Compliance | Finch Blog

How to Streamline 401(k) Compliance Testing with Payroll Integrations

Sudeshna Roy

April 11, 2024

0 min read

For recordkeepers and TPAs, handling annual 401(k) compliance testing is like steering through a maze of IRS and DOL rules. As stewards of these plans, they need to keep up with regulatory changes, employee census updates, and payroll deductions and accurately process large volumes of participant data without missing critical deadlines.

This is as complex as it sounds, particularly when accessing employee data isn’t straightforward. Think of it like juggling multiple balls—you've got to be on your game to keep all the balls in the air and avoid any penalties along the way. The challenge is further amplified for plans with complex designs, like profit sharing or multiple investment options. As if that weren’t enough, recordkeepers and TPAs have to deal with the frustration of slow and error-prone manual data sharing methods.

Traditional ways of handling employment data have long proved to be a hassle for plan service providers that slows down the efficiency of plan management including compliance testing. This has prompted recordkeepers and TPAs to actively seek new technologies, leading to the recent popularity of API-based payroll integrations.

APIs provide TPAs and recordkeepers with direct and immediate access to sponsors' payroll data. This not only simplifies compliance testing but also minimizes sponsor involvement in retirement plan management—enabling them to create a winning customer experience.

In this article, we’ll explore the concept of compliance testing, the limitations of traditional data sharing methods for effective testing, and how recordkeepers and TPAs can leverage payroll integrations to streamline the testing process.

Understanding 401(k) compliance testing

Sponsors have a fiduciary responsibility to guarantee fair and equitable benefits for all participants in the 401k plan. Each plan must pass four key compliance tests to ensure the plan doesn't favor higher-income individuals like business owners and top executives. The four tests are:

Coverage test
Actual Deferral Percentage (ADP) test
Actual Contribution Percentage (ACP) test
Top-heavy tests

The coverage and nondiscrimination tests (ADP and ACP) are annual assessments focused solely on contributions made within a specific year, while the top-heavy rules are evaluations based on the cumulative benefits accrued over time.

Coverage testing ensures that a broad spectrum of employees benefit from the plan. It verifies that the retirement plan sufficiently covers non-highly compensated employees (NHCEs) in comparison to highly compensated employees (HCEs) and key employees. For plan administrators, this involves accurately assessing whether NHCEs are adequately included in 401(k) plans.
Actual Deferral Percentage (ADP) testing checks if HCEs contribute within defined limits relative to NHCEs.
Actual Contribution Percentage (ACP) testing evaluates employer-matching contributions and voluntary after-tax contributions. The purpose of the ACP test is to confirm that the plan feature is actually used widely and not only by HCEs.
Top-heavy testing confirms that plans do not excessively favor key employees. Plan administrators must keep an eye on the plan’s overall structure to verify that the plan benefits all employees proportionally.

All plan sponsors are obligated to complete compliance testing unless their plan qualifies for the Safe Harbor exception. The success of a 401(k) plan in these tests hinges on the spread between compared groups falling within the specified range. If a significant discrepancy is detected, the employer must take corrective actions as outlined by the IRS in the 401(k) Plan Fix-It Guide.

Nondiscrimination Testing HCE NHCE Key Employees

Common 401(k) compliance testing challenges

For third-party plan administrators and recordkeepers, compliance testing involves deep analysis and meticulous scrutiny of the plan and participant data. Delays or errors in these calculations can result in hefty penalties and additional matching requirements for plan sponsors. If you’re a recordkeeper or TPA, this is definitely not the sponsor experience you’d want to create for your customers.

Ensuring the data is accurate and received on time is a considerable challenge for recordkeepers and TPAs, primarily because they’ve traditionally been reliant on the sponsors or their payroll providers to send the data manually or through file-sharing methods like SFTP.

Exchanging data this way can present a slew of challenges, like:

Outdated employee details
Incorrect employment data
Lack of standardization across systems

Outdated employee details

Manual methods like SFTP can cause unnecessary delays in accessing required data. By the time a file is uploaded on the server, it’s theoretically out of date. Any changes that are made in the payroll system in between data dumps (which typically happen once following each pay period) are unknown to the recordkeeper or TPA until they receive the next batch of data. This delay may result in TPAs and recordkeepers missing important eligibility information or deferral updates and miscalculating the participation rate and contribution percentages of HCEs, NHCEs, and key employees, leading to inaccurate reporting.

Incorrect employment data

SFTP and other file-based systems often require ongoing manual intervention: if the sponsor is in charge of sharing data with the recordkeeper, they need to download data from their payroll system, format it appropriately, then upload that file onto a shared server. That much human intervention creates ample opportunity for errors like typos, mislabeled fields, and improper formatting. Since the quality of 401(k) compliance testing relies on the accuracy of this data, even small inaccuracies can lead to bad test results, resulting in fines, penalties, and extra work to fix mistakes. It also hurts the recordkeeper’s or TPA’s reputation and credibility.

Lacking data standardization

File-based data sharing methods don’t account for the lack of standardization across payroll providers, forcing recordkeepers and TPAs to spend resources extracting and standardizing the data before it can be used in compliance testing. In the diverse U.S. payroll market, where nearly 6,000 providers—each with their own unique data formats and fields—cater to small and mid-sized businesses (SMBs), standardization is key. This complexity leaves further room for error and draws out the testing process, risking missed deadlines.

Simply put, ensuring data quality and consistency can be challenging, time-intensive, and inefficient, especially when working with a year’s worth of sponsor data. Recordkeepers and TPAs need a better way of collecting this data at compliance testing time. This drives them to seek out more automated solutions like API integrations.

How API integrations improve 401(k) compliance testing

Application programming interfaces, or APIs, are tools that allow software applications to communicate and interact with each other. With API-based payroll integrations, data can automatically flow from the sponsor’s sources of truth directly to the recordkeeper or TPA—for each pay run.

There are two types of payroll integrations: 180° and 360°. While 180° integrations only transmit data in one direction—say, from the payroll system to the recordkeeper—360° integrations facilitate data exchange in both directions. This means recordkeepers can update deductions directly in the payroll system without involving the sponsor.

360° payroll integrations offer several advantages in compliance testing. It helps recordkeepers and TPAs to:

Seamlessly sync employee census data throughout the year
Keep track of employee deferrals
Collect YTD data for end-of-year audits
Improve the sponsor experience

Seamlessly synchronize employee census data throughout the plan year

Sponsors’ census data is changing all the time. Payroll integrations ensure that the recordkeeper or TPA is always holding the most recent employee information. Whenever employees are on- or off-boarded, receive promotions and raises, or change roles, that information is synced between the payroll system and the recordkeeper and TPA’s database.

This allows them to track HCE and NHCE contributions throughout the year and make necessary adjustments to ensure the plan will pass compliance tests.

Keep track of employee deferrals

In many plans, participants can change deferral rates at any time, which means the recordkeeper has to notify the sponsor so they can make the necessary adjustments within the payroll system. But with 360° integrations, the recordkeeper can automatically push deferral changes back to the payroll system without involving the sponsor at all. This ensures the changes are made before the next payroll and that the recordkeeper has the most up-to-date information regarding the employee’s deferral and potential matching contribution.

Collect YTD data for end-of-year audits

Using API integrations, recordkeepers and TPAs can efficiently retrieve year-to-date (YTD) data from sponsors for end-of-year audits. This allows them to check the accuracy and completeness of data pulled throughout the year and make any necessary adjustments before the year’s end. Accessing YTD data through APIs simplifies 401(k) compliance testing by giving immediate insights into the year-long participant contributions and plan activities, which improves the accuracy of testing and regulatory reporting.

Improve sponsor experience

360° API integrations enable recordkeepers to enhance the sponsor's experience by reducing their day-to-day involvement in 401(k) plan management, minimizing administrative responsibilities, and eliminating constant back-and-forth through automated data transfer. Moreover, more automation leads to higher operational efficiency for the recordkeepers.

Note: For a detailed understanding of how payroll integrations can streamline 401(k) plan administration, including compliance testing, read our article "Why Recordkeepers are Increasingly Turning to Payroll Integrations."

Best practices for streamlining 401(k) compliance testing with 360° API integrations

For a 401(k) plan to pass compliance testing, it must be non-discriminatory and avoid being top-heavy. As a 3(16) fiduciary, recordkeepers and TPAs bear the responsibility of upholding the plan's financial integrity, meeting regulatory standards, and ensuring participants have a secure retirement savings experience. Proactive maintenance and regular updates of plan records mitigate the risk of test failure and eliminate the need for major adjustments at year-end.

To streamline compliance testing, recordkeepers can implement the following strategies that involve maintaining current data, conducting timely testing, and continuously monitoring the plan's performance:

Use API integrations for seamless and secure data exchange
Implement automatic enrollment
Regularly review plan participation and contribution data
Adopt integration tools to scale payroll integrations

Use API integrations for seamless and secure data exchange between systems

Traditional file-based data sharing methods are manual, error-prone, and may require sponsors to perform routine work. API integrations, on the other hand, allow recordkeepers to access employment data in a fast, secure, and programmable manner—ensuring they always have all the data required for compliance tests.

Implement automatic enrollment to make it easy for employees to join 401(k) plans

With automatic enrollment, eligible employees are enrolled by default, shifting participation from opt-in to opt-out. Payroll integrations keep plan records up to date by enrolling employees as soon as they become eligible and boosting overall NHCE contributions, which increases the likelihood of passing non-discrimination tests (NDTs). Moreover, automatic enrollment helps administrators and sponsors comply with Section 101 of the SECURE Act 2.0 that mandates automatic enrollment in retirement plans.

Regularly review plan participation and contribution data

Recordkeepers and TPAs should regularly review sponsors’ data for accuracy to catch potential issues with the ADP and ACP tests early. While API integrations guarantee that they are receiving the data exactly as it appears in the payroll system, mistakes can still happen—the sponsor may have inadvertently added a typo or input data into the wrong field.

But when recordkeepers and TPAs have access to all of a sponsor’s data—historical and present—at all times, it’s easy to perform routine checks to ensure the data is clean. That way, errors can be caught early and addressed before compliance testing deadlines roll around. They can also warn sponsors if the trend shows skewed contribution ratios at any time throughout the year.

Adopt integration tools for accessibility and scalability

While payroll integrations provide significant value, building and maintaining 1:1 integrations at scale can be challenging and costly. Payroll APIs are typically specific to each provider and may require in-depth knowledge of the application's functionality and API structure. This is why integration tools like unified APIs are gaining popularity among recordkeepers and TPAs.

Unified employment APIs enable them to access data stored in multiple payroll systems through a single integration. Unlike their generalized counterparts, unified employment APIs are hyperfocused on the employment sector, which means they can offer more granular data access. For example, Finch’s Unified Employment API can fetch data as deep as individual pay statements. This level of detail makes it easy to check participant details such as earnings, tax information, and deductions.

It’s safe to say that relying on sponsors to manually share employee demographic, payroll, and plan contribution data over an SFTP server is neither efficient nor scalable for recordkeepers and TPAs that are looking to simplify compliance testing for 401(k) plans. As more employers seek integrated and technology-driven solutions, they are leaning heavily towards payroll integrations to automate critical steps in compliance testing—from automated data access and eligibility checks to boosting plan participation and managing deferral updates.

Simplify 401(k) compliance testing with Finch

Finch’s Unified Employment API can simplify compliance testing for recordkeepers and TPAs in several ways:

Finch provides secure access to multiple payroll systems—covering 88% of the U.S. employer market—with a single integration. This helps recordkeepers and TPAs to effortlessly scale payroll integrations at a lower engineering cost.
With direct integrations to the sponsor's system of record, TPAs and recordkeepers can speed up employer onboarding, auto-enroll newly eligible employees, and simplify deductions updates with minimal effort.
Finch standardizes employment data across providers into a common data model that’s easy to understand and work with.

There’s more to what Finch offers. If you're a retirement plan service provider managing compliance testing for multiple employers, consider adding Finch to your tech stack. Get in touch with us today to see how we can help.

‍

How Recordkeepers Can Make the Most of Secure 2.0 Startup Tax Credits

Sudeshna Roy

March 5, 2024

0 min read

The retirement industry is on the precipice of explosive growth. Alarmed by Americans’ lack of retirement savings, the US government has enacted new legislation to incentivize small businesses to offer 401(k) plans and to increase employee participation. Key to those incentives are the SECURE Act 2.0 tax credits.

SECURE Act 2.0 established three tax credits for small businesses that offer retirement savings plans to their employees—two of which are specific to plans established after 2022—including a credit that covers the startup costs of establishing a plan for the first time.

This presents a golden opportunity for 401(k) administrators: there has never been a better time for small businesses to offer a retirement plan. Recordkeepers are in a position to capitalize on this push, leveraging the urgency SECURE Act 2.0 tax credits are driving among small employers to earn new business and increase revenue from existing customers.

In this article, we’ll cover the new requirements and tax credits of the SECURE Act 2.0, how they’re driving more small businesses to offer retirement plans, and what 401(k) recordkeepers and TPAs need to do to stand out and win these sponsors’ business.

What are the SECURE 2.0 tax credits?

The Setting Every Community Up for Retirement Enhancement Act of 2022—better known as SECURE Act 2.0—aims to boost individual retirement savings and encourage employers to offer attractive retirement plans by reducing startup expenses. The three tax credits offered under the new provisions are:

Employer contribution tax credit
Startup cost tax credit
Automatic enrollment tax credit

Employers that take advantage of all three tax credits could be eligible for up to $55,500 in tax credits in the first year alone—an enormous potential cost savings.

The employer contribution and startup cost credits only apply to plans established after 2022; the automatic enrollment credit is also applicable to older plans. All three credits are only available to businesses with fewer than 100 employees.

Employer contribution tax credit

Sponsors offering new 401(k), SEP, and SIMPLE plans are eligible to receive tax breaks for employer contributions, up to a maximum of $1,000 per employee per year. Businesses with fewer than 50 employees can claim up to 100% of their contributions; larger businesses’ claims are reduced by 2% for every employee over 50. These credits can be claimed for up to five years; the percentage decreases each year by 25%, beginning in year three.

Startup cost tax credit

Sponsors can also claim the startup and maintenance costs of new plans for up to three years. These credits cover 100% of plan costs for employers with fewer than 50 employees and 50% for employers with 51–100 employees. Sponsors can claim $250 for each eligible Non-Highly Compensated Employee (NHCE), up to a maximum of $5,000.

Automatic enrollment tax credit

This is the only credit that applies to retirement plans in place before 2023. Sponsors that incorporate automatic enrollment into their plans under the Eligible Automatic Contribution Arrangement (EACA) before the mandated deadline of January 1, 2025 can earn a $500 annual credit for up to three years.

‍Also read: Secure Act 2.0 Implementation Plan

How can 401(k) recordkeepers leverage SECURE Act 2.0 tax credits?

401(k) recordkeepers have an opportunity to take advantage of the urgency SECURE Act 2.0 is driving among small employers, both through compliance mandates and tax incentives.

Traditionally, small businesses have been less likely to offer retirement plans for a variety of reasons. In addition to the startup costs, small teams may be particularly concerned about the administrative burden of a retirement plan and intimidated by the stringent regulations that govern them.

That means that while 401(k) recordkeepers can expect an influx of new sponsors seeking their services, they’ll need to be prepared to accommodate these sponsors’ unique needs to stand out among the competition and win new business and establish positive, long-term relationships with customers.

This all boils down to three key strategies:

Invest in the sponsor experience — Small businesses are just that—small. They have less bandwidth to take on the administrative burden that comes with managing a retirement plan. To avoid these additional complexities, 74% of small businesses do not offer a 401(k) plan to their employees. Recordkeepers can leverage this gap and win more deals by offering the easiest user experience.
Simplify compliance with auto-enrollment and eligibility checks — Retirement plans established after 2022 are subject to new regulations, some of which are already in place and some that will go into effect in January 2025. Sponsors will seek out providers that are best suited to keep them compliant and reduce their risk of incurring fines.
Offer world-class security — Retirement plans hold tons of sensitive data, so recordkeepers need to be prepared to demonstrate how they’re keeping sponsor and employee data safe.

Invest in the sponsor experience

As a first-time sponsor, many employers are wary about the hassle of plan administration and the degree of resource involvement. To deliver a high-quality customer experience, recordkeepers need to ensure fast sponsor onboarding, ease of using the plan administrator’s service, and reduced administrative work for the plan sponsor.

Traditional methods of pulling employee data and setting up data-sharing processes are highly time and resource-intensive tasks—leading to lengthy onboarding processes for sponsors. Employers need to spend hours on HR administrative work each pay period to keep the 401(k) running smoothly, which can negatively impact customer satisfaction.

Recordkeepers that want to take advantage of the new business spurred by the SECURE Act 2.0 tax credits will need to offer an alternative that minimizes the sponsor’s responsibility. Payroll integrations offer a solution—when the recordkeeper can pull data directly from the sponsor’s payroll and send changes in contributions and deductions back, much of the manual work is eliminated, which reduces the burden on both the sponsor and the recordkeeper.

These 401(k) payroll integrations, powered by APIs, are game changers—but they’re also expensive and time-consuming to build and require ongoing maintenance. Rather than trying to build integrations to multiple payroll systems in-house, recordkeepers can leverage unified APIs to gain access to a multitude of payroll providers in the time it takes to build just one integration.

Simplify compliance with automatic enrollment and eligibility checks

SECURE Act 2.0 set forth new requirements, including the auto-enrollment of employees and new eligibility criteria for part-time employees and catch-up contributions. Recordkeepers must be prepared to quickly and accurately check employee eligibility and enroll them in their sponsors’ plans to maintain compliance.

All new retirement plans established after 2022 are required to have automatic enrollment enabled by 2025, meaning employees have to opt out of participation, rather than opting in. 401(k) recordkeepers that make it easier for employers to conduct eligibility checks and simplify the process of automatically enrolling employees in specific plans will win against the competition.

Also read: SECURE Act 2.0 Timeline for Retirement Plan Providers.

However, there are two issues that can make auto-enrollment problematic for plan administrators:

Data validation: Many recordkeepers and plan sponsors rely on manual data entry for enrolling employees in retirement plans, which is prone to error and leads to data inconsistency across platforms—making it difficult to conduct eligibility checks.
Timeliness: Manual methods of enrolling employees can also lead to missed deadlines and inaccurate contribution details, risking penalties for non-compliance.

Both of these problems can be solved by removing the element of manual data entry. Payroll and HRIS integrations give retirement plan providers real-time access to employee census and payroll data, allowing them to perform eligibility checks and automate plan enrollment based on information from the employer’s source of truth. When the payroll integration offers both read and write capabilities, the recordkeeper can also automatically update changes to employee deductions and employer contributions directly within the sponsor’s payroll systems—no manual intervention required.

Offer world-class data security

Retirement is a heavily regulated industry due to the sensitive nature of employment data, such as personally identifiable information (PII), bank details, and so on. Many small businesses starting 401(k) plans for the first time are concerned about ensuring compliance and safeguarding data.

Although plan sponsors tend to delegate data cybersecurity duties to recordkeepers, they have a fiduciary duty to ensure that their recordkeepers follow maximum security practices. As a result, to win customer confidence, all 401(k) plan administrators need to ensure total transparency and comply with industry standards like SOC2 and HIPAA when dealing with employment data.

Once again, integrations can play a pivotal role here: because integrations eliminate the need for manual data-sharing through CSV uploads or SFTP, they incur less risk that sensitive data could be exposed. Unified API providers typically come with industry-standard security for data in transit and data at rest, offering peace of mind for both the recordkeepers that use them and the employers whose data travels through them.

Create best-in-class customer experiences with Finch’s Unified Employment API

SECURE Act 2.0 tax credits stand to drive many more small businesses to offer retirement plans for the first time. As a 401(k) recordkeeper, you have an opportunity to capitalize on this movement and win new business; but doing so will require a user experience that reduces the burden on sponsors and ensures compliance.

Finch’s Unified Employment API can help by unlocking integrations to 200+ HR and payroll providers, covering 88% of US employers. That affords your team to focus your efforts and resources on providing innovative solutions for your sponsors.

Talk to our sales team today to explore the ways you can use Finch to help small businesses start a 401(k) plan and take advantage of the tax credits afforded by SECURE Act 2.0.

Frequently asked questions

Which employers are eligible for a SECURE Act 2.0 tax credit?

Employers must meet the following criteria for employer contribution and plan startup tax credits:

Have fewer than 100 employees who earned at least $5,000 in compensation in the previous year
Include at least one Non-Highly Compensated Employee (NHCE) in the plan
Have not provided retirement plans covering the same employees in the last three years

All new and existing 401(k) plans that add the automatic enrollment feature under EACA before the January 2025 deadline are eligible for a $500 automatic enrollment credit for up to three years.

Are businesses in MEP or PEP eligible for a SECURE Act 2.0 tax credit?

Yes, all eligible employers, including those in a multiple employer plan (MEP) or pooled employer plan (PEP), can avail the small business tax credits under SECURE 2.0.

Which plans are eligible for tax credit?

The following plans are eligible for small business tax credit under SECURE 2.0:

SEP, or simplified employee pension
SIMPLE IRA, or savings incentives match plan for employees
401(k)
403(b)

What are the qualified costs for the startup cost tax credit?

Qualified startup costs refer to the essential expenses a small business incurs for:

Setting up and managing a qualified retirement plan, including recordkeeper fees and third-party administrator charges
Educating employees about the plan

The credit doesn't cover costs paid through plan assets or investment expenses.

What is the best way to auto-enroll employees in retirement plans?

The most effective method for 401(k) plan sponsors and recordkeepers to automatically enroll participants into retirement plans is through integrations with the sponsor’s HRIS and payroll systems. Finch’s Unified Employment API offers access to over 200 HRIS and payroll providers, allowing automatic eligibility checking and enrollment based on employment data directly from the employer's source of truth. Contact us to learn more.

How to Prepare for Section 603 of Secure Act 2.0: An Implementation Plan

Charlie Liang

July 13, 2023

0 min read

How to Prepare for Section 603 of SECURE Act 2.0

Have you been paying close attention to the SECURE Act 2.0? If so, you know that Congress has written new laws to expand retirement plan coverage for millions of Americans. While certain sections of SECURE Act 2.0 are already in effect, Section 603—along with many others—will take effect on January 1, 2024.

This means that 401(k) and 403(b) plan providers and product leaders have a tight turnaround to stay compliant. It’s a race against time, but with proper planning, you can beat the clock. In this post, we break down Section 603 of SECURE Act 2.0 and the steps 401(k) and 403(b) plan providers should take to ensure compliance by the fast-approaching deadline.

Breaking down Section 603

The United States is facing a retirement crisis. Across all age groups, the average American has only $89,300 set aside for retirement. When you consider that the benchmark set by popular savings strategies like the 4% rule is $1.5 million, there’s due cause for concern.

To curb this trend and help more people prepare for retirement, Congress is updating the catch-up contribution rules in Section 603 of SECURE Act 2.0.

Under current law, retirement plan participants age 50 and older can make catch-up contributions to their 401(k), 403(b), or IRAs—but under Section 603, that’s about to change. According to Section 603, if a retirement plan participant wants to make a catch-up contribution—and they earn more than $145,000 per year—they will be required to make the contribution on a Roth tax basis. In other words, catch-up contributions for these individuals will no longer be eligible for pre-tax treatment in 2024.

The purpose of the provision is to create more opportunities for Americans to accelerate their savings in the years leading up to retirement. By imposing a Roth-based rule, Congress ensures that plan participants will be able to withdraw tax-free dollars when they retire, thereby strengthening their financial security.

While a glitch in Section 603 could inadvertently eliminate the ability for anyone to make catch-up contributions in 2024, Congress has told the U.S. Treasury that corrections are coming, so retirement plan providers should prepare to stay compliant with Section 603 as Congress intended.

Section 603: Questions to ask yourself right now

Section 603 is effective beginning January 1, 2024, which means that 401(k) and 403(b) providers must be prepared to update policies for every single retirement plan participant age 50 or older who is making catch-up contributions and earns over $145,000. To ensure you are ready for the new requirements, here are some questions you should be asking yourself right now:

How do I identify which of my plan participants are currently subject to Section 603 regulations, and how many of these plan participants am I responsible for? Hundreds? Thousands? More?
How do I identify when participants become newly eligible (i.e., when they reach their 50th birthday and/or if they begin earning more than $145,000)?
Do I have the technology in place to automate all of these contributions updates and manage them on an ongoing basis?
Is my team capable of updating every single retirement plan in just six months?

If you can’t keep up with Section 603, you risk noncompliance, which could result in harsh penalties, steep fines, or legal fees associated with disputing any penalties in court.

How to prepare for Section 603 of SECURE 2.0

If you determine that you are among the plan providers affected by Section 603, here’s what you can do to stay prepared:

Step I: Study up on Section 603 and learn as much as you can about the legislation. To help yourself, your team, and your customers understand what’s happening, remember the provision’s key points in simple terms:

If a plan participant 50 or older makes more than $145,000 per year and wishes to make a catch-up contribution, they must do so on a Roth basis.
If other eligible employees wish to make catch-up contributions on either a pre-tax or Roth basis, they are permitted to do so.
All retirement plans must be modified to reflect these updates by January 1, 2024.

Step II: Get ready to transfer data. To prepare for Section 603, you’ll need to pull in data from payroll systems to:

Determine which participants are 50 or older and earned over $145,000 in the 2023 tax year
Identify whether they are making catch-up contributions
Verify those contributions are made on a Roth basis.

Step III: Monitor the situation. It’s unlikely, but Congress could delay the provision or the IRS could extend compliance due dates to January 1, 2026. Nevertheless, preparing for Section 603 should be mission critical at your organization, so you don’t fall behind.

Updating the data

Naturally, updating contributions means you’ll have to exchange large volumes of data between you and plan providers. Since you need to look at every plan participant who is 50 or older and earns more than $145,000 per year, you’ll need to pull in data from HRIS and payroll systems, such as:

Participant Information: Each participant's full name, Social Security number, and contact information is necessary to identify and locate the individual's retirement plan account.
Income Verification: Documentation or records are needed to confirm that the participant's gross income exceeds the threshold of $145,000 per year.
Account Balance: Checking the current balance of the participant's retirement account(s) helps determine the available funds for transferring catch-up contributions to a Roth basis.
Catch-Up Contribution Eligibility: Each participants’ date of birth is needed to confirm whether they are age 50 or older. This is crucial since catch-up contributions are only available to participants who have reached the age threshold.
Job Change and Contribution Allocation: If a participant changes jobs mid-year, they may have contributed to retirement plans at both employers. Since each employer's retirement plan would have its own account for the participant, you need to consider the contributions made at each employer and ensure that the catch-up contributions are correctly allocated and characterized as Roth contributions.
Allocation Details: Information about the participant's investment allocation within the retirement account, including the percentages or amounts invested in different asset classes or specific funds, helps ensure that the updated contributions align with the participant's desired investment strategy.

While this data can vary based on your current retirement plan, platform, or procedures in place, it should give you an idea of how complex the compliance process can be. Now that you know the different types of data, how will you transfer all of it?

Transferring the data

When you’re updating retirement plans to stay compliant with Section 603 of SECURE Act 2.0, there are four ways to transfer data:

Entering data manually

Manual data entry is the least expensive option in terms of upfront costs, but it puts undue burden on sponsor administrators and is prone to errors. Improperly tracking data could result in a failure to update retirement plans and expose you to Section 603 compliance regulations. Manual data entry is simply unreliable, time-consuming, and expensive. ‍

Transferring data via SFTP files or flat files

Transferring SFTP and flat files could be easier than asking in-house developers to build custom, direct integrations—but transferring all of that sensitive retirement plan data has several drawbacks:

Sponsor admins are forced to compose custom reports and upload them correctly.
Manual data entry raises risks and requires validation to avoid errors.
This method does not allow for real-time data access.
Excessive data syncs slow down the compliance process for retirement plan providers and plan sponsors.

Note: Check out Finch's new product Flatfile to quickly scale your SFTP connections.

Building your own custom integrations

Custom integrations with HRIS and payroll systems offer the advantages of automatic, real-time data syncs, as well as read and write capabilities. However, they are also complex and expensive to build and maintain. Challenges of building custom integrations include:

Number of systems: Did you know that there are more than 5,700 HRIS and payroll systems in the U.S. market? To serve every customer, your team would need to build custom integrations for hundreds of different systems, which could take months and cost hundreds of thousands of dollars.
Technical complexity: Building custom integrations is technical, complex, and difficult to achieve. Only experienced engineers with a strong understanding of both HRIS and payroll systems are capable of building the most effective custom integrations.
Cost: Custom integrations are not a cost-effective option for retirement plan providers. The soft costs of building a single integration can be as high as $200,000, and the hard costs, such as API fees, can add up quickly. Ultimately, custom integrations are a time-consuming and expensive undertaking.

Leveraging the power of unified employment APIs

Unified employment APIs combine the advantages of custom integrations with the simplicity and cost-effectiveness of off-the-shelf software. How do they work? A unified employment API aggregates connectivity to hundreds of HRIS and payroll systems—automatically, instantly, and with a single integration. This means that you can get all of the benefits of custom integrations without having to build and maintain them yourself.

Specific to Section 603, unified employment APIs can help you:

Pinpoint which participants are 50 or older and make more than $145,000 per year
Limit these participants to Roth catch-up contributions in 2024
Automate their catch-up contributions per pay run
Automate recordkeeping to stay compliant
Monitor participant ages and income to repeat the process in real time
Identify when a participant switches jobs in the middle of the year
Confirm a participant’s $145,000 salary from multiple payroll providers

‍What are the detailed pros and cons of buying a unified employment API versus building integrations in-house? Find out here.

A Section 603 implementation plan for 401(k) and 403(b) providers

Remember, time is a crucial factor. To ensure you have a solution in place to comply with Section 603 by the deadline of January 1, 2024, we recommend:

Evaluating your data transfer options and making a decision as soon as possible
Implementing a solution no later than August 31, 2023
Validating and testing your solution in September
Rolling out your solution to all users in October
Monitoring performance for complete and compliant functionality through the end of the year

With this implementation plan in place, you’ll be able to make the necessary adjustments before January 1, 2024.

Here's how Finch can help

‍Finch is a unified employment API that integrates with 200+ HRIS and payroll systems, allowing retirement plan providers to transfer critical data quickly and responsibly. With real-time access to employment data, retirement plan providers can automate contribution management and push changes directly to payroll.

The benefits of using Finch include:

Speed to market: Finch is a pre-built solution that's ready to use. There's no need to build and maintain custom integrations, so you can launch integrations fast.
Automated enrollment and contribution management: Finch provides real-time read-and-write access to HRIS and payroll systems, so you can automate contribution management with ease. This reduces the risk of errors and saves sponsor admins time in the process.
Stronger security: Finch is a pass-through system, which means that it does not store any sensitive data. This reduces the risk of data breaches and compliance violations.
Confident compliance: Finch lets you set predefined rules and algorithms for retirement plan data—such as age and income—so you can easily check for compliance with contribution limits and eligibility criteria. You can also flag any non-compliant data for further review and action.
Strong security: Finch uses industry-standard security measures to protect data privacy and security.

As you keep close tabs on Section 603, understand that time is short and compliance is critical. With a unified employment API like Finch, you can automate all the necessary updates and stay compliant.

Talk to sales

Talk to our sales team today to explore ways you can use Finch to ensure compliance with Section 603 of SECURE Act 2.0 and improve your customer experience overall.

How to Prepare for Section 125 of Secure Act 2.0: An Implementation Plan

Charlie Liang

July 11, 2023

0 min read

Since certain sections of SECURE Act 2.0 are already in effect—and even more will go into effect soon—retirement plan providers must act swiftly to ensure compliance. In this post, we offer an overview of Section 125, the part-time employees clause, then compare four methods for becoming compliant, and finally recommend a timeline for fulfilling your obligations.

What is SECURE Act 2.0, and why was it enacted?

SECURE stands for Setting Every Community Up for Retirement Enhancement. Now in its second iteration, SECURE Act 2.0 is designed to help employers provide easier and more affordable retirement plans for their employees.

While some Americans are finding ways to save, the nation’s collective fear of not having enough money to retire is valid: The average retirement savings in the United States is only $65,000.

To address this concern and unburden the American worker, SECURE 2.0 is creating more accessible opportunities to save for retirement.

What is Section 125? The part-time employees clause

Signed into law in 2019, the SECURE Act mandates that employers allow long-term, part-time employees to participate in their 401(k) plans. The original legislation dictates that employees must have worked at least 1,000 hours in their first year or accumulated a minimum of 500 hours of service over three consecutive years.

SECURE Act 2.0, which passed in 2022, reduces the three-year rule to two years. It also stipulates that long-term, part-time employees must also be allowed to participate in 403(b) plans that are subject to ERISA.

The new provisions under Section 125 are effective for any plan starting after December 31, 2024, which means that 401(k) and 403(b) providers must soon put in place and test the technology they will need to automatically enroll long-term, part-time workers.

Failure to do so correctly and on time could result in stiff fines as well as the legal fees associated with disputing any penalties in court.

Read our new whitepaper: The Changing Retirement Landscape: How 401(1) Recordkeepers Can Thrive Under SECURE 2.0.

How 401(k) and 403(b) providers should prepare for Section 125

If you’re among the retirement plan providers affected by Section 125, your first step to preparing is to understand the legislation inside and out. Once you are confident that you know what is required of you, you need to determine how you are going to identify part-time employees, track how many hours they’ve worked, over what period, and auto-enroll those who qualify, as stipulated by Section 101.

By nature, this provision necessitates the regular sharing of large volumes of data between you and the employers who sponsor your plans, including sensitive personal identifiable information (PII) and payroll details for every participant. To transfer this data, which is largely stored in employers’ payroll systems and human resources information systems (HRIS), you can implement one of four approaches—some more seamless and effective than others:

Manual data entry

Manual data entry has its benefits. It allows plan sponsors to stick with a data collection system that works for them, and it is almost always the least expensive option in terms of hard, upfront costs. That said, the potential downfall from manual data entry cannot be understated:

Manual data entry is prone to errors, which can lead to improperly tracked data, Section 125 compliance violations, and penalties from regulatory bodies.
It can also lead to inaccurate retirement plan balances and contributions, resulting in penalties from the IRS.
Manual data entry does not adequately protect PII, such as Social Security numbers and bank account information. Without safeguarding highly sensitive data, you run the risk of exposing employees to data breaches and potential identity fraud.
Manual data entry puts undue burden on sponsor admins, as it requires hours of their time and attention every month that could be spent on higher-value tasks.‍

‍SFTP or flat files

Secure file transfer protocol (SFTP) and flat files offer another way to transfer retirement plan data.

With SFTP, you can bulk transfer large files of data in tables (in the form of CSV, JSON, and XML files, for example) over a secure network. The benefits of SFTP methods are that they’re generally easier for most in-house developers to build compared to custom, direct integrations (more on those next). But there are also significant drawbacks:

SFTP requires sponsor admins to compose custom reports for each data sync and upload them correctly. This often presents technical challenges for your customers, who may be responsible for inputting host domains, keys, and other server-specific information into their system to establish a scheduled sync.
SFTP relies on manual data entry to a certain extent, which raises risks and means data has to be validated to avoid errors—a process that drains time and resources for all parties.
SFTP doesn’t allow for real-time data access, preventing you from delivering the seamless, next-generation functionality business customers are looking for in their technology solutions.

This method is especially cumbersome when data syncs need to happen often, which will be the case for plan providers and plan sponsors who must comply with auto-enrollment and auto-contribution increase requirements.

Note: If you're a recordkeeper or third-party administrator (TPA) looking to quickly scale your SFTP integrations check out Finch's new product Flatfile. We not only simplify SFTP builds, but offer you vetted, standardized data from multiple providers that's ready to use.

Custom integrations

A more sophisticated approach involves direct integrations with the HRIS and payroll systems that house the data you need to perform auto-enrollment and auto-contribution increase functions.

Crucially, custom integrations can be built to provide read and write capabilities, which means you can also use them to automatically push changes back to HRIS and payroll systems. This is especially valuable when it comes to contribution management.

Custom integrations also present significant challenges:

There are more than 5,700 HRIS and payroll systems in the U.S. market. To adequately cover your customer base, you will need to build custom integrations to at least hundreds of them.
Building custom integrations in-house is technically complex and requires specialized engineering skills and experience.
They are also expensive to build and maintain, both in terms of time and money. If you assume that three engineers will work on a single custom integration for three months, that puts the soft costs of just your initial buildout in the ballpark of $200,000. Then, there are the hard, ongoing costs to consider, like the fees many HRIS and payroll systems charge to use their API. For access to a legacy system like ADP, the hard and soft costs combined can run in excess of $1 million.‍

‍Unified employment APIs

To get all of the advantages of custom integrations without the cost or hassle of building them in-house, you can turn to a unified employment API, which aggregates connectivity to many HRIS and payroll systems at once with a single integration. A unified employment API does the hard work of building and maintaining the integrations, and standardizing and abstracting all incoming data, so your team doesn’t have to. They are infinitely more efficient than custom integrations, so you can get to market faster and, ultimately, at less cost.

Learn more about the advantages and disadvantages of buying a unified employment API versus building integrations in-house.

A Section 125 implementation plan for retirement providers

To ensure you have a solution in place to comply with Section 125 by the deadline, we recommend:

Evaluating your options and making a decision by July 30, 2023
Implementing a solution no later than September 30, 2023 (keeping in mind that some solutions take much longer to implement than others)
Spending the rest of the year validating and testing your solution internally
Rolling out your solution to all users in 2024 and monitoring performance for complete and compliant functionality. This will give you time to make any required adjustments before December 31, 2024.

The bottom line: Becoming compliant takes time

As you prepare for SECURE Act 2.0 to come into effect, don’t lose sight of the fact that it will take time to prepare to be compliant with Section 125. The least risky way to ensure compliance—not to mention the most time- and cost-effective solution—is to integrate with a unified employment API like Finch.

Finch does the hard work of integrating with HRIS and payroll providers to facilitate the secure, permissioned flow of critical business data. Our dynamic, unified employment API offers:

Easy integration: Finch makes it easy for retirement plan providers to integrate with 200+ HRIS and payroll systems, covering approximately 88% of the market.
Automated enrollment and contribution management: With Finch, retirement plan providers instantly access the real-time employee directory and payroll data they need to automate 401(k) and 403(b) enrollment, and push contribution changes directly to payroll—no manual intervention needed.
Increased efficiency: Finch is a pre-built solution that’s ready to use. Plan providers waste no time building and maintaining custom integrations, and plan sponsors save dozens of admin hours a month—a win-win for you and your customers.
Confident compliance: Finch replaces error-prone manual processes with seamless integrations that let retirement plan providers meet the stipulations in Section 125 of SECURE Act 2.0.
Strong security: Finch is a pass-through system, and is SOC2 Type 2, CCPA, and GDPR compliant.

Talk to our sales team today to explore ways you can use Finch to ensure compliance with Section 125 of SECURE 2.0 and improve your customer experience overall.

What Retirement Plan Providers Need to Know about Secure Act 2.0 Section 101

Charlie Liang

July 3, 2023

0 min read

Since certain sections of SECURE Act 2.0 are already in effect—and even more will go into effect soon—retirement plan providers must act swiftly to ensure compliance. In this post, we offer an overview of Section 101, the automatic enrollment and increases clause, then compare four methods for becoming compliant, and finally recommend a timeline for fulfilling your obligations.

What is SECURE Act 2.0, and why was it enacted?

While some Americans are finding ways to save, the nation’s collective fear of not having enough money to retire is valid: The average retirement savings in the United States is only $65,000.

To address this concern and unburden the American worker, SECURE 2.0 is creating more accessible opportunities to save for retirement.

Read our new whitepaper: The Changing Retirement Landscape: How 401(1) Recordkeepers Can Thrive Under SECURE 2.0.

What is Section 101? The automatic enrollment and increases clause

One of the primary reasons so few Americans have sufficient retirement savings is because, even when employers do sponsor plans, many employees don't take the steps necessary to enroll. To address this problem, Section 101 of SECURE 2.0 requires all new employer-sponsored 401(k) and 403(b) plans adopted after December 29, 2022, to automatically enroll employees at an amount equal to at least 3% of the employee’s pay but not more than 10%.

Of course, Section 101 stipulates that employees have the right to opt out of participation, but the small friction of doing so is usually enough to keep many employees enrolled. In fact, studies demonstrate that automatic enrollment increases employee participation across the board, particularly among Black, Latinx, and lower-wage employees. Additionally, Fidelity Investments found that, among its clients, 90% of auto-enrolled employees stay enrolled in their plans.

In addition to auto-enrollment, Section 101 requires that each participant's contribution amount be automatically increased by 1% each year until it reaches at least 10%, but not more than 15%. The legislation does allow exceptions to both of these requirements for small businesses with 10 or fewer employees, new businesses that have been operating for less than three years, church plans, and governmental plans, but most 401(k) and 403(b) plan providers should anticipate that most of their new plans will ultimately be affected.

Section 101 is effective beginning January 1, 2025, which means that 401(k) and 403(b) providers must soon put in place and test the technology they will need to automatically enroll and increase the contributions of millions of participants. Failure to do so correctly and on time could result in noncompliance, stiff fines, and legal fees associated with disputing any penalties in court.

How 401(k) and 403(b) providers should prepare for Section 101

If you are among the plan providers affected by Section 101, your first step to preparing is to understand the legislation inside and out. Once you are confident that you know what is required of you, you need to determine how you are going to auto-enroll participants in the years ahead.

By nature, auto-enrollment and contribution increases necessitate the regular sharing of large volumes of data between you and the employers who sponsor your plans, including sensitive personal identifiable information (PII) and payroll details for every participant. To transfer this data, which is largely stored in employers’ payroll systems and human resources information systems (HRIS), you can implement one of four approaches—some more seamless and effective than others:

Manual data entry

Manual data entry can have its benefits. It allows plan sponsors to stick with a data collection system that works for them and it is almost always the least expensive option in terms of hard, upfront costs. That said, the potential downfall from manual data entry cannot be understated.

Manual entry is prone to errors, which can lead to improperly tracked data, Section 101 compliance violations, and penalties from regulatory bodies.
It can also lead to inaccurate retirement plan balances and contributions, resulting in penalties from the IRS.
Manual data entry does not adequately protect PII such as Social Security numbers and bank account information. Without safeguarding highly sensitive data, you run the risk of exposing employees to data breaches and potential identity fraud.
Manual data entry puts undue burden on sponsor admins, as it requires hours of their time and attention every month that could be spent on higher-value tasks.

SFTP or flat files

Secure file transfer protocol (SFTP) and flat files offer another way to transfer retirement plan data.

SFTP requires sponsor admins to compose custom reports for each data sync and upload them correctly. This often presents technical challenges for your customers, who may be responsible for inputting host domains, keys, and other server-specific information into their system to establish a scheduled sync.
SFTP relies on manual data entry to a certain extent, which raises risks and means data has to be validated to avoid errors—a process that drains time and resources for all parties.
SFTP doesn’t allow for real-time data access, precluding your ability to power the seamless, next-generation functionality business customers are looking for in their technology solutions.

This method is especially cumbersome when data syncs need to happen often and regularly, which will be the case for plan providers and plan sponsors who need to comply with auto-enrollment and auto-contribution increase requirements.

Also Read: If you're a recordkeeper or TPA working with SFTP to get necessary payroll data, Finch can help you quickly scale your SFTP connections. Learn more about Finch Flatfile in our detailed guide, Finch Flatfile: All the Benefits of Unified API, No Engineers Requried.‍

Custom integrations

A more sophisticated approach involves direct integrations with the HRIS and payroll systems that house the data you need to perform auto-enrollment and auto-contribution increase functions.

The beauty of direct integrations is that data syncs happen automatically and in real time, driving efficiencies for all parties, providing your customers with an optimally seamless experience, and giving you the peace of mind that you are always in compliance with Section 101. Crucially, custom integrations can be built to provide read and write capabilities, which means you can also use them to automatically push changes back to HRIS and payroll systems. This is especially valuable when it comes to contribution management.

Custom integrations also present significant challenges:

There are more than 5,700 HRIS and payroll systems in the U.S. market. To adequately cover your customer base, you will need to build custom integrations to at least hundreds of them.
Building custom integrations in-house is technically complex and requires specialized engineering skills and experience.
They are also expensive to build and maintain, both in terms of time and money. If you assume that three engineers will work on a single custom integration for three months, that puts the soft costs of just your initial buildout in the ballpark of $200,000. Then, there are the hard, ongoing costs to consider, like the fees many HRIS and payroll systems charge to use their API. For access to a legacy system like ADP, the hard and soft costs combined can run in excess of $1 million.

Unified employment APIs

Learn more about the advantages and disadvantages of buying a unified employment API versus building integrations in-house.

A Section 101 implementation plan for 401(k) and 403(b) providers

To ensure you have a solution in place to comply with Section 101 by the deadline, we recommend:

Evaluating your options and making a decision by July 30, 2023
Implementing a solution no later than September 30, 2023 (keeping in mind that some solutions take much longer to implement than others)
Spending the rest of the year validating and testing your solution
Rolling out your solution to all users in 2024 and monitoring performance for complete and compliant functionality. This will give you time to make necessary adjustments before January 1, 2025.

The bottom line: Becoming compliant takes time

As you prepare for SECURE Act 2.0 to come into effect, don’t lose sight of the fact that it will take time to prepare to be compliant with Section 101. The least risky way to ensure compliance—not to mention the most time- and cost-effective solution—is to integrate with a unified employment API like Finch.

Finch does the hard work of integrating with HRIS and payroll providers to facilitate the secure, permissioned flow of critical business data. Our dynamic, unified employment API offers:

Easy integration: Finch makes it easy for retirement plan providers to integrate with 200+ HRIS and payroll systems, covering approximately 88% of the market.
Automated enrollment and contribution management: With Finch, retirement plan providers instantly access the real-time employee directory and payroll data they need to automate 401(k) and 403(b) enrollment, and push contribution changes directly to payroll—no manual intervention needed.
Increased efficiency: Finch is a pre-built solution that’s ready to use. Plan providers waste no time building and maintaining custom integrations, and plan sponsors save dozens of admin hours a month—a win-win for you and your customers.
Confident compliance: Finch replaces error-prone manual processes with seamless integrations that let retirement plan providers meet the stipulations in Section 101 of SECURE Act 2.0.
Strong security: Finch is a pass-through system, and is SOC2 Type 2, CCPA, and GDPR compliant.

Talk to our sales team today to explore ways you can use Finch to ensure compliance with Section 101 of SECURE 2.0 and improve your customer experience overall.

When Does SECURE Act 2.0 Take Effect? A Timeline for Retirement Plan Providers

Charlie Liang

July 3, 2023

0 min read

In December 2022, Congress passed the SECURE Act 2.0, which builds on retirement savings regulations set forth by the original SECURE Act of 2019. Written to expand coverage and increase retirement savings for millions of Americans, SECURE Act 2.0 introduces some major changes to retirement plans nationwide. Since certain sections of SECURE Act 2.0 are already in effect—and even more will go into effect soon—retirement plan providers must act swiftly to ensure compliance.

In this post, we’ll cover what SECURE Act 2.0 is, why it was enacted, and a timeline detailing the provisions that go into effect by the end of 2023.

NEW! Download the Comprehensive How to Prepare for SECURE Act 2.0 whitepaper today

What is SECURE Act 2.0?

While there are dozens of new rules and regulations to consider, here is a snapshot of provisions most pertinent to 401(k) and 403(b) plan providers:

Automatic enrollment and contribution increases: All new 401(k) and 403(b) plans adopted after December 29, 2022 (with a few exceptions that we will discuss later in this post) will be required to automatically enroll participants at a rate of at least 3% of their pay but not more than 10%. They will also be required to automatically increase participants’ contributions 1% every year thereafter until they reach at least 10% but not more than 15%.
Increased catch-up contributions: The catch-up contribution limit for 401(k) and 403(b) plans will increase from $6,500 to $7,500 for Americans aged 50 and up. Since nearly half of Americans over the age of 55 have no retirement savings, this provision will help older employees contribute more to their plans as they near retirement.
Roth 401(k) expansion: The availability of Roth 401(k) plans will expand to all employers, regardless of size. With its embedded tax benefits, this provision will help small businesses, which have been historically less likely to sponsor a retirement plan, to offer a plan to their employees.
Emergency withdrawals: To cover unforeseeable or immediate financial needs, plan participants can now withdraw up to $1,000 from their retirement plan without having to pay a 10% tax. With easier access to their retirement savings, Americans will be better able to weather a financial emergency.
Saver's Credit: Saver's Credit, the tax break for low- and moderate-income workers, will be fixed at 50%. The qualifying income for eligible savers will also increase from $41,000 to $41,500.

Why was the SECURE Act 2.0 enacted?

According to a 2021 report by the National Institute on Retirement Security,

More than two-thirds of Americans say the U.S. is facing a retirement crisis.
More than half are concerned about achieving financial security in retirement.
Nearly two-thirds expect to work past the normal retirement age for financial security.

While some Americans are finding ways to save, the nation’s collective fear of not having enough money to retire is valid: the average retirement savings in the United States is only $65,000.

To address these concerns and unburden the American worker, SECURE 2.0 is creating easier, more accessible opportunities to save for retirement.

Let’s take a look at some of the provisions that go into effect at the end of the year.

A SECURE Act 2.0 Timeline: The provisions going into effect by the end of 2023

While many of the rules and regulations set forth by SECURE 2.0 took effect on the day the legislation was signed, deadlines for others are quickly approaching. It’s a race against time to stay compliant, and retirement plan providers would be smart to start preparing now.

Here’s a complete breakdown of every SECURE 2.0 provision that will take effect by January 1, 2024.

Section 108: Indexing IRA catch-up limit

Section 108 increases the limit on IRA contributions by $1,000 (not indexed) for individuals aged 50 and older. Section 108 is effective for taxable years beginning after December 31, 2023.

Section 110: Treatment of student loan payments as elective deferrals for purposes of matching contributions

Section 110 allows employers to treat qualified student loan payments (QSLPs) as elective deferrals for the purposes of matching contributions. This means that employers can make matching contributions to employees' retirement accounts based on the amount of money that employees pay toward their student loans.

Section 110 is effective for contributions made for plan years beginning after December 31, 2023.

Section 115: Withdrawals for certain emergency expenses

Section 115 allows participants in retirement plans to make penalty-free withdrawals for emergency expenses. To be eligible, the expense must be an unforeseen or immediate financial need relating to necessary personal or family emergency expenses. Participants can withdraw up to $1,000 per year from their retirement plan for a qualified emergency expense. The withdrawal must be repaid within three years. If the withdrawal is not repaid within three years, the participant will be subject to a 10% penalty tax.

Section 115 is effective for distributions made after December 31, 2023.

Section 116: Allow additional nonelective contributions to SIMPLE plans

Section 116 says that employers with SIMPLE plans must contribute 2% of employee compensation or 3% of employee elective deferral contributions. Employers are allowed to make additional contributions up to 10% of compensation or $5,000, whichever is less.

Section 116 is effective for taxable years beginning after December 31, 2023.

Section 117: Contribution limit for SIMPLE plans

Under current law, the annual contribution limit for a SIMPLE IRA is $14,000. For employers with 25 or fewer employees, Section 117 increases the contribution limit by 10% in the first year of implementation. Employers with 26 to 100 employees can offer higher contribution limits if they provide a 4% matching contribution or a 3% employer contribution.

Section 117 is effective for taxable years beginning after December 31, 2023.

Section 121: Starter 401(k) plans for employers with no retirement plan

Section 121 allows employers without a retirement plan to offer a starter 401(k) plan. Employees are automatically enrolled at 3 to 15% of their salary, with a $6,000 annual contribution limit and a $1,000 catch-up contribution for those over 50.

Section 121 is effective for plan years beginning after December 31, 2023.

Section 126: Special rules for certain distributions from long-term qualified tuition programs to Roth IRAs

Section 126 allows 529 plan holders to transfer up to $35,000 to a Roth IRA, tax- and penalty-free, if the 529 account has been open for more than 15 years.

Section 126 is effective with respect to distributions after December 31, 2023.

Section 304: Updating dollar limit for mandatory distributions

Under current law, employers can transfer former employees' retirement accounts from a workplace retirement plan into an IRA if the balance is between $1,000 and $5,000. Section 304 increases this limit to $7,000.

Section 304 is effective for distributions made after December 31, 2023.

Section 310: Application of top-heavy rules to defined contribution plans covering excludable employees

Under current law, qualified retirement plans must pass the top-heavy test. Section 310 allows employers to perform the top-heavy test separately on non-excludable and excludable employees. This removes the financial incentive to exclude employees from the 401(k) plan, increasing retirement plan coverage to more workers.

Section 310 is effective for plan years beginning after December 31, 2023.

Section 314: Penalty-free withdrawal from retirement plans for individual cases of domestic abuse

Section 314 allows domestic abuse survivors to withdraw up to $10,000 from their retirement plans without penalty. Participants can repay the money over three years, and they will be refunded for taxes paid on any repaid amounts.

Section 314 is effective for distributions made after December 31, 2023.

Section 315: Reform of family attribution rule

Section 315 updates two stock attribution rules. The first update removes the inequity between spouses in both community property and separate property states. The second update modifies the attribution of stock between parents and minor children.

Section 315 is effective for plan years beginning after December 31, 2023.

Section 316: Amendments to increase benefit accruals under plan for previous plan year allowed until employer tax return due date

Under current law, employers can amend retirement plans only in the year in which the plan was effected. Section 316 allows employers to amend retirement plans by the due date of their tax return.

Section 316 is effective for plan years beginning after December 31, 2023.

Section 323: Clarification of substantially equal periodic payment rule

Section 323 ensures that the 10% early withdrawal penalty does not apply to substantially equal periodic payments (SEPPs) from retirement accounts, even if the account is rolled over, exchanged, or converted to an annuity.

Section 323 is effective after December 31, 2023.

Section 325: Roth plan distribution rules

Under current law, required minimum distributions (RMDs) are not required for Roth IRAs until after the owner dies. However, RMDs are required for Roth accounts in employer retirement plans, such as 401(k) plans, while the owner is still alive. Section 325 eliminates the RMD requirement for Roth accounts in employer plans. This means that owners of Roth accounts in employer plans will no longer have to take RMDs while they are still alive.

Section 325 is effective for taxable years beginning after December 31, 2023.

Section 327: Surviving spouse election to be treated as employee

Section 327 allows a surviving spouse to elect to be treated as the deceased employee for required minimum distribution (RMD) purposes. This means that the surviving spouse can take RMDs based on the deceased employee's age, rather than their own.

Section 327 is effective for calendar years beginning after December 31, 2023.

Section 332: Employers allowed to replace SIMPLE retirement accounts with safe harbor 401(k) plans during a year

Section 332 allows an employer to replace a SIMPLE IRA plan with a SIMPLE 401(k) plan or other 401(k) plan that requires mandatory employer contributions.

Section 332 is effective for plan years beginning after December 31, 2023.

Section 343: Defined benefit annual funding notices

Section 343 aims to define benefit pension plan funding issues more clearly on a plan’s annual funding notice.

Section 343 is effective for plan years beginning after December 31, 2023.

Section 350: Safe harbor for corrections of employee elective deferral failures

Section 350 extends the safe harbor for correcting errors in automatic enrollment and automatic escalation features in retirement plans. Employers have nine and a half months after the end of the plan year to correct errors without penalty.

Section 350 is effective for errors after December 31, 2023.

Section 602: Hardship withdrawal rules for 403(b) plans

Under current law, 401(k) and 403(b) plans have different hardship distribution rules. 401(k) plans allow for all amounts to be distributed, while 403(b) plans only allow for employee contributions to be distributed. Section 602 conforms the 403(b) rules to the 401(k) rules.

Section 602 is effective for plan years beginning after December 31, 2023.

Section 603: Elective deferrals generally limited to regular contribution limit

Under current law, catch-up contributions can be made on a pre-tax or Roth basis. Section 603 requires all catch-up contributions to be made on a Roth tax basis, except for employees with compensation of $145,000 or less.

Section 603 is effective for taxable years beginning after December 31, 2023.

Learn what’s required to become compliant today

As you prepare for SECURE Act 2.0 to come into effect, don’t lose sight of the fact that it will take time to prepare to be compliant.

You can get started today by reading our overview of Section 101, the automatic enrollment and increases clause. In this post, you’ll discover four methods for becoming compliant as well as a recommended timeline for fulfilling your obligations.

In the coming days, we’ll dive into Sections 125 and 603 in greater depth, offering insight into what your obligations are and how you can become compliant before the relevant deadlines. Stay tuned!

SECURE Act 2.0: What 401(k) and 403(b) providers need to know

Charlie Liang

February 10, 2023

0 min read

SECURE Act 2.0’s auto-enrollment and escalation rules

With the passage of the SECURE Act 2.0, automatically enrolling employees in sponsored retirement plans—and automatically increasing their contributions—is now a legal imperative. In response, retirement plan providers are implementing API technology to quickly and easily auto-enroll 401(k) and 403(b)participants and meet the new requirements.

In December 2022, the Securing a Strong Retirement Act (SECURE Act 2.0) was signed into law. Among the provisions outlined by SECURE 2.0 are new requirements for automatic plan enrollment and contribution escalation. Effective for plan years after December 31, 2024, they compel retirement plan providers to automatically enroll employees upon eligibility in new 401(k) and 403(b) plans and automatically increase the contributions of enrolled employees to that plan every year.

While these updates are exciting from a participation standpoint, the new requirements also come with the potential to create incredible administrative burdens especially in cases where employers are rapidly growing their workforce. In response, innovative retirement plan providers are implementing API solutions that integrate with employers’ HR information systems and payroll systems to ensure seamless SECURE 2.0 compliance. In this article, we explore the SECURE Act 2.0’s auto-enrollment and auto-escalation requirements plus the API technology that retirement plan providers are turning to make true automation a reality.

A SECURE Act 2.0 Summary

Building on the work of the Setting Every Community Up for Retirement Enhancement Act of 2019, SECURE Act 2.0 lays out widespread changes to the U.S. retirement system. The act is intended to make it more affordable for employers to sponsor retirement savings plans, and easier and more attractive for employees to participate.

The provisions of SECURE Act 2.0 include but aren’t limited to:

An increase to the credit small businesses can receive for starting a pension plan
Authorization for 403(b) plans to participate in multi-employer plans and pooled employer plans
Higher “catch-up” contribution limits for individuals over age 50
Permission to treat student loan payments as elective deferrals for purposes of matching contributions
Permission for employers to incentives like gift cards to encourage plan participation among employees
Allowance to withdraw emergency funds of up to $1,000 from retirement plans without text penalty
An increase in the required minimum distribution age to 73
The requirement that employers allow long-term, part-time workers to participate in sponsored retirement plans

In total, the plan details dozens of new rules and regulations. Retirement plan providers as well as employers should consult qualified legal counsel to understand the full extent of the impact of the law on their operations.

Read our new whitepaper: The Changing Retirement Landscape: How 401(1) Recordkeepers Can Thrive Under SECURE 2.0.

SECURE 2.0 auto-enrollment and auto-escalation

One of the most broadly impactful provisions of SECURE 2.0 is detailed under Section 101 of the law, which stipulates that new 401(k) and 403(b) plans must now automatically enroll employees upon eligibility. According to a summary issued by the Senate Committee on Finance, the decision to require auto-enrollment a matter of financial equity:

“One of the main reasons many Americans reach retirement age with little or no savings is that too few workers are offered an opportunity to save for retirement through their employers. However, even for those employees who are offered a retirement plan at work, many do not participate. But automatic enrollment in 401(k) plans…significantly increases participation. Since first defined and approved by the Treasury Department in 1998, automatic enrollment has boosted participation by eligible employees generally, and particularly for Black, Latinx, and lower-wage employees.”

Per SECURE 2.0, employees must be initially enrolled at a minimum of 3% of their gross pay but not more than 10%. Plans are also required to increase the distribution of enrolled employees each year by 1% until contribution reaches at least 10%, but not more than 15%.

Exceptions to the provisions include all current 401(k) and 403(b) plans, which are grandfathered into pre-SECURE 2.0 rules, as well as businesses with 10 or fewer employees, businesses under 3 years old, church plans, and government plans. Employees also have the right to opt out of enrollment or distribution escalation at any time.

What SECURE 2.0’s 401(k) auto-enrollment means for plan providers

Automatically enrolling all employees to a retirement plan upon eligibility is a significant undertaking. By SECURE 2.0’s definition, “automated” enrollment simply means enrolling those employees on an opt-out rather than an opt-in basis.

But that definition of automated doesn’t necessarily translate to a simpler, less manual process. A plan still needs to be notified of newly eligible employees and provided with the employee census data and payroll authorization it needs to process enrollment and manage recurring plan deductions. Without the right technology in place, employers and plans are forced to communicate all of this information by email, phone, spreadsheet, or secure file transfer. Not only is the back-and-forth time consuming, it increases the risk of error and noncompliance with SECURE 2.0’s provisions, and the potential of penalties and fine.. The hassle and risk only compounds in cases where employers are rapidly adding new employees.

How to auto-enroll 401(k) participants

To avoid this drain of resources and to eliminate the risk of SECURE 2.0 noncompliance, true automation is critical. Retirement plan providers are now turning to API integrations with employers’ HR information and payroll systems to eliminate the manual steps historically needed to enroll employees and manage their deductions on an ongoing basis.

With an API integration, retirement plan providers have a direct, permissioned data connection to employment systems of record. This allows plans and employers to quickly and seamlessly exchange the data needed to enroll employees in 401(k) and 403(b) plans and manage their retirement deductions. What’s more, these data exchanges can be triggered by events without manual intervention, which means no person has to shoulder the responsibility of ensuring newly eligible employees get enrolled. The API integration takes care of it automatically in the truest sense of the word.

Consider this example:

Company A is growing quickly and hires and onboards 7 new employees on the same day.
As a matter of course, those employees are added by Company A to their HR information and payroll systems of record, which Company A’s 401(k) plan is integrated with via API.
In turn, the 401(k) plan is automatically made aware that newly eligible employees have joined the company, which triggers an instant exchange of real-time data.
With the information it retrieves from the HRIS, the 401(k) plan is able to automatically enroll all 7 employees. Via its direct payroll system connection, it is also able to make direct payroll changes to initiate recurring retirement contributions—no forms, emails, data entry, or spreadsheets required.

**Auto-rolling 401k participants is seamless with an API solution like Finch**

As a result, both the employer and the retirement plan provider save hours of administrative work and avoid delays to plan enrollment.

Implementing an API integration to auto-enroll participants and manage deductions

Retirement plan providers looking to enable HRIS and payroll system connectivity have a couple of options: build one-to-one integrations with all of the HRIS and payroll systems their customers use or partner with a turnkey, universal API that integrates with hundreds of HRIS and payroll systems at once.

Learn more about both approaches to HRIS and payroll integrations in our build vs. buy report.

The first approach offers plan providers ultimate control over their integration strategy but requires niche payroll expertise and a significant, ongoing investment of development resources. The second option turns over some of that control to a integrations partner but also comes with distinct advantages:

More coverage, quicker—a universal API provides connectivity to many systems at once
Faster go-to-market timeline—implementation takes weeks instead of months or more
Fewer resources—the integrations provider does all of the heavy lifting, freeing up a plan’s internal team to focus on other priorities
Worry-free maintenance—the integrations provider ensures the connections are working smoothly even as HRIS and payroll systems make updates

How Finch helps ensure SECURE 2.0 compliance

Finch makes it easy for retirement plan providers to integrate with 200+ HRIS and payroll systems with a single integration. Not only does our universal API enable the instant retrieval of real-time employee census data needed to automate 401(k) and 403(b) enrollment, it also allows plan providers to push changes directly to payroll. Using Finch’s Benefits endpoint, plan providers can initiate and manage pre-tax, post-tax, recurring, and one-time payroll deductions as a dollar amount or percentage of employees’ gross pay, ensuring easy compliance with the SECURE Act 2.0’s auto-escalation clause.

Meanwhile, the employer sponsoring the plan doesn’t have to lift a finger to upload deduction files or manually enter changes, saving them from hours of ongoing administrative work and avoiding countless potential human errors and potential fines.

Learn more about how retirement plan providers use Finch to build best-in-class customer experiences.

Get SECURE 2.0 compliant with Finch

The auto-enrollment and auto-escalation provisions of the SECURE Act 2.0 will drive retirement plan participation, but not without potential challenges and hurdles. Luckily, retirement plan providers who want to stay compliant while avoiding hassles and potential fines can leverage Finch’s universal HRIS and payroll system API to make true auto-enrollment and contributions management simple and secure. Register for a free test account to explore how to leverage Finch’s HRIS and payroll integrations today.