401(k) Auto Portability’s Role in Reducing Cybersecurity Risk

401k, tech, fintech, retirement

It should get everyone's attention.


With trillions of dollars in assets to safeguard, the retirement services industry is intensely focused on the issue of cybersecurity, with Congress, recordkeepers and regulatory agencies all getting in on the act:

Despite the intense focus, a fundamental element has been overlooked in the industry’s drive to secure retirement assets: auto portability. Driven by the simple-but-powerful principle of consolidation, auto portability can lower retirement savings cybersecurity risks by:

  1. Reducing the cyber-threat attack surface
  2. Minimizing fraud-prone, small-balance retirement savings accounts
  3. Securely moving retirement savings forward

Reducing cyber-threat ‘attack surface’

A cyber “attack surface” is the sum of the different points, or attack vectors, that a cyber-intruder can attempt to leverage to compromise security. Since a larger attack surface presents an attacker with more opportunities to exploit, shrinking the surface’s size is an important goal.

Following this principle, participants with multiple, legacy 401k retirement savings accounts housed on multiple 401k recordkeeping platforms present a larger attack surface than individuals who have consolidated their retirement savings accounts.

Auto portability, via consolidation, significantly reduces the odds of exposure for millions of 401k participants.   According to the Auto Portability Simulation, widespread adoption of auto portability would result in 135 million participants consolidating their retirement savings over a generation, vs. only 9 million participants without the feature.

Minimizing fraud-prone, small-balance retirement savings accounts

Loss prevention experts warn us that “fraud starts small.” This concept clearly applies to small-balance retirement savings accounts, which can offer cyber-thieves more-tempting targets, as system controls and monitoring may be lax, and represent lower priorities.

For 401k plan sponsors and recordkeepers, reducing the number of small-balance accounts becomes vital to avoid becoming a breeding ground for low-level cyber-fraud, which can inevitably lead to bigger problems. Auto portability, through consolidation, can reliably achieve this outcome.

Securely moving retirement savings forward

When participants strand 401k savings accounts, the likelihood of becoming a victim of cybercrime increases over time.

By contrast, auto portability relies upon highly-secured, transient data exchanges to ensure that these accounts are moved forward quickly, safely and securely, employing the following key cybersecurity features:

Auto portability: A crucial element in retirement cybersecurity

With each new sensational data breach, we’re reminded that it’s better to be safe than sorry. By adopting auto portability, America’s 401k system—including participants, plan sponsors and service providers—can help mitigate cybersecurity threats through the power of consolidation.

Tom Hawkins is Senior Vice President, Marketing and Research with Retirement Clearinghouse, and oversees all key operational aspects of this area, including RCH’s web presence, digital marketing and plan sponsor proposals. In other roles for RCH, Hawkins has performed product development, helped lead the company’s re-branding, evaluated and organized industry data and makes significant contributions to RCH thought leadership positions.

Exit mobile version