking note. According to recent industry-wide surveys, last year, 40% of 401(k) plan sponsors and 17% of 403(b) plan sponsors requested documented cybersecurity measures from their providers.^1,2

Being vigilant remains key. Bad actors are looking for ever-evolving ways to infiltrate organizations, potentially leading to significant losses, as was noted in Defending Against Cyberattacks: What Plan Sponsors Need to Know, our March 2024 webinar featuring Richard Jacobs, Chief Information Security Officer and Chief Privacy Officer at Mutual of America, and Amit Kachhia-Patel, Assistant Special Agent in Charge in the New York Cyber Branch of the Federal Bureau of Investigation. One method—business email compromise—was responsible for nearly $3 billion of reported losses in 2023.³

“Business email compromise is a social engineering scheme where, in the past, actors would target the people within a company who move the money—the finance department, payables, billings, those types of departments,” noted Kachhia-Patel. “The threat actor would purport to be a third-party vendor and say the routing number has changed for particular payments. [Once the routing number is changed,] the actor now gets the money wired to them versus where it actually should have gone. Over time, the business email compromise actors have become more sophisticated.”

To learn how Mutual of America is safeguarding your employees’ accounts and for a copy of Mutual of America’s Cybersecurity Program Best Practices outlining how we meet the Department of Labor’s cybersecurity best practices, please reach out to your local Mutual of America representative.

What is benchmarking?

In the age of data-informed insights and data-driven decision making, benchmarking is a value-added exercise performed across all industries. In its most basic form, benchmarking is creating key performance indicators (KPIs) from snapshots of data you already have and comparing your KPIs to the broader set of “industry” data.

Why benchmark?

Benchmarking empowers you to validate strategic direction and key decisions, as well as identify opportunities for improvements, based upon objective measures rather than simply gut feeling, intuition or more subjective criteria.

Retirement plan benchmarking: As a plan sponsor, benchmarking can be helpful for assessing plan features and governance and ensuring:

You are offering your employees a competitive retirement plan to help prepare them for retirement. This is a win–win, as it helps you attract and retain top-tier talent, and it helps your employees achieve their retirement readiness goals.
You are meeting the fiduciary responsibilities and requirements associated with the retirement plan.
Your plan remains a cost-effective, good value for both you and your employees.

Where to start

Examining the following KPIs of your plan is a great place to start:

Participation rates: The percentage of employees eligible to participate in the plan who are taking advantage of the benefit to make contributions toward their retirement.
Contribution / Deferral rate: The percentage of compensation employees are setting aside for retirement.
Plan assets: The overall size of the retirement plan based upon total balances.
Fees: Employer and summarized participant fees paid to offer the retirement plan.
Investment lineup: Review the investments offered in your retirement plan, including target-date funds, to ensure your lineup is current, aligned with the industry and appropriate for your employees.

Benchmarking is as much art as it is science: While benchmarking relies upon data, it’s more about what the numbers represent and what you are going to do about those numbers. 

Mutual of America can help

Use our online tools: The recently released “Plan Dashboard” and “Plan Reports” capabilities provide a snapshot of your plan’s most important financial and participation metrics as well as reports that let you dive into those numbers.

Work with your local Mutual of America representative: Our experienced representatives can assist with benchmarking your plan against industry data published by the Plan Sponsor Council of America for 401(k) and 403(b) markets, provide a plan health report and make recommendations on strategic plan design and participant education. Plan review meetings are a great time to do this.

We’re here to support you. Not only during plan review, but any time you’d like to discuss your plan features or the needs of your employees, reach out to your Client Relationship Manager or Participant Account Specialist.

¹Federal Bureau of Investigation Internet Crime Complain Center, https://www.ic3.gov/
²U.S. Department of Labor, Employee Benefit Security Administration, Cybersecurity Best Practices, https://www.dol.gov/agencies/ebsa/key-topics/retirement-benefits/cybersecurity/best-practices
³U.S. Department of Labor, Employee Benefit Security Administration, Tips for Hiring a Service Provider with Strong Cybersecurity Practices, https://www.dol.gov/agencies/ebsa/key-topics/retirement-benefits/cybersecurity/tips-for-hiring-a-service-provider-with-strong-security-practices