401(k) Fiduciary Duties: What Every Plan Sponsor Needs to Know

If you sponsor a 401(k) plan, you are almost certainly a fiduciary — whether you know it or not. That single fact carries significant legal weight. ERISA imposes strict personal liability on anyone who exercises discretion over a plan’s management or assets, and the consequences of getting it wrong range from costly correction programs to personal financial exposure for the individuals involved.

This article sets out what fiduciary status means in the context of a 401(k) plan, what your obligations are, and where plan sponsors most commonly fall short.

ERISA defines fiduciary status functionally, not by job title. If you exercise any discretionary authority or control over the management of a plan or its assets, you are a fiduciary. In a 401(k) context, this typically includes the employer or plan sponsor, members of any investment or benefits committee, individuals who select or monitor the plan’s investment options.

It is worth noting that fiduciary status is not all-or-nothing. A person can be a fiduciary with respect to some plan functions but not others. What matters is the specific action being taken and whether it involves discretion. Administrative tasks performed purely in accordance with plan terms — processing enrollments, for example — generally do not create fiduciary status. But the moment judgment enters the picture, so does fiduciary responsibility.

ERISA’s fiduciary standards are drawn from trust law and distilled into four obligations that apply to every fiduciary action.

The duty of loyalty requires fiduciaries to act solely in the interest of plan participants and their beneficiaries — not the employer, not the service providers, and not themselves. Decisions must be made with the exclusive purpose of providing plan benefits and defraying reasonable plan expenses.

The duty of prudence requires fiduciaries to act with the care, skill, prudence and diligence that a knowledgeable person familiar with such matters would use in similar circumstances. Crucially, this is an objective standard — it is not enough to have good intentions. The process by which decisions are made matters as much as the outcome.

The duty to diversify requires fiduciaries to spread plan investments across a range of asset classes to minimize the risk of large losses, unless it is clearly prudent not to do so in the circumstances.

The duty to follow the plan document requires fiduciaries to act in accordance with the plan’s governing documents, provided those documents are themselves consistent with ERISA.

In a 401(k) context, the prudent investor standard plays out most visibly in the selection and ongoing monitoring of investment options. Fiduciaries are not required to offer the best-performing funds — they are required to follow a prudent process in selecting and reviewing them.

What does a prudent process look like? It means having documented criteria for selecting investment options, conducting regular reviews of whether those options continue to meet the criteria, benchmarking fees against comparator products, and removing options that no longer meet the standard. The documentation is not a bureaucratic formality — it is the evidence that a prudent process was followed if the decision is ever challenged.

Recent litigation has raised the stakes considerably. A wave of 401(k) excessive fee lawsuits over the past decade has targeted plan sponsors of all sizes, with allegations ranging from retaining high-cost share classes when cheaper equivalents were available to keeping underperforming funds on the lineup for too long. Many of these cases have settled for significant sums. The trend has sharpened the focus on process, documentation and benchmarking.

Many organizations manage their 401(k) fiduciary responsibilities through an investment or benefits committee. Having a committee is good practice, but it does not dilute individual liability — each committee member is independently responsible for the decisions they participate in.

Effective investment committees operate with a written charter defining their mandate, membership and meeting cadence. They maintain minutes of every meeting, document the rationale for every investment decision, and conduct formal fund reviews at least annually. They also maintain a written investment policy statement setting out the criteria by which investment options are selected, monitored and removed.

Committee members should be aware that they are held to the standard of a knowledgeable expert, regardless of their personal background. If the committee lacks the internal expertise to make fully informed investment decisions, the prudent response is to engage a qualified investment advisor — and to document that decision too.

ERISA’s personal liability provisions are unusually strict compared to most areas of employment law. A fiduciary who breaches their duties can be held personally liable for any losses the plan suffers as a result, and for any profits they made from the breach. There is no corporate shield — the liability sits with the individual.

Co-fiduciaries can also be held liable if they knowingly participate in a breach by another fiduciary, knowingly conceal a breach, or fail to take reasonable steps to remedy a breach they become aware of. This means that passive inaction in the face of a known problem is itself a breach.

Fiduciary liability insurance can provide some protection, but it is important to understand what it covers and what it does not. It does not remove the obligation to act prudently — it simply provides financial cover if things go wrong despite reasonable efforts.

For plan sponsors who want to reduce their fiduciary exposure, appointing a named independent fiduciary for specific functions is a well-established solution. removeA 3(38) investment manager takes on discretionary authority over investment selection, relieving the committee of day-to-day investment decisions while leaving the sponsor responsible for the initial appointment and ongoing monitoring of the manager.

Independent fiduciaries also play a critical role in transactions involving potential conflicts of interest — ESOP transactions being the most common example — where the plan sponsor cannot objectively act in the interests of plan participants.

If your organization sponsors a 401(k) plan and has not recently reviewed its fiduciary governance, the following steps are a sound starting point. Identify who holds fiduciary status for each plan function. Confirm that an investment policy statement is in place and being followed. Review the documentation from recent investment committee meetings to confirm that decision-making processes are recorded. Check whether the plan’s investment options have been benchmarked against comparable alternatives in the past 12 months. And consider whether any functions would benefit from being delegated to an independent fiduciary or investment manager.

Fiduciary responsibility is not something that can be set aside or managed by instinct. It requires process, documentation and regular review — and where internal capacity is limited, it requires the right external support.

For guidance on your plan’s fiduciary structure, including directed trustee and independent fiduciary services, contact the ERISA Advisory Group.