Fidelity Investments and Duplicate or "Bad" SSNs

[Christine Roberts]

Fidelity Investments and, I understand, other large investment providers in the

401(k) space, are performing SSA checks on participants' SSNs and when a duplicate or otherwise "bad" SSN turns up, they are preventing the participant from:

• taking loans
• taking a withdrawal or distribution
• accessing their account online.

They will permit ongoing deferrals and employer contributions, but employees are reluctant to continue to defer with no assurances they will ever see their money again.

This practice creates a sub-class of 401(k) participants and raises a number of legal issues going beyond ERISA.

This is particularly a concern for employers in the agricultural and hospitality fields, who may validly have documented their employees' right to work in the US based on work permits rather than Social Security Cards.

Just wondering if anyone else has dealt with this type of situation and whether there are any means by which affected employees can access their retirement savings.

[mbozek]

Someone needs to tell fidelity to stop putting restrictions on participants accounts because they have no legal authority to interfere with plan administration and such actions could create liability issues for the plan sponsor. Having two or more SS is not uncommon and results from many non criminal actions: resident alien becomes US citizen, father and son or two family members have the same name, SS # is stolen and new SS# is issued. Most common reason for two SS # results when HR enters incorrect SS# of new employee which creates new wage record.None of the above are illegal but they are complicated to fix.

One article claims that 6% of Americans have two or more numbers.

Q1-who authorized fidelity to do a SS# search?

Q2- How is participant with 2 SS# supposed to get their benefits?

Google" having two social security numbers" to see how often it happens.

One legitimate way to detect illegal use of SS # is if employee is using SS # of someone reported in SS index of deceased persons but I don't know if HR/benefits has access to that data base.

[david rigby]

Who is paying for the expense of this "search"?

[Bird]

I think the issue is getting the same SSN for different people. When you have one database for all participants it is evident when entering the second individual, so I'm not sure there is a "search" as you might think of it.

I don't think what they're doing is unreasonable, as long as it leads to some conclusion. I'd rather not have someone processing loans and distributions under my SSN if there is any suspicion of it not being legit.

[Kevin C]

Fidelity should be able to explain why they are doing this, what is needed before access can be restored and why it is needed.

We don't deal with Fidelity, but we've been having an increasing number of participants with loan proceeds and distributions delayed by the custodian until additional personal information is provided due to a potential OFAC (Office of Foreign Assets Control) match. Apparently, if the participant is close to a name on the OFAC list, the custodian is required to verify the participant is not the person on the list before the funds can be paid. Could this be what Fidelity is doing?

[mbozek]

I don't think that the agricultural and hospitality employees mentioned in the OP would be a potential OFAC match.

[Kevin C]

About half of the ones flagged work for a large company that prepares food for restaurants. There hasn't been an actual match so far, just inquiries because their name is close to a name on the list. Here is the list of items requested for a recent one:

Please provide the following information in order to release funds for payment to the participant.

• Full Name

• Full Address

• Social Security Number and/or ITIN

• Cedula Number (if applicable)

• Date of Birth

• Place of Birth

• Citizenship

• Passport Number (if applicable)

• Driver’s License Number and State of Issuance

• Detailed purpose of payment

• Has the participant ever lived or worked in Cuba or Panama (yes/no)

[mbozek]

Who is asking for this information and for what purpose? Is there some legal requirement to provide the information? What is a cedula number?

[Peter Gulia]

Cédula is an identity document.

[MoJo]

Fidelity, as a financial institution, is OBLIGATED under federal law/regulations to "know their clients" and to have in place anti-money laundering practices. Granted, the latter is pretty ridiculous in a 401(k) context, but as far as I know, there is no exemption. Besides, as "payor" of benefits subject to a reporting requirement, they do also have an obligation to ACCURATELY report the distributions.

All in all, I don't see this as over-stepping their bounds in searching SSNs for duplicates. Placing restrictions on participant accounts *may* be a problem....

[Kevin C]

Who is asking for this information and for what purpose? Is there some legal requirement to provide the information? What is a cedula number?

Our custodian is asking for this information because their banking institution will not release the funds without it. It appears to be a legal requirement and OFAC is part of the Treasury Department.

http://www.treasury.gov/about/organizational-structure/offices/Pages/Office-of-Foreign-Assets-Control.aspx

[mbozek]

Does this requirement apply to IRAs or Non ERISA qualified plans?

I would advise a participant to file a claim for benefits with the plan if bank refused to distribute the funds due to some nyc requirement. Can bank legally decline to pay the funds? Just what participants are being subject to such scrutiny?

I don't see the connection of the OFAC rules to a request for a distribution. I receive distributions from my IRA accounts as well as my PS plan without being asked to comply with OFAC.

[Kevin C]

I don't know much about it, but it appears to apply to any banking transaction. The OFAC website has a link to a settlement with a bank for a $258,660,796 penalty for violating their rules. There is another settlement with Paypal for $7,658,300.

They don't ask for this on everyone, just selected participants who have a name close to the name of someone on one of the government lists. We used to have one every few months. Lately, it's been a couple a month. So far, the funds get released when the requested information is provided. Some of the requests ask if the person ever lived or worked in a specific country, usually in Central or South America.

[mbozek]

OFAC regulations apply to violations by Banks engaging in illegal financial transactions with countries such as Iran, Sudan, Burma and Cuba where Congress has imposed economic or financial sanctions. Or transferring funds involved in drug transactions under the Drug kingpin act. E.g. HSBC paid a penalty of $1.92B to settle violations of the Bank Secrecy Act, the Trading with the Enemy Act, the International Emergency Powers Act and several sanctions programs.

I don't think that participants are using their accounts in 401k plans to engage in the type of illegal acts regulated by OFAC. So I don't understand why a bank acting as a trustee for a 401k plan would investigate participants requesting distributions or loans for violations of money laundering and international sanctions just because they have a name that is close to someone on a government list. Its Bizarre.

[shERPA]

Good for Fidelity. The IRS imposes SUBSTANTIAL penalties on payors who file many 1099-Rs with bad SSNs. This costs the payors tens of thousands of dollars every year to resolve with the IRS, often legal representation is needed. This is a huge issue for payors and getting worse all the time.

There are a number of ways SSA and IRS could address this to head off the problem long before a distribution is made from a plan. but I'm familiar with a payor that has to pay legal counsel continuously and always has 3 years worth of open cases of sanctions for bad SSNs, where the payor, like Fidelity in this case, is basically hired to do the reporting but does not have a direct relationship with the payee.

I think Fidelity's position is reasonable, they are obligated to comply with reporting requirements and can't do this without valid SSNs. I hope this position, taken by someone as significant as Fidelity, might actually draw some attention to this problem and get IRS and SSA to figure out a better system.

[mbozek]

What is a bad ss#?

Please explain so we can understand the problem.

[shERPA]

Typically, either the SSN does not match the name record the feds have for it, or the number itself is invalid.

[mbozek]

What do you mean by name record the feds have? There are several federal data bases which have names and SS# which can be recorded differently for the same person. I have one SS # but my name in three federal data bases is recorded differently. My name on my driver's license is different from the other three because the DMV would only accept the name on my birth certificate. There are cases where SS misspelled a persons name and when informed of the mistake issued a second SS #. Also it is common for two people in the same family to have the same name. Or where a person stops using JR or III.

[Christine Roberts]

Fidelity has stated that they use the SSA databank to cross-check and verify duplicate SSNs. Whether the initial duplication arises within Fidelity's own databank of participants, I don't know.

This is all transpiring w/regard to a 401(k) plan. Not sure of their policy re: IRAs.

The problem I have is that there is nothing in ERISA that requires a plan participant to have a valid SSN, that I am aware of, anyway.

Also that these individuals continue to meet all plan criteria and Form I-9 criteria for participation in the plan, and continued employment in the US.

[shERPA]

Well, according to the IRS, an SSN is required for being legally hired for work.

http://www.irs.gov/Businesses/Small-Businesses-&-Self-Employed/Hiring-Employees#2

And AFAIK, ERISA stands for the EMPLOYEE Retirement Income Security Act.

So, one can't even be an employee without an SSN, so no SSN, no "E" in ERISA.

The reality is lots of people are working and participating in plans using bad SSNs for a variety of reasons. But why doesn't this come up the first time an employer reports wages using a bad SSN? This should kick out long before many employees are ever eligible for a plan. And whether or not an SSN is bad is largely beyond the control of payors like Fidelity. But the payors get penalized.

[Kevin C]

Well, according to the IRS, an SSN is required for being legally hired for work.

http://www.irs.gov/Businesses/Small-Businesses-&-Self-Employed/Hiring-Employees#2

And AFAIK, ERISA stands for the EMPLOYEE Retirement Income Security Act.

So, one can't even be an employee without an SSN, so no SSN, no "E" in ERISA.

It doesn't work that way. Where do you see an ERISA requirement that someone must have an SSN to be an employee? If they meet the plan's eligibility requirements and the plan's requirements to receive contributions/benefits, they get what the plan says they get.

ERISA 3(6) The term "employee" means any individual employed by an employer.

I also wonder if Fidelity is sending a timely blackout notice to the affected individuals. I don't see an exception to the blackout rules saying that participants with SSN's that can't be verified who are restricted from taking loans and directing investments are not covered by the blackout rules. I can see an argument for delaying a distribution until it can be reported correctly, but how do you justify their other actions?

[mbozek]

There is nothing in ERISA that requires that an employee have a SS number. However, the 1986 immigration act requires that all employees must present identification proving that they are legally permitted to work in the US or is a US citizen when they commence work. It is easy for individuals residing illegally in the US to obtain forged documents that allow them to work in the US including another persons SS number which will pass through various screens that are supposed to identify illegal workers. But workers with false ID documents have taxes withheld using someone else's SS number which creates problems when the tax returns are filed because the false SS number will result in the US worker being taxed on income that he did not earn. IRS solved the problem by creating the ITIN -individual tax identification number which looks like a SS number except that the first digit is a 9. illegal workers obtain the itin from the IRS before filing their income tax return and use the itin on the 1040 instead of the SS # on their w-2. The tax software for preparing the 1040 prompts the tax preparer to disclose the SS number used on the W-2 which allows the IRS to delete that income from the tax data of the taxpayer who was legally issued the SS number which prevents incorrect income tax being assessed.

So the result is that everyone is happy- IRS processes another tax return and collects taxes, the employee is happy because he has paid his taxes and got a refund of the overpayment, SS is content because it collects FICA tax but will never have to pay benefits and the employer is happy because the IRS cannot disclose the identity of the illegal worker to ICE.

But none of this has anything to do with taxpayers who are identified as having two SS numbers which does not prevent a person from working or receiving a distribution of retirement benefits. I don't know of any law that prohibits a person with two or more SS number who is legally permitted to work under the 1986 immigration act from being hired.

[AMDG]

Fidelity is a directed trustee and recordkeeper, not the plan administrator. As a general matter, the plan administrator (that is, the employer) is in a better position to research data discrepancies and direct Fidelity accordingly if an automated alert is generated. Here is an example of common plan language:

Whereabouts of Participants and Beneficiaries. The Administrator shall at all times be responsible for determining the whereabouts of each Participant or Beneficiary who may be entitled to benefits under the Plan and shall at all times be responsible for instructing the Trustee in writing as to the current address of each such Participant or Beneficiary. The Trustee shall be entitled to rely on the latest written statement received from the Administrator as to such addresses. The Trustee shall be under no duty to make any distributions under the Plan unless and until it has received written instructions from the Administrator satisfactory to the Trustee containing the name and address of the distributee, the time when the distribution is to occur, and the form which the distribution shall take.

Complaints about regulatory requirements should be directed to the applicable regulatory agency.

[Peter Gulia]

Last week, Groom Law Group published a Benefits Brief suggesting that at least some retirement plans consider procedures to comply with laws administered by the U.S. Treasury department's Office of Foreign Assets Control.

http://www.groom.com/media/publication/1863_OfAC_Update_8-7-17.pdf

Groom suggests this might include "[c]hecking if participant or beneficiary payments are going to individuals on the SDN [specially designated nationals], FSE [foreign sanctions evaders], or SS [sectoral sanctions] lists."

Are recordkeepers providing this service?

 

[TPAJake]

In my experience, RK will only provide this service if it's in their best interest to do so.  Where that line is, nobody knows...

[Peter Gulia]

Does anyone know whether Fidelity checks the OFAC lists?

 

[MoJo]

10 minutes ago, Fiduciary Guidance Counsel said:

Does anyone know whether Fidelity checks the OFAC lists?

 

I can't tell you for certain, but they ought to.  When I worked for Schwab, they did for distributions to certain countries - but not for individuals.  At OneAmerica, we are actively reviewing what we've done in the past, and what should change in light of the new sanctions legislation..