DOL’s Proposed Notice and Access Electronic Disclosure Safe Harbor: An Analysis

November 21, 2019

The US Department of Labor recently issued a proposed rule to supplement the Department’s existing electronic disclosure regulations and ease the burden of compliance with many of ERISA’s retirement plan disclosure obligations. While the proposal is a welcome change for retirement plan sponsors, it does raise some questions and challenges.

As previously discussed, the US Department of Labor’s (the Department’s) proposed rule[1] leaves in place the existing “wired at work” and “affirmative consent” safe harbor electronic disclosure rules, but adds a new “notice and access” safe harbor rule[2] that, as currently drafted, would permit retirement plans(but not welfare plans) to satisfy certain ERISA disclosure requirements by posting those documents to a website and providing notice to participants of the availability and importance of the documents and guidance on how to access the documents. The Department has invited public comment on the proposed rule through November 22, 2019.

The proposal is generally viewed as a welcome development by the plan sponsor community, as the Department’s existing electronic disclosure regulations date from 2002 and have long been perceived as out of date. But while the plan sponsor community is optimistic that, upon finalization, the new notice and access safe harbor will modernize the electronic disclosure options, the proposed rule presents a number of unresolved questions and implementation considerations.

Elements of Proposed Rule

Under the proposed rule, a retirement plan administrator can post many of the ERISA-required disclosure documents to a designated website rather than sending those documents by paper mailings. This delivery method can be used for mailings to participants, beneficiaries, and other individuals entitled to receive the relevant disclosures (other than documents that must be furnished upon request). To use the new rule, plan administrators will have to satisfy a number of procedural and substantive requirements, including, among others, initial paper and ongoing electronic notice requirements, timing requirements, content requirements for the notices and the website, opt-out opportunities, and notice delivery monitoring requirements to ensure that the notice of availability is not rejected. Herein we summarize key elements of the Department’s proposal and point out those areas where the Department may clarify the notice and access safe harbor.

Scope of Proposed Rule and Covered Documents

As a threshold matter, it is notable that the proposed rule is limited to ERISA-required retirement plan disclosures. In carving out welfare plan disclosures, the Department indicated that welfare plans, such as group health plans, presented different considerations, such as the need to coordinate guidance with the US Department of the Treasury and Department of Health and Human Services. However, we expect that the Department may receive comments requesting that the rule be extended to welfare plans, and it remains to be seen whether the Department will do so.

The proposed notice and access safe harbor rule does not extend to all ERISA-required disclosures. Rather, the Department limited its application to documents that must be provided automatically under Title I of ERISA, such as summary plan descriptions (SPDs), summaries of material modifications (SMMs), annual funding notices, summary annual reports, safe harbor notices, qualified default investment alternative notices, blackout notices, etc. Documents that must be provided to participants upon request are excluded from the scope of the proposed rule. These specifically requested documents can include, among others, the plan document, the latest Form 5500, the latest SPD, and other instruments under which the plan is established or operated. The Department has requested comments on whether the scope of the covered documents is appropriate, and we expect that commenters from the plan sponsor community will be in favor of the Department’s current proposal as well as advocate for additional documents to be covered by the safe harbor.

Covered Individuals with Valid Electronic Addresses

To be eligible to receive disclosures under the notice and access safe harbor, the applicable individual must either provide an electronic address to the plan or have an electronic address assigned to him/her by an employer. Although a covered individual must be provided an opportunity to opt out, notably absent is a requirement that the covered individual affirmatively consent to receive electronic disclosures. Moreover, the notice and access safe harbor can apply to current employees who are not “wired at work” and to former employees for whom the plan or the employer has valid electronic addresses. This is a significant departure from the existing electronic disclosure safe harbors, which limit electronic disclosures to individuals who affirmatively elect to receive disclosures electronically and employees for whom the use of the employer’s computer system is an integral part of his or her duties (i.e., “wired at work”).

One additional notable point is that the Department indicates that the electronic address identified in the proposed rule is not limited to email, but could be an internet-connected mobile computing device number (e.g., a smartphone or tablet  ). In addition, the Department noted that the proposed rule is not intended to be limited to existing technology, and has invited comments on the scope of its “electronic address” proposal and whether different types of technology warrant different considerations.

Initial Paper Notice of Electronic Delivery and Right to Opt Out

Beforeutilizing the notice and access safe harbor method, the plan administrator must first notify the applicable participants by paper that their retirement documents will be furnished electronically. The paper notification must also inform participants that they have a right to opt out of such electronic delivery and can request and receive paper copies of the documents. The notification should explain what procedures the participants need to follow to exercise their rights.

The notice and access safe harbor can be applied only to covered individuals to whom the initial paper notice is provided, regardless of whether the covered individual is currently eligible under one of the other electronic disclosure safe harbors. However, plan administrators may rely on more than one safe harbor and could provide the initial paper notice only to certain groups of participants. This provides plan administrators with important flexibility, as it is not necessary to alter any existing procedures intended to comply with one of the two current electronic disclosure safe harbors.

Notice of Internet Availability; Timing and Content

In addition to the initial paper notification, plan administrators must send out a “notice of internet availability” to the covered individual’s electronic address. The notice either needs to be provided each time a document is posted to the website or, in the case of certain documents (e.g., SPDs, SMMs, summary annual reports, pension benefit statements), can be provided in a consolidated annual notice.

The proposed rule sets forth a number of form and content requirements for the notice of internet availability. Some of these requirements seem straightforward, such as a requirement that the notice must describe the nature of the documents being posted on the website; a requirement that the website address lead participants directly to the posted document or a prominent link to such a document after a log-in page; and a reminder of the right to receive paper documents with guidance on how to request paper documents or opt out of the electronic disclosure.

Other content requirements may present challenges. For example, one requirement is that the notice be “written in a manner calculated to be understood by the average plan participant.” The Department indicates that “[a] notice that uses short sentences without double negatives, everyday words rather than technical and legal terminology, active voice, and language that results in a Flesch Reading Ease test score of at least 60 [which approximately equates to an eighth-grade reading level] will satisfy the fourth requirement.” Although evaluating the readability of written documents under the Flesch Reading Ease test is currently an embedded feature in Microsoft Word, meeting this standard may present challenges for plan administrators. This LawFlash, for example, has a Flesch Reading Ease score of approximately 21, which equates to a university-level of readability. And the “ERISA Rights Statement” that is required by regulation to be included in every summary plan description earns a Flesch Reading Ease score of 46, which means that the Department’s own disclosure would fail one of its own plain-English standards.

Standards for Internet Website

With respect to the materials that are posted to the website, plan administrators must “take measures reasonably calculated” to ensure the protections for participants. These protections include the following:

  • Keeping documents online until they are superseded by subsequent versions
  • Presenting documents in an easily understandable format
  • Making documents electronically searchable by letters, numbers, or words
  • Protecting the confidentiality of participants’ personal information
  • Ensuring documents are suitable for reading online and printing

Some of these requirements may present challenges, such as the requirement that all documents be searchable electronically. On the other hand, the proposed rule makes some allowances when it comes to maintaining the website. For example, if unforeseeable events or emergencies undermine the website’s accessibility and cause a temporary shutdown, such events would not automatically disqualify eligibility for the notice and access safe harbor, provided the plan administrator has established procedures to ensure that required plan documents will become available on the website and takes prompt action to resolve issues with the website and provide documents as soon as practicable.

Procedures to Guard Against Nondelivery of Notice of Availability

The proposed safe harbor also requires plan administrators to establish reasonable procedures to detect and track failed delivery of the notice of availability (e.g., a returned email) and, if the problem is not promptly cured, the intended recipient must be deemed to have opted out of electronic delivery. Particular challenges with nondelivery can arise when an employee severs employment but the plan administrator has been relying on an employer-provided electronic address. However, the Department helpfully notes that the plan administrator might easily cure an invalid or inoperable electronic address by keeping a secondary address—such as a personal, non-work-related email address—that can be used upon notice of a failed delivery.

Notably, however, the proposed safe harbor does not require the plan administrator to monitor whether the covered individual has actual notice of the contents of the electronic notice or visits or logs into the applicable website. This is an important element to the safe harbor, as an imposition of an obligation to track receipt of the notice or the provided disclosures could be excessively burdensome and make the safe harbor significantly less beneficial to plans.

Resulting Challenges and Questions

Although the proposed rule and new website delivery option are a welcome change and will provide another way for plans to furnish ERISA disclosure documents electronically, the proposal—and its many requirements—raise a number of unresolved questions.

For example, one question is whether a plan administrator can satisfy the rule with good-faith compliance efforts, even if it commits minor technical failures. It is unclear whether good-faith compliance with the obligation to confirm the continued accuracy of electronic addresses would be sufficient even if the plan administrator fails to catch that a few of the participant electronic addresses are no longer valid.

The proposed rule presents a number of practical challenges, which may require plans to rely on third-party service providers. These challenges include ensuring the continued accuracy of electronic addresses, the accuracy of the webpage, and any links to relevant documents; the need to present documents in a widely available format suitable for reading, printing, and permanent storage across all electronic devices; and the requirement that documents be searchable by word. To the extent that some or all of the safe harbor’s compliance requirements are assigned to a third party, the plan administrator must prudently select and monitor such party in order to fulfill the administrator’s fiduciary duties.

The proposed rule also raises questions regarding the interaction of the safe harbor with other legal requirements. For example, in recent years there has been litigation under the Americans with Disabilities Act (ADA) regarding inaccessible internet websites. In the absence of additional guidance from the Department or other government agencies, plan administrators taking advantage of the notice and access safe harbor will need to consider the impact of the ADA on the manner and content of their disclosures.

Another question is whether the requirement to properly maintain a website will create an additional burden when it comes to administrators’ fiduciary duty because the proposal states that administrators must prudently select and monitor any website providers.

Further, there is a lack of clarity in the proposal as to whether plan administrators will be able to rely upon the safe harbor before the implementation date, which is not until the first day of the first calendar year following publication of the final rule. Considering the late distribution of the proposed rule and the November 22 deadline for providing comments, it is unlikely that the final rule will be published during the 2019 calendar year. This means the reliance date is unlikely to occur before January 2021. However, considering that the proposed rule is a “safe harbor,” substantial compliance before the effective date of the final rule might be possible. Considering burdens and costs associated with current retirement plan disclosure obligations, the Department will hopefully address early compliance well before the effective date of the final rule.

How We Can Help

As noted, the Department has invited public comment on the proposed rule. Although this is still only a proposal, plans and service providers may want to begin thinking through their compliance with the safe harbor proposal. If you have any questions regarding that process or would like more information on the issues discussed in this LawFlash, please contact any of the following Morgan Lewis lawyers:

Lisa Barton

Marla Kreindler
Dan Salemi
Julie Stapel

New York
Craig Bitman

Bob Abramowitz
Amy Kelly

John Ferreira
Elizabeth Goldberg
Matt Hawes
Randy Tracht

Washington, DC
Rosina Barker
Althea Day
Greg Needles
Michael Richman
Jonathan Zimmerman

[1] 84 Fed. Reg. 56,894 (Oct. 23, 2019).

[2] 29 C.F.R. § 2520.104b-31.