RatherBeGolfing

No Dear, I only catalog your receipts to make sure there are no fraudulent charges.... Surely $350 at hair-salon is a fraudulent charge right?

Great, I'll have to catch that one since this is hot topic for sure.

Is it though? The ERISA bond is there to protect the plan against acts of fraud and dishonesty by people who handle the plan assets or have discretion over plan assets. In this case it sounds like they fell for identity theft by someone outside of the plan, so I don't think the ERISA bond will cover it. This sounds more like a fiduciary liability insurance situation to me. I think there is a cyber security session at ASPPA Annual next week, perhaps I should drag myself in there after all...

Shouldn't be too hard to spot Bart Simpson at the conference... See you there!

My username didn't work but my email address i registered with did. Just in case anyone else has that issue as well. App looks great this year Bill!

100% agree with data collected on your forms. Your forms, your product. Non-original documents provided by the client is a gray area for me, but you are correct that since it is a copy it could be assumed that they have the original so it probably does not rise to the level of "any and all records of the Principal that are necessary for the Principal to comply with federal tax Law". What about this part of the code of conduct: That is where client provided documents (even copies) becomes a gray area for me. I'll return them, for a reasonable fee.

I'll be there as well. You guys put together a great session lineup this year! Lots of new/hot topics on the agenda which is always great to see.

2018 Valuation - You do not have to provide the product of your work for which you have not been compensated. You do have to return client files and information that the client or a third party provided provided to you. Basically, you don't have to hand over the 2018 valuation or your calculations/testing, but you do have to hand over the underlying data you collected from the client or third parties in order to do the 2018 valuation/testing like W-2s, K-1s, financials etc. 2017 Valuation & Plan Document - if the client paid for it, you need to provide it, even if it has already been sent to the client in prior years. You are allowed to charge a reasonable fee for collecting and sending the data though. Nowadays that might be as easy as attaching a couple of PDFs to an email....

Not necessarily. If you just had one or a few denials, yes. If the denial was part of a larger submission done by a service provider, and the service provider had a lot of denials, it can usually be done on the provider level. In some cases they will accept lists or even excel files from the provider to correct multiple incorrect denials. We have done it before and I know some who are doing it now. It is on a case by case basis though.

This one.

No worries, I'm a creature of habit so I'm not a big fan of change either. To be fair, I think the ASAPs are still important , they are just evolving and serving a bit of a different purpose.

You might want to white-list it and just glance at the main headlines each day, it doesn't take long. Procedures have changed a bit, and breaking news type announcements are going out in the ASPPA and NAPA emails rather than as ASAPs. ASAPs are still being published but are more detailed and "how does this affect you" oriented than quick to publish.

Apparently there are more rejections of forms received after the deadline than usual, but you still need to follow up on each one at this point. If you do it via phone you may be able to fax all of your rejections and proof of mailing on the the same call. It depends on the who you get but I have done that with similar issues in the past.

The language is in the trust section of the document which speaks to the authority of the trustees to settle claims or debts owed to or from the trust. It includes arbitration in general but expressly prohibits arbitration if the claim involves a participant. A separate section contains the language to prohibit modification of the trust agreement portion of the document to include arbitration of participant claims. It feels like IRS requested language to me.

Under The Uniformed Services Employment and Reemployment Rights Act, a plan may suspend loan repayments for a participant on active duty. The loan repayment period can also be extended to the original loan maturity date plus the service period during which repayments were suspended. Interest on the loan during active duty should not exceed 6%. My loan procedures expressly allow for this. I would approve it for payroll withholding and then suspend repayments. Im not sure if I would do it if the document/procedures are silent on it since USERRA says that plans may suspend loan repayments, but you could probably add it to your loan procedures before he/she takes the loan.

Peter, My VS document expressly prohibits modifications to the document that requires arbitration for participant disputes.

@BG5150 We have gotten two of them. both were completed properly and mailed in the same batch as all the ones we have gotten the automatic approval on. @ConnieStorer, if you look just above where it says "additional information", does it say that you didn't file your request on time? Also, do you know when your 5558 was postmarked and when it was received by the IRS? I have reached out to ASPPA GACs Reporting and disclosure committee to see if they have had more incidents reported.

Count me in! Can we add a session on "my payroll company said they would do my plan for free"?

Dangit @ConnieStorer, you are bad juju! I just got my first denial as well. Clearly IRS error as it was filed timely. I guess its the new twist on the old "we never got your 5558"...

Were the extensions filed at the same time?

If that is it, I agree it is not adequate. A simple link access sounds more like a large file transfer solution than secure transfer. I'm not super familiar with sharefile, but I think they have an email encryption feature as well don't they? Our IT department has us set up with a program that works two ways. We can put secure in the subject line which trigger encryption protocol. The software automatically scans our emails and attachments for things that indicate sensitive information (like SSNs) and applies the encryption protocol regardless of "secure" in the subject line. It is compliant with FINRA, HIIPA, and a bunch of other stuff (I'm not IT I just try to pay attention when they explain things).

You are missing the point. If the link and credentials are sent through an encrypted message, only the recipient actually see the link and credentials. The encrypted message would just be scrambled data to anyone else. Now, if you send the message with the link and credentials unencrypted, then I agree with your assessment unless there are other things at play

Obviously things will vary depending on the system. On a very basic level, when something is sent encrypted, the data still travels the same way it would without encryption, but it is useless until decrypted. Encryption does not prevent it from being captured in transit, but what is captured would be of no value. Encryption is more important than password protection, but that doesn't mean that you shouldn't use passwords. Passwords are great for controlling access at the end user. For example, the client might not want everyone in their office to access the file, and it is unlikely that Betty in AP will try jump through hoops to break the password for one of Steve's files in HR. Passwords are not great for securely transmitting data. If I send a password protected file unencrypted, chances are very good that if someone has the ability to intercept it in transit they also have the ability to backdoor an excel password. If it is worth password protecting, it should absolutely be sent with encryption. If I send an encrypted message with a link to john.doe@ABCcorp for a file download, that link will not be accessible to anyone except for those with access to the john.doe account. If intercepted, it will just be scrambled data.

I doubt the "tax savings" of your hardship withdrawal is even close to the benefit you would have had if your retirement funds had been left in the account to generate more tax deferred income... If you do the math from the time of your withdrawal, whether you paid less in taxes when you took it out than you would now is probably a small consideration.

I was speaking in very general terms, but the answer is probably no if you want to restrict access of the document to specific people rather than just the recipient. What I am saying is that it is enough to protect your data from point A to point B, but it is not enough to restrict who can see it at point B (or that you sent it to the correct point B). From an IT security standpoint, sending a password protected file without some sort of secure file transfer system, is not enough to consider it secure or safe. Getting around passwords is easy, getting around encryption is not easy.