ERISA Fidelity Bond and Fiduciary Liability Conundrums

ERISA fidelity bonds and fiduciary liability coverage for the fiduciaries of an ERISA plans are often confused. Both are important, but they serve different purposes. A quick take on the difference: the ERISA fidelity bond covers embezzlement from an employee benefit plan; fiduciary liability protects the fiduciaries for claims alleging mismanagement of the plan, but not for dishonesty.

Two interesting problems concerning these coverages turned up recently. ERISA Fidelity Bonds: To be combined or not to be combined? That is the question.

(My apologies to Hamlet.)

A fellow insurance-coverage nerd questioned my recommendation that the ERISA-required fidelity bond coverage for employee benefit plans be combined with the firm’s employee dishonesty or employee theft coverage.1His concern: if a loss to both the plan and firm was caused by the same employee(s) and the total exceeded the coverage limit, the firm could be left with an uninsured loss. That may be true, but let’s analyze it a bit.

First, when adding an ERISA plan to a firm’s employee dishonesty/theft policy the amount of insurance should be increased by the amount required by ERISA or, if greater, the amount carried in a separate policy covering the plan.

For example, let’s assume that the firm carried a $1,000,000 employee dishonesty policy and the ERISA plan carried $500,000 of fidelity coverage. The combined limit, using this formula, would be at least $1,500,000—the $1,000,000 the firm carried increased by $500,000 of plan coverage. Second, if the limit selected is equal to sum of the limits and the loss does not exceed that amount, the insured and the plan will each collect as much as they would have had if there been separate policies. Third, when the loss to either the firm or the plan is more than the amount that would have been in force in the separate policies, but less, in total, than the combined amount of insurance, the total recovery under the combined plan would be greater. Here are examples of greater recovery when there is a combined limit of $1,500,000 instead of separate polices of $1,000,000 for the firm and $500,000 for the plan:

• Loss to the plan alone $700,000. Combined policy pays $700,000. The separate policy would have paid $500,000.

• Loss to firm alone $1,500,000. Combined policy pays $1,500,000. The separate policy would have paid $1,000,000.

• Loss to firm and plan combined in $1,500,000, $1,100,000 of the loss was from the plan and $400,000 was from the firm. A Combined policy pays $1,500,000. Separate policies would have paid $1,400,000 since the separate policy for the firm would have paid only its $1,000,000 limit. Fourth, my friend is correct that if the loss exceeds the total amount of combined coverage, the firm may collect less than it would have if there had been separate coverage. For example: Combined loss of $1,700,000 of which $800,000 pertains to the plan and $900,000 to the firm. The combined policy of $1,500,000 will pay $800,000 to the plan and $700,000 to the firm—the general understanding in the insurance industry is that the ERISA plan’s payment comes first. The firm thus collects $200,000 less than it would have if it had had a separate policy for $1,000,000 with the plan collecting $200,000 more than it would have if coverage had been separate.

However, if there were separate policies, the firm might still have a problem. When an outside administrator embezzled funds from a 401k plan, the U.S. Department of Labor ordered the firm to make good the shortage. The firm paid over $2,000,000 into the 401k plus incurring legal expenses that exceeded $75,000.2 (Unless the outside administrator was covered as an agent under the fidelity bond, the bond wouldn’t respond. This firm needed fiduciary liability coverage. One facet of that coverage will be discussed below.)

Finally, the solution for a large embezzlement loss is: ADEQUATE LIMITS. I regularly see incredibly low limits for employee theft/dishonest coverage. 1 was just asked for an opinion on a large embezzlement from a municipality. At the time of the loss, the municipality had a limit of $100,000, written on a discovery form. The limit was increased to $500,000 (a still inadequate limit), but, to make matters worse the new policy was written on a loss sustained basis, so coverage was limited to the $100,000 in force when the loss occurred. With an annual budget in excess of $50,000,000, a rule-of-thumb for the limit would be at least $5,000,0003. Incidentally, I prefer a loss-discovered form. Under that form, the policy in force when the loss is discovered is triggered. In this case, the municipality would then have at least collected $500,000 if they had remained with a discovery form policy.

We also want to remember that the minimum required ERISA limits are often dangerously low4. One organization that we consult for has fewer than 50 employees, but over $12,000,000 in its pension/profit sharing accounts. $500,000 is not an adequate limit for such a situation.

There’s another advantage to combining the coverage: broader coverages. In addition to employee dishonesty, the firm and the plan face the risk of check forgery, computer fraud, and fund transfer fraud. Welldesigned crime coverage for a firm includes these coverages. They could be added to the ERISA bond, but that would increase the cost so they are seldom found in standalone ERISA bonds. Combining the coverage gives the ERISA plan the benefit of the broader coverage.

Combining adequate limits for the ERISA plan and the firm in one policy gives the insured better coverage and the most flexibility in the event of a loss. But remember to carefully estimate the exposure. ERISA Fiduciary Liability—Even IBM can have insurance coverage problems. IBM and a pension plan that it provided for some of its employees were sued in a class action alleging that a plan amendment violated the age discrimination provisions of ERISA. The case was settled and IBM sought compensation from its insurers for the legal fees it incurred.

The insurance company denied coverage. It argued that the policy covered “wrongful acts,” which were defined as any breach of the insured’s responsibilities as a fiduciary of an employee benefit plan. In a decision worthy of Solomon, the court agreed with the insurance company.5 It differentiated between “fiduciary duties,” which would be covered, and businessjudgment type decisions, “settlor duties” in legalese, which are not covered because they are not fiduciary in nature.6 There is broader fiduciary liability wording available in the marketplace. One policy includes coverage for: (3) any other matter claimed against such Insured solely by reason of their service as a fiduciary of any Sponsored Plan.

Depending on the exact facts, if the policy definition of wrongful acts contained this wording, IBM might have had a claim for coverage.

This case is one reason private companies should carry directors and officers liability— almost every public company has the coverage. Private companies often say that they don’t need D&O coverage because they don’t have stockholders. But stockholders aren’t the only ones who can sue directors and officers.

As always, exact policy wording is a key factor in determining coverage.7

1 See: Jerome Trupin “Fulfill ERISA Bonding Requirement with Employer’s Dishonesty Policy” IRMI Risk Tip, January 6, 2010. Available on line at: http://www.irmi.com/newsletters/irmiupdates/20 10/0219-risk-management.aspx#subject2

2 “Private Company Fiduciary Loss Scenarios” Chubb Insurance http://www.chubb.com/ businesses/csi/chubb3825.pdf

3 A common rule-of-thumb for setting the limit for employee dishonesty coverage for governmental units is 10% of budget.

4 ERISA requires a fidelity bond at least equal to 10 percent of plan assets to a maximum of $500,000 unless any of the plan’s assets are invested in securities of any sponsor or contributing employer (other than in a pooled investment such as a mutual fund). In that case, the maximum required limit is $1 million. This may indicate that the Department of Labor is confusing fidelity bonds with fiduciary liability policies. It’s hard to see how the employee dishonesty/theft risk increases because funds are invested in the sponsor’s securities. The fiduciary liability risk does increase, but that’s a separate coverage not required by ERISA.

5 See: Federal Insurance Company v International Business Machines Corporation. http://www.courts.state.ny.us/courts/ad2/calenda r/webcal/decisions/2010/D28918.pdf

6 Examples of actions that would be considered settlor functions are: choosing the type of plan or options in the plan; amending a plan including changing or eliminating plan options; requiring employee contributions or changing the level of employee contributions; terminating a plan or part of a plan, including terminating or amending as part of a bankruptcy process. See: Mark Johnson, Ph.D., J.D, “ERISA: The Distinction between Settlor, Fiduciary, and Corporate Functions” http://www.hgexperts.com/article.asp?

7 An insured should seek legal counsel to determine exactly how specific policy provisions would apply to its situation.