DOL: Cybersecurity of retirement accounts to remain a top priority – Pensions & Investments

The cybersecurity of retirement accounts will continue to be a top priority for the Department of Labor, said Ali Khawar, acting head of the agency’s Employee Benefits Security Administration, at Pensions & Investments’ Defined Contribution West conference in San Diego.

“The concern that I have is that for all the work that we’ve done to encourage people to save, we are one very significant cybersecurity attack from having trust in the system completely dissipate,” Mr. Khawar told plan sponsors, service providers and other industry stakeholders Tuesday during his keynote address.

While Mr. Khawar lauded the industry for its work in getting workers to put $13 trillion into defined contribution plans, saying it’s “a figure to be very proud of,” he nevertheless wanted to make sure the industry didn’t lose any ground on the gains it had made.

The Labor Department is looking to preserve participants’ confidence in the security of their accounts and prevent situations where they say, “What’s the point? It’s not safe. I don’t want to put my money in a 401(k),” Mr. Khawar said.

“It is that concern that really motivates a lot of our work here,” he added.

The Labor Department issued guidance in April that provided cybersecurity tips for plan fiduciaries, service providers and plan participants, and is planning to offer additional guidance to plan sponsors about the vulnerabilities their systems can introduce into the retirement “ecosystem,” Mr. Khawar said.

Mr. Khawar told the audience that the agency has ramped up its enforcement activity in cybersecurity and that the increased scrutiny is “going to continue over the next few years.”

Mr. Khawar also spent a good amount of time discussing the agency’s focus on ESG investing and what one attendee described as the “pingpong game” between the pro-ESG Democratic and anti-ESG Republican administrations.

The central question has to do with the issue of financial materiality rather than the political leanings of different administrations, Mr. Khawar said.

“We try to make it clear that increasingly the market recognizes that ESG can be a material financial factor, and when it does, it’s appropriate for the fiduciaries to take it into account,” he said of the agency’s recent rule proposal that fiduciaries should consider ESG factors in the assessment of investment risks and returns.

However, Mr. Khawar said the Labor Department also “makes it clear that ESG isn’t by definition material, and it isn’t by definition something that you’re required to always make sure that you’re taking into account.”

“The thrust of our proposal is that the fiduciary is the person that’s in the driver seat, and they are the ones that should be making that decision about whether or not it is material,” he said.

In addition, Mr. Khawar shared the agency’s views about the use of cryptocurrency in retirement plans, saying the exposure to cryptocurrency through a passive index fund that includes, for example, Tesla, which accepts bitcoin as a form of payment, is very different from a plan lineup that includes bitcoin as a direct investment.

“I think our concern is much more in that category, where fiduciaries are essentially recommending to participants that this is an appropriate thing for them to put their tax-favored money into,” he said.