Data privacy issues looming

Data privacy issues looming
Curbs on cross-selling and cybersecurity risks front and center.
NOV 09, 2019
By  Jay Cooper
Retirement plan record keepers are concerned about two looming data privacy issues that could have a big impact on their business. Lawsuits threaten companies' ability to cross-sell products, and cybersecurity looms as an increasing cost just as record keepers' margins are compressing, according to record-keeper executives at an InvestmentNews RPA Record Keeper roundtable discussion in New York in September. [More: Cybersecurity poses strain between plan sponsors, record keepers] "[If] somebody can figure out how to class action a lawsuit, that's where the financial risk is," said Bob Carroll, head of workplace distribution at MassMutual. "If somebody comes across and a judge says 'the plan sponsor and the participant own the data, period,' and we're not allowed to do things with the data that we need in order to administer plans … that's really where we get into a lot of trouble and the financials of the business fall apart really quickly. Not only for us, the adviser community, the [third-party administrator], everybody across the board."

Excessive fees

A lawsuit over mismanagement of Vanderbilt University's retirement plan thrust the issue of participant data into the spotlight. That lawsuit alleged the university caused employees to overpay for investment and administrative services in two retirement plans because of excessive fees. As part of the $14.5 million settlement, Vanderbilt was required to tell Fidelity Investments to refrain from using participants' information it acquires to market or sell them products unrelated to the plan, unless participants request that Fidelity do so. Fidelity Investments was not a defendant in the lawsuit, but the provision against using participant data was thought to be the first of its kind for the industry, and could hamper a record keeper's ability to cross-sell products in the future. [More: Blockchain will upend the 401(k) market] A separate lawsuit against Northwestern University alleged that record keeper TIAA had inappropriately used data, such as contact information, asset size of account, employment status and age to market other products. That lawsuit was eventually dismissed. In addition, several states are in various stages of considering or implementing laws around consumer data privacy. For example, the California Consumer Privacy Act, which gives consumers new rights regarding collection of personal data, takes effect in January 2020. Record-keeper executives at the roundtable said more lawsuits around participant data could pose a risk for the entire industry. They also expressed concern that limiting a record keeper's ability to use participant data or cross-sell products undermines financial wellness initiatives that many employers are starting to implement.

Wellness solutions

It "flies a little bit into the face of employees looking to their employer for broader wellness and broader solutions," said Charlie Nelson, chief executive of retirement and employee benefits at Voya Financial Inc. A partial solution may be for plans to give individual participants an outright choice on whether to share data, suggested Tim Rouse, executive director at SPARK Institute. [Recommended video:Planners want Reg BI to set them apart from the competition] "They can address some of the privacy issues as well as who can access (the data) and who doesn't," he explained. Meanwhile, record-keeping firms also are concerned about cybersecurity risks. "Cybersecurity wasn't [as big] an issue three years ago," Mr. Carroll of MassMutual said. He said he fears beefing up cybersecurity will become expensive at a time when margins are compressing. However, others said cybersecurity could help differentiate a firm and justify fees. "There could be some light at the end of the tunnel," Mr. Rouse said. Investing in profitability, performance and people: Register for our Top Advisory Firm Summit. It typically comes down to fees with retirement plan lawsuits, but the fiduciary evaluation could be linked to cybersecurity down the road if the Department of Labor or Congress moves to require that plan sponsors evaluate vendors' cybersecurity capabililties, he said. Jay Cooper is a freelance writer.

Latest News

A welcome mat into financial planning
A welcome mat into financial planning

The pandemic hit and internships were in chaos but Hannah Moore saw an opportunity.

RIAs need to visit universities to attract students
RIAs need to visit universities to attract students

RIAs need to find universities that offer financial planning programs and sponsor or host events, advisor suggests.

Orion deepens Capital Group alliance with ETF portfolio tie-up
Orion deepens Capital Group alliance with ETF portfolio tie-up

The leading wealth tech provider is helping more advisors access active ETF models through its exclusive partnership.

JPMorgan client who lost $50M amid dementia battle denied trial
JPMorgan client who lost $50M amid dementia battle denied trial

Case of once-wealthy family highlights risks, raises questions on firms' duties to sophisticated investors suffering cognitive decline.

Stifel loses huge $14.2 million arbitration claim linked to star Miami broker
Stifel loses huge $14.2 million arbitration claim linked to star Miami broker

“The evidence in this case was overwhelming,” says an attorney.

SPONSORED Leading through innovation – with Tom Ruggie of Destiny Wealth Partners

Uncover the key initiatives behind Destiny Wealth Partners’ success and how it became one of the fastest growing fee-only RIAs.

SPONSORED Client engagement strategies, growth and retention in the down markets

Key insights from Gabriel Garcia on adapting to demographic shifts and enhancing client experience in a changing market