2023 Fiduciary Training Series, Part 1: Fiduciary Fundamentals (Webinar Recording)

Please note: This is a transcription so there may be slight grammatical errors.

Hello, everyone, and welcome to today’s webinar, Fiduciary Training, Part I. I would now like to
introduce Dawn McPherson, director of Retirement Plan Consulting at CAPTRUST. Welcome, Dawn.

Dawn McPherson:
Thank you. Good afternoon. I’m so pleased you’re joining us today for the first in our quarterly Fiduciary
Training Series. This series is part of our ongoing commitment to providing you, our clients, with service
beyond expectation. Ongoing Training will help you stay informed on industry trends, litigation,
regulations, and the ever-evolving requirements of your role.

Today, I’m joined by two colleagues, Lisa Keith, and Paul Stibich, who are seasoned professionals in the
retirement industry and are focused on the retirement landscape. Lisa Keith is a senior manager on our
Plan Consulting team, and has been in the industry for more than 30 years. Her primary focus is
compliance and record keeping of qualified retirement plans. She has earned both her qualified 401K
Consultant and qualified 401K Administrator credentials through the American Society of Pension
Professionals and Actuaries.

She is a trusted resource with advisors and clients on ERISA technical matters, plan design and
benchmarking, and fiduciary education. Paul Stibich is a Senior Financial Advisor here at CAPTRUST, with
more than 18 years of experience. Paul specializes in retirement plan consulting that encompasses
defined contribution, defined benefit, endowment, and non-qualified plans. He works on a team here at
CAPTRUST that has been recognized as one of the top 100 plan advisory teams in the country by Plan
Sponsor and Barron’s Magazine.

Paul has been named by the Financial Times as one of the top retirement plan advisors from 2017
through 2022. Napa Magazine has also recognized Paul as one of the top retirement plan advisors in the
country under age 40, also from 2017 through 2022. I am pleased to turn things over to Lisa and Paul,
who are going to share with you fiduciary fundamentals, as well as some best practices for managing
your plan. Lisa, if you’re ready, let’s jump in.

Lisa Keith:
Boy, I’m ready. Thank you so much, Dawn. It is just great to see the overwhelming response and the
interest in learning to be a good fiduciary. Today, we are going to go over a high level overview of what
it means to be a fiduciary, and I know it seems overwhelming, but I do have some good news. Being a
good fiduciary really is 90% common sense, and the other 10% or so are some things we’re going to
discuss today. If we could go to the next page, that would be great.

I know we’re all familiar with the term ERISA, but we may not know the origins of ERISA. Well, ERISA
stands for the Employee Retirement Income Security Act. It was a law that was passed back in 1974,
almost been 50 years, and it was originally designed to protect participants regarding their retirement
accounts. Now, prior to ERISA, it was a little bit of the wild west in terms of how plans were run. It
wasn’t all that unusual for a long-term participant to find out the amount they thought they had when
they were ready to retire was much less due to risky investments.

Within ERISA, it defines what it means to be a fiduciary within a plan. What makes someone a fiduciary?
It is a few different things. It’s discretion, control, influence, and advice. I’m going to give you a quick
example of each. In terms of discretion, anyone who has the authority or the ability to hire a third party,
such as an advisor or a record keeper, is a fiduciary, because they have the discretion to make that
decision. You also have control, specifically over the assets of the plan.

For example, you can decide how you want your plan to be invested or you can hire someone to do so.
Another example is deciding if you want fees to be paid out of the plan. That gives you the control.
Influence is a little bit different. Now, according to the Department of Labor, being a fiduciary is very
much a functional role. You may have someone who doesn’t have a formal title, but if they have any
influence on any decisions that are being made, they would be considered a fiduciary. You always have
to keep that in mind.

Then lastly, advice. Anyone who renders investment advice for a fee or other compensation is
considered a fiduciary. There are a couple different kinds of discretion, and Paul’s going to go into a little
bit more detail about what that means.

Paul Stibich:
Thanks, Lisa. Yes, there are two types of contractual fiduciary relationships. There are 321 and 338. In a
321 co-fiduciary relationship, the committee has final approval and signature authority for making an
investment or fund change. In a 338 relationship, your advisor takes the full risk and liability for making
the investment decisions on behalf of the plan or committee. Your advisor should provide the due
diligence in advance, so committees are informed as to why you are making a change.

At CAPTRUST, our discretionary team have built a direct pipeline with all the direct major record
keepers, meaning we communicate the fund change, confirm the timing, and ensure that fees are not
impacted, and sign any required paperwork or online approvals, essentially taking this work completely
off the desk of the HR team. 338 is a trend that we have been seeing for more than a decade now. The
number of plan sponsors choosing 338 is growing.

In our Akron practice, approximately 50% of our clients have moved to a 338 relationship. Clients are
interested in a 338 relationship for multiple reasons, which are time savings, reducing risk, and faster
fund change execution. I’ll just share two quick stories about 338. In a client review several years ago,
we had a fund change recommendation that we were delivering. The CFO stopped us halfway through
the fund comparison, and asked, “Have we ever not agreed to one of your investment
recommendations?” “No you haven’t,” was the answer.

He asked, “Well, then, why do I need to be on the hook, or have any risk, or sign any paperwork if we
always accept your investment recommendations?” Well, the answer was, “You don’t have to be if you
were in a 338 relationship.” Another example about time savings, in another client meeting, a CEO
arrived two minutes after the meeting started. We covered the agenda and shared that we didn’t have
any investment changes, recommendations, or anything to vote on today. He stops the meeting, slams
his hand on the desk, and said, “Then why did I travel an hour across town to get here when there’s
nothing to vote on?”

Time savings was critical for this client, allowing them to consolidate the number of review meetings
from quarterly to semi-annual or twice a year, which is typically what we do in a 338 relationship. We
have an investment review, and then an administrative review with the record keeper. The client
wanted to focus on managing their business and saving time spent on managing the plan or making the
investment decisions. On page four, Lisa will guide us through who can be deemed a fiduciary.

Lisa Keith:
Thank you, Paul. We go to the next slide please. This is a laundry list of titles that may be fiduciaries
based on their functions. If you do have any questions on these, need any clarification, as a reminder,
please ask your questions in the spot on our screen. First of all, a named fiduciary. You’re always going
to have a named fiduciary within your plan. It is going to be defined in your plan document. Now, to
make it a little easy for you, it’s almost always a plan sponsor.

Now, the named fiduciary does have the overall responsibility of managing the plan. I’m going to skip
down to trustee. Now, a trustee may be a fiduciary to the extent of discretion they have. In many plans,
especially at larger plans, you will appoint a corporate or a directed trustee. Now, with a corporate or
directed trustee, they act upon the direction of the named fiduciary. Consequently, they have little
discretion and very limited fiduciary responsibilities. Let’s skip down a couple to parties interacting with
participants.

An example of this is if you have a provider or a service where the representatives provide actual
investment advice to your participants, not education, but advice, that is a fiduciary function. A great
example of that is if you take advantage of our Participant Advisory Services. Plan administrator. Now, I
think of all the titles, this one is the most confusing to people. A plan administrator is a formal title
within your plan. It’s almost always a plan sponsor as well. The plan administrator does have the
responsibility for the daily operation of the plan.

However, you will appoint a record keeper to perform those records for you. A record keeper is not a
fiduciary because they’re taking direction, but the plan administrator is. Now there is another type of
arrangement called a 316 administrator, where you actually appoint a firm to perform these duties for
you. That’s something that we are seeing in greater regularity. That is a growing trend. Then lastly,
board members. Oftentimes, board members will insulate themselves regarding this responsibility by
delegating it to a committee.

You can go to the next page. Being a fiduciary does carry some risk. Paul, can you share your experiences
on why it’s really important to have this training?

Paul Stibich:
Yeah. Yeah, sure, Lisa. We have heard from our existing client base, and even prospective clients as well,
that in recent Department of Labor audits, they are asking, “When is the last time the committee
received fiduciary training?” It’s a best practice to document fiduciary training through meeting minutes.
The top advisors write these minutes on your behalf and document any time there are new committee
members that have joined as a full voting or a non-voting member.

In our Akron practice, and most of our colleagues throughout CAPTRUST, we track when we deliver
fiduciary training for our clients. We aim to deliver the training once every two years now. It’s also
important to note, there’s not a hard and fast rule when it comes to how often fiduciary training is
delivered, but I’ll share, our clients feel a lot more comfortable when they’ve had the fiduciary training,
and when they get that letter from the Department of Labor that says, “We’re coming to audit your
plan.”

Lisa, any other advice to our plan sponsors about creating an airtight fiduciary process?

Lisa Keith:
Well, it is really important to have the tools and resources necessary to meet your obligations. That is
really important. Then the key is developing a consistent process in order to make informed decisions.
We can go to the next slide. This is the page where we may start losing people, and please don’t leave.
We’re not here to scare you, just to let you know that you do have consequences. There are
consequences if you do reach your fiduciary responsibility.

For time’s sake, I won’t go through all of these individually, but just to let you know, that following the
tenets of ERISA following a consistent prudent process will protect you as a fiduciary. In addition, there
are insurances out there that will protect the plan as well as you as a fiduciary, and we will discuss those
in greater length a little bit later in our presentation. We can go onto the next page.

Paul Stibich:
Lisa, we only had one participant drop off from when you started that slide.

Lisa Keith:
Wow. Good. Well, so far, so far. We’re going to spend the rest of our time or the primary amount of
time left on the six fiduciary duties. We’re going to go ahead to the next slide, onto the duty to be
prudent. What does it mean to be prudent? Well, according to the dictionary, prudence is defined as
taking cautious action and exercising sound judgment.

For plan purposes, again, we can translate this to mean that you need to create a consistent process in
order to make informed decisions. Now, on this page, we reference the ERISA 404(a)(I)(B), also known as
a prudent expert rule. What we’re saying here in layman’s terms is that as a fiduciary, not only are you
expected to make decisions in a prudent manner, but you’re also expected to have expertise when
making those decisions.

If you yourself don’t have that expertise, you are expected to hire it. You are expected to hire
professional advisory services or legal counsel if needed. Next slide, please. It’s really important to
develop a process and consistently use it. I’m going to go ahead and give you a few steps for what I feel
works well for developing a process that you may want to take note of. First of all, develop the
information you will review, discuss the issue at hand, decide the course of action to take, and then
finally, document the decision through minutes or other meeting reports.

Now, the last bullet on this page was taken directly from a lawsuit, and we felt that this really hit home
regarding the responsibilities of fiduciaries and committee members such as yourselves. What we’re
saying here is that it is really important to be engaged, to make sure that you do fully accept your
responsibilities as a fiduciary, that you make sure that you attend all meetings, if at all possible, to do
your homework in advance. What I mean by that is reviewing that meeting material in advance, and to
ask questions.

As it says, “Remember that pleading ignorance, bad communication, or inexperience is not an adequate
defense.” We can go to the next page. We are onto the next duty, which is a duty of loyalty and
impartiality. This duty is pretty straightforward, and to me, really goes to the core, to the heart of ERISA.
As a fiduciary, you always have to keep in mind that all of your decisions need to be made solely and
exclusively in the best interests of your planned participants and their beneficiaries.

Not what’s in the best interest of your company, but what is in the best interest of your participants.
Now, if there are any upcoming decisions that need to be made, and you feel like you may have a
conflict of interest regarding that decision, you should recuse yourself in that particular process. Now,
there is an exception to this rule. There are a couple different types of decisions that are actually
business or settler in nature.

One example is plan design. The IRS has given us some provisions, which they allow for law, for qualified
plans, but they have given us a little bit of flexibility within those provisions. Periodically, you’re going to
review your plan design and any kind of changes you may consider, such as perhaps changing your
eligibility, changing your investing, changing your employer contributions. Those types of decisions are
actually business or settler decisions. Now, once they are in your plan, though, following those
provisions does become a fiduciary responsibility.

Next slide, please. Following your plan is a fiduciary responsibility. A failure to follow the provisions in
your plan could actually subject you to hefty penalties by the IRS, or even, this would be in something
very egregious, but perhaps plan disqualification. Now, as fiduciaries, you are not expected to know
every provision of your plan, but I do recommend that you read your summary plan description, that is
the shortened version of your plan in layman’s terms, on a periodic basis, just to have that good overall
understanding of the plan.

Then typically, there is a member of the committee that does champion the document more, and does
have a closer understanding of the plan. Now, something I do recommend as a best practice is that you
set time aside annually or so to talk to your relationship manager or your representative of your
provider, to talk about just overall how the overall provisions of your plan works, just so everyone has a
good understanding, both parties, also to talk about any changes in the law that affect the operation of
your plan.

It’s just great to have that dialogue. Now, plan documents do need to be updated to reflect any changes
in the law. If many of you have prototype documents, which many plans do, they have to be updated
every six years. Fortunately, we are on the other side of that, so we don’t have to worry about that for a
few years, but there are going to be some required documents reflecting some changes in the legislation
that have just recently occurred.

Paul, would you like to share what’s going on right now in the regulatory environment?

Paul Stibich:
Yeah, I’d be happy to. I’m smiling here because yes, the restatements are completed, which is a breath
of fresh air for all plan sponsors and human resource and benefit teams. The last three years have been
really busy for all of us due to plan document changes, from the CARES Act, the Secure Act 1.0, and now
the Secure Act 2.0. The Secure Act 2.0 was passed in late December, while many Americans were
spending time with family for the holidays.

There are over 90 provisions,, and many of which are optional new wellness benefits such as an
emergency savings account, and a student loan repayment program that can be offered through the
retirement plan for the first time. Several provisions are mandatory, such as an increase to the RMD age,
required minimum distribution age, and an increase in catch-up contributions for those who are
between the ages of 60 and 63.

Now, most of these provisions do start January 1st of 2024, and we’ve worked closely with our clients
over the last three years to document their decisions on past legislation. We’re going to continue that
this quarter with our fourth quarter reviews on the Secure Act 2.0. The amendments for the Secure Act
2.0 are also not required until a couple years from now, January 1st of 2025, but there will be needed
updates in technology and programming from the record keepers and your payroll providers to be able
to administer and operationally comply with several of the new mandatory provisions.

Having the conversation now or within the first six months of the year will allow committees to make
informed decisions, and then work on the programming over the back half of the six months to be
prepared January 1st of 2024 with any of these new wellness benefits that we discussed. Now, Lisa will
walk through how the record keeper will help make your life easier with these required legislative
updates to your plan document.

Lisa Keith:
Yeah, and the one thing I want to add onto that is I actually just a little, right before our training today, I
did sit with the committee. We went through every provision of Secure 2.0 and how that may affect
them, and now they’re going to go talk to their provider. It’s just great to be prepared, and I know there
are not too much that’s required right now, but just being prepared and ready is just a great best
practice. Keep in mind though that with all these required documents, and when we do the next
restatement, your plan provider is going to drive that process for you.

They’re going to let you know when a restatement needs to happen or when documents need to be
amended. They’ll drive that process for you, but it’s still your ultimate responsibility to review those
documents in advance, and to make sure they’re all dated and signed timely. It’s surprising to me how
many documents I read, and I read a lot of documents, how many of those aren’t signed. In the eyes of
the IRS, an unsigned document is not a valid document. Again, common sense, but make sure those
documents are dated, signed timely.

Again, you want to make sure that all of your documents are kept in a very safe, secure spot. There is no
statute of limitations on documents. Again, you want to keep them all in a very safe, secure spot. We
can go to the next page. We’re onto the next duty, which is a duty to diversify. By nature, a 401K or a
participant directed plan in general is going to be diversified. ERISA 404(C) only requires three different
types of funds for diversification, a bond fund, a stock fund, and a money market, or stable value fund.
In this day and age, most participant-directed plans have anywhere between 15 and 25 funds within
their lineup. Now, your CAPTRUST advisor has worked with you to design a lineup that does span the
risk spectrum, and does include the appropriate asset classes. Of course, we want you and your
participants to have the highest rates of return possible, but as a fiduciary, our primary responsibility is
to minimize downsize risk. With all the volatility that we have seen, especially recently, really, really
demonstrates how important that is.

Now, I’d just like to bring your attention to the last bullet point on this page. This is saying that prudence
must be evaluated at the time of the investment without benefit of hindsight. What we’re saying here is
that you are not required to have a crystal ball when making decisions regarding the funds you’re going
to offer within your plan. What is required, though, is developing a good prudent process, and making
sure it’s documented and consistently followed. There is a lot of litigation out there, all unfortunately,
that’s just a reality of our world.

The lawsuits where the defendants prevail are the ones that had that good prudent documented
process in place. We can go onto the next page. We’re onto the next duty, which is a duty to monitor
and supervise. We’re specifically talking about our process here to monitor and supervise the
investments in your plan. Paul, can you go ahead and share our process? That would be great.

Paul Stibich:
Yeah, I’d be happy to. Investment monitoring is one of the key roles as a fiduciary. Participants are
contributing to the 401K plan investments every week or two weeks. Hiring an advisory firm that has
direct access to the portfolio managers who are making the investment decisions in each of the funds is
critical. They should not be meeting with marketing teams or local sales teams. At CAPTRUST, we have a
117-person research group that has this type of access.

For example, David Hood, one of our analysts in our research group gets access about 30 minutes per
year to Will Danoff, which is the world-renowned manager of the Fidelity Contrafund, who has all the
commercials, each year. The research group monitors our client funds on a daily basis, but we also meet
with portfolio managers at least annually, conduct quarterly calls. This allows the advisor and our clients
to sleep well at night, knowing how closely participant dollars are being monitored.

The quarterly investment review that we provide and deliver contains a performance summary section,
and we built this section to evaluate the client investments that are exactly shown on this page. 70% of
our scoring is qualitative in nature or based on the numbers, which gives us information about the past
or the rearview mirror. 30% of our scoring, though, is qualitative, which is from those conversations that
we have directly with your fund managers and the fund firm. This gives our research group key insight in
how an investment may perform in the future looking forward.

I’d like to point out a favorable outcome, and Lisa hit on this earlier with hindsight. There was a lawsuit
that was brought up that a plan sponsor chose a different fund or product previously, and over time, the
performance was better with the other fund or product that was not chosen at that time. Courts
confirmed that hindsight can’t be used against a plan sponsor, meaning if the organization has
documented their decision, and used all the information available to them at that time to make the best
decision possible for participants, the courts have been in favor of the plan sponsor.
We’ll share more about evaluating your service providers in a few pages. Thanks, Lisa.

Lisa Keith:
Sure. You’ve hired us to perform this duty for you. However, you still have a duty to monitor and
supervise all of your service providers, including us, to make sure we’re all doing what we said we would
do, and the DOL does recommend that you do this every few years. Now, one tip I can provide for you is
to have a regular dialogue with your service providers, with us, your record keepers, your auditors, and
document that you’ve done so.

Doing this is a great stop in making sure that you are meeting this responsibility to monitor and
supervise. You can go to the next slide. Paul, do you want to talk about the IPS?

Paul Stibich:
I’d be happy to. An investment policy statement is not a required document by ERISA, but it is asked in
every Department of Labor audit. The key to having an IPS is assuring that the committee follows it. So
often, when we meet with prospective clients, we find they have an IPS, but they have trouble locating
it, or it’s not fully executed, or maybe it’s completely out of date. This is always a red flag. This is why the
majority of CAPTRUST clients adopt a CAPTRUST investment policy statement.

A well-built IPS will discuss the goals and objectives of the plan, the roles and responsibilities of the
committee advisor, and the investment managers. The remainder of the document is about processes
and procedures for monitoring the investments. At CAPTRUST, we have built the IPS so that the scoring
system and the quarterly reviews will tie directly to the IPS, helping start to build that airtight fiduciary
process for plan sponsors. The only thing worse than not having an IPS is having one and not being in
compliance. Lisa?

Lisa Keith:
Agreed. I think that you did a great job on that. We’re going to go ahead to the next duty.

Paul Stibich:
Thank you.

Lisa Keith:
Next slide, please. We’re actually on the same duty, but new slide. It is really important to understand
who all the fiduciaries are within your plan based on their function. A lot of you are going to do this as
part of your audit process, but when you’re doing this, you’re going to want to document in a
hierarchical manner. You’re going to want to start at the top with your plan sponsor, and work your way
down, yourselves as a committee, CAPTRUST as your fiduciary, whatever relationship, whatever level of
discretion we have, and then any other individuals or entities that may be a fiduciary, again, based on
their function.

Not only is it a great exercise in understanding everyone’s roles and responsibilities, it will identify if you
do have any gaps. This is something that you want to periodically review and update as needed. Now,
there are many ways to delegate authority to committee members. Depending on the level of formality
or governance in your organization, you may adopt a committee charter or bylaws. Now, a committee
charter or bylaws is actually a formal document that specifically names committee members and what
their responsibilities are.

However, this is not required. A documentation through minutes or other meeting reports will work as
well. Keep in mind that as a fiduciary, we all do have our own rules and responsibilities, but if we see
something another fiduciary is doing that we know is incorrect and we do nothing about it, we could be
considered to be liable as well. Tell you something, Paul has heard me say a hundred times before, Paul,
back earlier in my career, I did work for a full service entity, and we had a client that stopped sending in
their employee contributions to their plan.

From our perspective, we let this client know that they’re in violation and what the consequences were
to no avail, because we were fiduciaries and we had to act in the best interest of the plan participants.
We had no other recourse but to report that client to the Department of Labor. Now, these next two
bullet points are the insurances that I was referencing earlier in our presentation. The first one is a
fiduciary bond. Sometimes that’s referred to as an ERISA bond or a Fidelity bond. This is required by
ERISA.

It protects your plan against losses due to fraud. The amount that’s required is 10% of the market value
of your plan, up to $500,000, or a million dollars if you have an employer [inaudible]. It’s a relatively low
amount. Now, this is an actual question on your form 5,500. Your form 5,500 provider is going to send
you a reminder each year. You probably have already gone through your questionnaires recently, it’s
probably fresh in your mind, to make sure that you do have sufficient coverage and that your bond
hasn’t lapsed.

You will get a reminder on this one. Fiduciary liability insurance, however, is not required, but we
strongly consider it as a best practice. Now, fiduciary liability insurance protects you against losses due
to a fiduciary breach or costs due to litigation. Because it is not required, there is not a specific amount
that we can recommend for you. We do always recommend that you do talk to your insurance provider.
Paul, I know that you can share your experiences with your client and what’s going on with liability
insurance in today’s world.

Paul Stibich:
Yeah, I’d be happy to, Lisa. Those were some great nuggets and tips to begin with, but let’s chat about
fiducial liability insurance for a moment. At the end of the day, it is optional, but just about all, if not the
majority of CAPTRUST clients have it. Retirement plan litigation’s increasing. There have been large class
action settlements, and the lawsuits are continuing to come down market as well. There’s not one
certain market that’s going to be more prone or less prone in the future.

Due to the increase in litigation settlements, fiduciary liability insurance premiums are going up. Based
on the outcomes from court cases, it’s a good practice to confirm a few items with your insurance
broker. Do you have the appropriate coverage amount for your plan size? As you just heard from Lisa,
we’re not insurance brokers. We don’t know where the market is set. It’s not our expertise, but your
insurance broker definitely has the stats to back up how much insurance you should have for your plan.
Not only you want to include the appropriate amount, but ensure that the coverage can pay for a large
settlement and/or attorney fees. We’ve seen some court cases where the coverage was taken up by the
settlement and couldn’t pay attorney fees. They had to come out of pocket by the company, and that
was a surprise in that organization. Make sure that the policy also includes cybersecurity theft, which is
becoming a very important topic, which we’ll discuss more about in a few slides.

The other thing that I want to point out here on this topic is that Lisa mentioned some of the
questionnaires that you may be getting from your insurance broker. This trend started several years ago,
but again, it is because of the number of class action lawsuits and settlements and litigation here.
This questionnaire will detail how you’re paying your plan fees, what are your plan fees today, the last
time you benchmarked your plan, how many index funds versus actively managed funds you have in
your plan, how many funds have an expense ratio higher than 70 basis points, and how many
investments are proprietary funds to the record keeper?

By having these questions buttoned up, it can help control your premiums, and obtain the appropriate
insurance coverage amounts that you need for your plan. Thanks, Lisa.

Lisa Keith:
Thank you. Onto the next page. Speaking of cybersecurity, it is actually a couple years ago now, the DOL
did come out with specific guidelines for your service providers to follow regarding their cyber security
policies. These are the vast majority of the steps that service providers should be following. Now, I’m not
going to go through all these, don’t worry, but it’s just now become a responsibility for you to talk to
your service providers about what their cybersecurity policies are, and there’s a number of ways that
you can accomplish this.

You can actually meet with your representative. I’m sure they’d be happy to do that. They also publish
reports that will be available for your review, and actually, your auditor is going to ask if you’ve done
that. It’s something that you’re going to have to check the box, but it’s a great practice to do so. We can
go to the next page. The next duty is the duty to ensure reasonable plan costs. This is a really important
one. I sometimes think it’s a misconception out there with plan sponsors that they have to have the
lowest cost plan. That is not true at all.

Actually, if you’re trying to have the lowest cost plan, you may be sacrificing some quality, and I know
that’s not what you want for your participants. What is required, though, is to ensure that the fees you
are paying are reasonable for the services that are being provided. There are a couple ways to approach
this. First of all, from a service provider perspective, best way to do that is to do some kind of
benchmarking. Looking out into the marketplace and comparing what other service providers are
charging for those same services.

The DOL does say you should do this every few years. Also, you want to do it from a fund perspective, to
make sure that your fund fees are reasonable for the funds you’re invested in. One example of that is to
make sure that you are in the lowest share class of the funds that are in your lineup. Paul, do you want
to talk about some things that we do for our clients to make sure that we’re fulfilling this obligation?

Paul Stibich:
Yeah, thanks, Lisa. As a plan sponsor, if you are following the lawsuits that are taking place, the majority
of them are focused around plan fees and investments. This is a piece that we’ve continued to add
additional support for our clients, to ensure that you have fair and reasonable fees, and that we’re
benchmarking them appropriately on an ongoing basis. For our existing client agreements and clients
with CAPTRUST, we provide a vendor fee and service benchmarking every three years as a matter of
course.

Because of all that litigation that we’re seeing around plan fees, CAPTRUST several years ago created an
executive review for our clients. The executive review, we review at least once a year, and it’s a
thorough examination of your plan fees. This review will help plan sponsors know your plan fees inside
and out, decide on how you want to pay your providers from the plan, outside the plan, and then
document that the plan fees are fair and reasonable to the marketplace.

In this review, we go over the record keeping, the investment expenses, and we also look to see if
there’s an alternative or different investment product of the same investment manager in the plan
that’s available to you at a lower cost. Then that’s been in the lawsuits lately. Have you looked across
the marketplace to see if there’s fund X, Y, Z is available at a lower cost to the plan, or in a different
product?

In the meeting minutes, which we do draft on your behalf, we will document in a fee policy section how
the plan fees are paid, and ensure that they’re fair and reasonable. We also find that this documentation
and this review, going back to the last conversation around fiduciary liability insurance, that this review
is very helpful in helping you fill out the questionnaire from your insurance broker when you go to
renew your fiduciary liability insurance.

On the next page, Lisa will walk us through the two required annual fee disclosures that your record
keeper will help assist in fulfilling on your behalf.

Lisa Keith:
Thanks, Paul. The first disclosure that we’ll talk about are the service provider disclosures, also known as
the 408(b)(2)s. Service providers such as ourselves are required to provide you with an agreement or a
contract that outlines all of our services and the fees associated with each. That again is our
requirement. Your requirement is to make sure that our fees are reasonable. Review those contracts to
make sure our fees are reasonable based on the criteria that we just discussed. Also, you want to make
sure that you have all your current 408(b)(2)s in one spot for your auditors.

The other type of disclosures are the participant fee disclosures. These are the ones that go out annually
to your participants that disclose any type of fee they may see in conjunction with their 401K plan. Your
provider is probably performing this duty for you on your behalf, but it is still your responsibility to make
sure that the information on the disclosures is correct, and that they are going to the correct
participants. We can go to the next page.

We’re onto the last duty. Hard to believe we went through them so fast. The last duty is the duty to
avoid prohibited transactions. As a fiduciary, we do know that we have to act in the best interest of our
plan participants. Consequently, we want to avoid any decision or transaction that’s going to benefit us
as a plan sponsor. Another example I like to use all the time is you would not want to move your plan to
a commercial bank because they’re going to give you a preferential rate on lending.

My first role right out of college, I am a very, very seasoned employee, as you can tell, very seasoned
with experience. This happened a long time ago, but my first role was working for a bank, and I did see
this happen more times than I care to admit, and I do hear it still happens to this day. Something you
want to avoid. Also, you don’t want to select any products or services on a preferential basis with a
related party interest. To make it really simple, a related party interest is anyone who’s related to you or
anyone who works for you and is related to them.

I’m going to give you another very simple example. You wouldn’t want to move your plan audit business,
if you’re required to have an audit, to your child’s audit firm to help out their firm. Now, if you were
doing your documented due diligence process when looking for service providers, and it turns out that
that wasn’t the right firm for those reasons, that’s fine, but doing anything on a preferential basis is
definitely prohibited. We can go to the next page.

The DOL does say they see a number of different prohibited transactions when they’re out doing their
investigations. The ones they say they see most prevalently are self-dealing, conflicts of interest, in on
the next page, anti-kickbacks. The DOL has also recognized that it would be really difficult to operate a
plan without running into one. The DOL has granted a number of exemptions, many of them statutorily
across all plans. Whenever the DOL does grant an exemption, they build criteria in that must be
followed.

I’m going to give you an example of a really popular one that most of us are familiar with. Sometimes we
wish we weren’t familiar with it, but again, a very popular one, participant loans. A participant is, by
definition, a party in interest to a plan, and they would not be able to use plan assets to their benefit.
The DOL will allow participant loans and plans, as long as certain criteria is followed. As many of us are
familiar with participant loans, you can only borrow 50% of your account balance.

You must bear a reasonable rate of interest, and it must be paid back within a set amount of time. As
long as that criteria is followed, you have an exemption. Otherwise, you’re back to having a prohibited
transaction. That exemption, that’s just one of many of them out there. We have gone through all six
duties, and Dawn, I’m going to catch my breath for a moment. I’m going to turn it back over to you.

Dawn McPherson:
Yes. I am all set. Thank you so much, Lisa and Paul. Wow, that is a lot of information, great information,
a good foundation in a very short amount of time. I wonder, could you take just a few of these final
minutes we have left and give us a few key takeaways or tips for our listeners today?

Lisa Keith:
Sure, sure. I’ll go ahead and start, Paul. As a recap, just make sure who all the fiduciaries are within your
plan, and do some kind of documentation. If you do need any clarification, please reach out to us and
we can assist you with that process. It is really important to understand who all the fiduciaries are. Also,
make sure you do have regular communication with your plan providers, especially well, us, of course,
we’re going to make sure we have regular communication, but also with your record keeper.

I’m going to give you a quick example of something that happened because of a lack of communication
with the record keeper. I was working with one of our advisor’s new clients, and they just did not have a
really close relationship with the record keeper. It turns out that they had auto enrollment in their plan,
the client didn’t know they had it, the record keeper didn’t know the client didn’t know it, so they had a
little bit of a mess to clean up. Again, it’s just really important to have that good, consistent dialogue.
One other thing that I didn’t mention is to make sure that you are aware of when your participant
deposits are scheduled to be made, and that you are consistent with those. For a plan that’s over a
hundred employees, you don’t have the DOL safe harbor. For small employers, you have to make sure
that your employee contributions and loan payments get sent to your provider within seven business
days. For a larger client, it’s as soon as it’s operationally feasible.

Once you set that precedent, it’s very important to keep to that schedule. If you go beyond that, it’s
going to be considered a late contribution. You’re going to have to make corrections. It’s going to be in
your 5500, and that one’s pretty common sense. You want to avoid that. Conversely, you don’t want to
do anything any earlier. If your precedent is three days, and the person in your organization thinks they
can get it done, they have extra time in the day to get it done a day early because they think that’s a
good thing, it’s really not.

Your auditor is going to see you can do it earlier, and you’re going to set yourself a new precedent.
Again, it’s very important to be consistent, and also to make sure that you do always have a backup for
whoever performs this duty for you, just in case some circumstances happen beyond their control and
they’re not there. One other last point I’ll make, and then I’m going to turn it over to you, Paul, is just to
review, to make your participant database, and to make sure that you are comfortable, that you know
basically that none of these participants in your database are missing, or that you have good addresses.
The DOL did come out last year, actually, now it’s two years, with some specific guidance regarding loss
participants. I do recommend that you do look at your database periodically, and that your provider
should be able to assist you with that process as well. Paul, I think I’m going to hand it over to you.

Paul Stibich:
Yeah. Wonderful tips, Lisa. Actually, I want to start on page 17 with cybersecurity, if we could just go
back a couple slides. I think there’s a couple takeaways here for plan sponsors to be familiar with, if we
go back to page 17. The cybersecurity is becoming more of a focus of the Department of Labor as we
discussed, and your job as a plan sponsor is not getting any easier. It’s the hardest time ever to be a plan
sponsor. Through the last three years, rewriting your handbooks every night for COVID-19 and all the
different policies every state was dealing with at the state level, federal level.

I want to just hit on this page for a moment here, because I know a lot of this is new, but with your
record keeper and an expert like CAPTRUST, we are helping fulfill your duties when it comes to the
cybersecurity due diligence. I just want to share a couple of examples with you, but just about all the
major record keepers today, they have started with fingerprint on the app. When someone signs into
their account, they’ve increased their security through facial recognition. They have two-factor
authentication many times for logging into participant accounts.

There are a handful of record keepers that when a participant calls into the service center, that they
have voice recognition, which is, again, becoming something more and more, our record keepers are
getting the service up and running. All these things are meant to protect your participants. I know it can
make it a little bit more difficult for people to access their accounts from time to time, but the big key
here too is, again, for distributions, it’s two-factor authentication.

If someone requests a distribution online or by calling in, there’s typically a second step that has to
happen. Record keepers are working very hard to monitor cybersecurity and also ensure that cyber theft
doesn’t take place. I’ve actually spent some time with several record keepers at their place of business,
and I’ve sat through some of their call centers and what they do on a day-to-day basis. When a number
comes in that they know is a bad actor or fraudulent, someone who’s trying to get access to someone’s
account, they already know.

Their systems are that high-tech that they know what a call’s coming in and whether it’s coming from a
good number from a participant, or it’s coming from overseas. Your record keepers are continuing to
evolve and help perform these duties on your behalf, as they have all the indicative participant data. The
second piece to this is CAPTRUST. Our IT team is made up of more than 75 experts, and last year, we
went out to the marketplace and went to the top 20 record keepers.

We went through all the questions that the Department of Labor is providing us tips about how they’re
cybersecurity policies and how they’re protecting participant accounts. If you go to your CAPTRUST
financial advisor, they would be able to provide that report for your record keeper, and know what their
policies and procedures are when it comes to cybersecurity. We’re also inviting the record keepers to
review to talk about what those policies are, and bringing a cybersecurity expert to go into more detail
about how they’re protecting accounts.

I know this is new, but I just want you to know that you’re in good hands between CAPTRUST and what
our IT team is doing, and then all the extensive updates and technology that record keepers are doing.
I’ll just share that. My last takeaway, again, and I know it’s harder than ever to become a plan sponsor,
to be a plan sponsor. You have litigation, legislation, provider consolidation. Our job is to create that
airtight fiduciary process.

At the end of the day, we need to help take work off your desk and make sure that you have a
competitive plan that rewards, recruits, retains, and retires your colleagues to your organization. In this
new normal, most of our clients are running lean in HR, and they need the help of the retirement plan
expert. My hope today is that we’ve given you a peace of mind that we’re always here protecting you,
and that you and your most valuable asset are your employees.

We’ve covered a lot of topics today. If there’s some category or area that you don’t feel is airtight as
another, a takeaway would be to work with your CAPTRUST advisor. Shore up that weakness, so if the
Department of Labor comes knocking on your door, you have an airtight fiduciary process that’s welldocumented.

Dawn McPherson:
That’s great, Paul, and Lisa as well. Thank you both for sharing this information and your expertise with
us today. We did receive several questions throughout the presentation. We were able to respond to
the majority of them. There are a few in the questions box that we want to get a little more clarity on.
Please rest assured, we will be following up with you directly, and/or through your CAPTRUST advisor.
As you step away from this webinar today and digest all this information that Paul and Lisa have shared
with us throughout the hour, if you do have additional questions like Paul said, or you just want to do a
deeper dive on some of the fiduciary responsibilities, please reach out to your CAPTRUST team, your
CAPTRUST advisor, and allow us to follow up with you. We would be happy to do that. Thank you again
for your time today, for joining us, and we hope you’ll join us for next quarter’s Fiduciary Training.

Disclosure: CapFinancial Partners, LLC (doing business as “CAPTRUST” or “CAPTRUST Financial Advisors”)
is an Investment Adviser registered under the Investment Advisers Act of 1940. However, CAPTRUST
video presentations are designed to be educational and do not include individual investment advice.
Opinions expressed in this video are subject to change without notice. Statistics and data have come
from sources believed to be reliable but are not guaranteed to be accurate or complete. This is not a
solicitation to invest in any legal, medical, tax or accounting advice. If you require such advice, you
should contact the appropriate legal, accounting, or tax advisor. All publication rights reserved. None of
the material in this publication may be reproduced in any form without the express written permission of
CAPTRUST:

919.870.6822 © 2023 CAPTRUST Financial Advisors