Retirement 101: A Comprehensive Glossary for 401(k) Recordkeepers and TPAs

March 21, 2024
0 min read
A comprehensive retirement and 401(k) glossary
Table of Contents

Read this retirement glossary to quickly refresh your understanding of common retirement terms, including 401(k) plans, regulations, and payroll integrations.

Like any regulated industry, the retirement field is thick with jargon and complicated nuance. Even pros that have been in the business for a long time have to keep up with ever-changing legislation and technology terms to stay ahead of the curve.

We've meticulously created this retirement glossary to be your go-to resource for mastering fundamental terms related to savings plans, compliance regulations, 401(k) payroll integrations, and beyond. Whether you need a quick refresher on common retirement terms or you're diving into the retirement industry for the first time, this guide will provide you with the knowledge you need to make informed decisions and strategic adjustments.

Let’s get started.

Fundamentals of Retirement

Plan Sponsor

Plan sponsors are entities, generally employers, that offer retirement plans to their employees.

Plan Participant

Employees contributing to and receiving benefits from retirement plans are plan participants. Beneficiaries or dependents who are nominated by the employee to receive benefits are also considered plan participants.

Plan Administrator

Plan administrators are the parties responsible for overseeing the day-to-day operations of 401(k) plans for participants and beneficiaries. While the employer could be the administrator, the work is often outsourced to a third party. Responsibilities of plan administrators include:

  • Designing the plan
  • Monitoring plan activities
  • Compliance testing
  • Providing customer support to plan participants (and, when outsourced, to sponsors)

Third-party Administrator (TPA)

Third-party administrators, or TPAs, are companies that provide qualified retirement plan administration services to employers. They typically oversee transactions, handle the documentation requirements and legal compliance of running a retirement plan, and offer guidance on the plan design. TPA responsibilities include: 

  • Preparation of Form 5500
  • Creating match and profit-sharing calculations
  • Performing non-discrimination and other compliance testing
  • Designing the plan and monitoring plan transactions
  • Providing customer support to employers and employees


401(k) recordkeepers manage retirement plan records, including participant details, payroll data transfers (like employee deductions and employer matches), and notice distribution. They act as bookkeepers tracking funds, contributions, loan payments, tax deferrals, and rollovers. The recordkeeper is the employee-facing element of retirement plans, providing the website for participants to access their accounts. Recordkeeping services are offered either as standalone services or bundled with TPA services.

  • Full-service recordkeepers (bundled) — Offer comprehensive 401(k) plan management, from design to administration to recordkeeping
  • Recordkeeper only (unbundled) — Maintain plan records only, while other management services are handled by either the sponsor or other third-party advisors and administrators.


The custodian for a 401(k) plan acts like a bank. They handle fund transfers, payments, and asset safekeeping in a 401(k) plan. They don't provide investment advice. While the plan administrator or a TPA monitors these transactions to keep compliant, the custodian is the entity that actually holds assets and invests the funds in a plan.

Key Employee

In 401(k) plans, key employees are crucial business figures with significant ownership or decision-making roles. According to the IRS, key employees must fulfill at least one of the following criteria:

  • Ownership stake of 5% or more
  • Ownership stake of 1% or more with annual compensation of $150,000
  • Officer with annual compensation exceeding $215,000 in 2023

Highly Compensated Employee (HCE)

Retirement plan participants are divided into two buckets: highly and non-highly compensated employees. The IRS defines a highly compensated employee as any individual who either:

  • Owned over 5% stake in the plan sponsor’s business at any time during the current or preceding year, regardless of compensation
  • Ranked among the top 20% of highly paid employees in the company and received compensation exceeding specified dollar amounts in the previous year:some text
    • $155,000 for 2024
    • $150,000 for 2023
    • $135,000 for 2022

Businesses must identify HCEs for 401(k) plans to pass IRS-mandated non-discrimination tests and keep their deferrals within permissible limits. 

Additional Resources

What is a Highly Compensated Employee (HCE)?

Non-Highly Compensated Employee (NHCE)

A non-highly compensated employee or NHCE is any employee that doesn't meet the highly compensated employee (HCE) criteria required by non-discrimination testing.


When plan participants withdraw funds from their retirement accounts, it's termed distribution. Most distributions are taxable by the IRS based on the participant's tax bracket. There are different types of distributions based on the type of retirement plan and the timing of the distribution. For example:

  • Normal Distributions are withdrawals made by participants when they reach the retirement age specified by the plan, typically around 59.5 years.
  • Required Minimum Distributions (RMDs) are withdrawals mandated from all employer-sponsored retirement plans and IRA-based plans when a participant reaches the age of 72. If the account holder doesn't withdraw the full RMD amount on time, they may be subjected to a 50% excise tax. However, SECURE 2.0 reduces this tax rate to 25%, and possibly even to 10% if the RMD is rectified within two years.
  • Rollover Distributions are a special type where individuals withdraw funds from one retirement plan and deposit them into another. These are not subject to taxes.
  • Periodic Distributions are regular payouts such as the monthly pension received by pension plan participants or beneficiaries.

Many rules govern retirement plan distributions, with financial penalties for noncompliance. For instance, withdrawing funds from a tax-advantaged retirement plan before reaching eligibility age often triggers penalties, except in select circumstances.


A rollover occurs when plan participants transfer all or part of their 401(k) balance from a previous employer's plan to a new retirement plan or IRA within 60 days. Rollovers are typically tax-free unless the rollover is to a Roth plan. Typically, recordkeepers are responsible for overseeing rollovers in a retirement plan, making it simpler for employees to manage and track their retirement investments while offering greater control over assets. 

Vesting Schedule

While participants own their contributions immediately, employer contributions to qualified retirement plans often follow a vesting schedule defined in the plan document. This schedule determines when participants gain full non-forfeitable ownership rights to the plan assets. 

Employers implement vesting schedules to encourage employees to stay with the company longer. Typically, these schedules span three to five years, ensuring that all employees are fully vested by the time they reach normal retirement age or before the plan ends. 

Form 5500

Form 5500 is an annual document prepared by plan sponsors. It discloses sponsor details and organization data like participants’ legal names and employer identification numbers (EIN), and plan details like plan characteristics, assets, fees, and eligible employees to the IRS and Department of Labor. Sponsors usually hire TPAs for this job. Meeting this filing requirement is crucial to staying transparent and compliant with regulations.

Regulatory Frameworks

ERISA (Employee Retirement Income Security Act)

The Employee Retirement Income Security Act (ERISA), established in 1974, is a federal law that requires plan administrators to provide participants with information about the plan, comply with fiduciary responsibilities, offer legal protections, and more. The law mandates that plan providers uphold specific standards, such as:

  • Clear communication of plan details to participants
  • Minimum standards for participation, vesting, benefit accrual, and funding
  • Procedures for participants to make claims and appeals to access their benefits
  • Standards for fiduciaries managing plan assets to protect participants' interests
  • Participants' right to legal recourse for breaches of fiduciary duty

Fiduciary Responsibility

Under ERISA, entities that are involved in retirement plan management—including plan sponsors, administrators, and investment advisors—must fulfill several fiduciary responsibilities:

  • Acting solely for the benefit of plan participants and beneficiaries
  • Carrying out duties with care, prudence, and diligence
  • Diversifying plan investments and following plan documents 

Notably, fiduciary responsibilities only include the standards to be followed for carrying out the plan functions, not the results. For example, fiduciaries are not responsible for the degree of success of a plan investment as long as they ensure a well-diversified investment portfolio and follow a prudent process for documenting and communicating plan activities. 


According to ERISA, a plan fiduciary is any entity that has discretionary authority and control over the management and administration of retirement plans and investments. Based on their roles, fiduciaries can fall into three categories:

  • 3(16) fiduciary: A 3(16) fiduciary is a service provider hired by an employer to manage the day-to-day administrative work for a 401(k) plan. Any 401(k) service provider that elects to offer fiduciary administrative services can be labeled a 3(16) fiduciary. 
  • 3(21) fiduciary: A 3(21) fiduciary provides advice about how the plan can invest its assets.
  • 3(38) fiduciary: A 3(38) fiduciary has the authority to actually manage the investments.


Setting Every Community Up for Retirement Enhancement (SECURE) Act, enacted in December 2019, aims to address Americans’ lack of retirement savings by making retirement savings plans accessible to more employees. 

Updated in December 2022, SECURE 2.0 introduced several new rules to encourage wider plan adoption and enhance retirement security. Some of the mandates with the biggest impacts on 401(k) plan administrators are:

  • Section 101: Automatic Enrollment—The legislation requires that every 401(k) or 403(b) plan created after Dec. 29, 2022, automatically enroll eligible employees in the plan with a starting contribution rate of 3-10% of the employee’s pay. The contributions are then automatically increased by 1% each year until they reach a minimum of 10%, but not more than 15%, of the employee’s pay.
  • Section 603: Catch-up contributions— Section 603 requires employees aged 50 or older who earn more than $145,000 yearly to make catch-up contributions on a Roth basis—in other words, after taxes. This helps them boost retirement earnings by making them eligible for tax-free withdrawals at retirement.
  • Section 125: Long-term, part-time employees— The original SECURE Act required employers to let part-time employees who completed 1,000 hours of work in their first year, or 500 hours of service over three consecutive years, join their 401(k) plan. Section 125 of SECURE 2.0, effective for plans starting after December 31, 2024, lowers the second time frame to two years. It also guarantees that eligible long-term, part-time employees have access to 403(b) plans that are subject to ERISA. Employees that qualify for a plan under Section 125 are entitled to a year of vesting service for every 12-month period in which they work a minimum of 500 hours.

Additional Resources

SECURE 2.0 Overview for Plan Providers

SECURE Act 2.0 Timeline

Section 603 Implementation Plan

401(k) Recordkeeper’s Guide to SECURE Act 2.0 Start-up Tax Credits

Non-discrimination Testing

Non-discrimination testing, required by the IRS, assesses whether all employees have equal access to a retirement plan. It requires that key employees and highly compensated employees (HCEs) stay within a specific contribution rate, which is determined by the contribution rate of non-highly compensated employees (NHCEs). Non-discrimination testing involves several assessments:

  • Actual Deferral Percentage (ADP) Test—The ADP test compares HCEs' and NHCEs' average salary deferral percentages to ensure fairness in contribution rates. The ADP of HCEs must not exceed the ADP of NHCEs by more than two percentage points.
  • Actual Contribution Percentage (ACP) Test— The ACP test is similar to ADP, but instead of assessing employee deferrals, ACP focuses on the employer’s matching contributions or employees’ after-tax contributions. 
  • Top-heavy determination—If key employees hold over 60% of the total plan assets, the plan is considered top-heavy. Under top-heavy plans, the employer is required to pay a minimum of 3% of non-key employees' compensation to their 401(k) accounts.

Additional Resources

Non-discrimination Testing: 401(k) Compliance

Types of Retirement Plans 

Employer-Sponsored Retirement Plan

Employer-sponsored retirement plans operate by automatically deducting a portion of an employee's earnings from each paycheck and placing it into a retirement fund. Employers can also pitch in, either matching a fraction of the employee's contributions or making a fixed contribution. There are different variations of employer-sponsored retirement plans like 401(k)s, defined benefit plans, simplified employee pension (SEP), etc. These often come at minimal or no cost to employees and provide significant tax benefits to employers.

Defined Benefit Plan (Pension)

A defined benefit plan, more commonly known as a pension, is an employer-sponsored retirement plan that guarantees a specified monthly payout for employees at retirement. This can be a fixed dollar amount or calculated based on factors like salary and years of service. Most defined benefit plans are protected by federal insurance from the Pension Benefit Guaranty Corporation (PBGC).

Defined Contribution Plan

Defined contribution plans are voluntary employer-sponsored retirement plans that allow tax-deferred contributions from employees and employers. Each pay period, a fixed percentage of the employee's pay goes into their retirement account, with these funds being invested on their behalf. 

However, unlike defined benefit plans, defined contribution plans do not promise a specific benefit, and the plan's value can fluctuate based on investment performance. Examples of defined contribution plans include 401(k), 403(b), employee stock ownership plans, and profit-sharing plans.

401(k) Plan

Among all the employer-sponsored defined contribution plans, 401(k) is the most popular. 401(k) plans enable employees to save for retirement through payroll deductions. Employees can choose to defer a portion of their salary (up to a set limit) into the plan before taxes, which is then invested on their behalf. Employers may also match employee contributions, making it a valuable retirement savings tool.

403(b) Plan

While 401(k) plans are available to employees of for-profit, private organizations, 403(b) plans, also dubbed tax-sheltered annuity plans, are a defined contribution option for eligible employees in public schools, churches, and tax-exempt organizations under Code Section 501(c)(3). Like 401(k) plans, 403(b) plans allow employees to defer money from their paychecks, with the added perk of potential employer matching contributions.

Savings Incentive Match Plan for Employees (SIMPLE) IRA

The SIMPLE IRA Plan (Savings Incentive Match Plan for Employees) is a tax-deferred retirement plan tailored for small businesses with fewer than 100 employees. Similar to 401(k) plans, employers have the option to match employee contributions that go into individual retirement accounts (IRAs) or annuities. However, SIMPLE IRA plans typically have lower contribution limits compared to larger employer-sponsored plans like 401(k).

Simplified Employee Pension (SEP) Plan

Simplified employee pension (SEP) plans offer employers of any size, including self-employed individuals, the opportunity to contribute to traditional IRAs set up for their employees. With lower start-up and operational costs than other workforce retirement plans, SEPs allow employers to contribute up to 25% of each employee's pay, up to a limit of $66,000 in 2023. Contributions are tax-deductible, and investments grow tax-deferred until retirement. Notably, SEPs only permit employer contributions.

Multiple Employer Plan (MEP)

A multiple employer plan (MEP) is a retirement savings arrangement where multiple employers participate in a single plan, typically sponsored by a professional employer organization (PEO) or an association. By sharing a common affiliation, such as membership in an association or engagement with a PEO, participating companies collectively enjoy several benefits, such as:

  • Simplified reporting: MEP eliminates the requirement for individual Form 5500 filings
  • Reduced audit requirements: MEP removes the need for annual plan audits
  • ERISA bond protection is not necessary under MEP arrangements
  • Lower costs due to outsourced administrative tasks

However, customization options are limited compared to single employer plans.

Pooled Employer Plan (PEP)

Introduced by SECURE Act 2.0, pooled employer plans (PEPs) are a variation of multiple employer plans (MEPs). In a PEP, participating employers delegate all administrative responsibilities to a designated pooled plan provider (PPP, or P3) acting as a 3(16) fiduciary. Unlike traditional MEPs, PEPs don't require participating employers to share a common affiliation.

Key Points:

  • Shared resources and outsourced administration lead to cost savings
  • Flexibility and customizability are limited compared to single employer plans
  • Despite their potential benefits, PEPs are relatively new and face low awareness and adoption rates

Safe Harbor 401(k) Plan

A safe harbor 401(k) plan is a tax-advantaged retirement option that requires the employer to make tax-deductible contributions on their employees’ behalf, either through a match of the employee’s contributions or through a non-elective contribution. The funds must also be fully vested at the time of contribution. These plans help employers automatically pass the IRS-mandated non-discrimination tests and allow employees to contribute the maximum permissible amount to their 401(k) accounts. 

Roth 401(k)

The Roth 401(k) is an employer-sponsored retirement plan allowing contributions to be made after taxes. Contribution limits mirror those of traditional 401(k) plans, while qualified participants enjoy tax-free withdrawals upon retirement. 

Catch-up Contributions

Catch-up contributions, established by the Economic Growth and Tax Relief Reconciliation Act of 2001 (EGTRRA), enable individuals aged 50 or older to exceed the usual contribution limit as they approach retirement. In 2023, eligible employees could contribute an extra $7,500 annually to qualified retirement plans like a 401(k) or 403(b).

SECURE Act 2.0 introduced new rules for catch-up contributions:

  • Starting in 2025, individuals aged 60 to 63 can contribute an additional $10,000 or 150% of the standard limit, whichever is greater.
  • Section 603 requires participants earning over $145,000 annually to make catch-up contributions on a Roth basis for tax-free withdrawals in retirement.

Additional Resources

How to Prepare for Section 603 of Secure Act 2.0: An Implementation Plan

Process Optimization Terms

Automated Payroll Processing

Automated payroll processing uses technology to streamline payroll calculations, management, and payment distributions. This modern approach to payroll offers numerous advantages:

Error Handling or Plan Error Correction

Inefficient data handling practices can lead to errors in eligibility checks, documentation, or contribution management—resulting in compliance issues and penalties. Error handling or plan error correction involves identifying and rectifying all the inconsistencies in employer-sponsored retirement plans. For information on common 401(k) mistakes, solutions, and prevention, check out the IRS's 401(k) Plan Fix-It Guide.

Automatic Enrollment

Automatic enrollment is a mandate stipulated under Section 101 of SECURE Act 2.0 that requires employers to enroll eligible employees in qualified retirement plans by a specified date unless they opt out. 

Section 101 is effective beginning January 1, 2025, which means that 401(k) and 403(b) providers must soon put in place and test the technology they will need to automatically enroll and increase the contributions of millions of participants. Failure to do so correctly and on time could result in noncompliance, stiff fines, and legal fees associated with disputing any penalties in court.

Additional Resources

What Retirement Plan Providers Need to Know about Secure Act 2.0 Section 101

Eligible Automatic Contribution Arrangement (EACA) 

Eligible automatic contribution arrangement (EACA) is a method for automatically enrolling employees in 401(k) plans. Unlike basic automatic enrollment, EACAs:

  • Require employers to notify all employees before enacting the plan's default automatic contribution percentage
  • Allow employees to withdraw automatic enrollment contributions (with earnings) based on the plan's terms

Payroll API Integration Terms

401(k) Payroll Integrations

401(k) payroll integrations allow recordkeepers or plan administrators to access the data held within the sponsor’s payroll system and facilitate seamless data exchange between systems. Integrating payroll systems with 401(k) plans streamlines plan management by:

  • Allowing 360° or bi-directional data synchronization, so plan administrators can automatically fetch and push deferral updates within the sponsor’s payroll system
  • Enhancing data accuracy and plan efficiency 
  • Maximizing operational efficiency by reducing the need for data reconciliation efforts and increasing responsiveness throughout the retirement plan cycle

Additional Resources

Guide to 401(k) Payroll Integrations

Secure File Transfer Protocol (SFTP)

Secure File Transfer Protocol (SFTP) is a method that uses shell encryption to securely send and receive sensitive information, like employment data, between businesses using a shared server. SFTP involves preparing data in a flat file format (like CSV or JSON), encrypting it, and then transmitting the files through a secure connection between two platforms. While SFTP is the most commonly used data-sharing method in the retirement industry, it requires a long, expensive setup process, cannot facilitate real-time data exchange, and is prone to errors caused by human intervention.

Application Programming Interfaces (API)

APIs, short for Application Programming Interfaces, act as bridges that enable communication between two different applications. They create a standardized pathway for two softwares—such as a payroll system and a recordkeeping platform—to exchange data and information, regardless of the programming languages they're built on. API integrations offer the same security as SFTP as well as near-real-time data access, but eliminate the need for time-consuming manual processes.

Additional Resources

SFTP vs API: Which Integration Method is Best for Employment Data?

Payroll APIs

Payroll APIs are simply APIs that are specific to payroll systems. They offer:

  • Accurate transfer of payroll data to retirement accounts
  • Real-time updates on contributions and deductions
  • Automated tracking of employee retirement savings and loan status
  • Simplified administration and improved accessibility for plan administrators, participants, and sponsors

Unified APIs

Unified APIs are a technology layer that provides access to many different applications and systems through a single API integration. Unified API providers sell pre-built connections to a multitude of applications within a category of software, meaning that users need only build one integration to the unified API provider to access the data within all of the systems the unified API has connections to. Unified APIs are standardized, meaning that all the data that flows through the API arrives in the same format, regardless of its origin. They’re an alternative to building dozens or hundreds of integrations in-house, which require high upfront capital investment, lengthy building periods, and long-term maintenance.

Additional Resources

Build vs Buy: Leveraging Employment Data Via HRIS and Payroll Integrations

Employment Ecosystem

The employment ecosystem is the collection of B2B software providers that employers use to manage their workforce. The ecosystem is vast, but any system that touches employment data is part of the employment ecosystem. These companies fall into 2 main categories:

  • Employment Systems of Record: Employment Systems of Record are centralized sources of truth for employment records, usually owned by HR. HRIS and payroll are the two primary systems of record. However, for some applications, Applicant Tracking Systems (candidate) and Benefits Administration Systems (election, dependents, etc.) may also contain employment data needed for their use case.
  • Third-Party Applications: These are SaaS applications that rely on employment data to function but primarily focus on additional services that help with human resource planning, management, and retention. Some examples include HR technology like talent management tools, employee benefits solutions, and finance applications like expense management tools.

Unified Employment API

A unified employment API is a vertical-specific unified API focused on the employment ecosystem. Unlike generalized unified APIs, unified employment APIs offer targeted market coverage, deeply granular data sets, and both read and write functionality to developers that require expertise in the employment ecosystem—along with the typical features of a generalized unified API.

These APIs are best suited for B2B products where the end users have administrative access to employment systems, such as HR admins, people operations professionals, benefits managers, or even finance team members. These users can then authorize a secure connection to key sources of employment data housed in their HRIS or payroll system. Developers can then leverage that data to create deeply integrated and personalized solutions for their customers.

Additional Resources

The Emergence of Unified Employment API

Authentication & Authorization

API authentication is vital in retirement technology to confirm users' identities when accessing sensitive employment data. Authentication is the process of verifying the identity of a user making an API request. It involves presenting credentials such as a username and password, API key, or digital token, which are then accepted or rejected.

Various authentication protocols, such as API keys, JSON Web Token (JWT), OAuth 2.0, user credentials, token-based authentication, and two-factor authentication protect sensitive data by reducing potential risks like data breaches, corruption, deletion, and denial of service (DoS) attacks.

However, authentication alone isn't sufficient for total security. It needs to be paired with authorization, which determines the level of access users should have based on their credentials.

Data Mapping

Data mapping is the process of reconciling data from different API endpoints to seamlessly sync data between systems. Even if two fields contain the same information, they might be named or structured differently. The process involves literally “mapping” two distinct data fields that hold the same information to one another, so the data can be automatically synced.

For example, when handling "employee address" in two different HRIS, what's referred to as 'location' in one system might be called 'residence' in another, causing confusion and making it harder to use the data. Data mapping involves training the API integration to recognize that the data held under ‘location’ in one system should sync with the data field called ‘residence’ in the other.

Data mapping can be tedious, especially when dealing with multiple APIs from different providers.  This is where a unified API can help—it lets vendors map data from different providers to one common model. Users can then request data from various providers without fretting over their differences.

Data Standardization

Data inconsistency among payroll systems can occur due to different data storage protocols followed by different providers. Data standardization normalizes data formats across endpoints to prevent loss of data due to mapping errors. Recordkeepers often opt for unified APIs for standardizing data obtained from multiple HRIS and payroll systems.

Data Synchronization

Data synchronization is the process of automatically updating data changes between two or more systems to maintain consistency. Frequent and timely data synchronization is vital for effective collaboration and compliance. Most automated API integrations sync data every 24 hours but will allow users to sync the data on demand.


Encryption is the practice of disguising sensitive data in transit so it cannot be intercepted or accessed by unauthorized entities. In the retirement industry, end-to-end encryption protocols like AES 256-bit or TLS 1.2 are essential to safeguard sensitive employment data such as personal identifiable information (PII) and bank details and ensure compliance with data protection regulations.

What’s next?

Visit the Finch Blog to learn more about the best practices and trends shaping the retirement industry and discover what the experts are saying.

97% of HR professionals say it’s important for your app to integrate with their employment systems

Learn more in our State of Employment Technology report ->

97% of HR professionals say it’s important for your app to integrate with their employment systems

Download the report to learn more

Start building with Finch

Get your API keys or contact us for more information.