Fiduciary Is Fun!
(a.k.a. I heart taxes)
(a.k.a. I heart taxes)
Are you worried about cyber-security breaches? You should be! It seems to be happening all around us all the time. There is almost no end to the number of bad guys that want our data, and when that data is attached to money, it is even more appealing.
And for every data breach, there are thousands of attempts that have been thwarted. The breaches are what make the headlines, but I can assure you that all financial services firms are getting hit hundreds, if not thousands of times A DAY by cyber crooks trying to break through. One common point of entry is stealing employee data and pretending the crook is the employee to gain access to the retirement account of the employee. 401k Recordkeepers deal with this on a daily basis. I wanted to write today to bring to light a common practice in the administration of a 401k plan that might sneak up on many companies. It is often the case that companies are asked to approve distribution requests on behalf of terminated employees. These approval requests can come from either the recordkeeper or the TPA on the plan. Attached to these emails is generally a distribution form with the terminated employee’s information, including address, date of birth, and Social Security Number. Talk about a crook’s dream come true. What is particularly sneaky about these requests is that even if the email goes to the employer encrypted, the employer doesn’t always send it back encrypted. This is a weakness and one of which employers should be aware. Are you an employer who is approving distribution request from terminated employees? How about approving loans for existing employees? Hardship withdrawals? Doing all this over the email system with confidential employee data, are you? Don’t think the bad guys will ever find out? There are several areas of potential security breaches when operating a retirement plan. If you are a company that would like to ensure you are doing what you can to protect your employees’ data, give me a call. I would love to walk you through a checklist to make sure you are being as careful as possible. Pete Welsh a/k/a 401kGuy
0 Comments
Leave a Reply. |
Archives
July 2020
Categories
All
|