401(k) Plans – Who is a plan fiduciary, and why does it matter?

By: Scott Garrison


Over the years of auditing 401(k) plans, it has been my experience that most employees at within a company don’t know or even care what a plan fiduciary is, and they certainly would answer “No” if you asked them if they are a plan fiduciary.  When we show up to do the audit, often the CFO and accounting staff point down the hall to the human resources department and vice versa.  We often have to look back at the 5500 filing to see who signed the return just to find out who is the Plan Administrator.  Rarely do we find a plan where there are defined roles within the plan administration, where everyone knows their role, duty and responsibility as it relates to the Plan.  That can be nerve wrecking for us as plan auditors, but the more frightening thing is that one or two employees in all organizations fit the definition of a plan fiduciary, and these employees don’t even know that they ARE a plan fiduciary.  Nor do they know the potential personal liability and consequences they could face for failure in their role as a plan fiduciary.


Now that I’ve got your attention, who is a plan fiduciary?  Plan fiduciaries play the lead role in safeguarding the rights of plan participants.  They are guided by strict standards and the consequences for breach of fiduciary duty can be extremely high.  A plan may, and frequently will, have multiple fiduciaries with distinct and potentially overlapping areas of accountability.  ERISA generally considers you to be a fiduciary if you:


  • Possess any discretionary authority or control over plan administration or management, including creating the rules, policies, practices, and procedures governing plan administration


  • Possess any discretionary authority or control over the investment, management, or disposition of plan assets


  • Provide the plan with investment advice for a fee or other compensation


Okay, now will all the plan fiduciaries please stand up.  In addition to possibly meeting one of the definitions above, known as a Functional Fiduciary, every plan will also have a Named Fiduciary (specifically named or appointed).


If you have come to the conclusion based on the information above that you qualify as a plan fiduciary, what are some of the major duties you must follow?


  • Act solely in the interest of participants and beneficiaries
  • Make policy decisions (including investment policy)
  • Avoid prohibited transactions
  • Select qualified service providers and plan auditors
  • Monitor service providers
  • Act under ERISA Standards of Conduct (as a “prudent fiduciary”)
  • Ensure the plan pays only reasonable fees
  • Understand the Plan Document (especially the definition of Plan Compensation) and follow it


These are broad categories and a more thorough discussion of each of the points listed above would be too in-depth for the purpose of this article.  However, care should be taken by plan fiduciaries to learn more about each topic listed.  Some good resources provided by the U.S. Department of Labor (DOL) and the IRS are listed below:


The web link directly below is to the DOL – Employee Benefits Security Administration Fiduciary Education Campaign website and includes nationwide educational seminars and webcasts to help plan sponsors understand rules and meet their responsibilities to workers and retirees. The campaign also includes educational materials on topics such selecting an auditor.




Additionally, the following links to the DOL and IRS websites offer publications that provide an overview of the basic fiduciary responsibilities applicable to retirement plans under the law.






As noted earlier in this article there are significant consequences related to a breach of plan fiduciary responsibility.  The following is an overview of potential consequences:


  • Personal criminal liability (including imprisonment and fines)
  • Personal DOL civil liability for 20% to 50% of monies recovered
  • Personal liability under ERISA §409
  • Civil liability of Sponsor


As a plan fiduciary, the role of a helping to maintain a successful retirement plan and assisting the employees in your company with reaching financial security and goals for retirement is an important one and should not be taken lightly.  The following list of “Best Practices” should be applied in order to avoid a breach of plan fiduciary duty and to ensure plan success:


  • Establish a structure for plan governance with clearly designated responsibilities
  • Setup an investment committee and adopt an investment policy
  • Monitor plan service providers
  • Get fiduciary liability insurance
  • Use checklists and calendar reminders to maintain plan compliance
  • Retain minutes from board of directors or committee meetings on decisions made related to the plan
  • Read and understand the Plan Document and make sure you are following it
  • Maintain an appropriate fidelity bond with the plan not the plan sponsor as the named insured
  • Hire a qualified plan auditor (ask how many 401(k) audits they do annually; are they are member of the AICPA Employee Benefit Audit Quality Center; ask for a copy of the firms most recent peer review results)
  • Deal with known exceptions and prohibited transactions properly and timely
  • Understand the fees that the plan pays and determine if they are “reasonable”


We are here to help.  Please contact me with any questions or if you would like assistance implementing the “Best Practices” or determining who in your company is a plan fiduciary.