Distribution Lawsuit! - Estee Lauder plan

Did folks see this? I just found it so interesting and timely. What do people think? 

Anyone else intrigued?

Hopefully more details will become available as the suit moves forward. 

Who approved the distributions? what was the process? was an online requests? How come they haven't provided a copy of the plan documents? How did the money go into accounts that weren't in her name? Wouldn't someone catch that? Why haven't they settled? So many interesting things. Distribution fraud is booming and a very real problem. 

https://www.napa-net.org/news-info/daily-news/recordkeeper-plan-sponsor-charged-401k-account-theft

https://www.napa-net.org/sites/napa-net.org/files/BermanvEsteeLauderComplaint[1].pdf

Isn't situations like this one of the reasons the ERISA Fidelity Bond exists?

16 minutes ago, Lou S. said:

Isn't situations like this one of the reasons the ERISA Fidelity Bond exists?

Perhaps. But if they aren't even turning over a copy of the plan documents its hard to know what is going on.  The plan would likely have to make the request to the ERISA bond company. If the plan says there was no breach, I can't see it making a claim on the bond to the surety company. But sounds like the plan isn't saying much of anything right now. 

If the bond covers the theft, then the surety company probably would be going after the fiduciaries for the loss. And hopefully someone has good fiduciary liability insurance. 

Yeah it seems like they've gone into lock down mode. It's very odd. And yes distribution fraud seems to be a growing business.

Bonds don't cover plans.  They cover people.

And to answer one of the other questions:  I'm guessing the identity thieves opened accounts in the participant's name.

Interestingly enough, there is a relevant article to this in this quarter's Plan Consultant Magazine.

14 hours ago, Lou S. said:

Isn't situations like this one of the reasons the ERISA Fidelity Bond exists?

Is it though?  The ERISA bond is there to protect the plan against acts of fraud and dishonesty by people who handle the plan assets or have discretion over plan assets.  In this case it sounds like they fell for identity theft by someone outside of the plan, so I don't think the ERISA bond will cover it.  This sounds more like a fiduciary liability insurance situation to me.  

I think there is a cyber security session at ASPPA Annual next week, perhaps I should drag myself in there after all...

2 hours ago, RatherBeGolfing said:

 

I think there is a cyber security session at ASPPA Annual next week, perhaps I should drag myself in there after all...

There is a session on generally detecting and preventing fraud and a session on cybersecurity. The cybersecurity session is presented by Paul Perry, a friend of mine and the guy that worked with John Hancock to write their updated policies.

Great, I'll have to catch that one since this is hot topic for sure.

5 hours ago, RatherBeGolfing said:

The ERISA bond is there to protect the plan against acts of fraud and dishonesty by people who handle the plan assets or have discretion over plan assets.  In this case it sounds like they fell for identity theft by someone outside of the plan, so I don't think the ERISA bond will cover it.

Agree completely. Fiduciaries can obtain personal liability (E&O) coverage for their breaches and mistakes, to cover their personal liability to the plan, but that is different from ERISA plan bond that protects the plan from dishonesty among those who handle assets (but not the identity thieves who dupe them).

Cybersecurity is a huge issue and scammers have been attacking retirement plan accounts because the oversight and diligence is typically not up to the level seen at banks and credit cards, and perpetrated frauds can often go undetected for a much longer time because many participants do not regularly look at their accounts. I know RKs, including our firm, are banding together and sharing best practices and other important information on attempted hacks to safeguard our industry and our clients' retirements.

Personally, as someone who has been paranoid about security and identity theft for a while, I look at bank accounts, brokerage accounts, IRA, 401(k) almost every single day. My wife thinks it's to keep tabs on her spending - but I assure her it's not (well, maybe just a little).

22 minutes ago, CuseFan said:

 

My wife thinks it's to keep tabs on her spending - but I assure her it's not (well, maybe just a little).

No Dear, I only catalog your receipts to make sure there are no fraudulent charges....  Surely $350 at hair-salon is a fraudulent charge right?

Vanguard EE Fraud---10-17-19--DOJ.docx

We had a case here involving a Vanguard former employee that is somewhat similar and somewhat scary.

See attached.

20 hours ago, Bill Presson said:

There is a session on generally detecting and preventing fraud and a session on cybersecurity. The cybersecurity session is presented by Paul Perry, a friend of mine and the guy that worked with John Hancock to write their updated policies.

Paul Perry works for the firm I do.  He is so knowledgeable and a great speaker!

More coverage:

https://benefitslink.com/news/index.cgi/view/20191020-153691

On 10/18/2019 at 7:10 AM, Kphelps said:

Paul Perry works for the firm I do.  He is so knowledgeable and a great speaker!

Agree with your comments on Paul. I was at Warren Averett from 2003-2015. Great firm to work with.

WCP