PKF O'Connor Davies Accountants and Advisors
PKF O'Connor Davies Accountants and Advisors

Employee Benefit Plans Alert | Winter 2025

Need help getting started?

Contact Us
February 24, 2025

Home » Insights » Employee Benefit Plans Alert | Winter 2025

By Louis F. LiBrandi, Partner; Joel Sowell, Tax Manager; and Keely Portillo, Senior Associate

This edition of Employee Benefit Plans Alerts focuses on the recent guidance issued on the following topics:

  • Updated Rules for Self-Correction Under Voluntary Fiduciary Compliance
  • Catch-up Contributions
  • Auto Enrollment
  • Affordable Care Act Reporting Changes
  • DOL’s Guidance on Missing Persons and Small Account Balances
  • Form 5558 – Electronic Filing
  • Proposed Updates to HIPAA Security Rule

Updated Rules for Self-Correction Under Voluntary Fiduciary Compliance

The U.S. Department of Labor (DOL) updated its rules on Jan. 14, 2025, for the Voluntary Fiduciary Compliance Program (VFCP), enhancing opportunities for retirement plan fiduciaries (or their authorized representatives) to self-correct plan violations under the Employment Retirement Income Security Act (ERISA). Under the VFCP, plan fiduciaries may submit an application for relief from civil liability in connection with any of the 19 specified ERISA infractions.

The updated rules streamline the application process for two common infractions:

  1. Delinquent remittance of participant contributions and loan repayments to retirement plans.
  2. Inadvertent participant loan failures eligible for self-correction under the Employee Plans Compliance Resolution System (EPCRS) of the Internal Revenue Service (IRS).

Streamlined Self-Correction for Delinquent Remittances

The revised VFCP rules introduce a more efficient self-correction process for the late remittance of participant contributions and loan repayments. To leverage this opportunity, the following conditions must be met:

  • Lost Earnings Threshold: The lost earnings must be $1,000 or less.
  • Remittance Timeline: Delinquent contributions and/or loan repayments must be remitted to the plan within 180 calendar days of being withheld or received by the employer.
  • Calculation Method: Lost earnings must be calculated using the VFCP online calculator.
  • Documentation Requirements: Fiduciaries must complete a Self-Correction Component (SCC) notice and submit a retention record checklist, including a penalty of perjury statement to the Employee Benefits Security Administration (EBSA) using their web tool.

Similar to the VFCP application, the checklist includes explanations of the cause of the delinquency and plans to correct it, verification of calculation methods, proof of deposit of corrected amounts, and a sworn statement confirming the undersigned is not under investigation. Upon completion, fiduciaries receive acknowledgment emails from the EBSA, replacing the no-action letters typically issued under the standard VFCP process.

Enhanced Self-Correction for Inadvertent Loan Failures

The VFCP rules also introduce an updated approach to correcting eligible inadvertent participant loan failures that can be self-corrected under EPCRS. In this case, the loan can be corrected through the SCC notice and does not require the retention record checklist. Eligible failures include:

  • Unmet loan amount, duration or level amortization requirements under Code Section 72(p)
  • Defaulted loans resulting from non-withheld participant wages
  • Loans issued without required spousal consent
  • Loans exceeding the number allowed for correction under SCC

    This correction method is also available even if the plan is under examination, provided the failure can be self-corrected under EPCRS.

    Strategic Planning for Fiduciaries

    As noted in the preamble, adjustments to the VFCP are designed to promote compliance and optimize enforcement resources. These changes encourage plan fiduciaries to adopt a proactive compliance mindset, enhancing operational efficiency, reducing risks and reinforcing fiduciary responsibility.

    Catch-up Contributions Starting in 2026

    The IRS has issued proposed regulations under the Secure 2.0 Act, introducing mandatory Roth catch-up contributions for higher-income employees.

    Originally slated for 2024, this requirement now takes effect on Jan. 1, 2026, following an administrative transition period.

    Key Changes and Requirements

    Starting in 2026, employees earning at least $145,000 in FICA wages in the prior year must make catch-up contributions as Roth contributions. This wage threshold is indexed for inflation. While employers can choose whether to offer the Roth option, those who do must allow all eligible employees to make Roth catch-up contributions.

    Additional Considerations

    • Non-Prorated Wage Limit: The $145,000 threshold (Box 3 on Form W-2) is not prorated for new employees. To determine the preceding year’s FICA wages, only wages earned from the plan-sponsoring employer are considered. This impacts executives who change jobs mid-year.

    • Exclusions: This catch-up contribution does not apply to individuals without Form W-2 wages, such as partners with self-employment income.

    • Aggregation Rules: Only wages from the employer sponsoring the plan are considered. Controlled group and affiliated service groups who have adopted the plan are not required to aggregate wages for related entities when determining the $145,000 threshold.

    • Error Correction Methods: The regulations outline correction methods for Roth catch-up contribution errors, including the W-2 method or direct rollovers. These options are available to employers who adopt the deemed Roth catch-up election provision.

    Auto Enrollment

    The IRS released Proposed Regulations on Jan. 10, 2025, to guide the implementation of automatic enrollment for new 401(k) and 403(b) plans, as mandated by the SECURE 2.0 Act. These requirements apply to plans established on and after Dec. 29, 2022, and must be implemented no later than Jan. 1, 2025.

    Eligible plans are required to enroll eligible employees at a default contribution rate between 3% and 10%, with an annual increase of 1% up to a maximum of 15% (escalation clause). This includes employees hired before the rule’s effective date who did not previously make a deferral election or opted out. Participants must be given the option to opt out or adjust their contribution percentage. Additionally, the Proposed Regulations allow participants to withdraw automatic contributions within 90 days of their initial enrollment.

    Certain plans are exempt, including church, governmental, SIMPLE 401(k) plans, plan sponsors with less than three years in business or fewer than 10 employees, and plans established before SECURE 2.0.

    Affordable Care Act Reporting Changes

    New laws signed in December 2024 could simplify compliance with Affordable Care Act (ACA) distribution requirements. Employers are now only required to distribute Form 1095-C to full-time employees (and other self-insured individuals) upon request, rather than distributing them to all employees by March 1.

    To make the most of the relaxed distribution requirements, employers must clearly notify employees of their right to request Form 1095-C. Requested forms must be distributed by Jan. 31 of the reporting year or within 30 days of the request. Distribution can be done by mail or hand unless the employee consents to electronic delivery.

    This federal change does not affect state-specific reporting requirements in California, Massachusetts, New Jersey, Rhode Island, Vermont, and Washington, D.C., which maintain individual mandates for health coverage. Employers must continue to comply with these state-specific regulations.

    Additionally, the new laws expand the response window for IRS Letter 226J (ACA penalty notices) from 30 to 90 days. The IRS now has a six-year statute of limitations for assessing penalties related to Employer Shared Responsibility Provisions (ESRPs).

    Department of Labor’s Guidance on Missing Persons and Small Account Balances

    Administrators of ERISA-covered retirement plans have a fiduciary duty to make a reasonable effort to locate retirement plan participants who may be eligible for a benefit. Both the DOL and the IRS have provided guidance on locating missing participants, which many plans incorporate into their procedures.

    Our Employee Benefit Tax Practice has assisted plan administrators by providing a work plan and creating sample communications to inform “missing participants” of their account balances. Despite their best efforts, plans continue to maintain accounts of participants who are either missing or unresponsive to plan correspondence.

    To address this, the DOL issued Field Assistance Bulletin (FAB) 2025-01, indicating a temporary non-enforcement policy for transferring small retirement balances (up to $1,000) to state unclaimed property funds that meet certain criteria:

    1. The state fund is deemed a prudent destination.
    2. The plan has implemented a prudent missing participant search process consistent with the Department’s Best Practices for Pension Plans, and has been unable to locate the participant or beneficiary.
    3. The state fund chosen is in the state of the participant’s last known address.
    4. The plan’s summary includes information about the transfer to state funds and contact details.
    5. The state fund meets specific eligibility criteria outlined in FAB 2025-01. Plan administrators should review the complete FAB 2025-01 for detailed requirements.

    Form 5558 – Electronic Filing

    Starting Jan. 1, 2025, Form 5558, Application for Extension of Time to File Certain Employee Plan Returns, can be filed electronically.

    Form 5558 requests a one-time extension to file annual employee benefit plan forms – Form 5500, Form 5500-SF, Form 5500-EZ with EBSA, and Form 8955-SSA – with the IRS.

    Electronic filing is only available for the 2024 plan year and beyond; paper filing remains mandatory for the 2023 plan year. Separate Form 5558s are required for each plan, covering both Form 5500 and 8955-SSA. The extension request must be submitted by the original filing deadline.

    Proposed Updates to HIPAA Security Rule: Strengthening Cybersecurity Protections

    The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has issued a Notice of Proposed Rulemaking (NPRM) to update the Health Insurance Portability Accountability Act (HIPAA) security rule. The proposed changes aim to enhance protections for electronic protected health information (ePHI) by addressing evolving cybersecurity threats and the growing digital reliance in healthcare.

    Key Proposed Changes:

    • Security Enhancements: Mandatory multi-factor authentication, encryption of ePHI at rest and in transit, network segmentation, and separate technical controls for ePHI backup and recovery.
    • System Configuration and Asset Management: Standardized system configurations, creation of an asset inventory, and an annual review of ePHI data flow diagrams.
    • Risk Analysis and Compliance Monitoring: More rigorous risk assessments, vulnerability scans every six months, penetration testing annually, and annual compliance audits.
    • Incident Response and Notification: Strengthened incident response planning, including a 72-hour recovery window, mandatory reporting within 24 hours, and annual security confirmations for business associates.
    • Additional Compliance Requirements: Introduction of compliance periods, expanded requirements for group health plan sponsors, and more aggressive enforcement.

    While public comments on the proposed rule are open, the current security rule remains in effect. Covered entities should proactively evaluate and update their cybersecurity measures to ensure compliance with requirements and best practices. Our Cybersecurity and IT Privacy professionals can help you navigate the ever-evolving cyber and regulatory landscape.

    For more information, read the full article here.

    Contact Us

    The Employee Benefit Services Group at PKF O’Connor Davies supports plan sponsors in meeting compliance requirements for their plans. We offer comprehensive compliance services for qualified retirement plans, non-qualified deferred compensation plans and welfare plans. For more information, contact your client services partner or any of the following individuals: 

    Timothy J. Desmond, CPA
    Partner
    Director of Employee Benefit Services
    tdesmond@pkfod.com | 551.249.1728

    Louis F. LiBrandi, EA, CEBS, ChFC, TGPC
    Partner
    Employee Benefit Services Group
    llibrandi@pkfod.com | 646.449.6327

    Joel Sowell, CPA
    Manager
    Employee Benefit Services Group
    jsowell@pkfod.com | 212.286.2600

    Media Contact
    Posted In:
    Posted On: