Welcome to Pensions, Benefits & Investments Briefings, Nossaman’s podcast exploring the legal issues that impact governmental, private and non-profit pension systems and their boards. Be sure to subscribe wherever you listen to podcasts so you don't miss an episode!
- Cybersecurity Risk Management for Pension Plan Administrators: Tips for Staying Ahead of the Hackers
With recent well-publicized data breaches impacting pension systems and their retirees nationally, as well as increased Department of Labor scrutiny surrounding cybersecurity policies and procedures implemented by ERISA employee benefit plan fiduciaries upon audit, the topic of cybersecurity risk management is even more top of mind for pension plan administrators. In this episode of Pensions, Benefits & Investments Briefings, Ashley Dunning and Michelle McCarthy welcome Peter Dewar, President of Linea Secure, and Amy Timmons, Senior Vice President of Administration & Technology Consulting at Segal, to discuss pension systems’ cybersecurity risk management and the impacts of artificial intelligence (AI), social engineering and “whaling,” as well as best practices and lessons learned with respect to pension systems’ cybersecurity risk management.
Transcript: Cybersecurity Risk Management for Pension Plan Administrators: Tips for Staying Ahead of the Hackers
0:00:00.0 Ashley Dunning: With recent well publicized data breaches impacting pension systems and the retirees nationally, as well as increased department of labor scrutiny surrounding cybersecurity policies and procedures implemented by employee benefit plan fiduciaries upon audit, the topic of cybersecurity risk management is even more top of mind for pension plan administrators. Today, we will gain insights from three experts on pension systems cybersecurity risk management, continuing a discussion we began in our podcasts nearly two years ago. In this podcast, we will continue our focus on highlighting best practices and discussing lessons learned with respect to pension systems cybersecurity risk management.
0:00:56.2 Speaker 2: Welcome to Pensions, Benefits & Investments Briefings, Nossaman's podcast exploring the legal issues impacting governmental, private and nonprofit pension systems and their boards.
0:01:11.5 AD: Welcome to another episode of Nossaman's Pensions, Benefits & Investments Briefings. I'm Ashley Dunning, Co-chair of Nossaman's Pensions, Benefits & Investments Group, and I'm joined today by three experts to help us address this important topic of cybersecurity risk management. First, I'm joined by my law partner Michelle McCarthy, who specializes in legal compliance advisory work for both ERISA and governmental plans, including among other topics, Department of Labor guidance on how plans governed by ERISA are to address cybersecurity risks. We also are joined by two leading cybersecurity experts who consult with pension plans globally. Peter Dewar, President of Linea Secure, and Amy Timmons, Senior Vice President of Segal Consulting. Welcome, Michelle, Peter, and Amy.
0:02:07.1 AD: So, starting first with Michelle to give us a little context here, it's my understanding that historically, the US Department of Labor or DOL has been relatively quiet with respect to fiduciary's responsibilities to protect ERISA-covered benefit plan data. That is until April 2021 when it issued new guidance for addressing cybersecurity risks associated with benefit plans. What changed?
0:02:35.5 Michelle McCarthy: It's important to note that leading up to the issuance of the guidance, there were a number of data breach incidents and cyber thefts that involved employee benefit plans, and that included a number of identity thefts and fraudulent withdrawals of participants retirement funds. And with these types of employee benefit plans, especially pension plans, it's critical to remember that there is a lot at stake. Because in addition to holding billions of dollars in assets, employee benefit plans contain personal data regarding participants, including the names, date of birth, addresses, phone numbers, Social Security numbers, beneficiaries, and with respect to health and welfare plans, it could include health data, among other things.
0:03:21.3 MM: And while the assets that are taken from an employee benefit plan can be quantified, the value of the stolen data is effectively unknown. Through issuing this guidance, I think the DOL was just clearly trying to signal to plan sponsors and fiduciaries that it expects them to implement strong cybersecurity practices and oversight of third party providers so as to reduce an organization's exposure to cybersecurity events.
0:03:48.9 AD: That's really helpful context. Thank you. Could you please summarize the Department of Labor's cybersecurity guidance that they've now promulgated? And specifically what does it direct both plan sponsors and fiduciaries to do?
0:04:04.5 MM: Sure. So the first piece of the DOL guidance is titled Tips for Hiring Service Providers, and this outlines factors that business owners and fiduciaries should consider when selecting retirement plan service providers. Specifically, it recommends that fiduciaries ask about the service provider's data security standards and audit results and benchmark those against industry standards. It also recommends that plan sponsors and fiduciaries ask about past security events and responses and evaluate service providers track record with respect to prior security incidences, like how have they responded to litigation or security leaks.
0:04:40.5 MM: It also recommends that plan sponsors confirm that the service provider has adequate insurance coverage that would cover losses relating to cybersecurity and identity theft, including losses caused by both internal threats and external threats, for example, employees versus third party fraudulent access to participant accounts. Finally, the guidance provides that plan sponsors should ensure that the services agreement permits the plan fiduciary to review the service providers cybersecurity compliance audit results, and require ongoing compliance with cybersecurity standards.
0:05:11.7 MM: There were two other pieces of DOL guidance. The first of these is called The Cybersecurity Best Practices. This is directed squarely at ERISA plan record keepers and service providers who have access to plan-related IT systems and plan data. For example, like a plan administrator that the plan sponsor would share the participant data with. This is probably the most detailed of the three pieces of sub-regulatory guidance, and it summarizes 12 best practices that service providers should implement to mitigate exposure to cybersecurity risks. Since Amy is going to be discussing these best practices in more detail, there's no need for me to summarize them here.
0:05:46.6 MM: But I would just say that although this guidance is specific to service providers, the DOL points out that plan fiduciaries should be aware of these best practices so as to enable them to make prudent decisions when hiring a service provider. For this reason, we've been recommending to our clients that are plan fiduciaries issuing RFIs or RFPs or negotiating agreements with service providers to use this as guidance to determine the minimum standards to request as representations from service providers when entering into new agreements. And we also recommend that the plan sponsor engage in meaningful negotiations over these types of terms, and that they document what they've done in order to ensure that these cybersecurity practices are complied with by the third parties that they hire.
0:06:32.7 MM: The last piece of DOL guidance is called Online Security Tips. This is directed at plan participants and beneficiaries, and it informs them of ways to keep their online information and account safe. And some of these security tips include the use of multi-factor authentication, keeping contact information current and avoiding phishing attacks. And we just recommend that plan fiduciaries, plan sponsors circulate these, provide notices to plan participants in order to help plan participants know ways that they could mitigate their exposure to cybersecurity threats. And this also is important that plan sponsors do circulate these types of notifications to plan participants in order to demonstrate to the DOL that they have complied with the guidance.
0:07:21.2 AD: Michelle, that was very helpful for providing the DOL guidelines here. And I'd like to turn to Amy now to have you share with us what you're seeing with regard to organization's compliance with DOL guidance regarding cybersecurity, if they're an ERISA plan or even if they're not necessarily governed by it, but perhaps looking to it for that guidance. And where are you seeing the biggest gaps between the DOL guidance and what organizations are actually doing?
0:07:56.6 Amy Timmons: So thank you, Ashley. The DOL guidance has really set the standard for most organizations on what they should be doing with regards to cybersecurity, whether they are an ERISA plan, whether they're a health plan or a pension plan, and whether they're public sector or not, it has become sort of the baseline measurement of how well you're doing on cybersecurity. If I look at the organizations that we've worked with, most of them are striving to comply. They're looking at the guidance and assessing where they're at, and most of them have done a pretty good job on the basics.
0:08:33.7 AT: But for each of the 12 different guidelines, there's gaps. So, if you are looking at having a well documented cybersecurity program or an effective business resiliency program, those things are on paper. They may be very well written on paper, but they haven't been tested or tested regularly. The second part of that program though is making sure the user knows what to do. And that's been another gap, is that the users don't know what to do. IT knows, but the business user, which is a person usually first faced with a hack or a breach, and they don't know what to do. So it's educating that average user.
0:09:17.1 AT: If you look at the next kind of group of guidelines, which include information security roles and responsibilities, strong access controls, strong technical controls, and a secure system development lifecycle program, those, many of them were loosened during COVID or have been loosened up for hybrid work or remote work. Now is the time to be reviewing them and see if they're still appropriate in today's environment and what you are doing in your work environment with your people. Not all of them are up to date. There's been new roles created, there's been new needs, people have changed roles, and there's new tools that can help you monitor and track roles, and those things need to be implemented to better secure yourself.
0:10:03.6 AT: Another guideline is conduct periodic cybersecurity awareness training. What I'll say is the key word in there is periodic. It's not a one and done. I've seen a lot of clients have hired people, done great training for them and then never done it again. And so the thing is to continually train your employees about cybersecurity awareness and what they can expect. Encrypting sensitive data store and transit, pretty standard. Most people are doing this, but what I'll say is make sure you encrypt everything. You're encrypting your phones, you're encrypting your laptops, you're encrypting your tablets, you're encrypting your desktops, et cetera, et cetera, et cetera. Anything that can be touching that data should be encrypted.
0:10:54.2 AT: Conduct prudent annual risk assessments and have reliable annual third party audit of security controls. What we're seeing clients facing is there are a variety of standards. There's NIST, there's HIPAA, there's SOX, there's SPARK, there's ISO. So, first question is, which standard do you comply with or which standard do you assess yourself with? And then the second piece is making sure it's done by a third party, giving you that fresh objective set of eyes looking at it. Appropriately responding to past cybersecurity incidents, Michelle already highlighted this when she talked earlier. You can't do an assessment and have audit or assessment findings and not do anything.
0:11:33.9 AT: In the DOL eyes, at least from our experience, that's even worse than not doing the assessment at all, because then you are knowingly allowing a gap in your security. But I will say, at the end of the day, the biggest one needing action is in fact assessing the security of your third party service provider and making sure that their security is sufficient for your needs and that you're comfortable with them. And then, depending on your findings, if it is a vendor that is not secure or you don't feel comfortable with their security, it then becomes a decision for senior management and trustees to determine if you wanna continue to do business with them, or if you wanna help them and work with them to get their security to a level you're comfortable with.
0:12:23.3 AD: Amy, thank you for all of that detail. You ended on third party vendors and risk, and I'm gonna ask Peter a specific question on that. Peter, how do you specifically recommend that plan fiduciaries manage supply chain or third party risks, particularly in light of recent publicly reported incidents that include exposure to annuitant information that Michelle referenced in her introductory comments?
0:13:04.8 Peter Dewar: Hey, Ashley. Thanks for that question. Supply chain risk management is a very difficult task for many pension funds and organizations generally because the vendors there to use to support many parts of normal business operations, for example, from IT services to actuarial and investment services and beyond, and each service area comes with its own risk profile. We recommend that pension funds specifically adopt a supply chain risk management program that will quantify the level of risk each vendor represents to the fund assets, either financial or confidential information, develop a governance policy on how supply chain risk will be managed and measured, and then evaluate if your supply chain is within compliance of your expectations.
0:13:45.3 PD: Extend your cybersecurity controls to third parties that have access to sensitive information, ensuring that the protections that you've deemed necessary to manage your organizational cybersecurity risk is extended to those that provide critical services to you. And then perform due diligence, by actively verifying that agreed upon cybersecurity controls are working as planned. This could be accomplished by reviewing either SOC reports or executing formal audits yourself or assessments by and doing that by gathering information through questionnaires as was mentioned before, or performance surveys.
0:14:26.8 PD: Now, we believe that the best time to encourage a third party to comply with your expected security governance is to include those provisions in your agreements at the beginning of a relationship or during the renewal period. That's when you have an opportunity to encourage them by gently nodding them along that these controls are important to us and that we require them to maintain our cybersecurity governance that we've put in place to protect our information. And now, you as a third party who has access to that information need to also make sure that those controls are working appropriately.
0:15:09.3 AD: Great ideas. Thank you. Turning back to you Amy, what are the emerging issues or concerns with cybersecurity that you see organizations having?
0:15:19.7 AT: I will say that the biggest issue right now is artificial intelligence, which is a hot topic everywhere, but paired with that is social engineering. The first reported case of artificial intelligence voice hack happened in March 2019 where hackers convinced a CEO of a UK energy company to send $243,000 to a hacker because they recognized their boss's voice. In October of 2021, fraudsters used AI voice to convince a bank employee to transfer $35 million to a fraudulent account. These are things that aren't necessarily covered by cyber liability insurance because you voluntarily sent the money, and if you don't admit that something happened, you won't get your IT people to quickly try and pull things back.
0:16:18.7 AT: Fake images are all over the internet, all over the news. You can see those all the time. One of my favorite stories on the fake images is in 2019, a 17 year old generated a fake congressional candidate that was certified by Twitter and Ballotpedia as a legitimate candidate for the election. It's all fake. And then, more entertaining, June in 2022, Metaphysic, is a company, appeared on America's Got Talent and demonstrated a real time deep fake of a singer performing as Simon Cowell. So, it's all over the media. People are going to fall for, oh, I recognize their voice, oh, I recognize that image, that face if I'm on video with them, and it's problematic in every case.
0:17:10.3 AT: So, what I would say is the three biggest risks from my perspective are AI paired with social engineering. Getting fooled to give information that you shouldn't that allows hackers to get money, get into your system, get information, steal. Part of that is paired with the second biggest risk, which is unknown policies, making sure that people know who is authorized to do what kind of transfers, what's their span of authority, what are your policies and what are the verification steps to make sure it's a legitimate request? And finally, where we're seeing big attacks is on what is called whaling. It's phishing, but it's phishing for targeted executives and key people who have that span of control and that access to transfer money, approve of access to systems and information. Staying on top of those are really some of the biggest risks we're seeing with clients.
0:18:14.7 AD: So much to think about, Amy. I'm sure your examples give people a lot of pause when they think they also would recognize somebody's voice, certainly their image. That's typically the way that sort of, in my world, one verifies things. And as you point out, that doesn't work with social engineering and AI. And I'm sure the whaling comment will be of interest to many who listen to this podcast as there are some who are going to be more targets for what you're talking about. Peter, in light of all of this and what you also see in your world, consulting on these issues, what are some of the best practices that you would recommend for organizations to adopt so that they can manage this evolving cybersecurity threat?
0:19:04.8 PD: I think it's best that an organization design and implement a comprehensive information security governance program that proactively manages cybersecurity risk, rather than reacting to each evolving risk as it comes out. The program should align with best standards for enterprise risk management, such as the National Institute of Standards and Technology's Risk Management Framework, the NIST 800-53 Revision 5 Cybersecurity Standards, or the International Organization for Standardization, ISO 27000 series. And there are many others that I won't mention. The program components could include the review and development of governance, cybersecurity and risk management policies, a classification of the data that's collected, generated, and used by the organization.
0:20:00.8 PD: It could include the development of incident response plans that include the testing of such plans. Also designing and implementing a vulnerability management program so that you could be aware of the evolving threats, as many of our audience have heard about the recent threats that have affected pension fund operations. And so you want to be aware of the evolving threats and determine if you're affected by them. Also, performing penetration testing so that you could see if threats that are out there become actual vulnerabilities for your organization and could be exploited by threat actors. We recommend also creating a cybersecurity awareness and training program so that the organization's staff becomes aware of the threats that they could be exposed to based on the role within the organization.
0:20:56.9 PD: We recommend developing a system security plan for major applications that specify the security controls, that protects the technology, data and people that use the systems. This should also be consistent with the overall organization security posture and policies. But significantly, organizations should develop a way to measure if they're progressing or regressing in any of the areas identified. Some organizations utilize a scoring methodology that makes it easier to communicate the results of an information security program to non-technical parties such as your board and executive staff. These are some of the things, Ashley, that we recommended organizations do, especially develop an information security program with a comprehensive governance structure that manages cybersecurity risk management similar to the way that risk is managed across the organization in other areas.
0:21:58.5 AD: Thank you. That's a lot to think about. Amy, without necessarily repeating some of the insights that Peter provided, and I'm sure are right up there for you as well in terms of best practices, are there any other key activities that you're seeing organizations take to better protect themselves?
0:22:20.2 AT: Other than, as Peter said, it is testing, it's training, it's having that plan and making sure that everybody understands it, there's a couple other activities. One particular to pension plans is encouraging your actives and retirees to register for their online accounts. I can't tell you the number of times and talking with people, they're like, "Oh, I'm not signing up for my online account because then I won't be exposed to that evil hacker." You're actually worse off. As an organization, encouraging people to register and make sure that they're the ones registered for the account, because one of the biggest hacks on pension sides has been finding those inactive accounts and registering and signing up people for those accounts and redirecting their pensions. So that's a huge one. It's a very simple thing to be doing, but it's very important for the safety of the organization and your membership.
0:23:19.6 AT: One of the other big things that we've seen, and we had a client who had a ransomware attack and didn't have this in place, is having vendor partners at standby and ready to help you when something happens. And I do mean when, because this is not an if anymore, sooner or later something is going to happen that may look like a breach. And if you have cyber liability insurance, they have those vendor partners at standby and ready. But if you don't have that insurance, you need to have a pre-screened, already have a relationship with lawyers, with IT forensic experts, with public relations people, with credit monitoring services, all those things to be ready, because if you don't, it will take you months and months and months before somebody will even talk to you about it. And so you're just way behind on the recovery curve. So, those are probably the biggest things I would say that we're seeing to add on to what Peter already identified.
0:24:21.6 S2: Those are great takeaways, Amy, and probably of great interest to, whether it's retiree organizations who are trying to inform their own membership about why it matters that the retirees themselves sign up, as you say, for their online accounts, or the administrators who obviously are very busy with all sorts of things, but this has to be high on the to-do list if they don't have it in place already. To that point of staff and managing all of this risk, Peter, I'll end with a question for you. Noting that many funds are challenged to hire skilled and experienced staff to fill the unique roles required for cybersecurity personnel, do you have any recommendations for them as to what to do and and maybe identify some trends in the industry on this point?
0:25:14.4 PD: Yes, actually I do. So, the staffing challenge is not limited to pension funds, and is being experienced by many public and private entities as organizations compete for the same skilled resources. The challenge is more acute when the mission requires specialized resources in many disciplines and organizations are constrained by the number of personnel that could allocate to any one area, such as cybersecurity per se, which require both technical and non-technical skillsets. Some of the challenges include limited staff with the experience to address the magnitude of the problem being faced. Vulnerabilities are exposed on a daily basis. And IT and cybersecurity positions are very expensive.
0:26:00.2 PD: The magnitude of the threats across an entire organization, they're expansive, and the ability to identify those threats are limited if knowledge of inherent threats that pension funds specifically face are not understood. To solve this problem, many organizations are turned into virtual information security services that offer an array of options for them to choose from to address the needs that are not being met internally. These combined services include internal risk assessments, penetration testing, vulnerability management, security policy development and implementation, and third party risk management services. Also cybersecurity awareness and training, as Amy had discussed before, and this includes social engineering campaigns and application security plans to protect the major systems that you run.
0:26:54.8 PD: So, virtual services are scalable to meet the need of an organization where specialists in each domain could be used at a fraction of a cost to carry them, say, as staff members, covering the array of inherent risks and internal and external threats that funds would face. So, these are just some of the ways that organizations are trying to find outside resources rather than carrying expensive staff, especially in a narrow domain, but one that covers the entire organization. It's is very hard to find, say, a technical person that's familiar with the investment process, say, that has a lot of inherent risk. So, when you're moving financial assets around, we're finding that threat actors are inserting themselves into that conversation.
0:27:48.9 PD: As Amy pointed out, using voice impersonation, they were able to redirect funds. Well, they're doing that during, say, a capital call, a process where you have to fund an investment. And so a threat actor is trying to redirect the funds any manner that they can. It might be using AI or just using regular intercepts of email and so forth, but they're reading board minutes. So, they're understanding your business operation. They understand when you take a position in a certain asset or if you're using a certain service because usually the approval of that contract is public. So, they understand the third parties that you utilize, and they're becoming very smart about how to attack you because you are providing a lot of information publicly that they could consume and craft attacks to exploit any vulnerabilities they could find in your business operation.
0:28:55.4 PD: And these vulnerabilities might not be technical. They might just be business processes that you are performing that are required business processes, such as the use of an actuary. Most funds do an annual independent actuary evaluation, and threat actors know that you're providing a third party with a copy of your entire participant or census data to someone else. And if I could intercept that transaction that was recently occurred with another service that we are all aware of, then I could get access to your data without actually compromising your systems, but I could then compromise the third party. So, the problem is huge, and having the right services or staff mixture to mitigate the evolving threats is a challenge that many organizations are facing today.
0:29:55.5 AD: Thank you for that, those insights, and we will conclude this podcast now with a big thanks to all three of you, Michelle, Peter, and Amy, for contributing to our knowledge in this important and evolving area. For additional information on this topic and other pension issues, please visit our website, at nossaman.com, and don't forget to subscribe to Pensions, Benefits & Investments Briefings wherever you listen to podcasts so you don't miss another episode. Until next time.
0:30:30.7 S2: Pensions, Benefits & Investments Briefings is presented by Nossaman LLP, and cannot be copied or re-broadcast without consent. Content reflects the personal views and opinions of the participants. The information provided in this podcast is for informational purposes only. It is not intended as legal advice and does not create the attorney-client relationship. Listeners should not act solely upon this information without seeking professional legal counsel.
- Risk Management Lessons for Directors and Officers from Recent Bank Failures
The first half of 2023 has seen three bank failures, Silicon Valley Bank, Signature Bank and First Republic Bank. In 2008–the last time multiple FDIC-insured banks failed–the collapse of the economy and massive bank reform followed. In this episode of Pensions, Benefits & Investments Briefings, Yuliya Oryol and Patrick Richard discuss risk management lessons for directors and officers to be drawn from these recent events. Were the challenges facing these banks unique, or are the risks more prevalent?
Transcript: Risk Management Lessons for Directors and Officers from Recent Bank Failures
0:00:00.7 Yuliya Oryol: Transcript: Today, we will be discussing the lessons learned from the recent bank failures, should the directors and officers of the regional banks have seen it incoming? What are the implications for the risk management of your business?
0:00:22.8 Speaker 2: Welcome to Pensions, Benefits & Investments Briefings, Nossaman's podcast exploring the legal issues impacting governmental, private and non-profit pension systems and their boards.
0:00:44.6 YO: Welcome to another episode in Nossaman's Pensions, Benefits & Investments Briefings. My name is Yuliya Oryol. I'm a partner at Nossaman and co-chair of the firm's pensions, benefits & investments group. I focus my legal practice primarily on representing public pension plans and other institutional investors nationally and internationally in connection with public and private market investments, including alternative investments and related regulatory work.
0:01:15.2 YO: I am joined today by Patrick Richard, also a partner at Nossaman and co-chair of the firm's corporate group. Patrick has more than three decades of experience as a commercial trial lawyer. He has significant trial experience, successfully representing publicly traded companies, individuals, government agencies as both defendants and plaintiffs.
0:01:36.0 YO: He has been lead counsel in over two dozen successful civil complex arbitrations, jury and bench trials. Patrick has particular experience representing the FDIC in complex business transactions and corporate governance litigation related to breach of fiduciary duties and business-toward actions. He has also worked on numerous governmental investigations related to financial fraud.
0:02:03.3 YO: As background, in March 2023, three regional banks, Silvergate Bank, Signature Bank and Silicon Valley Bank failed. First, Silvergate Bank and Signature Bank had massive exposure to cryptocurrency, and their problems were triggered as a result of turbulence caused by the collapse of cryptocurrency exchange FTX.
0:02:23.4 YO: Next came Silicon Valley Bank. This highly successful regional bank in Silicon Valley had decided to shift its bond portfolio to longer maturity rate bonds. And subsequently, its bond portfolio greatly decreased in value due to the many interest rate hikes imposed by the Federal Reserve. Ultimately, Silicon Valley Bank failed as a result of a bank run by its depositors who became concerned about the bank's liquidity, which was triggered after the bank sold its treasury bond portfolio at a significant loss.
0:03:00.0 YO: The vast majority of the depositors who withdrew their funds from Silicon Valley Bank were technology companies, portfolio companies, the venture capital firms and private equity firms, and wealthy individuals, many of whom were in the high-tech industry and whose account balances exceeded the 250,000 insured by the FDIC. To most everyone's surprise, the Federal Reserve decided to take extraordinary measures in order to prevent global contagion in the financial markets and prevent further panic if the bank collapsed.
0:03:32.3 YO: Despite the extraordinary move by the Fed officials to backstop billions of dollars in uninsured funds, Silicon Valley Bank was eventually shut down in March 2023 by the California Department of Financial Protection and Innovation.
0:03:42.1 YO: Finally, more recently and still spooked by the run on Silicon Valley Bank, depositors started withdrawing their money from First Republic Bank. First Republic had focused on high-net-worth individuals whose deposits were mostly uninsured since they exceeded the 250,000 FDIC limit. Despite the initial 30 billion capital infusion from a group of major banks, First Republic Bank was not able to regain confidence from its depositors and stockholders. On April 29th, the FDIC closed the bank and sold it to JPMorgan Chase.
0:04:16.9 YO: Patrick, there is so much here that we could talk about today, but let's start with risk management. What are the lessons learned from these recent bank failures for directors and officers?
0:04:27.6 Patrick Richard: Well, thank you, Yuliya. And, yes, while there are any number of takeaways from these recent events, I see it as a tension between sales and growth on the one hand and prudent risk management on the other. Based on my experience, our experience litigating bank failure cases, I really don't think there's anything new here. These are known risks. Growth, high concentration on the balance sheet, et cetera, these have all happened before. That's why I call them known risks. So, the first lesson, if you're an officer or director, especially of a bank, is you need to understand and satisfy yourself that your bank has a strong, experienced risk manager and risk management culture.
0:05:17.6 YO: Risk management culture, what do you mean by that?
0:05:21.6 PR: Sure. As anyone who's been involved in a bank or any other business, there are many risks that face your enterprise: Operational risks, competitive risks, economic risks, specific market risks for acceptance of your company's products. There's financial risks, running out of capital, whether you're a start-up or the risk of a run on the bank or simply your costs of capital increase beyond what you can handle. There are regulatory risks, litigation risks, among others.
0:05:57.1 PR: But even though risk management is challenging, these types of risks, these types of risks are well-known. So whether the precise risk will overtake your bank or business, that can't be predicted precisely any more than turning points in the economy can be predicted. But the risks are there. They're known. The risk that I think is an overarching thematic risk that's helpful and particular for directors who are not making management decisions and they're not necessarily down in the weeds on a lot of these other risks, they can understand and remember that growth, rapid growth beyond your peers, that is a red flag. That is a risk to your bank or business.
0:06:45.9 YO: That's interesting because it seems to me that business growth should be seen as a positive and yet you also talk about risk. Why is it a risk?
0:06:54.9 PR: If you look at any of the postmortems on failed banks going back to this crisis or the SNL crisis decades ago, the risk of growth is a risk for two reasons. If it's rapid growth on your balance sheet, there's two things that should be looked at closely. One, rapid growth can mean that your growth outpaces your risk management. Then you see this with banks where the number of credit officers, for example, doesn't keep up with the number of new account officers, loan officers, and production. So it's simply, sometimes growth means that your risk management infrastructure is not keeping up.
0:07:44.1 PR: The other risk of rapid growth... And again, if you're growing two, three times others in your space or your peer group, look at the concentration on your balance sheet. Are you achieving rapid growth through an increase in a certain class of risk, whether it's questionable loans, looser underwriting, a high concentration in a certain geographic area, high concentration of cryptocurrency, or investing in what you might think was perfectly safe, long-term notes, treasury notes, when you have short-term liabilities like bank deposits. So those two things outpacing your risk management infrastructure or achieving growth through higher concentration, which, of course, is a well-known risk.
0:08:32.5 YO: But banks cannot avoid risk, can they? I mean, what in particular is the role of a board member than particularly an outside board member and risk?
0:08:43.3 PR: Sure. And I heard this a lot when I would be talking to or cross-examining former CEOs and board members, members of the bank's loan committee who would sit back and say, "Well, all lending involves risk" as though that was a sufficient explanation. Who knew? We couldn't predict it. We were just unlucky.
0:09:06.8 PR: And the flip side is, while it's true you have to take risk in order to be successful, you absolutely have to identify and manage the risks unique to your enterprise. So for the outside board member, that means, first, educating yourself on what is your role. There's actually a lot of literature from the FDIC and other regulators on guidance for board members, including outside board members. You need to inform yourself. You need to be active. You need to ask the tough questions. It basically means you need to bring a healthy skepticism to management.
0:09:43.1 PR: So in this case, again, it comes back to the main lesson learned. If you're the outside board member, you need to understand your enterprise's risk management culture and the leadership of your risk management team. Silicon Valley Bank, for example, really had no chief risk officer at the time of its failure.
0:10:00.0 YO: Wow. I didn't realize that was the case. But you're talking about banks. And are these risks then unique to banks and other financial institutions?
0:10:12.1 PR: They're unique in this sense, Yuliya. Banks, unlike other businesses, are required to be operated in a safe and sound manner because they're accepting insured deposits from the FDIC. Banks are not supposed to take on the same level of risk as a startup company or high tech company or other businesses. On the other hand, every business, wherever it is in its business cycle, faces enterprise risk management.
0:10:43.0 PR: And so I would say the common theme, the common risk is, what are you incentivizing? Who's getting bonuses and for what? If you follow that, that's an important part of prudent risk management. So, for example, in the abstract, you could say, well, gee, how could opening new bank accounts pose a risk to a bank? Well, if you're giving a bonus to people just for opening new bank accounts, you better audit that program to see if those are all bonafide new accounts, or you can end up with a problem like Wells Fargo had. So follow the money, see what it is you're incentivizing folks to do. And that's a major role for not just the managers, but the outside board member to understand, what are we incentivizing?
0:11:33.9 YO: The directors and officers you're talking about were fiduciaries, and they had fiduciary duties. Can you talk a little bit about that and explain the type of fiduciary duties directors and officers in the financial institutions are expected to have?
0:11:49.9 PR: Sure. And I think there's really two aspects to this. One, I think all directors generally understand that fiduciary duty means you have to put the interest of the bank ahead of your own, right? You have to avoid self-dealing. You have a fiduciary duty of loyalty. But you also have a fiduciary duty of competence, to be informed, to be an active independent director. That's your oversight role. That's your fiduciary duty.
0:12:20.9 PR: Not showing up to meetings or not asking questions or not informing yourself, many would argue, especially if it's a postmortem of a failed bank, you fell out on your job. You did not fulfill your important role. You had a job to do. You had a fiduciary duty.
0:12:39.2 YO: Finally, based on your experience in trying cases for the FDIC, what are some of the red flags directors and officers should be aware of regardless of the industry?
0:12:49.7 PR: Sure. One would be if... Like, there's a host of regulatory and reporting and requirements faced by publicly traded companies, banks, and other regulated businesses. But that's not the end of risk management. That's the beginning of risk management. You as a director need to understand the dominant culture of your enterprise. Is it a dominant sales culture, growth, growth, growth, sales, sales, sales? What is the risk management culture?
0:13:21.8 PR: It needs to be top down. Is the chief credit officer or chief risk manager engaged? Does management listen to them? Does the board listen to them? There's tendency to downplay risks. And the role of the outside board member is to bring that broader perspective. It's not enough to say, well, we've been around 40 years like Silicon Valley Bank or 140 years. Bear Stearns, Lehman Brothers those institutions had been around a long time.
0:13:51.0 PR: It comes back to known risks. The economy is cyclical. There are ups and downs. And you need to bring that perspective to your risk management. Learn from these recent events. As Warren Buffet has said, "It's good to learn from your own mistakes, but it's better to learn from someone else's mistakes." So that would be my overarching takeaway from these recent events.
0:14:17.5 YO: Thank you so much, Patrick. This conversation and your insights have been extremely informative and instructive. And thank you to our listeners for joining us on this episode of Pensions, Benefits and Investments Briefings. For additional information on this topic and other pension issues, please visit our website at nossaman.com. And don't forget to subscribe to Pensions, Benefits, and Investments Briefings wherever you listen to podcasts so you don't miss another episode. Until next time.
0:14:51.6 Speaker 2: Pensions, Benefits & Investments Briefings is presented by Nossaman LLP and cannot be copied or re-broadcast without consent. Content reflects the personal views and opinions of the participants. The information provided in this podcast is for informational purposes only. It is not intended as legal advice and does not create the attorney-client relationship. Listeners should not act solely upon this information without seeking professional legal counsel.
- Secure 2.0 Brings Big Changes to Retirement Plans
Congress recently passed the SECURE 2.0 Act of 2022. Building on the Setting Every Community Up for Retirement Enhancement Act of 2019, SECURE 2.0 attempts to expand retirement plan coverage and increase retirement savings opportunities for United States workers. In this episode of Pensions, Benefits & Investments Briefings, Michelle McCarthy and Ashley Dunning discuss the key provisions of SECURE 2.0 most likely to impact 401(k) and 403(b) plans sponsored by large private-sector employers and also touch upon a few of the provisions that will impact 401(a) plans administered by governmental retirement systems.
Transcript: Secure 2.0 Brings Big Changes to Retirement Plans
0:00:00.0 Ashley Dunning: Setting Every Community Up for Retirement Enhancement Act of 2019, or the SECURE Act, was enacted on December 20th, 2019, as part of the Further Consolidated Appropriations Act of 2020. It was the first significant piece of federal retirement plan legislation to be enacted in more than a decade. Congress enacted the second on December 29th, 2022, the SECURE Act 2.0. In this episode of Pensions, Benefits & Investments Briefings, we summarize the key provisions of SECURE 2.0, most likely to impact 401(k) and 403(b) plans sponsored by large private sector and nonprofit employers. We'll also touch on a few of the provisions that will impact 401(a) plans administered by governmental retirement systems.
0:01:03.8 Intro: Welcome to Pensions, Benefits & Investments Briefings, Nossaman's podcast exploring the legal issues impacting governmental, private and nonprofit pension systems and their boards.
0:01:25.5 AD: Welcome to another episode of Nossaman's Pensions, Benefits & Investments Briefings. I'm Ashley Dunning, co-chair of Nossaman's Pensions, Benefits & Investments group and I'm joined today by Michelle McCarthy, our newest Pensions, Benefits & Investments partner. Welcome to the firm and to this podcast, Michelle.
0:01:43.7 Michelle McCarthy: Thanks, Ashley. I'm excited to be here at Nossaman and on the podcast. Before I begin, I just note that SECURE 2.0 has more than 90 retirement plan provisions. We won't be able to touch on all of them in today's podcast, but I'm going to touch on the ones that I think are the most relevant.
0:02:01.9 AD: As we start out, though, sort of big picture, I understand that many of these changes are mandatory while others are optional. Is that right?
0:02:11.1 MM: That's exactly right. Further complicating matters, a number of these changes take effect over multiple years and have different effective dates for each provision. It's complicated. Also, the DOL and the IRS haven't issued guidance on these. They haven't had an opportunity to issue that guidance, so we're awaiting a lot of that. That should be coming down the pipe, but I'll note that when I go over each of the provisions individually. The first notable change that I'll talk about is the automatic plan enrollment and escalation rule, which applies to new 401(k) and 403(b) plans. Note that it applies to new 401(k) and 403(b) plans. That's 401(k) and 403(b) plans that are established after SECURE 2.0 went into effect. Under this new rule, plans must automatically enroll eligible employees in the plan, starting at a deferral rate of at least 3% and no more than 10%. And new plans must also automatically increase the employee's deferral percentage annually until it reaches a maximum percentage, which percentage is going to vary depending on the type of plan.
0:03:15.6 MM: Employees will have the ability to opt out of automatic enrollment. This only applies to new plans. It would only apply to plans that are established after SECURE 2.0 was enacted and plans have until January 1, 2025 to gear up for this change.
0:03:36.8 AD: That seems like a pretty big change to have an automatic enrollment provision and I'm sure those in the audience who administer these plans are trying to work through the nuances of it and the applicable dates, as you noted. Would this rule apply, though, in the event of, say, a spinoff, where, for example, a new plan is created by spinning that plan off from a currently existing plan?
0:04:01.3 MM: That's a really good question. Where an employer spins off a plan from an existing plan and creates a new plan and transfers plan assets from the old plan to the new plan, I don't know the answer to that question. I think that we're going to just have to wait for guidance on that, but that's a good question, Ashley.
0:04:17.8 AD: Fair enough. This is all very new. I understand that SECURE 2.0 addresses a part-time employee coverage. Could you tell us about that, please?
0:04:28.8 MM: Yes. Currently, part-time employees can be excluded from a 401(k) or 403(b) plan. The original SECURE Act required 401(k) plans to permit part-time employees the option to make elective deferrals to the plan if they had attained age 21 and worked at least 500 hours of service in the last three consecutive years, but that change never went into effect. The IRS delayed the effective date, most likely due to the pending SECURE 2.0 legislation, I'm guessing, which reduces the three consecutive year requirement to two consecutive years and extends the requirement to ERISA covered 403(b) plans. Under this new rule, part-time employees that obtained age 21 and have worked at least 500 hours in the last two consecutive years have to be eligible to participate in the plan. One thing I would just note is that employers are not required to provide employer matching on non-elective contributions on behalf of part-time employees that become eligible under this new rule.
0:05:32.6 AD: Is that 500 hours total in two years or each year 500 hours?
0:05:35.5 MM: That's 500 hours cumulative, so total.
0:05:39.1 AD: That still seems like a somewhat cumbersome administrative requirement to have to track a part-time employee's hours. Do you have a sense of whether, in that context, it would make sense for employers that currently exclude part-time employees simply to allow all employees to participate that way, they could avoid the administration required to keep track of the employee's hours during any two-year period.
0:06:04.9 MM: That's a good point. It certainly is a cumbersome administrative requirement to keep track of, but the one thing I would just note is that if a part-time employee becomes eligible under the new rule, the employer is not required to provide employer matching, whereas if part-time employee becomes eligible to participate by virtue of the normal course, then the employer would need to pay matching contributions on the amount that the part-time employee elects to defer. So I guess employers are just going to have to weigh whether it's worth the administrative burden of keeping track of the hours over a two-year period.
0:06:41.5 AD: Interesting changes. One other aspect of SECURE 2.0 I've heard about is it permits plan sponsors and administrators to offer small financial incentives to encourage plan participation. Could you tell us a bit about that change?
0:06:57.8 MM: Before SECURE 2.0, employers could only offer matching contributions to incentivize employees to participate in their retirement plans, but now employers can offer the small de minimis financial incentive to get employees to participate, perhaps like a $10 gift card. The point is to keep it small and employers probably want to be conservative because de minimis is not defined anywhere and in other contexts, the IRS has issued guidance which says that anything over $100 could never be considered de minimis. So I don't know if this means that if an employer could give a gift card for $99, I think employers are going to want to try to be conservative about that, at least until the guidance is issued.
0:07:42.0 AD: Michelle, I understand that SECURE 2.0 also permits employer matching contributions to cover student loan repayments. Is that right?
0:07:53.1 MM: So that's correct, Ashley. Beginning for plan years starting January 1, 2024, sponsors of 401(k) and 403(b) plans are permitted to provide employer matching contributions based on the employee's qualified student loan repayments that are made outside of the plan. So this is a great benefit for employers and a lot of employers will be interested in this because employees that are making student loan repayments maybe aren't able to make deferrals under the 401(k) like other employees might be financially able to do.
0:08:23.7 MM: Qualified student loan repayments include the repayment of qualified education loan amounts that are incurred by an employee to pay qualified higher education expenses. And one thing that plan sponsors might be excited about too, is that now under this new rule, an employee can self-certify that the payments have been made on such loans and that such loans constitute qualified higher education expenses. So it becomes a lot easier for the employers to administer this benefit.
0:08:51.8 AD: That does seem like a really great benefit, Michelle. I mean, it seems like there'd be real value both to the companies as you note and to their employees to adopt this benefit.
0:09:02.3 MM: Absolutely. I agree. I think that there will be a lot of interest from C-suite to offer this and show that the company cares about employees and is a forward-thinking place of employment. It's really something that companies should discuss with their advisors and think about speaking with vendors about to ensure that they can have this up and running for 2024 assuming that they want to do that.
0:09:25.3 AD: So on these matching contributions on student loans, may those be at a different rate than for the matching contributions for elective deferrals?
0:09:34.5 MM: The one thing that the legislation is clear about is that it has to be at the same rate both on the matching and on the student loan repayments. The two must mirror one another.
0:09:45.1 AD: Good to know. On a different topic, the catch-up contribution issue is getting a lot of attention. Could you explain those changes that are in 2.0?
0:09:56.1 MM: So catch-up contribution limit for 2023 is 7,500. That's the current catch-up contribution limit. The increased limit for participants who attain ages 60 through 63 during the year is going to be the greater of $10,000 index for inflation or 50% more than the regular catch-up limit. This is a required change if the plan offers catch-up contributions at all. So it's going to raise the limit to $11,250 for 2025.
0:10:28.5 AD: That's going to be important for, again, for the employees and the employers to keep track of. Tell us a little bit about the change in Roth contributions.
0:10:38.5 MM: Another change is the expansion of Roth contributions. So effective 1/2024, if an employee has wages in excess of $145,000 in the prior plan year then all catch-up contributions that are made to a 401(k) or a 403(b) plan by that employee are going to be subject to Roth contribution tax treatment. Catch-up contributions made by an employee with wages under the $145,000 index limit can continue to be treated as pretax contributions unless the employee affirmatively elects to have it treated like a Roth contribution. But for other employees, the change is going to be mandatory. So if they have over $145,000 in wages in the prior plan year, then their catch-up contributions will be treated like a Roth contribution.
0:11:25.9 AD: Would this force the plan sponsors to offer a catch-up to implement a Roth contribution feature?
0:11:31.9 MM: Yes, that is a really good point. This is going to force plan sponsors that offer catch-ups to implement Roth because to the extent that they have any employees that make more than $145,000 in the prior plan year, then they're going to have to implement a Roth feature. Another facet of the Roth contribution changes that is effective immediately is that SECURE 2.0 allows plan sponsors to provide participants with the option to receive matching contributions or non-elective contributions on a Roth basis, so on an after-tax basis. And this is an optional change and it applies only to matching contributions and non-elective contributions that are fully vested when contributed to the plan.
0:12:13.6 AD: Lots of information to digest. On another topic that I understand is in SECURE 2.0, could you tell us about the new emergency savings option?
0:12:23.9 MM: Sure. So SECURE 2.0 also adds an emergency savings option to be set within a 401(k) or 403(b) plan. Employees can be automatically enrolled, but it's at no more than 3% of their salary. And the portion of an account attributable to the employee's contribution is capped at $2,500 or lower set by the employer and indexed for future years. Contributions are made on a Roth-like basis and are treated as elective deferrals for purposes of employer matching contributions. And they must be invested on an investment option designed to preserve principal and offer a reasonable rate of return. The first four withdrawals from that emergency savings account each plan year may not be subject to any fees or charges solely on the basis of the employee having made the withdrawal.
0:13:11.2 MM: Basically, it's going to be pretty easy for employees to say, for example, their furnace goes out. They could easily just tell the employer that they need to make a withdrawal from their emergency savings account and it would be done. Another feature that I just note is that on termination, employees may take their emergency savings accounts as cash or they could roll it into a Roth defined contribution plan or an IRA. The last thing I just note about this is that the change is optional and it's effective for plan years beginning on or after January 1, 2023.
0:13:44.3 AD: That's really interesting. Do you think that adding this provision will likely reduce the number of hardship withdrawals?
0:13:51.4 MM: Absolutely. I think so. I mean, it's going to be so much easier for employees to make this withdrawal. It would definitely... The employees are going to tap into their emergency savings option before they tap into the hardship withdrawal provision. This is definitely something that employers might want to consider adding to their plans.
0:14:12.1 AD: I'd like to shift gears and talk now about the required minimum distribution rules as impacted by SECURE 2.0. I understand that that's a new rule that's going to have even broader applicability to both the governmental plans as well as the ERISA plans that you've been talking about.
0:14:29.9 MM: That's right, Ashley. These changes apply not only to the private and nonprofit plans governed by ERISA that I referenced in my earlier comments, but also governmental plans as you note. Prior to the original SECURE Act, the required minimum distribution age was 70 and a half. The original SECURE Act increased that age to 72 for people that were born on or after July 1, 1949. And then the SECURE 2.0 increases the RMD age to 73 for people who turn age 72 after 2022 and age 73 before 2033. For people who turn age 74 after 2032, the RMD age is now 75.
0:15:15.3 MM: This is a mandatory change. It's going to impact both defined contribution and defined benefit plans. One caveat is that if you are a defined benefit plan and want to retain a younger forced out age, you can still do so. This avoids the actual increase that applies at 70 and a half. Also affected January 1, 2024, participants will not be required to take RMDs on Roth contributions that are held in their retirement plan. And this impacts both 401(k), 403(b) as well as governmental 457(b) plans. Also effective immediately, the penalty for failing to take an RMD is going to decrease from 50% of the amount of the missed RMD to 25% of that amount.
0:16:00.7 AD: Well, that's a lot of changes to RMDs and I'm sure plan administrators are going to be considering how to effectively communicate this information to their employees and their members generally in these governmental plans. Another topic I understand SECURE 2.0 addresses is cash out limits. Could you tell us about those?
0:16:22.1 MM: Sure. Under current law, 401(k) and 403(b) plans can automatically cash out participants and beneficiaries who have balances of $5,000 or less, provided the balance exceeding $1,000 and up to $5,000 must be rolled over to an IRA established in the participant's name. So SECURE 2.0 allows an optional change. This change goes into effect January 1, 2024, if employers elect it and it would increase the automatic cash out limit from $5,000 to $7,000. SECURE 2.0 also allows an automatic portability provider to automatically transfer a participant's balance from a default IRA established after an automatic cash out into a defined contribution retirement plan sponsored by the participant's new employer, unless of course the participant affirmatively elects otherwise. So this again is an optional change and we're expecting some DOL guidance on this provision shortly.
0:17:16.0 AD: Let's talk about changes to the hardship rules. Those have changed under SECURE 2.0 as well, right?
0:17:23.5 MM: That's correct. Beginning in 2023, employers may rely on a written representation from a participant confirming that a hardship request meets the plan's need and amount requirements. So before this, it was a lot more difficult for employers to ascertain whether the amount that the participant was requesting met the requirements of a hardship withdrawal. In order to constitute a hardship withdrawal, the employee must have an immediate and heavy financial need and the distribution must be limited to the amount, "necessary to satisfy" the financial need. This self-certification is permitted as long as the employer has no actual knowledge. To the contrary and the employer may also use one of two other methods if desired. They could use the traditional substantiation method. So that would be to obtain the actual source documents that substantiate the need for the distribution or the summary substantiation method, rely on a participant's provided summary of the financial hardship.
0:18:26.7 AD: Michelle, is there any guidance as to what types of events would allow someone to establish that they have an immediate and heavy financial need under this rule?
0:18:35.2 MM: So the seven events that establish immediate heavy financial need are for medical care, costs related to purchase of primary residence, tuition payments, payments necessary to avoid eviction, funeral expenses, expenses to repair the principal residence, or expenses resulting from a federally declared disaster.
0:18:55.3 AD: Well, that's all very good to know and important for people who need those funds. I understand that SECURE 2.0 also modifies distribution rules applicable in the event of a federally declared disaster, is that right?
0:19:09.6 MM: That's correct. Under the new rules, if a participant is impacted by a federally declared disaster, she can request a distribution of up to 22,000 from her retirement. This distribution is not subject to the 10% early distribution penalty tax and it can be taken into income over three years. And the participant has the ability to repay this distribution to the retirement plan in a later year. SECURE 2.0 also allows plan sponsors to increase the maximum loan amount that is available to a participant in the event of a federally declared disaster to $100,000 or 100% of the participant's account balance if that amount is less.
0:19:50.1 MM: Plan sponsors can also extend the loan repayment period for such participants by one year. And these changes are effective immediately and they're optional. However, even if the plan sponsor does not implement these changes, a participant could still avoid the penalty tax by completing his or her tax return to indicate that it was used for hardship or a federally declared disaster.
0:20:12.8 AD: Aren't there other exceptions to the distribution penalty, for example, with terminally ill individuals?
0:20:19.1 MM: So that's correct. Under SECURE 2.0, there are some additional exceptions to the 10% early distribution penalty tax that would otherwise apply for distributions taken by terminally ill individuals, as you mentioned and then also in certain emergency circumstances and where a limited withdrawal is taken by a victim of domestic abuse. For the latter two, for the emergency expenses and the victims of domestic abuse, that change is not effective until January 1, 2024.
0:20:50.4 AD: But the change for distributions taken by terminally ill individuals are effective immediately, right?
0:20:56.2 MM: That's correct. The penalty tax exemptions apply for both defined contribution and defined benefit pension plans and the participants must have the ability to repay these distributions to the retirement plans too.
0:21:10.9 AD: Michelle, what if a plan sponsor doesn't adopt these changes? Could a participant avoid the 10% penalty tax and take the amount into income over three years just simply by completing his or her tax return and indicating there that the distribution was due, for example, to a federally declared disaster?
0:21:28.5 MM: So that's correct, Ashley. The participant could still avoid the changes. So even if a plan sponsor decides not to amend the plan to allow the early distribution, an employee could still avoid that 10% distribution penalty by just indicating on their tax return that the amount was used for one of these reasons.
0:21:47.7 AD: Good. That's important to note. I understand that SECURE 2.0 has made some miscellaneous other changes for ERISA plans in particular relating to participant notice provisions. What are those changes?
0:22:01.0 MM: So that's correct, Ashley. Under SECURE 2.0, defined contribution plans must provide one paper statement every year and defined benefit plans must provide one paper statement every three years. And this change is less burdensome than what was previously in effect. It's a mandatory change. It's effective December 31, 2025. These plans are no longer required to provide paper communications to people who have elected to receive electronic communications.
0:22:29.7 AD: But again, this is applying to ERISA plans specifically, not governmental plans, correct?
0:22:35.1 MM: That's correct. This is only applying to ERISA plans. Another change that is implemented under SECURE 2.0 is that the DOL is going to be creating a lost and found database that's going to reunite missing participants with their retirement funds. This database will cover both defined contribution and defined benefit plans and it will enable individuals who lost track of their 401(k) or 403(b) plan accounts to search their plan administrator's contact information and hopefully reunite the participant with their missing monies. The DOL has two years to create this database.
0:23:10.8 AD: That's so interesting, Michelle. Is this database something that might help governmental plans as well who are looking for members?
0:23:19.6 MM: I'm uncertain about that. I don't know whether the DOL would have access to the information enough to include governmental plans in the database, but I don't know exactly how the DOL is going to collect the information necessary to complete this database from other plans. So it will be interesting to see.
0:23:40.6 AD: Great. All right. Michelle, along the lines of the other miscellaneous changes in SECURE 2.0, I understand that there also is a change in the IRS correction program. Could you tell us about that?
0:23:58.1 MM: Sure. This is another change that I think plan administrators are going to be excited about. It's a change to the IRS correction program and the change currently, it's only directly applicable to plans governed by ERISA. However, they also may provide some comfort to administrators of governmental plans that the IRS is taking a broader view of permissible means by which the errors made in the administration of the plans may be corrected. Specifically, the Employee Plans Compliance Resolution System, or EPCRS, is expanded to allow more types of errors to be self-corrected and to cover IRA errors.
0:24:33.9 MM: So plan fiduciaries are not required to recover inadvertent overpayments that are made to participants and beneficiaries, assuming the plan complies with the applicable tax limitations on benefits and the minimum funding rules. So if the plan fiduciary does not seek recovery of the overpayment, the participant may treat the overpayment as eligible for tax-free rollover. In addition, as the plan is governed by ERISA, the IRS is not prohibiting recovery of inadvertent overpayments from participants and beneficiaries for periods in excess of three years.
0:25:04.8 AD: Well, that's really interesting. So basically inserting a statute of limitations concept into the collection of overpayments, is that right?
0:25:12.5 MM: That's correct.
0:25:14.2 AD: These changes under EPCRS, are those effective immediately?
0:25:17.5 MM: Yes, that's correct. These changes have already taken effect, but the IRS hasn't updated the guidance yet and we anticipate that they'll do so within the next two years.
0:25:28.9 AD: Michelle, the anticipated change in EPCRS is really interesting and important. Could you please share any thoughts you may have on how this change may or may not impact error corrections by governmental plans?
0:25:41.5 MM: Sure. So regarding governmental plans, given that EPCRS is being revised to incorporate requirements of SECURE 2.0, we expect the IRS to approach the inadvertent overpayment topic with the same policy perspective as it has with private and nonprofit plans. That is, we expect the IRS to confirm publicly that plan fiduciaries may not be required to recover inadvertent overpayments made to participants and beneficiaries, but rather that any such losses to the retirement fund may be collected through additional contributions by the participating employer, which typically would be made through a direct payment or inclusion of payments towards the unfunded actuarial accrued liability of the fund. This approach has been permitted on a one-off basis from governmental plans previously, but it will be extremely useful to have that approach reflected in EPCRS itself.
0:26:30.9 AD: That's true. That's a really interesting and helpful development. Finally, in this miscellaneous change category, I understand that there's a savers credit notion within the SECURE 2.0.
0:26:44.4 MM: Yes. The savers credit under current law is going to be replaced with the retirement plan match. Under the revised program, qualifying low-income individuals who make contributions to their IRA or employer-sponsored retirement plan will receive a federally funded matching contribution to their IRA or retirement plan account of up to $2,000. And that change takes effect January 1, 2027.
0:27:06.0 AD: Michelle, this is such helpful information you've provided to our audience on a topic that is of great interest to so many administrators of plans that are impacted by SECURE 2.0. I appreciate learning from you and I hope our audience did as well. Thank you for joining me today. And thank you to all of our listeners for joining us for this episode of Pensions, Benefits & Investments Briefings. For additional information on this topic and other pension issues, please do visit our website at Nossaman.com. Don't forget to subscribe to Pensions, Benefits & Investments Briefings wherever you listen to your podcasts so you don't miss an episode. Until next time.
0:27:50.4 Speaker 2: Pensions, Benefits & Investments Briefings is presented by Nossaman LLP and cannot be copied or rebroadcast without consent. Content reflects the personal views and opinions of the participants. The information provided in this podcast is for informational purposes only. It is not intended as legal advice and does not create the attorney-client relationship. Listeners should not act solely upon this information without seeking professional legal counsel.
- What Public Retirement Systems Need to Know Now About Changes to Actuarial Standard of Practice No. 4
On February 15, 2023, changes to Actuarial Standard of Practice (ASOP) No. 4 will be effective, and defined benefit plans will need to comply with these new rules in all actuarial funding valuations with measurement dates after the effective date. In the latest episode of Pensions, Benefits & Investments Briefings (formerly Public Pensions & Investments Briefings), Ashley Dunning welcomes Graham Schmidt, an actuary with Cheiron, and Todd Tauzer, an actuary with Segal, who explain three significant changes arising from the new ASOP and discuss some of the implications of those changes.
Transcript: What Public Retirement Systems Need to Know Now About Changes to Actuarial Standard of Practice No. 4
0:00:00.0 Ashley Dunning: The ASOPs dictate–in large part the information to be included in a defined benefit plans actuarial valuation. ASOP No. 4 is changing some of those rules and those who administer and oversee such retirement systems should take note.
0:00:25.8: Welcome to Public Pensions & Investments Briefings, Nossaman's podcast, exploring the legal issues impacting public pension systems and their boards.
0:00:47.6 AD: My name is Ashley Dunning and I'm co-chair of Nossaman's Public Pensions and Investments Group. In this episode of Public Pensions & Investment Briefings, we talk with Graham Schmidt, an actuary with Cheiron and Todd Tauter and actuary with Segal, who will explain three significant changes arising from the new ASOP and we'll discuss some of the implications of those changes. Todd, why don't we start off with you to give us a little bit of overview on this change?
0:01:19.5 Todd Tauter: Sure, I'd be happy to, thank you, Ashley, for having us here today. It's good to be on this podcast. For the Actuarial Standard of Practice number four, the ASOP 4 that we're talking about today, it's called measuring pension obligations and determining pension plan costs or contributions, which is a mouthful. But if you think about the two things, it's talking about, measuring pension obligations or you can think of it as liabilities and then determining pension plan costs or contributions. That is the core element of what an actuary does when they provide an actuarial evaluation to a pension system. So, we like to call this ASOP the mother of all ASOPs for pension plans because of how central it is to the work we do. And if I take a step back for a minute, just on the actuarial profession as a whole, we are not a practice that is governed by some external body like the SEC.
0:02:11.0 TT: We have an internal group of actuaries. It's called the Actuarial Standards Board, or ASB for short, and that's a nine member group of actuaries that helps evaluate and then eventually provide and finalize standards of practice for actuaries related to all the different areas of work that we practice in. Under the Actuarial Standards Board, there are different committees that help work with the standards board. And included in that there's a pension committee. So, this ASOP 4 is coming up through the pension committee and it's finalized with the Actuarial Standards Board. It went through a variety of revisions along the way. They would send out a version or a proposal and they'd get a lot of comment letters back from actuaries, and then we'd go back and forth quite a bit. And then they ended up on this final version that we see, this version is effective February 15th, 2023. The last time it was revised, ASOP 4, was December of 2013. So, we have almost 10 years since this has changed in any way, shape or form and many things here have stayed the same, but there are some notable changes and that's why we're here today and I'll turn it over to Graham to talk about those changes.
0:03:19.4 Graham Schmidt: Yeah, thanks Todd and thanks Ashley. It's good to be here. Yeah, there are three main changes that Todd and I are going to talk about today in terms of this current Actuarial Standard of Practice. The first is a requirement that plans as part of your annual actuarial funding valuation. You have to include what's known as a reasonable, actuarially determined contribution and we'll go into the specifics of what we mean by reasonable. I also want to point out throughout this conversation, we're going to start using acronyms, because we're actuaries and we love acronyms. But for this one we're going to call that one the ADC. So, the actuarially determined contribution. So again, with any funding valuation, we are going to be required to calculate and disclose this measure. Then we're also going to need to talk about the implications of both your funding policy and this contribution allocation procedure.
0:04:10.5 GS: When I say contribution allocation procedure, I'm talking about the method by which we come up with the ADC. So, what are the processes that we use to come up with that Actuarially Determined Contribution? And we have to talk about, what are the implications of the plan's funding policy and this reasonable ADC in terms of what do we expect to happen in the future to the funded status of the plan, when we compare the assets and liabilities, and what do we expect to happen to the contributions of the plan in the future. Finally, the biggest change affecting public plans is the new requirement to disclose what's known as a low default risk obligation measure. And again, with our love of acronyms, we've come up with a new one, the LDROM, and we'll get into specifics about this one later in terms of how is this measure calculated and what does it mean? But this is the one true thing where it's really a very new requirement for public plans to include this in your funding valuations.
0:05:08.5 AD: Thank you Graham, for that overview of the three significant changes we'll be talking about today. We'll turn it back to Todd now to dive a little deeper into the reasonable ADC. Todd?
0:05:19.9 TT: Thank you Ashley, and I'm happy to talk about this reasonable ADC. I think even though it doesn't have as big implications as potentially the LDROM might have, I think it's still a very important change and a positive change that we're seeing through this ASOP. There's a little background here on my perspective, I'll keep it as short as possible. Prior to Segal, I worked for S&P, I was hired by S&P to evaluate pension plans across the country and evaluate the decisions that have been made in the past and the contributions that were being made today, and what would that look like in the future? What would that result in terms of future contribution rates? What would that result in terms of future funded status and concept of future plan health? And when evaluating the contributions in particular, this is related to the ADC, we would ask three questions.
0:06:07.9 TT: The first would be, are plan sponsors paying what they're told to pay by the plan. Second one is, if they are, then is that based on an actuarially determined contribution or is it based on something else? There could be a number of other things that they could use to set the contributions coming to the plan. And then finally, if it is also an actuarially determined contribution, how effective is that actuarial contribution in paying off the unfunded liability over time? So, we had these three considerations and they were actually pivotal for understanding plan trajectory over time. And when you combine those three and you're looking for how effective the actuarially determined contribution is at paying off the unfunded liability over time, you can almost just replace that word effective with reasonable. How reasonable is that actuarially determined contribution in funding the plan over time? So, that's the idea behind this reasonable ADC that we have here.
0:06:58.9 TT: Whenever we're performing an actuarial evaluation, whether or not this reasonable ADC is going to be used to actually fund the plan or not, we now must calculate and disclose it within the actuarial evaluation. Doesn't matter if the plan is a fixed rate plan and just pays 15% a year and hopes for the best, or if they're targeting 90% funding, no matter what they're doing, they still have to calculate and disclose this measure. So, this breaks down into a few different components. The first is, well, we need to use a cost method. That cost method allocates the cost of funding the plan over different periods of time, and most plans use the entry age normal and that's completely fine for a reasonable ADC. So, I don't think we need to spend more time on that. The second one is asset smoothing. Many plans use asset smoothing within their valuation.
0:07:45.9 TT: You may have heard the term actuarial valuation of assets. The idea here is to mitigate a lot of that volatility that we see in the markets, from year to year, through a smoothing mechanism and here what the reasonable ADC says is any asset smoothing that you use, if you're using, for example, an actuarial value of assets, it must fall within a reasonable range of the market value of assets. It also says any differences between the actuarial value of assets and the market value of assets must be recognized in a reasonable period of time. So, you're going to hear this word reasonable alot throughout this discussion. Actuaries love to use this term, it's a beautiful term of art, where there's a little bit of wiggle room, but there's not too much wiggle room, if you're using reasonable. So, cost method asset smoothing.
0:08:35.3 TT: The next component is amortization. Of course amortization is how we pay off the unfunded liability over time and work towards fully funding a plan. Now the requirement here is that the amortization that is used, either must pay off the unfunded liability in full over a reasonable period of time, or it must reduce the unfunded liability by a reasonable amount in a sufficiently short period of time. The idea here being, "Hey, we're either paying this thing off and we're paying it off in full over a certain amount of time that's not too long." Or if that's not the plan then in any given year or any given short amount of period of time, we should be paying off a chunk of it. And so, those are the two ways by which we can fulfill having a reasonable ADC in terms of the amortization.
0:09:19.6 TT: And then the final component worth mentioning is output smoothing. And, I guess, a little guidance around output smoothing, now what output smoothing is, is when we have a change in an actuarially determined contribution, and let's say it's going up and maybe it's going up significantly, well, output smoothing says, "Well we can take a little bit of time to get there, we can smooth in that change over a couple years or a few years." This is one example at least of output smoothing, and you most commonly see this if there's a large experience study and that experience study is going to lead to a significant change in the actuarially determined contribution. In that case we might say, "Hey, we're going to get to this ultimate new contribution rate, but for budgetary purposes, let's smooth that in over two years or three years to give a little bit more predictability and time in getting there." So, there's some guidance and the primary disclosure requirement from the ASOP is that, if you're going to use output smoothing, you also must disclose what the original actuarially determined contribution was without output smoothing.
0:10:17.4 TT: So, you don't have to use that, but you've have to disclose it. So, you've got both sets of information in front of you. So, the conclusion here with the reasonable ADC is that it's required, it must be calculated, it must be disclosed, whether you use it or not, gives guidance over multiple things, the cost method, the asset smoothing, the amortization, even output smoothing. And again, the point here is that we can have this additional reasonable, actuarially determined contribution to be compared against. So, we can compare whether it's comparable to the actual contribution being made or perhaps one is higher or lower and what the long-term implications of that is.
0:10:54.0 AD: That was really helpful, thank you. Coming at this discussion, as a lawyer who's heard a lot of actuarial evaluation presentations over the years, primarily in California, elsewhere too, but focusing on California for the moment, a lot of the terminology you've used is familiar in the sense that in actuarially funded plans these methodologies are presented. In my experience, I've seen them discussed and adopted. In those circumstances where you've been working with a plan that every year has had their actuary determine or recommend a contribution rate that is actuarially based, are we going to see a material or even any difference in the calculations, do you think, as a result of this reasonable ADC requirement?
0:11:44.1 TT: Yes, actually that question is spot on and that's a very good point here. So, the short answer is, no, we won't see any change. Those that fund on an actuarially determined basis and then specifically on a reasonable actuarially determined basis, they can continue to do exactly what they've already been doing. And that's true for the vast majority of plans, as you indicated in California. The rest of the country, there's more of a mix of the plans that we see. Some, they're doing exactly that same thing and others maybe not so much. So, there might be some more transparency and clarity out there, particularly in the rest of the country for some of these plans and what contributions are being made.
0:12:21.7 AD: Thank you, that's helpful. Turning to you, Graham, if you could talk with us more about the second significant change that we're discussing today, which is the implications of the cost allocation procedure and funding policy, provision of ASOP No. 4.
0:12:39.2 GS: Thanks, Ashley. So, one of the things that's required in this, in the update of the ASOP is to communicate how this reasonable actuarially determined contribution is going to affect the plan's funding status and contribution requirements in the future. If you are not making an actuarially determined contribution, so as Todd pointed out, there are some plans out there that are just doing a fixed contribution rate, it's not necessarily related to the actuarially determined contribution, you may have to talk about the implications of that policy itself on your funding requirements and your funding status. So, the standard requires a qualitative analysis, not necessarily quantitative. So, there's not a specific set of numerical projections that you have to include in the valuation report, with a few exceptions that I'll come back to. But at the baseline it does require that the actuary has to make a statement as to how this funding policy or the contribution allocation procedure is going to affect the contributions and funded status.
0:13:43.8 GS: But as I said, there are a few things that are required, and some of these are new requirements. You are supposed to estimate how long it will be until this policy results in a contribution that exceeds the normal cost plus the interest on the unfunded liability. Now, we sometimes refer to this as the tread water amount. Basically this is the amount that needs to be contributed to the plan in order for the unfunded liability to remain stable from year to year if all of your assumptions are met. So that the normal cost is the cost of the benefit that members are earning this year, for the active members. And then you have that interest on the unfunded liability. So, if you're just covering the interest on the unfunded liability and the cost of new benefits, that should be enough to keep the unfunded liability even from year to year.
0:14:36.2 GS: If you fall below that level, it's known as negative amortization. And what the standard requires is that you have to disclose if you're in negative amortization and if you are, how long you're expected to be there. So now, what could cause you to be in negative amortization? Well, as Todd pointed out, there are some plans that are just making a fixed contribution. It's not necessarily tied to what the actuarially determined contribution is. In that case, if you're not covering the interest on the unfunded liability plus the cost of new benefits, there'll be a negative amortization. There are other plans that may be contributing an actuarially determined contribution and maybe even a reasonable actuarially determined contribution. But if the amortization periods are long enough and you have an unfunded liability, it may be that at least for the next few years, you may not be contributing enough to cover the interest on the unfunded liability and that normal cost.
0:15:30.4 GS: So, there may be plans that that have a perfectly good ADC and a perfectly good funding policy, but they may still find themselves in a negative amortization period for a certain period of time. They're going to be needing to make a disclosure to that effect in the report. We are also required to estimate the time until the unfunded liability is expected to be paid off. So, for a lot of plans, particularly plans that have a fixed amortization schedule, this is going to be a very easy thing to do. You just look at that amortization schedule and you see when the unfunded liabilities is expected to be paid off. There are some plans that use alternative modes of amortizing their unfunded liabilities, something known as a rolling amortization period. Well, essentially what you're doing is refinancing the remaining debt each year over a new period of time.
0:16:14.7 GS: If you're taking that approach, then the technical answer to the question of when is this unfunded liability going to be paid off? The answer may be never, because you may be paying off a chunk of that unfunded liability each year, but each year you're pushing out the date at which you're expected to pay off the full unfunded liability. As Todd said, that can still result in a reasonable actuarially contribution as long as you're paying off a reasonable chunk of the unfunded liability. So, that means that if you got into a situation where you had a plan with a rolling unfunded liability amortization policy and it was long enough that you weren't making a significant payment towards the unfunded liability, if you were in a negative amortization situation, you're not going to be able to provide a good answer for that question of when is that unfunded liability going to be paid down?
0:17:04.1 GS: So, and again, in that case, you'll need to have some additional disclosures in your report and even in as a baseline, you have to show when that unfunded liability will be paid off. Finally, we need to disclose if the funding policy or that contribution allocation procedure is expected to result in the plan running out of assets before all promised benefits are expected to be paid. Now this is not entirely a new requirement within the ASOP. The ASOP always, you had to make a statement if your funding policy wasn't going to be expected to result in sufficient assets to pay benefits. But we also need to now estimate the approximate time that would occur if your policy is not going to be expected to be able to cover those benefit payments.
0:17:47.2 AD: Graham, thank you for that explanation. It's interesting that this new provision is requiring a qualitative assessment by the actuary and then some metrics around topics that have gotten attention over the years, such as negative amortization, but generally have been viewed, at least in California, as permissible within reason. Is there something to be discerned from this new rule or new standard different from that history or not?
0:18:20.3 GS: It's not necessarily different. Reasonable actuarially determined contribution contains still a fair amount of wiggle room in terms of your actual contributions. Just because you have negative amortization does not mean that the plan is not being financed appropriately. You could have negative amortization period that only lasts for a few years and then you could still pay that unfunded liability down over a reasonable period of time. It does put a little more in terms of guardrails up there though, that if you had a policy in place that was expected to have that negative amortization for a long period of time and you're not going to be making any progress towards paying down that unfunded liability, it really is going to result in these additional disclosures. While I think negative amortization isn't necessarily a negative event, it does put some parameters around that, that if it's not something that you're going to get out of at some point in time, you're going to have to show some additional things to show what the consequences of that are going to have to be, on your plan.
0:19:22.0 AD: Todd, turning to our final significant change, the LDROM, I think, one of you noted earlier that this is most significant of the three for purposes of the public pension plan community. So, go ahead and tell us about it, and I think both of you will be talking about this one, so thank you.
0:19:38.0 TT: Sure. So, I'll start with some of the basics, and you're right, this is probably the most significant for public plans, and it also was the one that created the most back and forth between actuaries and the standards board. When we're going through iterations and doing exposure drafts and comment letters, there is a whole bunch of comment letters related to this LDROM. So, LDROM is our low default risk obligation measure, and it requires the actuary to calculate and disclose, essentially what I'd call an additional assessment of liability or an additional assessment of the obligation, the way that it's written. But this is supplemental to the normal funding, the actual accrued liability that the actuary is already calculating and putting into your actual evaluation. And really to make the point here, all of what Graham and I are discussing with all three of these, the new standard of practice does not require us to remove things that we are already putting in the actual evaluation.
0:20:34.0 TT: It doesn't really change any of the base information that you'll be getting in the actual evaluation. It simply adds additional disclosures and potential disclosures on top of it. And this LDROM is one of those additional disclosures that are required. So, with the LD ROM, we can use the same, I mentioned earlier, the cost method used, we can use the same cost method that we use in the funding valuation, which again, for the vast majority of our plans is entry age. But then when we get to the discount rate, which of course the discount rate is looking out at benefits to be paid in the future and discounting them back to the present, so that we can get them to base what we'd call a present value of future benefits. So, that discount rate is actually very important. If a discount rate is high, well, a lot of discounting happens and costs are anticipated to be lowered today.
0:21:25.7 TT: And if the discount rate is low, well, not very much discounting happens and the costs are higher today. So, with LDROM, this requires the discount rate used for that calculation to be derived from low default risk fixed income securities, where the cash flows from those securities are reasonably consistent with the pattern of benefits expected to be paid by the pension plan in the future. So, we've got this comparability between the cash flows of the securities, and the cash flows of the benefit plans, and it gives a couple examples of what kind of securities they think could fulfill this requirement even directly in the ASOP. One example they use is US Treasury Yields. Another one is highly rated corporate bonds or even highly rated municipal bonds. Basically, any security that has very low default risk. And then of course with that low default risk comes very low expected return.
0:22:22.9 TT: So, we'll talk about that more in a minute, but that's important to keep in mind as we go through this. So, that's really the whole idea here. We have a new obligation or liability measure. The only necessary change to that measure is using a discount rate that is based on low default risk fixed income securities, and based on the present market and the way things are looking, that discount rate would be significantly lower than what we see today. The final thing to mention before I forget, is if your plan has variable aspects to it, it gets a bit more complicated in how to potentially calculate this measure. We're not going to use this podcast to go into those details, but if your plan has significant variable features, you may be having a discussion with your plan actuary to figure out how to handle all of that.
0:23:05.8 AD: Thank you, Todd. Graham, can you tell us a little bit about some implications you see from this LDROM figure?
0:23:16.6 GS: Sure. First and foremost, the biggest implication is going to be, there's now going to be this much larger liability number included somewhere in the valuation report. So, we've done some sample calculations for some of our clients, and in some cases the numbers are something like 40 to 50% higher than the traditional actuarial liability measurement. And Todd talked about the differences in discount rates and so forth where traditional valuation report for a pension plan might have something like a 7%, I assume, greater return on their assets, which they then use as their discount rate. If you're talking about this low default risk obligation measure and you're talking about yields on bonds, you might be looking at something like a 4% expected return. So, the difference in using those discount rates can increase your liabilities by 40 to 50%. But it's really going to be important, and we're going to talk about this is, is how do you put that number into context and what does it actually mean?
0:24:12.8 GS: One thing we also know is that this measure is likely to bounce around a lot as interest rates change. So, if we had start to put this number in our reports a couple of years ago when interest rates were near zero, those liability measurements could have easily been double what the traditional liability measurement was. Not 40 to 50% higher, but double. Now that interest rates have gone back up over the last 12 months and we're, look, significantly from where they were, the impact is not quite as high as it as it would've been, but we're still seeing, again, much higher liability numbers compared to the traditional measure. And that's going to be really important for plans as they add these measures into their reports to put them into context.
0:24:57.8 AD: Speaking of context, Todd, could you talk to us a little bit about various ways to interpret reports that have this figure in it? I think the audience will be really interested in understanding both how this type of measurement already is used in some circumstances, and then also how to respond to the observation that Graham just made, which is that this number may be much higher than what they're used to seeing in actual evaluation reports, in reporting on liabilities.
0:25:25.8 TT: If I start by taking a step back and look back to the Actuarial Standards Board, remember this all starts with the standards board and starting with the disclaimer, of course, I cannot speak for them, I'm not representing them here, but I get the feeling that at least at some level, there's a concept here of looking at this from an LDI type perspective. Now it's another acronym, liability driven investing. And so, the idea is, "Hey, if you compare securities with similar cash flows to the cash flows of the benefit payments coming out of the plan and you use discount rate that's comparable between the two, then you get a pretty decent idea of what the cost of the plan would be with very little market risk, at least very little default market risk or as the low default risk obligation measure.
0:26:11.3 TT: So, if I said that more succinctly, the LDROM shows an assessment of liability, if the plan were to fund exactly the way they are now, except that on the investment side, they're only invested in low default risk fixed income security. So, you just sell off the entire current portfolio and then you go out and buy a bunch of treasuries or a bunch of high grade corporate or municipal bonds, and then you take the discount rate based off of that and you do your measurement of your obligations, then you could go forward from there and set actual costs. It's worth mentioning the LDROM does not require us to actually calculate costs on this measure, it's just to calculate the obligation or the liability side. But if you were to do that, then you'd get an idea of what Graham was talking about, with the 50% or a 100% extra cost that you'd see in terms of total liability to the plan.
0:27:00.4 TT: Another way to look at it is if you turn that on its head, and if we were to calculate the LDROM and then compare it to exactly as plans are funding today, with the discount rates that they're using today, with the diversified portfolio. The difference in liability between those two plans is exactly what the plan is attempting to or expects to save taxpayers over time by investing in that diversified portfolio, by taking advantage of the range of stocks in real estate or whatever else they're investing in and taking advantage of that compounded return over time. It's worth mentioning, on top of just talking about possible interpretations, it's worth mentioning that some plans already do use a form of the LDROM in some circumstances. For example, I know multiple plans where there's a provision that allows particular plan sponsors, or what we call them, employers, particular employers, to terminate from the plan, which means they leave the plan and they don't have any further risks.
0:27:55.3 TT: The plan can't go back to them later and say, "Hey, you owe us more money because investments went poorly, or whatever else happened." So, if they leave the plan, terminate and take no risk with them, then the plan turned around and said, "If you're going to leave with no risk attached to you, we're going to invest your assets in as a low risky portfolio as we can. So, we're going to invest them in low default risk securities." In essence, it's exactly what this LDROM is calculating, is we're going to turn around and invest in such a way that we're basically taking risk off the table so you can pay for all that risk upfront and then you can leave scott free and never talk to us again. So, that actually does exist out there today, and that's maybe not so much an interpretation, but an example of practical application of a measure such as this.
0:28:42.1 AD: Thank you for that discussion. Your comment about the benefit to taxpayers of the retirement systems having a diversified portfolio made me also think about it in terms of the members of these plans, because wouldn't it also be fair to say that if the expectation were that the plan would not diversify its investments and were only to invest in very low risk bonds, that you'd have to assume a much lower rate of return for purposes of your discount rate, which would, correspondingly, require quite a bit higher normal cost contributions by your members. So in effect, everyone is benefiting from having a diversified portfolio that reasonably anticipates a higher rate of return. What this number shows is what would happen if you did not do that, in a sense.
0:29:42.0 TT: That's exactly right, and that's particularly true after PEPRA, as we've had more and more employees, for example, paid 50% of the normal cost. Well, if the normal cost is going to be quite a bit higher, then those employees are going to be on the hook for a much, much larger cost as well. So, exactly to your point there, Ashley.
0:30:01.8 AD: Thank you, Todd. It sounds like what you've described is really a termination liability and you're needing to include that in the valuation, not necessarily characterized as that, but if I'm understanding you correctly. And then secondly, would it also be fair to say that what you're really measuring is the opportunity cost or the opportunity benefit of a diversified portfolio? So, the actuarial value of assets and liabilities that you're currently calculating is based on a diversified portfolio, but if the system were to not do that, it would cost a lot more money both to taxpayers and then if you incorporate that idea into how you set your discount rate and assume a much lower discount rate, it also impacts normal cost, which impacts members. Is that a fair way of thinking about this?
0:30:53.4 TT: Yeah, there was a lot in there, but I agree, if I take your latter statement first, completely right, it's definitely showing the benefits of that investment in a diversified portfolio. Of course, there are risks attached to it as well, and those risks have to be understood, but it is showing the long-term benefits, both for the employers, the plan sponsors, and the members who are also going to be shouldering part of the contribution burden over time. The first thing you said in terms of a termination liability, you're absolutely right. A termination liability would, if that was being calculated, it would fit this requirement of the LDROM. I mentioned before that on a actuarial cost method basis, that the LDROM allows you to use the current cost method for the plan. And so, that's usually entry age and it's usually based on assuming ongoing funding and all of that. You might handle that a bit differently on a termination basis, you might use a different cost method. You might not allow for anticipate future salary increases or service or any of that. So, that might change a little bit, but certainly calculating it on a termination basis still fulfills this requirement of the LDROM.
0:31:57.5 AD: Thank you. Graham, why don't you step in here with some final comments about LDROM and maybe some concerns about this particular disclosure obligation, if you have them.
0:32:08.9 GS: Sure, Ashley. There are certainly some concerns. As we expect to see these much larger liability numbers go into public valuation reports, we certainly expect that some observers are going to pounce on this number and point it out and say that public plans have been trying to hide the "true liabilities of the plan." But the standard itself actually addresses this head on. In the introduction, it explicitly says, and I'm going to read it here, "The calculation and disclosure of this additional measure is not intended to suggest that this is the "right liability measure" for a pension plan." So, it's explicitly saying that this is not the one true measure that you should look to for the liability. And as we've been discussing, this does not represent the funding target for most public pension plans. Public pension plans are not invested in a 100% treasury bond portfolio.
0:33:01.8 GS: So, what it's really trying to get at is, more in terms of what's the investment risk that your plan is taking on and how you go about quantifying that, at least compared to a 100% fixed income portfolio. But there are a lot of other ways to quantify risk, many of which are already used by public plans. Several years ago, the Actuarial Standards Board released a different ASOP, ASOP 51, which really dealt with the assessment and disclosures of risks associated with pension plan. And the standard provided guidance to actuaries, in terms of coming up with different ways to measure risks and doing what this ASOP is requiring and comparing your traditional liability measure to something akin to an LDROM, that was included as one possible method for assessing risks, but the standard did not require it, and it also had other possible methods as well, some of which I think are probably more effective at getting at the actual risk faced by your individual pension plan.
0:34:05.0 GS: Because what this risk measure does is it's just telling you, "Well, what would it cost if you invested with no default risk or very low default risk?" But that's not what plans are actually doing. So, if you wanna get a true picture of investment risk in your plan, you probably need to look at some kind of measurements that actually take into account what you are actually invested in. What is the riskiness of your investments? That's not going to be told to you by just looking at this LDROM measure. So, I think one of the concerns is that this is being pointed out as the one true measure that tells you everything you need to know. And clearly I think it does not. It's not even necessarily the best measurement for looking at the risk of your individual plan.
0:34:49.9 GS: I would point out that in terms of where this number is going to show up in a lot of val reports, when this new ASOP 51 went into place about assessing risk, a lot of actuaries added sections to their val reports that started talking about different assessments of risk. So, I think this is probably a natural home for it in terms of valuation reports. So, you'll probably, in your conversations with actuaries, you'll probably hear them suggest that this might be one place that you put it, and it's a place that you can put the correct context around it. You're actually explaining what does it mean in terms of our outlook on risk and how it affects our plan.
0:35:27.6 AD: Thank you for that context. Really good session to both of you. Thank you, Graham. Thank you, Todd, for your time. I learned a lot, and I hope our listeners do too when they listen to this podcast. And thank you to our listeners for joining us for this episode of Public Pensions & Investments Briefings. For additional information on this topic or other public pension issues, please visit our website at nossaman.com. And don't forget to subscribe to Public Pensions & Investment Briefings wherever you listen to podcasts, so you don't miss an episode. Until next time.
0:36:02.3 Speaker 2: Public Pensions & Investments Briefings is presented by Nossaman LLP, and cannot be copied or rebroadcast without consent. Content reflects the personal views and opinions of the participants. The information provided in this podcast is for informational purposes only, is not intended as legal advice and does not create an attorney-client relationship. Listeners should not act solely upon the information without seeking professional legal counsel.
- Outliers and Oddities in Alternative Investment Documents
Institutional investors and other limited partners are often told they must accept certain terms and provisions in alternative investment fund documents because such terms “are market.” Who is responsible for creating these market terms and what can investors do to prevent undesirable deal terms from becoming the market standard? In this episode of Pensions, Benefits & Investments Briefings (formerly Public Pensions & Investments Briefings), Courtney Krause discusses unusual provisions in alternative fund documents, including limited partnership agreements, side letters and subscription documents. Courtney explores how market terms are created, provides examples of non-standard terms and discusses how investors can work to keep these seemingly one-off provisions from becoming market standard in the future.
Transcript: Outliers and Oddities in Alternative Investment Documents
0:00:01.4 Courtney Krause: Today we are going to talk about Outliers and Oddities in Alternative Investment documents. We're going to explore some unusual provisions that we have seen in limited partnership agreements, side letters, and subscription booklets. While they have not yet become market standard, and in some cases we hope they do not, we wanted to provide early insight on potential shifts in the market. This podcast is meant to assist institutional investors and their legal teams to spot issues before they become tomorrow's market standard.
0:00:38.1 Speaker 2: Welcome to Public Pensions & Investments Briefings. Nossaman's podcast exploring the legal issues impacting public pension systems and their boards.
0:01:01.0 CK: Welcome back to Public Pensions & Investments briefings. I'm today's host, Courtney Krause and I'm a partner in Nossaman, San Francisco office. I represent institutional investors across all alternative investment asset classes and in all investment types, including commingled funds, co-investment vehicles, continuation vehicles, and funds of one. And we plan to have more podcasts later this year discussing some of those investment vehicles. So be on the lookout for those. One of the most commonly asked questions I get is, what trends are you seeing in fund documents? And this is a very valid question, but it doesn't always warn about icebergs that may be lying ahead. So on today's podcast I wanted to talk about outliers and oddities that I've seen in some fund documents because today's one-off provisions could become tomorrow's market standard. I think we've all been there. The deadlines to close these deals are really tight and sometimes you just give in on provisions that you might not have been really happy to give in on.
0:01:57.8 CK: For example, most of the time from the date we received fund documents to closing the fund, it was about a month. That timeline has shrank significantly and sometimes we have only two weeks, sometimes less to close a deal. So I understand the need for clients and investors to give in on certain terms. The problem there is that if you agree to a one-off term right now, it may come back to haunt you later. For example, a lot of the general partner law firms that we encounter keep records of past deals. So they will have side letters that they've entered into with some of our clients and they can go pull up those side letters and say, Hey, you agreed to that term over here in connection to this other funds. You have to agree here as well. So just be wary that when you are agreeing to those one-off terms, you don't want that to live on in perpetuity. So one of the things that, just as an example as, yesterday's one-off provision that has become today's market standard is conference and networking expenses. So if you pull out an LPA and flip over to the definition of partnership expenses, you're going to find two to four pages listing out every single expense that's going to be charged to the fund and therefore charge the LPs.
0:03:17.8 CK: If you look at funds from a couple years back, the LPA didn't have any language in there describing the cost of attending conferences, but in recent years that's become a standard expense that's listed in fund documentations. And when that started appearing, investors and their council started pushing back on those costs. But there was really limited success in removing those terms from the documents. And now it's become market standard that LPs and the fund are expected to pay for the GPs cost of attending conferences. But those costs have started to expand. So now we're seeing the cost of attending conferences, hosting conferences, sponsoring conferences and networking events. And it's very hard to say what exactly all of this entails. So for example, if you are a GP or a manager and you're going to host a conference, that's a pretty significant expense. You're going to rent the space, you're going to pay speakers, you're going to have attendees by allowing it to become a market standard that gives the GP room to kind of push it even further and include more costs sort of tangential to the cost that's become a market standard. So that's just an example of something that I've seen creep into the documents and then become the gold standard over time. So this leads to the question of, who sets these market standards?
0:04:42.9 CK: And I don't think this is a case of GPs getting together in a dark and smoky room and coming up with nefarious terms that they could foist upon LPs. This is really an issue of law firms setting the terms for these deals. And one of the trends we've seen in the market is a consolidation of law firms. So again, in the past there were a large number of law firms that represented general partners and drafted the fund document, and now we're seeing fewer and fewer law firms that provide this service because a lot of the lawyers are going to the same limited partnership agreement for all clients regardless of size, and regardless of whether or not the provisions in those form limited partnership agreements really make sense. So just by way of example, one law firm has standard language in its form that allows the GP to advance expenses for the benefit of the fund. So for example, the GPs found this hot new investment, they need to put the money in right away. There's not time to call capital from the LPs. And so the GP fronts the money and then the fund will pay the GP back. But while that money is outstanding, it will accrue interest which then must be paid by the funds and the LPs. So one of the things that I don't like about this provision is that there's no time requirement for the fund to repay the GP.
0:06:09.9 CK: For example, if the GP makes this advance, the interest is charging charging away. If there's no requirement for the GP to call capital right away, there's a small incentive for the GP to let it ride because they keep getting interest on that money. It'd be much better if the fund was required to issue a capital call within say 60 days of that advance to cut off the interest payments from accruing. And when we've raised this issue with council and when clients have talked to the GP's business teams, a lot of the business teams come back and say, this is not something we're ever expecting to do. It's just part of the form and it's there, but don't worry, we're not going to use it. So that's just an example of some of these law firms using their form LPAs in a way that doesn't necessarily make sense for all of their clients because there's GPs out there that aren't intending to use these provisions, they're just part of that particular law firm's forms. And there they are. We also see these same form limited partnership agreements being used for small funds, new funds, novel funds, and these are terms that may be acceptable for a much larger, more established fund. For example, a fund that they're raising fund 10, they're seeking to get $15 billion.
0:07:23.2 CK: These big marquee funds can have very aggressive terms because, you know, they've earned that right. Whereas some of these new managers, the risk is much higher and the term should be more LP friendly to reflect that risk. And I think a lot of times, certainly when we are on the phone with opposing council, the council for the GP, you know, council will tell us that's too bad, these are the provisions, this is market. But I think really the question that should be raised both by outside council and investors is, is this really market for this type of asset in this type of manager? Because sometimes it's not. When I started off speaking, I had discussed that, you know, today's one-off provision becomes tomorrow's market standard. So I thought it'd be interesting to go through a couple of sort of one-off things or oddities we've seen here at Nossaman in the last couple of months. And whether or not they become trends, I don't know, but I think there were very interesting issues and there's certainly things that investors and their council should be looking out for when reviewing fund documents. So I'm going to cover some things I've seen in limited partnership agreements, subscription booklets, and then talk finally about side letters and most favored nation, election rights.
0:08:42.7 CK: We see these things creep in across all of the fund documents and certainly you should be keeping an eye out on all of them. So to begin, I'm going to talk about a trend I've seen in limited partnership agreements, and unfortunately this is something I've seen in more than one limited partnership agreement. So it's possible that this may become a trend. Typically, if you see it once or twice likely isn't something you're going to see a lot, but once you kind of see it that third time, fourth time, definitely you should keep your eyes peeled because that's a sign of a one-off provision becoming a trend in the market. So the provisions I want to discuss today revolve around the LPA cure provisions. When you're reviewing limited partnership agreements, you typically are looking for exit rights. You know, what rights to the LPs have to exit the fund if something goes wrong? Most funds will have a for-cause removal provision or for-cause termination provision. Some funds also have a no-cause removal or a no-cause termination provision, but I'm not going to focus on that. So in connection with the for-cause removal of a GP or a for-cause termination, typically the GP has some right to cure and the cure generally involves terminating the employee at the GP that's engaged in this bad activity.
0:10:07.8 CK: And then the GP makes the fund whole for its economic losses. So just for an example, say the GP has a rogue employee, the employee has committed fraud, that would fall under the banner of a for-cause action. If the GP terminates that employee and then pays the fund back for any economic damages, it would be deemed cured and the LPs would not have the right to remove the GP or terminate the fund. I'm starting to see LPAs where that final piece, the requirement to make the fund whole for its economic losses has started to disappear from documents. It's not there and it's already a pretty high bar to meet the for-cause standard in most cases to trigger a for-cause removal or for-cause termination, there has to be a final non-appealable judicial determination. So that means you've gone through the entire trial process, all the appeals process and there's no more avenues that the GP could prove that it didn't do this thing. It's a very high bar and a lot of funds you see the cure provisions arise once that bar has been met. So that means the GP wouldn't have to terminate that employee that committed fraud until it's been legally determined that they did those things.
0:11:24.4 CK: I suspect that if there's an employee engaging in fraud, the GPs probably going to terminate them right away and you're not going to even get to this point. But it is disturbing that they've started carving out this requirement to make the fund whole for economic losses. And like I said, I've seen this in a handful of LPAs, it's too soon to say if it's a trend, but certainly something to keep your eye on, I usually argue. And we've been pretty successful in pushing back on the elimination of the cure procedure. So now I'm going to shift gears and talk about some trends we've seen in subscription booklets. So subscription booklets typically contain two discreet sections. The first section of the subscription booklet is usually 10-20 pages and it contains a written agreement, most of which contains representations and warranties and sort of standard legal language regarding the investor's enrollment in the fund. And then the second half of the subscription booklet has the questionnaire portion and that's where you write in your name, your contact information and check a lot of boxes regarding your status.
0:12:29.6 CK: In late 2021, we started to see a few managers roll out these online subscription agreements. And typically, what's involved in the online subscription agreement is, you are sent a link, you click on the link and then you create a username and password and log into a portal to complete the subscription agreements. And this seemed like a real novelty the first couple times we saw it. We saw different providers using this, different managers using this. There wasn't a lot of consistency. And the initial rounds where we saw this, it was somewhat optional because for a lot of the clients we interact with they're large institutional investors and they have a lot of internal procedures around how subscription booklets are drafted. And everyone takes a different approach to this. Some investors draft them themselves and have council review, some investors have council draft and then they review before it's sent to the other side. And in the online digital format, the procedures don't necessarily work because everyone needs to have a login to get into the document and it tends to be a little bit clumsy if the procedure involves multiple eyes and drafters to be involved.
0:13:45.6 CK: So when we first started seeing this, it seemed like a little bit of a one-off thing, but early last year in the first and second quarter of 2022, we started to see a surge of the online subscription booklets and we started to see a change where the managers and law firms were using one or two providers of these online portals. And so it seemed like this might be a big trend in 2022 where managers and law firms are going to start using these online subscription booklets, which for somewhat problematic for some of our clients. But it seems like that was a trend that started up and it kind of died down. We still do see these online subscription agreements. There was a period of time where when clients pushed back on using them, they were told no unless they really kept pushing and pushing saying no, like this does not work, we cannot use this document. There seems to be more flexibility now. I don't think they're going away, but I don't think this was the fire sale that we thought it was going to be where it was just going to take off. And if you want more information on online subscription booklets, kind of the pros and cons and things that we've seen. I wrote an article last year for the NAPA report, it's the April, 2022 NAPA report and we discussed online subscription agreements and what you can do as an investor to kind of tackle that format.
0:15:06.9 CK: A second trend in subscription booklets I've seen is a change in some of the language in the agreement portion. And the agreement portion, like I said before, is the first 10-20 pages that has all the reps and warranties. And the vast majority of subscription booklets typically have language in them requiring the investor to directly indemnify the fund and the manager, if the investor breaches its representations of warranties, that's become fairly common. Some clients can't provide indemnity so that will get captured in the side letter. Some clients ask to have the indemnification obligation capped at the size of their commitment. That can be documented in the side letter as well. And just to point out, this indemnification obligation in the subscription booklet is separate from the indemnification obligations that you see in the limited partnership agreement. In the limited partnership agreement, it's the fund indemnifying, the GP, manager, fund, etcetera. And in the subscription booklet it's the investor itself indemnifying the fund, GP or manager. So like I said, it's pretty common to see these indemnification provisions. Where we're starting to see the shift is where there's a requirement for indemnification expenses to be advanced to the GP manager or the fund.
0:16:26.9 CK: So that would mean if there's litigation involved between your client and the GP or manager, the client may need to advance all of the GP or manager's legal expenses to the GP or manager. But the subscription booklets don't have a requirement for the advance to be repaid if the LP is successful and the manager is not, I think that's very problematic. I think if you are in litigation and you're required to pay the other side legal expenses and then the other side loses, then they should have to pay for those legal expenses themselves because they've not been successful. And again, I've only seen this in a handful of subscription booklets and I think a lot of times investors, again, when they're rushing to close, overlook reviewing the agreement portion of the subscription booklet in detail and don't pick up on some of these things. So be sure to read those indemnification provisions and to the extent they're not favorable or not something that you can agree to, ask for it to be changed in your side letter of all the fund documentation subscription booklets tend to be more set in stone and aren't heavily negotiated. So the best place to modify the terms there's in your side letter.
0:17:42.1 CK: So speaking of side letters, bonds would go over a couple of trends I've seen in side letters. The first thing we've seen, and this was truly a one-off, but it is something to keep your eyes open for. Typically, and I think this is true for most investors, but typically our clients are asking the GP and manager for an increased standard of care and for an agreement regarding the fiduciary standards, and that goes into the side letter. And we were recently working on a fund and council gave a very favorable standard of care in the side letter. We were happy, the client was happy, but there was a separate provision of the side letter outside of the provision that related to the standard of care that expressly stated that the side letter did not modify the limited partnership agreement that contained the standard of care. So this gave us pause because the whole purpose of the side letter is to modify the language in the limited partnership agreement, and for them to specifically carve out the standard of care meant that the side letter didn't carry any weight regardless of whether they gave us this really great standard of care language.
0:18:55.7 CK: So we had a lot of back and forth with council where they tried to convince us that no, no, this language really was going to modify the limited partnership agreement, but eventually they took out the carve out, it was a little disturbing that the carve out was completely separated from the language addressing the standard of care in the side letter. So be sure that you're looking for some of these, like smoke and mirrors tactics where one provision gives and the other take it away. And then related to side letters, one thing to look out for also, which may be in the side letter or the LPA are trends in MFN elections. MFN means most favored nations. So these rights give you the opportunity to pick up benefits that were granted to other LPs in their side letters. Typically, there's standard set of carve outs, you can't just have carte blanche to go look at other LP side letters and pick all of their provisions. Typically, the side letter specifically says, you can't pick up this or you can't pick up that. So by way of example, most favored nation provisions usually say, if an investor has been granted a seat on the LP advisory committee, the other investors can't make that election. Or if an LP has received discount or their state specific regulations, those type of carve outs are very standard. And usually that's in the first paragraph of a side letter.
0:20:23.8 CK: Every now and then you'll come across an LPA where the most favored nation provisions are in the LPA rather than the side letter. But it's very important to read those together. So for example, a couple months ago I had a client working on MFN elections and this was for a fund that Nossaman had not represented this client in connection with the fund, but she had called up just for some advice and to bounce some ideas around and she had asked, have I ever seen such severe MFN election carve outs before? And so we opened up the LPA and the LPA's carve outs were much more severe than were standard. For example, it prohibited electing additional notice provisions, representation of warranties and other items that I would say are pretty standard items that get picked up through the MFN election process. And I was very surprised, I thought this was a little sneaky because while I didn't have a red line of the LPA against the prior funds LPA, it seemed to me that this restrictive language kind of got snuck in there and investors hadn't noticed it because while they were negotiating the side letter, they were only looking at the side letter and they weren't also looking at the LPA at the same time. And since the client called and gave me a heads up on this particular issue, I've seen this happen in one other fund.
0:21:44.1 CK: If you're dealing with a side letter where the most favored nation's provision is in the LPA, be sure to pick up that LPA and turn to that provision to see what the carve outs are. It's very important if it has stringent carve outs to ask for everything you might possibly need in your first draft of the side letter, because you aren't going to have the opportunity to pick it up during the MFN election process, which is more common when we get to some of these rushed closings, a lot of clients will say, okay, we can give up on this because another investor likely asked for it and we'll try to pick it up during the MFN election process. When you have very severe carve outs that restrict almost everything, you're not going to have the option to pick up those nice to have items during the election process. So certainly, keep that in mind when you're drafting your side letters. So now that I talked about some one-offs and oddities that I've seen in fund documents in the last couple of months, you might be asking yourself, well, what can I do to solve these problems or avoid these pitfalls?
0:22:47.7 CK: So I think the number one thing you can do is push back on these one-off provisions. And when I say push back, you know, call up the business team, ask them what is their rationale for including this provision in the fund document. It might be that the law firm put the term in and it wasn't something the management team asked for, or if it was something the management team asked for, maybe they have a very rational explanation of why it's there and can give you comfort around why that provision is in the document. When you're working on negotiating fund documents, don't always accept the law firm's excuse that this is a market term, like it may not be market for a new manager or a novel product. Again, that's another time, pick up the phone, talk to the business team on the other side. A lot of times we've seen, you know, when the law firms are really setting the terms, if the business teams just speak to each other, they're often able to resolve some of these issues, get the documents adjusted to everyone's liking and everyone leaves happy. Going forward this year in 2023, the market is likely to soften and this might be a time for LPs to push back and take advantage of the down market to push for more favorable terms. I think if the GPs are more desperate for money and investors, they may be willing to get their law firms to back down or they themselves might be willing to back down.
0:24:09.5 CK: And I think it's also really important to remember if you see something, say something, let others know when you're seeing these kind of one-off provisions in documents, 'cause it really helps when reviewing to kind of keep your eye out knowing, hey, you know, somebody else saw this fishy thing in a document, I haven't seen it yet because you might see it and it's helpful to know what others have seen and sort of where they landed on resolving the problem. Thank you to our listeners for joining us for this episode of Public Pensions & Investments Briefings. For additional information on this topic or other public pension issues, please visit our website @nossaman.com. And don't forget to subscribe to Public Pensions & Investments Briefings wherever you listen to podcasts so you don't miss an episode. Until next time.
0:24:55.5 Speaker 2: Public Pensions & Investments Briefings is presented by Nossaman LLP, and cannot be copied or rebroadcast without consent. Content reflects the personal views and opinions of the participants. The information provided in this podcast is for informational purposes only, is not intended as legal advice and does not create an attorney-client relationship. Listeners should not act solely upon the information without seeking professional legal counsel.