The Employee Retirement Income Security Act of 1974 (ERISA) sets forth several fiduciary obligations for those responsible for administering employee benefit plans. These fiduciary obligations apply to both retirement plans and health and welfare benefit plans. Employers that sponsor retirement plans are acutely aware of these fiduciary responsibilities—over the past 20 years, numerous class action lawsuits have alleged fiduciary breaches in connection with plan fees, expenses, and investment performance, among other issues. These lawsuits changed the retirement plan governance landscape. For example, as a current best practice, retirement plan fiduciaries form fiduciary committees that meet quarterly to evaluate investment performance and fees, service provider fees, and other fiduciary matters.
Although the same fiduciary obligations driving retirement plan litigation also apply to health and welfare benefit plans, there has not been the same type of wide-ranging litigation against health and welfare plan fiduciaries (note there has been a plethora of class actions and settlements related to deficient COBRA election notices). As a result, health and welfare plan fiduciary governance tends to be less formal than in the retirement plan context.
Unfortunately, storm clouds are rolling in for health and welfare plan fiduciaries as plaintiffs’ firms are actively looking for potential employee plaintiffs who have participated in group health plans. The following recent developments could serve as the foundation for future health and welfare plan fiduciary litigation:
- In connection with recent mandates related to health plan price transparency, plan fiduciaries are required to publicly disclose discounted service costs. It will only be a matter of time before third-party services synthesize that information into a form plaintiffs’ attorneys can utilize to allege ERISA fiduciary breaches related to excessive plan fees and expenses.
- Under the Consolidated Appropriations Act of 2021 (CAA), health and welfare plan brokers and consultants must disclose all direct and indirect compensation earned in connection with services provided to the plans. This requirement is derived from the same ERISA statute that has long mandated similar disclosures for retirement plans and fashioned after U.S. Department of Labor (DOL) regulations interpreting the statute in the retirement plan context. Fiduciaries who fail to collect or evaluate these disclosures could face liability.
- Several state and federal agencies are currently investigating the business practices of third-party administrators, pharmacy benefit managers, and benefits consultants. To the extent that these investigations find that these entities have violated laws to the detriment of their clients (i.e., health plan fiduciaries), a natural next step would be for plaintiffs’ attorneys to assess whether plan fiduciaries failed to properly monitor their service providers.
- Protection of individual health information has long been a requirement under the Health Insurance Portability and Accountability Act; however, as cybersecurity risks increase every year, so does the risk of fiduciary liability if plan fiduciaries do not take adequate measures to protect personal health information. The DOL has recently initiated cybersecurity audits, thus creating even more fiduciary risk.
A few years ago, one could argue that these risks were mostly theoretical. That is no longer the case, as the same plaintiffs’ firms that pioneered the retirement plan litigation 20 years ago are now actively investigating employer-sponsored health plans.
Additional concerns—DOL investigations of health and welfare plans
Even before the passage of the CAA and enactment of the transparency in coverage regulations, the DOL initiated examinations of welfare benefit plans (particularly group health plans). With recent changes in the statutory and regulatory landscape, the DOL has increased its investigation activity in the health plan arena. Investigations can originate for a variety of reasons, including from participant complaints or at random. Regardless of the trigger, the DOL of late has focused its efforts on compliance with various aspects of ERISA, emphasizing the fiduciary role plan sponsors play in administering a plan, monitoring vendors, and ensuring proper handling of participant claims for benefits. In addition, during recent investigations, the DOL has focused on certain enforcement priorities, such as compliance with the Affordable Care Act coverage mandates (e.g., preventive care and emergency services) and mental health parity requirements.
Looking ahead—mitigate fiduciary risk
So, what can plan fiduciaries do to mitigate the growing risks? As with the fiduciary risks in the retirement plan context, the best defensive front against health plan fiduciary liability is a formal, well-documented process to monitor health plan activities and service provider performance and fees. For those employers or plan sponsors that have not done so already, now is the time to either create a separate health and welfare plan fiduciary committee or direct the existing retirement plan fiduciary committee to cover health and welfare plan matters.
To establish a health and welfare plan fiduciary committee, plan fiduciaries should work with counsel to create a charter (or expand an existing charter) to set forth the responsibilities of the committee. These responsibilities could include:
- Collecting and evaluating broker/consultant fee disclosures;
- Monitoring medical plan service providers, including performance guarantee assessments;
- Conducting and evaluating the results of independent claims audits and contract compliance reviews;
- Monitoring pharmacy benefit managers and related service providers, including performance guarantee assessments, discount and minimum rebate guarantee reconciliation, independent claims audits, and contract compliance reviews;
- Conducting periodic requests for proposals to ensure that the scope of services, fees, network discounts, and pharmacy benefit manager pricing remain competitive;
- Monitoring compliance with law and directing service providers to make adjustments as needed;
- Managing government investigations;
- Addressing other miscellaneous matters, such as producing participant communications, handling participant or healthcare provider disputes, and managing health plan litigation.
As with retirement plan committees, health and welfare plan fiduciary committees will most likely need to hire subject matter experts—benefits counsel, independent benefit consultants, and auditors—to assist with fiduciary governance. Most importantly, these committees should maintain written records of all committee activities. These written records are the first line of defense against fiduciary litigation.
This Client Alert is the first of a series that Nixon Peabody’s Employee Benefits & ERISA team will release over the next two months. This alert series will provide a deeper dive into health and welfare plan fiduciary best practices, touching on medical and pharmacy service provider evaluation and monitoring, cybersecurity risks, management of participant claims and provider disputes, and fiduciary compliance reviews.