Benefit Insights | Automatic Enrollment Is On The Rise Spring 2019 | Page 4

A NON-TECHNICAL REVIEW OF QUALIFIED RETIREMENT PLAN LEGISLATIVE AND ADMINISTRATIVE ISSUES Administration & Design: - 401(k) Plans - 403(b) Plans - Cash Balance - SIMPLE & SEP IRAs CONTACT US 330.308.6827 [email protected] www.reacpa.com/retirement-plan-services Fiduciary Advisory Services Plan Benchmarking Services Vendor Search Services Plan Audit Services OUR RETIREMENT PLAN ADMINISTRATION SERVICES ARE CEFEX-CERTIFIED to contacting Great-West or submitting the distribution request. burden to approve individual transactions but checking with an It appears that the PII was obtained through scams aimed at employee by cell phone or protected communication channels the participant. This being the case, what can you do to help will prevent a lot of problems down the road. Remember, if the mitigate distribution fraud? participant’s email was the source of the hacked information, • EDUCATE YOUR PARTICIPANTS on password management. Many times, the retirement plan account password is the same, or very similar, to another password in an account that may have been breached. Changing passwords and using stronger, randomly-generated passwords goes a long way towards protecting PII. the hacker could still be accessing email accounts undetected. • ESTABLISH A SYSTEM of checks and balances within your own human resources and accounting departments. Fraud can occur in many ways, and hacking seems to be the most prevalent today. Internal personnel have the power to request and direct retirement distributions for the plan’s recordkeeper. • REVIEW YOUR ACCOUNT transactions. Online access that is available 24/7/365 has taken the scrutiny from quarterly or annual statements. Reviewing your account on a frequent basis can help identify fraudulent activity quickly. It’s good practice to review your retirement plan’s transactions each month like you would your company bank account or credit card accounts. If you see any questionable transactions, please contact Rea & Associates immediately. • DON’T USE SECURITY QUESTIONS in a participant’s profile the hacker may potentially be able to find the answers to from information which can be found publicly, such as on social media. • ASK FOR VERIFICATION of distributions and loans if the DID YOU KNOW? On average, it takes 196 days for a company to identify a data breach. Norton Security, 2019 recordkeeper allows for it. It might seem to be an excessive R E A & A S S O C I AT E S | B E N E F I T I N S I G H T S N E W S L E T T E R © Benefit Insights, LLC All rights reserved. This newsletter is intended to provide general information on matters of interest in the area of qualified retirement plans and is distributed with the understanding that the publisher and distributor are not rendering legal, tax or other professional advice. You should not act or rely on any information in this newsletter without first seeking the advice of a qualified tax advisor such as an attorney or CPA.