Harnessing AI Under ERISA: A Compliance and Oversight Guide for Retirement and Health Plan Fiduciaries
Tuesday, July 29, 2025
Print Mail Download info_icon_img/>i

It is increasingly evident that artificial intelligence (AI) is reshaping all facets of business, and its impact on employee benefit plans is no exception. From automating plan administration to personalizing participant communications, AI introduces both new opportunities and new responsibilities for those overseeing Employee Retirement Income Security Act of 1974 (ERISA)-covered retirement and health plans (Plans).

Plan sponsors and fiduciaries should understand how AI intersects with their legal obligations under ERISA and take proactive steps to leverage this technology responsibly to improve participant outcomes.

How AI is Already Impacting Plan Operations

AI technologies are already being integrated into various aspects of Plan management and operations. Fiduciaries should understand how these technologies can benefit participants and beneficiaries—and how to mitigate associated risks. Ignoring AI is no longer a prudent option.

For example, AI-driven platforms can analyze individual participant data to deliver tailored communications that support retirement readiness. AI-automated systems also streamline manual and repetitive tasks, reducing processing time, limiting errors, and improving compliance. These systems can process loans, hardship withdrawals, and domestic relations orders.

However, because AI is not infallible, regular validation is essential. To comply with ERISA’s prudence requirements, fiduciaries should not delegate critical responsibilities to AI without implementing ongoing oversight and monitoring protocols.

Cybersecurity and Fraud Detection

Fiduciaries have an obligation to protect participants’ personal and financial data, which includes adopting and maintaining robust cybersecurity practices. (See: Compliance Assistance Release 2024-01.)

AI-based fraud detection systems can identify anomalies in account access and distribution activity, helping protect participants from unauthorized transactions. Given AI’s capabilities, fiduciaries may face increased scrutiny if they fail to explore AI solutions that bolster account security.

At the same time, integrating AI can introduce new cybersecurity vulnerabilities. Fiduciaries should understand how AI tools operate to strengthen Plan cybersecurity without inadvertently creating risks that harm participants.

Investment Management Tools

Most fiduciaries engage professional advisors to assist with Plan investment options. As a best practice, fiduciaries should ask prospective advisors whether—and how—they use AI-enabled tools to help participants optimize their investment decisions. Similarly, fiduciaries should evaluate how advisors use AI to assess Plan investment performance and strategy.

Vendor Selection and Monitoring

Diligence in vendor selection is critical when working with AI-driven services. Fiduciaries should understand how the AI models are built, what data they use, how results are validated, and whether cybersecurity and privacy controls are adequate.

Vendor contracts should specifically address:

  • Data usage rights and limitations
  • Indemnification provisions
  • Insurance requirements
  • Audit rights and transparency obligations

Transparency and Explainability

Fiduciaries should understand how AI-based decisions are made. Reliance on “black box” AI systems—where the internal logic is opaque—could run afoul of ERISA’s prudence standards. Ongoing monitoring of AI vendors, including thorough audits and performance reviews, is essential to ensuring continued compliance.

AI Data Sources and Governance

AI outputs are only as reliable as the data they rely on. Fiduciaries should make sure the data driving AI tools is accurate, current, complete, and secure. Implementing robust processes for data validation and correction is a key governance priority.

Actionable Steps for Plan Sponsors and Fiduciaries

While AI presents significant opportunities, its deployment should be subject to rigorous oversight. AI should complement, not replace, traditional methods of Plan management. Fiduciaries should evaluate and monitor AI through the lens of ERISA’s fiduciary standards.

Recommended action items include:

  • Integrate AI risk management into the Plan’s overall governance strategy
  • Evaluate and document how AI tools impact investment selection, recordkeeping, and participant advice
  • Review and revise service provider contracts to include AI-specific clauses
  • Conduct initial and periodic due diligence on vendors, involving technical experts as needed
Jackson Lewis P.C. © 2025

Current Public Notices

Post Your Public Notice Today!

PUBLIC NOTICE OF UCC SALE: Microplastics, Inc.
Published: 29 July, 2025
PUBLIC NOTICE OF ASSET SALE: CleanBay Renewables, Inc, and Its Several Subsidiaries
Published: 29 July, 2025
PUBLIC NOTICE OF INTELLECTUAL PROPERTY SALE: Kyte Systems Inc.
Published: 28 July, 2025
PUBLIC NOTICE OF AUCTION OF ASSETS: Confidential Women’s Resort Wear Company
Published: 28 July, 2025
PUBLIC NOTICE OF RECEIVERSHIP SALE: ENTEGRA CAPITAL LLC AND EC MASTER TRUST
Published: 23 July, 2025
PUBLIC NOTICE OF ASSET SALE: SERFACE CARE, INC. D/B/A MYRO
Published: 21 July, 2025
PUBLIC NOTICE OF UCC SALE: Harrisburg Hotel LLC
Published: 21 July, 2025
PUBLIC NOTICE OF UCC SALE: GLP 2206 LLC
Published: 18 July, 2025
PUBLIC NOTICE OF UCC SALE: Broad St Ventures Urban Renewal, LLC
Published: 10 July, 2025
PUBLIC NOTICE OF UCC ARTICLE 9 SALE: Chenango Flats LLC
Published: 7 July, 2025
PUBLIC NOTICE OF UCC ARTICLE 9 SALE: Integrated Endoscopy, Inc.
Published: 1 July, 2025
PUBLIC NOTICE OF ASSIGNMENT: Common Cents Distributors, LLC
Published: 26 June, 2025
PUBLIC NOTICE OF INTELLECTUAL PROPERTY SALE: American Energy Storage Innovations Inc.
Published: 24 June, 2025
Discover more public notices

Current Legal Analysis

More from Jackson Lewis P.C.

Heat Waves and Hazy Days: A Compliance Reminder for Washington State Employers
by: Sierra Vierra , Jaime M. Heimerl
California Construction Employers May Rely on Legal Exemption to Drug Test for Marijuana
by: Kathryn J. Russo
White House Releases America’s AI Action Plan: A Strategic Framework for Innovation, Infrastructure, and Global AI Leadership
by: Joseph J. Lazzarotti , Eric J. Felsberg
Maine Employers: Changes to Earned Paid Leave
by: Samuel H. Martin , Jacob A. Cronin
Local Labor Code Enforcement May Rise
by: Monica H. Bullock
Fifth Circuit Decision Clarifies Application of Highly Compensated Employee Overtime Exemption
by: Jeffrey W. Brecher , Jaime Sanchez
We Get Privacy for Work — Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions [Video, Podcast]
by: Joseph J. Lazzarotti , Damon W. Silver
Washington State Joins the Mini-WARN Act Club. How Will Layoffs and Business Closings Be Impacted?
by: Penny Ann Lieberman , Brian K. Keeley
Building an Exemption: California Construction Employers Allowed to Drug Test for Marijuana
by: Kathryn J. Russo
NYC Council Passes Bills Expanding Minimum Pay Protections to App-Based Grocery Delivery Workers
by: Richard Greenberg , Douglas Klein
Refresher on California’s CROWN Act
by: Angela S. Rho , Veena Bhatia
OSHA Proposes Dozens of Deregulatory Rules: How They’ll Impact Multiple Industries
by: Sierra Vierra , Janell M. Stanton
What MSHA’s 18 Proposed Rules Signal About the Future of Mine Safety
by: Sierra Vierra , Janell M. Stanton

Upcoming Events

 
NLR Logo
We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters.

 

Sign Up for any (or all) of our 25+ Newsletters