401(k) compliance

A 401(k) plan is a very easy and inexpensive benefit for businesses to maintain.

Although 401(k) compliance is simple compared to the regulations around other benefits like time off or health insurance, employers who offer a 401(k) plan must comply with some regulations to ensure that the plan is fair and equitable for all employees. Most compliance regulations are only relevant at the time you set up your plan, then once a year thereafter.

Employers should be aware of these six compliance regulations when setting up and administering their 401(k) plan:

1. Eligibility Requirements

For the most part, eligibility requirements are up to the employer’s discretion, as long as it doesn’t violate the IRS’s age and service period requirements.

• Age - If a company sets a minimum age to be eligible for the plan, the minimum age cannot be older than 21 years. (A business may set a younger minimum or no minimum at all.)

• Service period - If a company has tenure-based eligibility requirements, the waiting period for to make employee-funded contributions cannot be longer than 1 year. The waiting period for employer-funded contributions can be up to 2 years.

2. Non-Discrimination

Discrimination has a slightly different meaning under the Internal Revenue Code than it does under the US Department of Labor (which oversees the Equal Employment Opportunity Commission). The non-discrimination regulations for 401(k)s were created to ensure that employees in lower-level positions have fair access to and are able to proportionately benefit from retirement plans compared to those in higher-paid positions. Although demographic and income discrimination sometimes coincide, a 401(k) plan may fail discrimination testing for reasons unrelated to race, ethnicity, gender, etc.

Each year a 401(k) must go through compliance testing to confirm that the plan structure and use meet eligibility and usage requirements as described below:

• 🪜Equal access: Eligibility requirements must be the same for all employees in a given class. Businesses have a great deal of flexibility in how they define classes of employees, but they should not be defined in such a way that gives preference to one demographic group over another. For example, if an employee’s eligibility waiting period or vesting schedule is paused while on parental leave, it could be interpreted as discriminatory as it will disproportionately affect workers who become pregnant.

• ⚖️ Proportional benefit: 401(k)s must be tested annually to ensure that they don’t disproportionally benefit those in higher paid positions. A highly compensated employee (HCE) is one who makes more than $150,000 per year in 2023. The IRS offers 2 methods to satisfy the requirement: They must either satisfy the ADP and ACP tests, or offer a safe harbor plan.
  

  • 📐ADP test: These tests ensure that the 401(k) plan is accessible to all eligible members of the organization, regardless of income. It does this by comparing the average annual contribution by HCEs (making >$150K/year) and non-HCEs (making <$150K/year) in a given calendar year. The average deferral percentage (ADP) is the average portion each group has taken from their paycheck. The ADP of HCEs cannot be more than 2% higher than the ADP of non-HCEs. For example, if 2 non-HCE employees set aside 6% and 0% respectively, then the ADP for this group would be 3% (i.e. the average of 0 and 6). If the company’s HCEs contribute more than 5% of their salary on average (i.e. more than 2% more than the 3% average by non-HCEs), then the company would fail the test.
    

  • 🏦 ACP test: The average contribution percentage (ACP) takes into account employer contributions and adjusted rates for post-tax contributions. You calculate the ACP by dividing the total contribution amount for the year by the employee’s compensation. The test fails if the average ACP for HCEs is more than double the ACP for non-HCEs. ACP failures often arise when lower-paid employees have low 401(k) participation, or when the plan’s incentives disproportionately benefit senior positions. Your plan administrator will likely do this calculation for you.

• ⚓️ Safe Harbor: A safe harbor 401(k) plan is not subject to ADP/ACP discrimination testing and requires that employers contribute to employees’ plans according to one of 3 models:
  

  • Contribute 3% of the employee’s base compensation regardless of whether the employee contributes their own money to the plan or not.

  • The employer matches 100% of the employee’s contribution up to 3% of their total compensation, and matches 50% between 3 and 5% of their compensation.

  • The employer offers an alternative plan that is at least as generous as the requirements above.

3a. Equal Access

Employers have a great deal of flexibility to design eligibility requirements for their 401(k). Whatever method of eligibility or vesting that they choose must not unfairly privilege one group of employees over another. The ADP/ACP tests are one way to address discrimination concerns by ensuring that the program is accessible to lower income employees.

However, there are other ways that a 401(k)’s eligibility requirements may be inadvertently discriminatory. For example, if the business employs a lot of college students and only employees older than 21 are eligible for the 401(k) program, then the policy may unfairly exclude a large number of workers. For the same group, setting minimum hour requirements that makes it more difficult for student employees to qualify than their non-student peers could also be discriminatory.

Employers concerned about overenrollment may choose to allow all employees to contribute to a 401(k), but implement a vested matching program with more stringent conditions. Your 401(k) provider, CPA, or HR professional can provide suggestions on how to structure your plan’s eligibility to meet your strategic goals.

4. Contribution Limits

The IRS sets limits on how much an individual can contribute to their 401(k) each year. The limit is adjusted annually to keep up with changes in the cost of living. In 2023, the limits are:

• 🧒 Contributions for an employee under 50 years old cannot exceed $22,500 per year.

• 🧓 Contributions for an employee over 50 years old cannot exceed $30,000 per year.

• ➕ The combined total of employee and employer contributions may not exceed $66,000 for employees under 50, and $73,500 for employees over 50. This applies whether the employer contributions are based on a match or independent of matching.

Contributions must also pass the ADP/ACP test or qualify for a Safe Harbor plan.

5. Investment Options

Your 401(k) provider should provide a variety of investment options for employees to choose from based on their risk tolerance. Fund options must include three of the ERSA 404(c) requirements listed below:

1. The plan offers 3 or more investment options that are diversified and include a “reasonable” fee structure. The 3 “core” investment options must each offer significantly different risk:reward ratios.

2. Participants make their own investment decisions. They can allocate their funds among the different investment options to tailor the risk of their portfolio to their personal risk tolerance.

3. If the plan offers employer stock as an option, it should provide a description of confidentiality procedures related to the purchase, holding and sale of employer securities and the exercise of voting rights.

6. Scope of Practice

Businesses have a fiduciary obligation to administer the plans in the participants’ best interest. Most businesses meet this obligation by using an external plan administrator that is a licensed fiduciary. External 401(k) providers can help you select the investments included in your plan, monitor fees, and ensure compliance with regulatory requirements.

Company representatives who are not licensed fiduciaries or do not hold other certifications that qualify them to provide financial advice should be careful not to provide guidance that could be construed as financial advice when discussing the 401(k) plan. Laypersons can provide general factual information such as how to sign up for the program, or that Traditional 401(k) contributions are pre-tax while ROTH contributions are post-tax. However, unlicensed individuals cannot suggest which type of plan participant should choose, or which funds to invest in.

If a participant requests information that company representatives aren’t qualified to give, they can direct the employee to the plan provider or share materials from a credible source such as the IRS or a credible financial institution. However, laypersons should be careful to caveat any specific information that they provide by explaining that they are not an expert, and the participant should consult their tax advisor to confirm what considerations apply in their circumstances.

Communication with Employees

Businesses should communicate with their employees about the tax and compliance requirements of their 401(k) plan, and encourage them to seek advice from a financial advisor. Employers should prepare materials that describe the information needed to understand how the plan works, the investment options available to them, and the tax implications of contributing to the plan.

There are two types of compliance requirements related to communication about 401(k)s:

1. Those that must be shared automatically, and

2. Those that must be provided at the participant’s request.

📤 Shared automatically: Before they make investment decisions, participants should receive information about the risk/return characteristics and portfolio holdings of each investment option, instructions for making or changing investments, a description of fees, voting rights, and what information is available upon request. This information and the company’s intention to comply with 404(c) regulations are usually included in the provider’s summary plan document.

📥 Provided upon request: Operating expenses, financial statements, portfolio holdings with respective values and percentages of the portfolio, share value, and past and current performance for each investment option should be available to participants upon request. The plan administrator should also provide the value of shares in the participant’s account upon request.

Practical Steps for Managing a 401(k) Plan

For companies who use an outside provider to administer their 401(k) plan, administration is mostly a “set it and forget it” process. However, as with any time you’re using outside vendors for highly-regulated functions, it can be a real headache when there are issues. Following the steps below will ensure that your 401(k) plan administration is a breeze:

[ ] 📄 Create a plan document for your company handbook: This document can satisfy both the required compliance disclosures and answer frequently asked employee questions. Once this document exists, you can link to it in onboarding materials, and any time a team member has a general question about the plan.

Here are some things you may want to include in your plan document. Those designated with an asterisk are required by law (although it is not required that they appear in the handbook specifically):

• Description of eligibility requirements (if applicable).

• Description of matching programs and vesting schedules (if applicable).

• Definitions of traditional and ROTH 401(k) plans. Also include any additional deferred compensation programs that your company offers, if applicable (e.g. pensions, deferred company stock option plans, 403b, etc.).

• * If you have a default opt-in plan (i.e. new employees are signed up by default), notify employees of the default opt-in contribution and how to opt out.

• * Notification that the company intends to comply with ERISA Section 404(c), and that plan fiduciaries are not liable for any losses resulting from participants’ investment instructions.

• * Where to find a description of each available investment option including its risk category and portfolio holdings.

• * Link to instructions for how to select and allocate investments. It is better to link to instructions in your 401(k) provider’s help center rather than creating unique instructions so that your team does not have to make frequent changes to the document each time the provider changes their user interfaces.

• * Link to a summary of any charges associated with purchase or sale of an investment asset.

• * (Only if applicable under your plan) Information describing voting rights if the plan passes those rights on to plan participants.

• * Notification that operating expenses, financial statements, portfolio holdings with respective values and percentages of the portfolio, share value, and past and current performance for each investment option are available to participants upon request.

• Who to contact if they have questions. You should provide both the internal contact within the company, and contact information for the plan provider’s customer service team.

• Disclaimer that employees should contact their tax advisor if they have questions about what is best in their situation.

• Annual contribution limit amounts, including catch-up contribution limits for employees over 50.

• Link to a description of how to process a 401(k) rollover with your provider. If a form is required, you can link to that as well.

[ ] 🙋🏽 Choose a plan administrator: Employers can choose to administer the plan themselves or hire a third-party administrator. If the company uses an external provider for plan administration, there should still be a designated internal point of contact who can direct employees to resources, have administrator access to serve as a liaison in case of problems, and answer basic questions. This individual should have a basic understanding of 401(k) compliance requirements and the limitations on what topics they’re qualified to give advice.

[ ] 🤑 Review fees: Although 401(k) providers bear official fiduciary responsibility under the plan, employers are still legally responsible for making sure that the plan serves its participants’ interests. Regulations require that the fees for deferred compensation plans be “reasonable,” but financial professionals have been known to have a… ehem… “open-minded” interpretation of what is “reasonable.” The company’s plan administrator should review the fees charged by the plan’s core investment options to ensure that they are not excessive.

[ ] 👨🏻‍🏫 Educate employees: Although most employers are not qualified to give financial advice, it would be irresponsible not to point interested employees toward reputable sources for common questions related to 401(k)s. Reputable sources include the IRS, your plan provider’s website, and financial institutions that provide unbiased advice. Any resources should be accompanied by a disclaimer that the employee should seek advice from their tax advisor or financial planner about their situation.

You may wish to provide information about the following topics:

• The power of tax-sheltered retirement plans and compound interest.

• The difference between a traditional and ROTH 401(k).

• How to select investments that are diversified and appropriate to the individual’s risk tolerance.

• Penalties for early withdrawal.

Conclusion

401(k) plans are an excellent way for employers to compensate their team and lower the tax burden for employer and employee alike. Strategic design of your plan features can turn your 401(k) plan into an incentive that attracts and retains top talent. 401(k) plans can be inexpensive and simple to administer, and can provide thousands of dollars of tax savings per year both while the employee is working and after they retire.

Companies need not match employee contributions for a plan to be motivating and successful. While a 401(k) plan isn’t legally required, an equity incentive plan should not replace a 401(k) plan to allow employees to diversify their investments and take advantage of the financial incentives offered by 404c deferred compensation plans.

Want to learn more about getting the most out of your compensation budget? Check out these related articles:

• How 401(k)s help small teams stretch their compensation budget

• 12 ways to get the most out of your benefits budget

• Does your benefits package benefit your strategic goals?

• (Coming soon!) How to message your employee benefits for maximum impact

• (Coming soon!) 5 important benefits that cost you nothing

• (Coming soon!) Is your benefits package as inclusive as you think it is?