News and Commentary

Department of Labor Issues First-Ever Cyberthreat Guidance for Retirement Plan Fiduciaries By Sean Deviney, CFP®

The Department of Labor’s Employee Benefits Security Administration (EBSA) recently released cybersecurity guidance to help retirement plan sponsors (employers and business owners), record keepers and other plan fiduciaries mitigate the growing risks of cyber threats, including fraud and identity theft.

According to the EBSA, employer-sponsored retirement plans regulated by the Employee Retirement Income Security Act (ERISA) hold more than $9 trillion in assets and maintain personal identifying information about millions of plan participants. Sufficient protections are therefore required to safeguard retirement assets and participants’ identities from a long list of cybercrimes. Included in the EBSA’s first round of guidance are best practices for fiduciaries of 401(k) plans, pensions and profit-sharing plans to adopt for managing cybersecurity risks and selecting service providers with equally strong cybersecurity practices.

Cybersecurity Program Best Practices 

The EBSA recommends retirement plan fiduciaries, including third-party service providers responsible for managing and maintaining IT systems and data, take the following broad steps to mitigate cyber risks.

Additional details for adopting these best practices are available from the EBSA and your plan provider.

Selecting Service Providers 

It is common for corporate 401(k) retirement plan sponsors and record keepers to rely on third parties to maintain plan records, safeguard participants’ data, and manage online security. The EBSA offers the following tips to help fiduciaries select and monitor these outside service providers.

Retirement plan fiduciaries should become familiar with the EBSA’s new guidance and begin the process of ensuring their policies, plans and processes adhere to these minimum standards of best practices. The Corporate Retirement Plan group with Provenance Wealth Advisors (PWA) works with company fiduciaries to help them understand their cybersecurity responsibilities and evaluate service providers.

About the Author: Sean Deviney is a CFP®* professional, a retirement plan advisor and a director with Provenance Wealth Advisors (PWA), an Independent Registered Investment Advisor affiliated with Berkowitz Pollack Brant Advisors + CPAs and a registered representative with PWA Securities, LLC. He can be reached at the firm’s Fort Lauderdale, Fla., office at (954) 712-8888 or

Provenance Wealth Advisors (PWA), 200 E. Las Olas Blvd., 19th Floor, Ft. Lauderdale, FL 33301 (954) 712-8888.

Sean Deviney, CFP®*, is a registered representative of and offers securities through PWA Securities, LLC, Member FINRA/SIPC.

This material is being provided for information purposes only and is not a complete description, nor is it a recommendation. The information has been obtained from sources considered to be reliable, but we do not guarantee that the foregoing material is accurate or complete. There is no guarantee that these statements, opinions or forecasts provided herein will prove to be correct.

Any opinions are those of the advisors of PWA and not necessarily those of PWA Securities, LLC. While we are familiar with the tax provisions of the issues presented herein, as Financial Advisors of PWAS, we are not qualified to render advice on tax or legal matters. You should discuss any tax or legal matters with the appropriate professional. Prior to making any investment decision, please consult with your financial advisor about your individual situation.

401(k) plans are long-term retirement savings vehicles. Withdrawal of pre-tax contributions and/or earnings will be subject to ordinary income tax and, if taken prior to age 59 1/2, may be subject to a 10% federal tax penalty. Investments mentioned may not be suitable for all investors. There is no guarantee that these statements, opinions or forecasts provided herein will prove to be correct.

* Certified Financial Planner Board of Standards Inc. owns the certification marks CFP®, CERTIFIED FINANCIAL PLANNER™ and federally registered CFP (with flame design) in the U.S., which it awards to individuals who successfully complete CFP Board’s initial and ongoing certification requirements.

To learn more about Provenance Wealth Advisors estate planning services click here or contact us at

Updated on February 2, 2024