How a Prudent Process Protects Retirement Plan Fiduciaries: A Framework for Risk Mitigation

As we’ve examined in detail previously, being a fiduciary carries weighty responsibilities. Navigating these responsibilities doesn't require perfection—but it does demand process. As retirement plan consultants, our role is to lead plan sponsors through a clear, structured fiduciary oversight process that documents decision making, establishes a procedural framework, and helps mitigate fiduciary risk.

Below is a high-level overview of the checklist we use to guide fiduciaries through a prudent process that meets regulatory expectations and supports long-term plan success.

1. Establish a Foundation with a Committee Charter and Investment Policy Statement

Virtually every client engagement with LoVasco’s Retirement Plan Consulting group begins with two foundational documents:

• Committee Charter: This outlines the membership, roles, and responsibilities of the retirement plan committee. It clarifies how decisions will be made and who will make them.

• Investment Policy Statement (IPS): The IPS defines how the committee will evaluate, select, and monitor investment options over time.

These documents create a procedural roadmap for the plan. When followed consistently—and updated as needed—they help demonstrate that fiduciaries are fulfilling their duties prudently and responsibly.

2. Develop a Process to Document Ongoing Investment Oversight

Once the IPS is in place, the fiduciary should plan and document processes to ensure proper investment oversight by:

• Conducting quarterly investment reviews aligned with IPS criteria;

• Creating and maintaining detailed meeting minutes that explain decisions that were made, and how they were made—especially should a fund underperform or deviate from IPS benchmarks; and

• Evaluating use of Qualified Default Investment Alternatives (QDIAs). Not every employee actively selects their own 401(k) investments—and that’s where QDIAs come in. A QDIA is a type of investment option that plan sponsors can use as the default for participants who are automatically enrolled or who don't make an investment choice on their own.  
  
  QDIAs offer a “safe harbor” under ERISA regulations, so if a participant is defaulted into a QDIA and later complains about poor performance, the plan sponsor is protected—as long as they followed the rules for selecting and notifying participants about the QDIA.

3. Conduct Operational Audits of Plan Documents

Many fiduciaries assume their retirement plan is being operated in alignment with its plan document, but discrepancies are more common than expected. Every three years, the fiduciary and retirement plan consultant should perform an operational audit that:

• Reviews 30 to 50 key provisions in the plan document (eligibility, entry dates, loans, compensation definitions, etc.);

• Compares actual plan operations to the legal terms; and

• Offers suggestions on potential amendments to improve plan design or compliance.

This process ensures sponsors are following their own rules as stated in the foundational documents enumerated above—a core fiduciary responsibility.

4. Benchmark Fees and Review Service Providers

Fiduciaries aren’t required to offer the lowest-cost plan—but they are expected to ensure that fees are reasonable for the services rendered. Every one to three years, plan sponsors should work with their consultant to:

• Gather competitive quotes from recordkeepers and administrators;

• Benchmark both fees and services; and

• Evaluate value and competitiveness in the current market.

This data-driven approach ensures fiduciaries can justify plan costs and defend their choices if needed. Executing these benchmarks and documenting that they’ve been completed not only fulfills the plan sponsor’s duties as fiduciary, such documentation will also prove invaluable should an ERISA or Department of Labor audit come to pass.

5. Audit Share Classes for Net Cost Efficiency

Many mutual funds offer multiple share classes with varying internal costs and revenue-sharing arrangements. As the way net costs have evolved over the years, understanding the true cost that plan participants are paying per share class can be complicated and nuanced. It is important to work with a consultant that will periodically conduct share class audits to ensure:

• Participants are invested in the lowest net-cost option;

• Revenue-sharing credits are properly returned to participant accounts; and

• Participants are invested in the lowest net-cost option, understanding that revenue sharing is credited back to them.

This level of due diligence demonstrates a deep understanding of investment expenses—something the Department of Labor increasingly scrutinizes.

6. Evaluate Recordkeeper Cybersecurity Protocols

With growing concerns around data security, fiduciaries must now review and evaluate the cybersecurity policies of their plan’s recordkeeping providers. For our part, we make it part of standard process to help plan sponsors:

• Collect and document the cybersecurity policies of their recordkeeping providers;

• Assess provider policies and procedures for protecting participant data and assets; and

• Ensure action is taken when such policies are lacking and out of date.

This emerging fiduciary duty reflects today’s evolving risk environment and must not be overlooked.

7. Support Participant Education and Engagement

While not strictly required, we believe that plan participant education is a best practice under fiduciary guidance. A strong education strategy:

• Empowers employees to make informed investment decisions;

• Reduces complaints and confusion around plan performance; and

• Enhances the overall success of the retirement plan.

Financial wellness programs, targeted workshops, and accessible resources are all tools we recommend as part of a holistic fiduciary approach.

8. Oversee Regulatory Filings and Testing Requirements

Although regulatory compliance tasks often fall to the plan administrator or recordkeeper, fiduciaries are responsible for ensuring they get done. We assist sponsors in managing:

• annual nondiscrimination testing

• timely filing of Form 5500

• annual audits for plans with more than 100 participants

Missing these deadlines can trigger fines and increase regulatory scrutiny, so we help sponsors track submissions and ensure all data is provided promptly.

9. Maintain a Centralized Fiduciary File to Document Decisions

One of the most important protections a fiduciary can have is thorough documentation. That’s why we help plan sponsors build and maintain a centralized fiduciary file—a digital or physical repository that captures the “paper trail” of decisions and processes related to the retirement plan.

This file should include:

• the Committee Charter and Investment Policy Statement

• meeting agendas and minutes from all plan committee meetings

• investment monitoring reports and rationale for keeping or removing funds

• documentation from fee benchmarking, share class audits, and service provider reviews,
  copies of notices to participants, such as QDIA disclosures

• plan documents and cybersecurity evaluations

We work with clients to regularly update and organize this file, ensuring it's complete, compliant, and easy to access when needed. Should an ERISA or DOL audit arise, this one file may be your biggest asset and most welcome resource!

Process and Prudence, Not Perfection

Fiduciary excellence isn’t about having the perfect plan—it’s about having a prudent process, documenting it consistently, and revisiting it regularly.  

In the eyes of the DOL, it’s not enough to simply do the right thing—you need to be able to prove that you did the right thing, and that you followed a prudent process. A well-maintained and disciplined fiduciary checklist is a plan sponsor’s first line of defense if the plan is ever audited or challenged.  

At every step, from drafting charters to auditing share classes and reviewing cybersecurity protocols, the LoVasco approach is focused on protecting the plan, its participants, and the people who manage it. Because, when fiduciaries can clearly demonstrate the how and why behind their decisions, they create not just legal protection—they ensure peace of mind.