401kguy.biz
  • Home
  • Blog
Fiduciary Is Fun!

(a.k.a. I heart taxes)

Approving Distribution Forms?  Be Careful

9/3/2019

0 Comments

 
Are you worried about cyber-security breaches?  You should be!  It seems to be happening all around us all the time.  There is almost no end to the number of bad guys that want our data, and when that data is attached to money, it is even more appealing.

And for every data breach, there are thousands of attempts that have been thwarted.  The breaches are what make the headlines, but I can assure you that all financial services firms are getting hit hundreds, if not thousands of times A DAY by cyber crooks trying to break through.  One common point of entry is stealing employee data and pretending the crook is the employee to gain access to the retirement account of the employee.  401k Recordkeepers deal with this on a daily basis.

I wanted to write today to bring to light a common practice in the administration of a 401k plan that might sneak up on many companies.  It is often the case that companies are asked to approve distribution requests on behalf of terminated employees.  These approval requests can come from either the recordkeeper or the TPA on the plan.  Attached to these emails is generally a distribution form with the terminated employee’s information, including address, date of birth, and Social Security Number.  Talk about a crook’s dream come true. 

What is particularly sneaky about these requests is that even if the email goes to the employer encrypted, the employer doesn’t always send it back encrypted.  This is a weakness and one of which employers should be aware.

Are you an employer who is approving distribution request from terminated employees?  How about approving loans for existing employees?  Hardship withdrawals?  Doing all this over the email system with confidential employee data, are you?  Don’t think the bad guys will ever find out?

There are several areas of potential security breaches when operating a retirement plan.  If you are a company that would like to ensure you are doing what you can to protect your employees’ data, give me a call.  I would love to walk you through a checklist to make sure you are being as careful as possible.

Pete Welsh a/k/a 401kGuy
0 Comments
    Picture

    Archives

    July 2020
    June 2020
    May 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    January 2019

    Categories

    All
    1031 Exchange
    401k Plan
    501(c)(3)
    Benefits Programs
    Best Practice
    Buy Sell Agreement
    CARES Act
    COVID 19
    COVID-19
    CPA
    Cyber Security
    Data Breach
    Defined Benefit Plan
    Eligibility
    Emergency Fund
    ERISA
    Estate Planning
    Financial Education
    Financial Planning
    Financial Stress
    Form 5500
    Hardship Distribution
    Healthcare Costs
    Health & Wealth
    Income Taxes
    Insurance
    Investing
    Investment Advice
    IRA
    Lawsuit
    Life Insurance
    LLC
    Member
    Parents
    Partnership
    Part Time Employees
    Plan Audit
    Profit Sharing
    Recruiting
    Rehring Employees
    Required Minimum Distributions
    Retirement
    Retirement Plan
    Retirement Planning
    Retirement Readiness
    Roth
    S Corp
    S-Corp
    Seasonal Workers
    Shareholder
    Signing Bonuses
    Social Security
    Student Loan
    Tax-Deferred
    Taxes
    Tax Exempt

    RSS Feed

All services discussed on this site offered through JarredBunch Consulting, LLC, a SEC-registered investment advisor.
3625 E 96th Street
Indianapolis,IN 46240
317-202-1891
  • Home
  • Blog