Data privacy issues looming

Data privacy issues looming
Curbs on cross-selling and cybersecurity risks front and center.
NOV 09, 2019
Retirement plan record keepers are concerned about two looming data privacy issues that could have a big impact on their business. Lawsuits threaten companies' ability to cross-sell products, and cybersecurity looms as an increasing cost just as record keepers' margins are compressing, according to record-keeper executives at an InvestmentNews RPA Record Keeper roundtable discussion in New York in September. [More: Cybersecurity poses strain between plan sponsors, record keepers] "[If] somebody can figure out how to class action a lawsuit, that's where the financial risk is," said Bob Carroll, head of workplace distribution at MassMutual. "If somebody comes across and a judge says 'the plan sponsor and the participant own the data, period,' and we're not allowed to do things with the data that we need in order to administer plans … that's really where we get into a lot of trouble and the financials of the business fall apart really quickly. Not only for us, the adviser community, the [third-party administrator], everybody across the board."

Excessive fees

A lawsuit over mismanagement of Vanderbilt University's retirement plan thrust the issue of participant data into the spotlight. That lawsuit alleged the university caused employees to overpay for investment and administrative services in two retirement plans because of excessive fees. As part of the $14.5 million settlement, Vanderbilt was required to tell Fidelity Investments to refrain from using participants' information it acquires to market or sell them products unrelated to the plan, unless participants request that Fidelity do so. Fidelity Investments was not a defendant in the lawsuit, but the provision against using participant data was thought to be the first of its kind for the industry, and could hamper a record keeper's ability to cross-sell products in the future. [More: Blockchain will upend the 401(k) market] A separate lawsuit against Northwestern University alleged that record keeper TIAA had inappropriately used data, such as contact information, asset size of account, employment status and age to market other products. That lawsuit was eventually dismissed. In addition, several states are in various stages of considering or implementing laws around consumer data privacy. For example, the California Consumer Privacy Act, which gives consumers new rights regarding collection of personal data, takes effect in January 2020. Record-keeper executives at the roundtable said more lawsuits around participant data could pose a risk for the entire industry. They also expressed concern that limiting a record keeper's ability to use participant data or cross-sell products undermines financial wellness initiatives that many employers are starting to implement.

Wellness solutions

It "flies a little bit into the face of employees looking to their employer for broader wellness and broader solutions," said Charlie Nelson, chief executive of retirement and employee benefits at Voya Financial Inc. A partial solution may be for plans to give individual participants an outright choice on whether to share data, suggested Tim Rouse, executive director at SPARK Institute. [Recommended video:Planners want Reg BI to set them apart from the competition] "They can address some of the privacy issues as well as who can access (the data) and who doesn't," he explained. Meanwhile, record-keeping firms also are concerned about cybersecurity risks. "Cybersecurity wasn't [as big] an issue three years ago," Mr. Carroll of MassMutual said. He said he fears beefing up cybersecurity will become expensive at a time when margins are compressing. However, others said cybersecurity could help differentiate a firm and justify fees. "There could be some light at the end of the tunnel," Mr. Rouse said. Investing in profitability, performance and people: Register for our Top Advisory Firm Summit. It typically comes down to fees with retirement plan lawsuits, but the fiduciary evaluation could be linked to cybersecurity down the road if the Department of Labor or Congress moves to require that plan sponsors evaluate vendors' cybersecurity capabililties, he said. Jay Cooper is a freelance writer.

Latest News

Texas man says SEC and fund could make him pay twice
Texas man says SEC and fund could make him pay twice

A $141M judgment and a federal asset freeze collide over one shrinking pool

Osaic executives Kristy Britt and Greg Cornick to leave
Osaic executives Kristy Britt and Greg Cornick to leave

The firm's CFO and EVP of Wealth Management Solutions are the latest executives to exit the broker-dealer.

Estate planning becomes a client retention issue for financial advisors, survey finds
Estate planning becomes a client retention issue for financial advisors, survey finds

Clients are saying they would consider switching advisors if another professional offered estate planning services, according to a new Trust & Will survey.

Candidly adds AI agents for Trump Accounts, workplace benefits
Candidly adds AI agents for Trump Accounts, workplace benefits

CEO Laurel Taylor says the fintech's composable AI stack helps workers optimize dollars across Trump Accounts, 529s, 401(k)s, and other employee benefits.

BMO adds three advisors in Dallas amid Y'all Street wealth boom
BMO adds three advisors in Dallas amid Y'all Street wealth boom

The bank has swiped three private banking veterans from BNY as the city climbs the ranks of America's fastest-growing wealth hubs.

SPONSORED Who builds the income when the pension disappears?

Dan Biagini of American Equity says the steady decline of pensions, longer lifespans and a reset in interest rates are rewriting how advisors build retirement income

SPONSORED Why direct indexing stopped being optional

Direct indexing is on pace to outgrow ETFs and mutual funds. Northern Trust's Ken Lassner explains why the advisors who get it wish they had started sooner.