Spectrum Resource Center

Advice, Articles, Events, Insights, News, Newsletters, Opinions, Press Releases, Updates, and More from Spectrum.


Retirement Plan Access & Fraud Prevention Considerations

As a significant investment for many Americans, retirement plan assets are an attractive target for cyber hackers globally. In today’s highly digitized/online environment there are ample opportunities for cyber crooks. Plan participants need to take common sense measures to safeguard their accounts. Plan sponsors now face the dual challenge of providing online access to participants’ retirement plans while keeping their information secure. Implementing and maintaining a proactive cybersecurity strategy is key for both parties.

Effective cybersecurity needs to consider the possibility of security breaches from multiple vantage points, including:

  • Suspicious call center activity - Criminals call into retirement plan call centers impersonating participants to access accounts.
  • Employees - An unintentional action such as misplacing a laptop, accessing client data through an unsecured internet connection, opening email messages, and downloading attachments can lead to a cybersecurity breach.
  • Plan participants - Participants can inadvertently cause a breach which could be potentially damaging to their retirement plan account.

A few examples of a potential cyberattack on a retirement account at a participant level include:

  • Phishing - A criminal masquerades as a bank or institution that the victim has a relationship with to solicit personal data from them via email.
  • Malware - A cyber crook accesses personal data through malicious software that the participant may not have protections against.
  • Ransomware - Criminals collect information about their victims and withhold access to a computer system or account until the victim pays a sum of money.

Participants Can Help Thwart Potential Hackers
Retirement plan participants also have an active role to play in safeguarding their retirement accounts. Encourage participants to:

  • Monitor retirement accounts - Check their retirement accounts regularly and immediately report any suspicious activity.
  • Protect passwords - Use strong passwords that are different from the passwords used on other sites and include letters, numbers, and special characters. Avoid sharing passwords and change a password at least every 90 days.
  • Access account information wisely - Don’t access financial accounts on public Wi-Fi and don’t use public computers to check accounts.
  • Not respond to suspicious emails or phishing and never open or download suspicious attachments.
  • Protect against malware by installing a security suite or program that includes antivirus, antispam, and malware protection.
  • Ensure that the answers set up for online security questions are not comprised of publicly available information such as a birth date, child’s first name, or anything readily available on social media.

Cybersecurity Tips For Plan Sponsors

As a Plan Sponsor, adopting best practices to safeguard retirement plan accounts in this challenging cyber landscape is key. When reviewing your company’s cybersecurity plan, consider the following factors:

  • Rights and controls - What policies and procedures does your company have in place to prevent unauthorized access to systems or information?
  • Internal controls - may include controlling physical access to assets and facilities, tightening access to client information by employees, effective use of complex passwords, firewalls, and antivirus software deployment.
  • External controls - may include automatic encryption of all data in transit to and from each firm with which data is shared.
  • Participant verification - How does your company verify the authenticity of a participant’s request to transfer funds or conduct other transactions?
  • Incident response - What are the firm’s policies and procedures related to a cybersecurity incident response? Ensure there are efficient mechanisms in place to deliver a timely response and critical communications related to any detected cybersecurity threat or incident.
  • Service provider safeguards - Review and understand the cybersecurity processes that service providers have implemented. These processes can range from multi-factor authentication to process flows, and fraud detection.

Every day, cybersecurity grows more complicated as hackers evolve and refine ways to acquire private information criminally. Your local Spectrum representative is available to you as a resource for any questions you may have on this growing cybersecurity issue.

blog comments powered by Disqus


professional plan design practice 401k defined benefit pension loan participant loan investing margin spectrum open golf pano cancer event tournament philanthropy retirement readiness fiduciary rule tax cuts newsletter cybersecurity plan termination merger acquisition gender retirement gap lifetime income investment returns women men fees dol documents compliance press release bi cloud technology azure plan intelligence docusign microsoft myretirement limits irs retirement plan contribution plan faq participant questions payroll finwell plan education financial wellness employees financial stress education entreprenuers business accumulation startup wealth asset allocation investments fis innovation ira technology charity award 40th anniversary celebration impact fiduciary tax deduction participant outcomes uncashed checks distributions automation recordkeeping case study millennials soc-1 portal psoy cash balance plan sponsor of the year abg mfa enrollment escalation video automatic qdia qualified default investment alternative roth debt credit saving safe harbor nondiscrimination adp acp top-heavy plan sponsor 3(16) erisa hardship withdrawal audit bond owner bundled unbundled forfeiture forfeit vested vesting consulting employer connect reports student loans db/dc providers services guide erisawrap welfare benefit plan fundraiser document cancer reserach retirement confidence unvested vested account balance wrap spd wrap document plan document welfare benefits employee benefits healthcare wrap market volatility participant behavior socially responsible esg plan participation spectrumopen spd wrapspd spectrumplatform qaca participation restate restatement erisa bond fidelity bond bonding goals plan amendment secure act SECURE secure act of 2019 legislation secureact secureact2019 secureactof2019 election 2020 coronavirus covid-19 business continuity cares act cares covid19 relief retirement plan relief the cares act covid the secure act workforce demographics older employees engagement SECURE 2.0 Act Retirement Plan Legislation 401(k) cbpp defined contribution

ERISA Workplace Retirement Plan Limits

The federal government annually publishes updated qualified retirement plan limits, which impact the contributions, benefit accruals, and compliance of ERISA covered qualified retirement plans. The below tables summarize the most significant changes in recent history.


Keep up on our evolving products, services, solutions, and technology through our Newsletters.

About Our Firm

Spectrum is a B2B consulting firm, which enables American Workers to plan and save towards a dignified financial future by designing, administering, and operating the ranges of retirement and financial plans for U.S. employers.

Get in touch

  • Address: 6402 19th Street, Tacoma, WA 98466, USA

  • Phone: +1 (253) 565-2100

  • Email: Contact Us Form