SECURE Act 2.0: Expanded Self-Correction and New Overpayment Correction Rules and Relief

January 10, 2023

The SECURE 2.0 Act of 2022 makes far-ranging changes to the US employer-retirement plan system intended to expand access to retirement plans and encourage savings by US workers. This LawFlash—one in a series—examines provisions regarding expanded self-correction and new overpayment correction rules and relief.

In a development that was surprising to many benefits practitioners, SECURE Act 2.0 includes provisions addressing the correction of errors arising in the day-to-day operation and administration of a retirement plan. Historically, plan correction issues have been addressed by the Internal Revenue Service (IRS) through administrative guidance and not by Congress through legislation. However, perhaps out of concern for the increasing complexity of plan administration, Congress jumped into the correction waters with a number of SECURE Act 2.0 provisions that direct the IRS to update its plan correction guidance to expand the availability of retirement plan correction opportunities and to create a self-correction program for custodians of IRAs.[1]

(See also our prior LawFlash articles for a deeper dive into other provisions of SECURE Act 2.0.)


SECURE Act 2.0 significantly expands the ability of plan sponsors to "self-correct" certain failures that may arise in the day-to-day operation and administration of retirement plans. To understand the nature and extent of the SECURE Act. 2.0 changes, it is helpful to have a general understanding of certain aspects of the existing programs and procedures for self-correcting retirement plan errors.

Current Self-Correction Program

The IRS currently maintains a correction program, referred to as the Employee Plans Compliance Resolution System (EPCRS). EPCRS includes a Self-Correction Program (SCP) component through which plan sponsors can self-correct certain types of errors without the need to make a submission to the IRS or obtain IRS approval. In 2021, the IRS updated EPCRS to expanded self-correction opportunities under SCP. (See our LawFlash regarding the updated EPCRS for more details regarding these expansions). However, even this expanded version of EPCRS contained critical limits on the types of errors that could be self-corrected. Notably, SCP currently provides the following:

  • "Insignificant" Operational Errors Eligible for Self-Correction Anytime – Sponsors of qualified retirement plans, 403(b) plans, and certain SEPs and SIMPLE IRA Plans can self-correct so-called "insignificant" operational failures at any time. The determination of whether an error is insignificant (or significant) is based on the relevant facts and circumstances. EPCRS identifies certain factors that may be relevant in this determination, including: (1) the reason for the failure and occurrence of other failures; (2) the relative amount of plan assets/contributions involved; (3) the duration of failure and timing of correction; and (4) the number of participants affected (relative to those who could have been affected and to the plan population). In applying these factors, one-time inadvertent errors that impact only a few participants over a short period of time might reasonably be characterized as insignificant while errors impacting a large number of participants, involving significant plan assets, and/or occurring over a longer period of time might be characterized as significant. However, EPCRS notably did not include any safe harbors for determining whether a failure was significant or insignificant, leaving any determination potentially subject to second-guessing on review.
  • Significant" Operational Errors and Plan Document Errors Eligible for Self-Correction Only Within Certain Time Periods and Under Certain Circumstances – Sponsors of qualified retirement plans and 403(b) plans can self-correct "significant" operational failures (i.e., failures that are significant under the relevant facts and circumstances as described above) and certain plan document errors (e.g., the failure to timely adopt a plan document or compliance amendment) only if the following requirements are satisfied: (1) the correction is completed or substantially completed by the last day of the third plan year following the plan year in which the failure began; (2) the plan or plan sponsor is not "under examination" by the IRS (unless the correction is substantially corrected at the time that the plan or plan sponsor is under examination); and (3) the plan is the subject of a favorable determination letter.
  • Certain Plan Loan Errors Not Eligible for Self-Correction – Certain errors involving plan loans—such as loans that exceed the applicable dollar limits under Code Section 72(p) and loans that do not satisfy the level amortization requirement or maximum repayment term limits—are not eligible for self-correction, regardless of whether the errors are insignificant or significant and regardless of when the errors are discovered or corrected.

SECURE Act 2.0 Significantly Expands Self-Correction

SECURE Act 2.0 significantly expands self-correction and permits qualified retirement plans, 403(b) plans, SEPs, and SIMPLE IRA Plans to self-correct any “eligible inadvertent failure” to comply with applicable requirements of the Internal Revenue Code (Code). For these purposes, an "eligible inadvertent failure" is any failure that occurs despite the existence of practices and procedures that are reasonably designed to promote and facilitate compliance with applicable requirements of the Code. However, eligible inadvertent failures do not include any failure that is egregious, relates to the diversion or misuse of plan assets or is related (directly or indirectly) to an abusive tax avoidance transaction.

This expanded opportunity to self-correct eligible inadvertent failures is available unless (1) the failure was identified by the IRS before any actions that demonstrate a specific commitment to implement a self-correction with respect to the failure and (2) the self-correction was not corrected within a "reasonable" period of time after the failure was identified. SECURE Act 2.0 provides that eligible inadvertent failures must be corrected in conformity with general principles of the Code, regulations, and other guidance (including the current version of EPCRS) and directs the IRS to issue updated guidance (e.g., an updated version of EPCRS) within two years of the enactment of SECURE Act 2.0.

As compared to current rules, SECURE Act 2.0 significantly expands self-correction in the following ways:

  • No Specific Deadline for Self-Correcting Failures – There is no deadline to correct eligible inadvertent failures, provided that the failure is corrected before it is identified by the IRS and it is corrected within a reasonable period of time after it is discovered. SECURE Act 2.0 specifically states that the correction period "is indefinite and has no last day." This means that eligibility for self-correction is driven by when an error is discovered and not by when it occurred or whether the failure is "significant" or "insignificant." As a result, it will now be possible to correct even significant errors that occurred many years ago.
  • Expanded Definition of Failures Eligible for Self-Correction – The "eligible inadvertent failure" definition is very broad and is not limited to particular types of failures (e.g., operational errors or plan document errors). This means that certain types of failures (notably, failures involving plan loans) that previously were not eligible for self-correction can now be self-corrected. In addition, plan document failures (e.g., the failure to timely adopt a compliance amendment) occurring many years ago now appear to be eligible for self-correction. And while not entirely clear, it may also mean that certain types of more serious failures (e.g., so-called "demographic failures" or "employer eligibility" failures), which the IRS historically has viewed as not being eligible for self-correction, may now be eligible.
  • Expanded Availability of Self-Correction When Under IRS Examination – There is no longer any restriction on the ability to correct while the plan or plan sponsor is under examination if the sponsor can show the IRS “any actions which demonstrate a specific commitment to implement a self-correction” before the IRS identifies the failure. Before SECURE Act 2.0, insignificant operational failures could be corrected while under examination but a significant operational failure that was being self-corrected was required to be “substantially completed” in order to avoid audit sanctions. Although SECURE Act 2.0 has made it easier for plan sponsors to complete self-corrections that have begun before an examination, if the failures are identified by the IRS before any actions are taken (e.g., IRS identifies the failure before the plan sponsor), audit sanctions can still apply.
  • Expansion of Retirement Vehicles Eligible for Self-Correction – EPCRS currently limits self-correction to qualified retirement plans and 403(b) plans. SECURE Act 2.0 expands self-correction to include SEPs and SIMPLE IRAs. (Note: SECURE Act 2.0 also expands self-correction to include IRAs, which will be addressed in more detail in a separate LawFlash.)

Observation: SECURE Act 2.0 unquestionably expands the ability to self-correct retirement plan errors. However, the exact contours of this expanded self-correction will not be entirely clear until (as directed by SECURE Act 2.0) the IRS issues updated guidance. That is, as noted above, SECURE Act 2.0 provides that corrections must be made in accordance with general principles that apply under the Code, regulations, and other guidance (including the current version of EPCRS). As such, the IRS will have some degree of interpretative input and discretion over the exact scope and details of the expanded self-correction features.

Observation: Even as expanded by SECURE Act 2.0, there are still certain self-correction requirements that plans must satisfy. For example, actions demonstrating a commitment to self-correction must still be undertaken before the failure is identified by the IRS and self-correction must be undertaken within a reasonable period of time after the error is identified. As such, to take advantage of the expanded ability to self-correct failures, plans must still undertake corrective action promptly after a failure is identified.

Specific Additional Relief for Self-Corrected Plan Loan Failures

In addition to expanding the scope of plan loan failures that can be self-corrected, SECURE Act 2.0 provides additional relief with respect to plan loan corrections in two key respects. First, SECURE Act 2.0 provides that EPCRS's relief from having to report corrected deemed distributions on Form 1099-R will apply to self-corrected failures. Second, SECURE Act 2.0 provides that the Department of Labor (DOL) must treat any self-corrected eligible inadvertent plan loan failure as meeting the requirements of the DOL’s Voluntary Fiduciary Correction Program (VFCP). However, SECURE Act 2.0 gives the DOL the ability to impose reporting or procedural requirements on any self-corrections for which the VFCP has a similar loan correction method for the same failure.

Observation: SECURE Act 2.0’s direction to treat a self-corrected loan failure as satisfying the requirements of the DOL’s VFCP overcomes a critical barrier. Previously, only an IRS filing could correct certain plan loan failures—e.g., failures involving loan limits—and preserve the loan’s prohibited transaction exemption. What is not clear, as of yet, is whether SECURE Act 2.0 will affect the DOL’s recently issued proposed rule, Prohibited Transaction Exemption (PTE) 2002-51 To Permit Certain Transactions Identified in the Voluntary Fiduciary Correction Program, which included a self-correction program for failure to timely deposit participant contributions. The DOL’s proposed rule included a reporting requirement for self-corrected deposit failures, which conceivably could be expanded to include reporting of self-corrected loan failures.


Effective with respect to errors for which the correction deadline is after December 31, 2023, SECURE Act 2.0 makes permanent a safe harbor for correcting certain elective deferral failures involving automatic contribution features (i.e., plans with automatic enrollment and/or automatic escalation features).

Currently, EPCRS provides a temporary safe harbor for correcting failures to implement correctly a plan's automatic contribution feature or an employee's deferral election, or failure to offer an employee the opportunity to make a deferral election, as long as the failure is corrected in a timely manner (i.e., by the earlier of (1) nine and a half months after the end of the plan year in which the failure begins or (2) the first pay date in the month following the month the participant notifies the plan sponsor of the error) and certain procedural requirements are satisfied (e.g., timely notice of the error and correction is provided to affected participants).

Under this temporary safe harbor, a plan sponsor does not have to make a corrective contribution for so-called "missed deferrals" (i.e., the elective deferrals that would have been contributed to the plan but for the failure). However, the plan sponsor must make a corrective contribution for any missed matching (or other employer) contributions (plus earnings) that would have been received had the failure not occurred.

In addition to making the temporary safe harbor permanent, SECURE Act. 2.0 expands and clarifies the safe harbor by specifying that the safe harbor can be used when the failure affects terminated employees, and that the correction is available even after the failure is identified by the IRS. SECURE Act then directs the IRS to issue specific rules regarding the safe-harbor correction, including the calculation of matching contributions, timing of deposit of matching contributions, content of required notices, and earnings adjustments.

Observation: Past regulatory and legislative changes have made it easier for plan sponsors to adopt automatic contribution features. The temporary safe harbor recognized that failures involving automatic contribution features are more common and sometimes can be costly to correct. By making the safe-harbor permanent and extending its application in certain respects (e.g., by making clear the safe-harbor correction can be applied to terminated employees and used even if the IRS discovers the error first), SECURE Act 2.0 further encourages the use of automatic contribution features and provides additional protection to plans that utilize them.

NEW RELIEF AND RULES FOR CORrecting plan overpayments

SECURE Act 2.0 provides relief and establishes new rules relating to the correction of overpayments from retirement plans. To understand the nature and extent of the SECURE Act. 2.0 changes, it is helpful to have a general understanding of the current rules for correcting overpayments.

Current Overpayment Correction Rules and Concepts

Retirement plan overpayments generally include payments that a participant receives in excess of what is permitted by the plan terms or applicable regulatory limits. Overpayments may include amounts that a participant is not entitled to receive under the terms of the plan (e.g., incorrectly calculated pension benefits) or amounts a participant receives prematurely (e.g., impermissible in-service distribution of amounts from a 401(k) plan).

The Employee Retirement Income Security Act of 1974, as amended (ERISA), does not contain any specific fiduciary rules or requirements relating to the recovery of overpayments. However, it is broadly recognized that retirement plan fiduciaries have some obligation under ERISA's general fiduciary duties to take reasonable steps to recoup any overpayments. While these reasonable steps may not require a fiduciary to take aggressive action to recoup overpayments in every instance (retain a collection agency, initiate legal proceedings, etc.), a fiduciary would be expected to take at least some steps that were proportional to recoup the overpayments at issue.

From a Code and tax compliance perspective, retirement plans generally must provide benefits in accordance with the terms of the plan, and the failure to do so by overpaying plan benefits is a violation of these requirements. Through EPCRS, plan sponsors have long had the opportunity to address these tax compliance concerns and correct overpayments. Earlier iterations of EPCRS required plan sponsors to take some affirmative steps to recoup overpayments from participants. EPCRS no longer requires this in every instance and provides plans with greater flexibility for seeking recoupment of overpayments or not. Except for certain de minimis overpayments, EPCRS still requires plans to notify participants who received overpayments that the overpayments were not eligible for favorable tax treatment (i.e., not eligible for tax-free rollover).

New SECURE Act 2.0 Relief and Rules Regarding Overpayments

SECURE Act 2.0 provides new rules and overpayment recovery relief from both an ERISA fiduciary and a Code tax compliance perspective. With respect to ERISA’s fiduciary requirements, SECURE Act 2.0 provides that a retirement plan fiduciary will not be considered to have breached their ERISA fiduciary duties if the fiduciary exercises discretion to not seek recovery of an overpayment.

However, this relief is only available for individual account plans (e.g., a 401(k) or 403(b) plan) if there is no impermissible forfeiture of a participant's benefit, and it is only available for defined benefit pension plans if the plan continues to satisfy the minimum funding rules and there would be no material impact on the plan's ability to pay benefits to other participants and beneficiaries. In addition, the availability of the relief is subject to the general requirement that a plan must maintain and follow procedures to prevent and minimize overpayments.

With respect to Code and tax compliance relief, SECURE Act 2.0 similarly provides that a plan will not fail to be treated as satisfying the requirements of Code Section 401(a), 403(a) or 403(b) because the plan fails to recoup an overpayment or because the plan sponsor amends the plan (including retroactively) to increase past benefit to adjust for overpayments.

However, again, this relief does not relieve an employer of any obligation to restore an impermissible forfeiture of benefits or to satisfy the minimum funding rules that apply to defined benefit plans. Further, this relief does not excuse a plan from complying with limits imposed by Code Section 401(a)(17) (the annual compensation limit) or Code Section 415 (the annual additions limit). SECURE Act 2.0 further provides that an overpayment is eligible for treatment as a tax-free rollover if the overpayment otherwise meets the Code's definition of an eligible rollover distribution (but for the fact it is an overpayment).

Importantly, SECURE Act 2.0 does not prohibit a fiduciary from seeking to recoup overpayments, and such recovery can still be accomplished through a reduction in future benefit payments to recover the overpayment. However, if a plan fiduciary exercises its discretion to recoup overpayments, SECURE Act 2.0 establishes a number of rules and limits on how this recoupment effort can be undertaken. In particular, fiduciaries:

  • in determining the amount of recoupment to seek, may consider the hardship that recoupment would impose on the participant or beneficiary (even if the participant or beneficiary is culpable in the overpayment);
  • may not seek to recoup interest or other additional amounts (e.g., collection costs or fees) other than the actual overpayment;
  • may not seek to recover past overpayments to a participant from any beneficiary of the participant (including a spouse, former spouse or other beneficiary);
  • may not seek to recover past overpayments from a participant or beneficiary if the first overpayment occurred more than three years before the participant or beneficiary is first notified of the error in writing;
  • may not undertake efforts to recoup overpayments through threats of litigation (unless the fiduciary determines that the amounts recovered are reasonably likely to exceed the litigation costs) or through the use of a collection agency or other similar third party (unless the participant or beneficiary ignores or rejects a legal judgment or settlement agreement);
  • in situations where the recoupment of overpayments is undertaken by reducing annuity benefit payments, may not (1) continue the reduction after the plan has recovered the full dollar amount of the overpayment, (2) recoup more than 10% of the full dollar amount of the overpayment in a calendar year, and (3) reduce future benefit payments below 90% of the periodic benefit payment amount otherwise payable under the terms of the plan; and
  • must provide the overpayment recipient with the opportunity to contest the recoupment of the overpayment through the plan's claims and appeals procedure.

However, most of these rules/limits on a fiduciary's ability to recoup overpayments will not apply in situations in which the participant or beneficiary is "culpable" (i.e., if the participant or beneficiary bears responsibility for the overpayment based on misrepresentations or misstatements or knows that the overpayments were materially in excess of the correct amount due under the terms of the plan).

Observation: SECURE Act 2.0 establishes very helpful rules and relief for situations in which plans and fiduciaries may prefer not to seek recoupment of a particular overpayment. These rules will be particularly helpful for smaller overpayments, where the administrative costs and steps involved in attempting to recoup an overpayment often outweigh the overpayment amount. However, the strict additional rules and limits on recoupment may substantially limit an ability to recoup overpayments, except in cases where the overpayment is identified relatively quickly (i.e., within three years) or there is fraud or clear knowledge of the overpayment by the participant or beneficiary.

Observation: Moreover, SECURE Act 2.0 allows the plan sponsor to amend the plan through self-correction to address inadvertent overpayments. No time limit is placed on this ability, but any amendment remains subject to the Code Section 401(a)(17) limit on plan-eligible compensation and the Code Section 415 limits.

The changes to the overpayment recoupment procedures described above are effective upon the enactment of SECURE Act 2.0 (December 29, 2022). In addition, SECURE Act 2.0 provides certain retroactive relief for actions undertaken before December 29, 2022. More specifically, plans, fiduciaries and other parties are entitled to rely on (1) a good faith interpretation of administrative guidance in effect for recoupments and recoveries that started before December 29, 2022 (including relief allowing reduced payments that were put in place before December 29 to continue in future) and (2) determinations made by plan fiduciaries not to seek recoupment of overpayment.


If you have any questions or would like more information on the issues discussed in this LawFlash, please contact any of the following:

New York
Seattle/San Francisco

[1] A discussion of the IRA-specific provisions of SECURE Act 2.0 will be part of a separate LawFlash.