The US Department of Labor (DOL) issued three long-awaited pieces of subregulatory guidance on April 14, addressing the cybersecurity practices of retirement plan sponsors, service providers, and plan participants, respectively. The guidance provides an important window into the DOL’s expectations of what ERISA’s prudence standards require with respect to cybersecurity matters.
Read our recent LawFlash for an in-depth analysis of, and further observations on, this new DOL guidance.