Jump to content

Plan as Creditor

Guest Sieve

By Guest Sieve
in Distributions and Loans, Other than QDROs

 Share

Recommended Posts

Guest Sieve

Guest Sieve

Posted
Posted

Effective May 1 of this year, a "creditor" must "develop and implement a written Identity Theft Prevention Program . . . designed to detect, prevent, and mitigate identity theft . . ." (16 CFR Section 681.2(d)(1).) "Creditor" is defined to include "any person who regularly extends, renews, or continues credit . . ." with respect to a "covered account", i.e. "[a]n account that a . . . creditor . . . maintains . . . that involves or is designed to permit multiple payments . . ." (15 USC Section 1691(a)(e) and 16 CFR Section 681.2(b)(3)(i)). The rules are enforceable by the FTC. So far, a qualified plan which provides loans to plan participants would seem to be covered, so I'm starting to worry about this new Identity Theft Prevention Program obligation (although the program only has to be "be appropriate to the size and complexity of the . . . creditor and the nature and scope of its activities"). (16 CFR 681.2(d)(1)).

But, a "covered account" must be an "account", which is defined as "a continuing relationship established . . . with a . . . creditor to obtain a product or service . . ." (16 CFR Section 681.2(b)(1).) So, my simple brain tells me that qualified plans are not covered because they do not extend credit "to obtain a product or service"--i.e., this rule appears to apply to retail or wholesale establishments which allow payment at a later time for providing a service or selling a product now (like a law firm, or a TPA, or an actuary, or a recordkeeper, or an accountant). (By the way, this requirement apparently does not generate any civil liability to an individual for failure to comply, just liability to the FTC.)

Has anyone addressed the applicability of this new obligation on qualified plans which provide participant loans? If so, what have you determined?

Guest Sieve

Guest Sieve

Posted
Posted

ERISA does not preempt federal law. (ERISA Section 514(a): " . . the provisions of [Title I of ERISA] shall supersede any and all State laws . . .")

J Simmons

J Simmons

Posted
Posted

What does a plan provide if not a product or a service? Does providing a future benefit fall outside of that ambit? Or is a service provided, such as a savings vehicle and income tax deferral?

John Simmons

johnsimmonslaw@gmail.com

Note to Readers: For you, I'm a stranger posting on a bulletin board. Posts here should not be given the same weight as personalized advice from a professional who knows or can learn all the facts of your situation.

Guest Sieve

Guest Sieve

Posted
Posted

That's what I'm trying to determine, John. It is interesting to note that the rules define an "account" to include a "deposit accoount" (16 CFR Section 681.2(b)(1)(ii))--so a bank would certainly be a "creditor"--and perhaps even a deferral or other qualified plan account could be considered a deposit account, which would then make the plan/trust a "creditor" and therefore obligated under the rules.

The new rules, as I interpret them, may not apply to those who simply lend $$, per se (but such lenders are certainly subject to some other rules, of course--& the plan may be subject to Regulation Z)--but, rather, these rules may apply just to those who permit, over time, delayed payment in exchange specifically for the purchase of a product or service: like a department store, or an auto/boat dealership, or a college/university, or a furniture store, or a home improvement contractor. But, I don't know (& haven't yet researched the legislative history, if any, for guidance)

Yes, it could be argued that a plan provides a benefit or service, but I don't see that the repayment of a loan over time is paying for the product or service that is being received (if that is, in fact, what the rules intend to cover). But, then again, I'm just exploring this potential plan obligation and trying to decipher the rules to determine if we have a new and unexpected additional fiduciary obligation here--developing, establishing and monitoring an Identity Theft Prevention Program.

Belgarath

Belgarath

Posted
Posted

I don't have it handy, but I believe the reg Z requirements were amended in the Federal Register within the last couple of weeks to exempt participant loans from qualified plans. Is that what you are referring to?

Guest Sieve

Guest Sieve

Posted
Posted

Belgarath--

I was unaware of the Reg. Z change & will check it out--thanks!

My mentioning Reg. Z was only an aside. My inquiry relates to the applicability to qualified plans of the new Identity Theft Prevention Program (described, with cites, in my OP).

Peter Gulia

Peter Gulia

Posted
Posted

If a plan fiduciary assumes that the FTC’s “Red Flag” rules don’t apply to a retirement plan, it nonetheless might use a similar procedure as part of its care to protect people from identity-theft risks.

There’s at least some argument that the fiduciary duties of ERISA § 404(a)(1) might require a plan fiduciary to protect information about a retirement plan’s participants, beneficiaries, and alternate payees if a prudent-expert fiduciary would do so in the plan’s circumstances. I’m not saying that I agree or disagree with the argument, only that there is an argument that could be presented.

The FTC rules indirectly impose a modest standard of care on persons that otherwise might have even less duty. Reading these FTC rules and thinking about them (especially the rules’ soft spots) might help a fiduciary think through some steps about what a retirement plan’s administrator might do to try to detect identity theft.

Peter Gulia PC

Fiduciary Guidance Counsel

Philadelphia, Pennsylvania

215-732-1552

Peter@FiduciaryGuidanceCounsel.com

J Simmons

J Simmons

Posted
Posted
That's what I'm trying to determine, John. It is interesting to note that the rules define an "account" to include a "deposit accoount" (16 CFR Section 681.2(b)(1)(ii))--so a bank would certainly be a "creditor"--and perhaps even a deferral or other qualified plan account could be considered a deposit account, which would then make the plan/trust a "creditor" and therefore obligated under the rules.

The new rules, as I interpret them, may not apply to those who simply lend $, per se (but such lenders are certainly subject to some other rules, of course--& the plan may be subject to Regulation Z)--but, rather, these rules may apply just to those who permit, over time, delayed payment in exchange specifically for the purchase of a product or service: like a department store, or an auto/boat dealership, or a college/university, or a furniture store, or a home improvement contractor. But, I don't know (& haven't yet researched the legislative history, if any, for guidance)

Yes, it could be argued that a plan provides a benefit or service, but I don't see that the repayment of a loan over time is paying for the product or service that is being received (if that is, in fact, what the rules intend to cover). But, then again, I'm just exploring this potential plan obligation and trying to decipher the rules to determine if we have a new and unexpected additional fiduciary obligation here--developing, establishing and monitoring an Identity Theft Prevention Program.

Larry, do those regs apply to deposit accounts despite no 'product or service', or is the depositary aspect of such accounts provide considered to be the necessary 'product or service'?

John Simmons

johnsimmonslaw@gmail.com

Note to Readers: For you, I'm a stranger posting on a bulletin board. Posts here should not be given the same weight as personalized advice from a professional who knows or can learn all the facts of your situation.

Guest Sieve

Guest Sieve

Posted
Posted

John --

My recollection (I don't have the regs with me now) is that a deposit account is an example of an "account" (i.e., "including . . . "), so I assume it is still part of the "product or service" requirement: place your money with a bank, the bank provides the service of holding the funds and permitting you to draw on the account (via check or other withdrawal), and therefore the bank is a "creditor". And, based on that analysis (now that I look at it more clearly), perhaps, exactly as you suggested in your earlier post, 401(k) plan accounts are, in fact, deposit accounts (to the extent vested)--you may not be able to draw on them at will, but the funds are being held for your future use.)

Peter also has made a good point, and perhaps has hit the nail on the head: despite the applicablility of the new rules, ERISA may, in fact, require a modicum of identity theft protection in order to meet the prudence requirement of ERISA Section 404(a)(1)(B).

  • 2 weeks later...
  • 4 weeks later...
J Simmons

J Simmons

Posted
Posted

White & Case now reports that the FTC has informally confirmed that the red flag rules do not apply to 401k plan loans to active employees. Here's the White & Case link.

The FTC, according to White & Case, would not confirm whether under the red flag rules, Flexible Spending Accounts would be considered 'creditors'.

John Simmons

johnsimmonslaw@gmail.com

Note to Readers: For you, I'm a stranger posting on a bulletin board. Posts here should not be given the same weight as personalized advice from a professional who knows or can learn all the facts of your situation.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

Terms of Use

  I accept