by Jackson Lewis
The "YEAR 2000" problem, commonly referred to as "Y2K," has
implications for employers in the administration of their employee benefit plans.
To understand how Y2K affects plan administration, it is helpful to know something
about computer history. In the infancy of computer development, memory was both scarce
and expensive. To conserve it and to keep costs down, programmers adopted a two-digit
format for entering year dates, for example "01\01\98." The Y2K problem
will arise on January 1, 2000, when computers, confronted with "01\01\00"
may respond as if the date were January 1,1900.
Because benefit plan functions are extremely date-sensitive, the potential effects
of Y2K are significant. Virtually every calculation and determination of benefits
under an employee benefit plan are dependent upon certain dates. For example, the
calculation of a 401(k) plan participant's vested account balance uses the participant's
dates of hire and termination. If one of these dates falls after December 31, l999,
the potential for plan mismanagement because of Y2K is possible.
Even if benefit plan administration software is Y2K compliant, the plan sponsor may
still use hardware (such as telephones) with microchips containing data with two-digit
year fields. This could wreak havoc on benefit plan administrative functions dependent
on telephone usage, such as a pharmacy's verification of eligibility for prescription
benefits or a 401(k) plan participant's voice-activated investment elections. Other
Y2K problems may arise. Benefit plan administration is frequently out- sourced to
third-party administrators. While these TPA's may or may not themselves be plan fiduciaries,
the plan sponsor retains ultimate responsibility for plan administration. Accordingly,
Y2K noncompliance by TPA's raises fiduciary issues for the plan sponsor.
The investment of employee benefit plan assets also has Y2K implications. Plan fiduciaries
are responsible for reimbursing the plan for losses resulting from, among other things,
imprudent investment decisions. If a plan's assets are heavily concentrated in entities
that suffer losses as a result of Y2K problems, the prudence of the fiduciary's investment
judgment may be questioned.
Plan administrators bear compliance burden
Under Title I of the Employee Retirement Income Security Act, fiduciaries are
responsible for the operation and administration of benefit plans and must understand
the potential implications of Y2K on the plan. Accordingly, they must determine the
best course of action to take and carry out a program designed to minimize any adverse
impact. The Department of Labor has authority for interpreting and enforcing ERISA
through the Pension and Welfare Benefit Administration. Recently, the DOL issued
two statements clearly expressing its position with respect to Y2K issues. The first
emphasized that plan administrators are responsible for addressing Y2K issues and
that while service providers may have legal responsibility under existing contracts
to participate in solving the problem, the ultimate responsibility for Y2K compliance
falls with the plan administrator. The second statement reaffirmed the warning to
plan administrators that they have a fiduciary responsibility to address the Y2K
problem and announced a posting on the PWBA web site with the most frequently asked
Y2K questions and answers. See "Fiduciary-Related Questions and Answers About
the Year 2000 (Y2K) Computer Problem," available at http://http://www.dol.gov/pwba/welcome.html.
In the Spring of 1998, S. 2000 was introduced in the Senate to ensure that "businesses,
financial markets and the federal government are taking adequate steps to resolve
the year 2000 computer problem." Among other things, the bill would require
every fiduciary to consider the implications of Y2K with respect to investment and
trading of plan assets. It has been roundly criticized as disruptive, ill-conceived
and unfair to employers.
While some fiduciaries have protection through liability insurance, few policies
directly address the Y2K issue, and most carriers have adopted a wait and see approach.
However, most insurers likely will attempt to exclude Y2K losses under various theories.
Preventive Y2K
compliance strategies for plan sponsors
In anticipation of potential Y2K problems, employers that are employee benefit plan
sponsors should consider the following preventive strategies:
- Prepare an inventory and an assessment for Y2K compliance of all internal and
external benefit computing systems.
- Review all benefit plans to identify potential Y2K problem areas.
- Determine whether outside technical assistance is required.
- Test all systems for Y2K compliance, including any independent company technology
with which the benefit computing systems interact (payroll, for example).
- Upgrade or replace any system as necessary.
- Test all systems after revisions are made to ensure that the interface and exchange
of data with outside vendors (i.e, TPA's) are still compatible.
- Review plan documents to determine whether the cost of Y2K compliance can be
charged to the plan as a reasonable and necessary administrative expense.
- Clearly document all steps taken to address the ~Y2K problem, keeping in mind
that these documents may discoverable in a litigation.
As noted above, the ultimate responsibility for outside service providers Y2K
compliance rests with the plan fiduciary. To address these issues, consider the following:
- Determine which service providers are maintaining or processing benefits data
and sharing data-dependent information with the plan sponsor's computer systems.
- Review all contracts with service providers, paying particular attention to representations,
warranties or indemnification provisions that implicate Y2K, disclaimers, cost allocations
and confidentiality provisions.
- Prepare a written questionnaire and distribute it to all service providers identified
above inquiring as to their Y2K readiness. The plan sponsor should seek written certification
from each 'service provider that it is Y2K compliant. Written responses that thoroughly
address the questions raised should be required.
- Benefits, information systems, human resources and legal staff should review
the responses submitted to determine if answers are satisfactory.
- Follow-ups and all other communication should either be done in writing or documented
internally.
- The information technology personnel of the sponsor and the vendor should ensure
their systems are compatible both before and after the year 2000.
- If service to produce satisfactory assurance of Y2K compliance or if timely progress
is not made, the plan fiduciary should explore alternative service providers who
are Y2K compliant. Any contract with such service provider should include warranties
and representations concerning both the Y2K compliance of the service provider and
similar provisions with respect to the interface with the plan sponsor's information
technology.
- Review Contracts with service providers to determine who is responsible for paying
for Y2K compliance.
In addition to these strategies for in-house and outside Y2K compliance, plan
administrators and sponsors are urged to carefully review their fiduciary liability
insurance policies for Y2K related coverage. To the extent the policy does not address
this, the insurer should be contacted for clarification. If coverage will not be
available, alternative insurers should be explored, as some carriers are offering
to expressly cover Y2K risks for an additional premium. Another alternative would
be to request a premium reduction in exchange for an express Y2K exclusion and subsequently
to use those savings to fund a policy expressly covering Y2K risks.
For additional information on employee benefit plans Y2K compliance, you may contact
Michael Jacobster of the Jackson Lewis Benefits Group, at (212) 697-8200.