A participant who saw $99,000 vanish from her 401(k) via unauthorized distributions has reached a settlement with her former employer, Estee Lauder, as well as record keeper Alight Solutions.
The participant, Naomi Berman, sued Estee Lauder and Alight last October, alleging that the companies violated the Employee Retirement Income Security Act by allowing the unauthorized payments. Ms. Berman reported three transactions that occurred in 2016, and said she was never made whole for the thefts. State Street Bank & Trust Co., the plan’s custodian, had previously been named in the lawsuit but it was later released and is not included in the settlement, a company spokeswoman confirmed.
At the time of the thefts, Aon Hewitt was the record keeper; the business was renamed Alight Solutions after it was acquired by the Blackstone Group.
The three distributions were for $37,000, $50,000 and $12,000, according to the lawsuit. After those transactions, Ms. Berman was left with less than $3,800 in her account.
“Between Oct. 24, 2016, and Jan. 2, 2017, Ms. Berman made at least 23 calls to the customer service center regarding the unauthorized distributions,” the lawsuit stated. “Ultimately … no money had been recovered, and Ms. Berman’s Lauder plan account would not be made whole for the losses. Neither Lauder Inc., nor the benefits committee, nor [Aon] Hewitt contacted Ms. Berman further regarding the unauthorized distributions.”
The day after she first called Alight’s customer service center, Ms. Berman reported the stolen assets to the San Francisco Police Department and the FBI, court records stated.
The parties filed a notice of settlement on March 2 in U.S. District Court for the Northern District of California.
“We take data security and protection of accounts seriously, and are committed to maintaining a competitive, innovative approach to fraud prevention as threats evolve," an Alight spokesperson said in an email. "We regularly communicate with our clients about our policies and practices.”
Estee Lauder’s 401(k) plan had about $1.6 billion in assets and about 17,000 participants as of the end of 2018, according to Department of Labor data compiled by BrightScope.
Data security has become an increasingly important topic for plan sponsors and service providers over the past several years, particularly as caches of private data have been compromised, such as the Equifax breach.
In response, many of the big defined-contribution plan providers have rolled out security guarantees. Charles Schwab, Wells Fargo and Fidelity have done so, for example.
In 2018, Empower Retirement, the second-biggest provider by number of participants, added a “security guarantee” that pledged to reimburse participants for losses from unauthorized transactions. The company did so amid a big increase in fraud activity across the industry, it said at the time.
Fidelity’s “consumer protection guarantee” extends to DC plans and promises to reimburse accounts “if we conclude that the activity occurred through no fault of the customer,” the company said in an email.
A spokesperson for Principal said the company offers a "customer protection guarantee where we’ll reimburse a customer’s employer-sponsored account in the event of unauthorized activity. To qualify, we just ask that customers take a few simple steps to keep their account secure.”
Principal also has cybersecurity insurance, including network security and privacy liability coverage.
Former Northwestern Mutual advisors join firm for independence.
Executives from LPL Financial, Cresset Partners hired for key roles.
Geopolitical tension has been managed well by the markets.
December cut is still a possiblity.
Canada, China among nations to react to president-elect's comments.
Streamline your outreach with Aidentified's AI-driven solutions
This season’s market volatility: Positioning for rate relief, income growth and the AI rebound
