The retirement plan landscape is entering a defining moment. As we embark on 2026, plan sponsors are moving into another consequential phase of SECURE 2.0’s implementation, a phase that essentially expands both opportunity as well as accountability.
While SECURE 2.0 has been around since 2022, its yearly provisions never fail to throw a wrench in retirement plans and supply plan sponsors with ongoing challenges to properly navigate these changes.
As a result, understanding new provisions is of the utmost importance and should remain top of mind for plan sponsors. In fact, 82% of plan sponsors emphasize that reviewing provisions and adopting relevant updates is still a key priority in 2026.
The next wave of requirements includes Roth catch-up contributions of high-earners, higher IRA contribution limits, and mandatory automatic enrollment and escalation for new plans. While each provision is designed to strengthen retirement outcomes, together they significantly broaden the scope of plan sponsor responsibilities. More participants, more accounts and more complexity inevitably translate into fiduciary exposure.
For plan sponsors, the challenge is no longer simply understanding the rules; it is operationalizing them consistently, documenting decisions and maintaining oversight in an environment where even a small administrative misstep can quickly escalate into costly fiduciary issues.
What’s new and what’s harder?
Automatic enrollment and escalation requirements are among the most impactful changes coming into force. These provisions are expected to dramatically increase the number of active plan participants, many of whom may have limited engagement or lack proper information and insights to manage their accounts. While this expansion supports long-term retirement participation, it also creates heavier administrative and compliance demands. For all of these reasons, having good fiduciary liability insurance is now more important than ever.
• EDITOR’S NOTE: This article is part of our Q1 2026 “How Not to Get Sued” Deep Dive. All published coverage to date can be found here.
Plan sponsors must also ensure all payroll systems are correctly aligned, deferral rates are applied accurately, opt-out processes are documented, and participant communications are timely and clear. Each of these steps introduces new operational touchpoints, as well as new opportunities for error.
What makes this phase of SECURE 2.0 particularly challenging is that many of these responsibilities cut across internal teams and external providers. Payroll, HR, finance recordkeepers and third-party administrators (TPAs) all play a role. When responsibilities are fragmented, accountability can become blurred. Even well-intentioned plan sponsors can find themselves exposed if processes break down or documentation is incomplete.
Persistent compliance pain points
Despite years of regulatory evolution, several compliance challenges remain stubbornly unresolved. Plan sponsors continue to navigate guidance that is either evolving or subject to interpretation, particularly around contribution handling, eligibility tracking and disclosure obligations.
While outsourcing administrative functions is often necessary, it is paramount to acknowledge that fiduciary responsibility cannot be outsourced.
Plan sponsors may be looking for outsourced support through TPAs and recordkeepers; however, as alluded to earlier, this introduces its own set of risks. While outsourcing administrative functions is often necessary, it is paramount to acknowledge that fiduciary responsibility cannot be outsourced. Plan sponsors remain accountable for monitoring service providers, reviewing reports and identifying issues before they affect participants.
In practice, gaps frequently emerge. Documentation may be inconsistent. Oversight reviews may be informal or infrequent. Communication between vendors may be incomplete. These coordination failures are rarely intentional, but they are increasingly cited in regulatory inquiries and litigation.
Fiduciary risk, litigation rising
As plan design and administration become more complex, fiduciary risk is rising in parallel with litigation. Alleged fiduciary breach claims continue to grow in volume and scope, with administrative errors and process failures among the most common triggers, with major 2025 lawsuits involving Colgate-Palmolive, Home Depot, Pentegra and UnitedHealth Group.
Importantly, many of the legal claims do not stem from investment performance alone. They arise from issues such as missed deferrals, incorrect application of plan terms, delayed contributions or failures to follow established procedures. In this environment, good faith efforts are not always enough to shield sponsors from scrutiny. Only a few insurers are willing to package relevant insurance protection against the obvious exposures: mandatory ERISA fidelity bond; fiduciary liability insurance; and cyber insurance coverage.
Regulators and attorneys alike are focusing more closely on process, how decisions are made, how vendors are monitored and whether sponsors can demonstrate consistent, prudent oversight. Documentation, or lack thereof, often becomes the deciding factor.
Reducing exposure through strong governance
While the risk environment is intensifying, advisors and sponsors are not without tools. Reducing fiduciary exposure starts with strengthening governance frameworks and internal controls.
Regular compliance reviews, formal vendor monitoring processes and clear documentation protocols are essential. Plan sponsors should periodically assess whether their procedures align with current regulatory expectations and whether their service providers are meeting agreed-upon standards.
Equally important is treating fiduciary risk management as an ongoing process rather than a one-time exercise. As SECURE 2.0 provisions become implemented, plan sponsors should revisit policies, update training and ensure that internal teams understand their roles and responsibilities.
Why protection still matters
Even the most diligent plan sponsors cannot eliminate risk entirely. As oversight responsibilities expand, fiduciary liability insurance plays a pivotal role in helping organizations manage financial and reputational exposure. Such coverage is not a substitute for strong compliance practices. Rather, it serves as a backstop, providing protection in the event that a claim arises despite prudent efforts. In an era of heightened enforcement and litigation, that protection can be critical to preserving organizational stability.
Marching forward
SECURE 2.0 represents a meaningful step forward for retirement security, but it also raises the bar for plan oversight. Sponsors who recognize this shift and act accordingly will be better positioned to navigate.
By strengthening governance, improving documentation and approaching fiduciary responsibility with renewed rigor, plan sponsors can turn this period of change into an opportunity, not only to enhance participant outcomes but to safeguard their organizations in an increasingly complex regulatory environment.
MORE “How Not to Get Sued” Deep Dive COVERAGE:
• How Not to Get Sued in 2026: Part 1
• Lessons from ERISA Expert Witness Eric Dyson
• 5 Ways to Keep Jerry Schlichter Away from Your 401(k)