The team at Kruggel Lawton has marked a rise in attempts to defraud participants of retirement funds through submission of fraudulent distribution requests. We advise participants and plan sponsors to be proactive and implement more stringent security measures for online accounts.
“We’ve seen a significant rise over the last year,” said Aaron Hoeppner, senior staff accountant. “One provider we work with has received four fraudulent distribution requests within the last year. The seven years prior to that they only had one attempt. Three of the recent attempts were caught before processing. The fourth one had been distributed but was luckily rejected because the routing number on the form was incorrect. We want plan sponsors and participants to understand the risks and be cautious and aware that this is happening more often. Had that one distribution successfully been deposited into a fraudulent account, the plan sponsor may have been on the hook for that amount, which was close to six figures, because they signed off on the distribution request.”
It is important to utilize the security features available to you when accessing online financial accounts. Set up 2-factor authentication codes on all of your online accounts, including any accounts you access from your phone. Pay special attention to any log-in notices you get. Receiving an alert when you know you haven’t logged in is a red flag that someone is trying to access your account. While most financial advisors recommend you don’t constantly check your retirement accounts, you should still log in occasionally to check for fraudulent activity.
Other red flags include receiving a change of address notice, notices of distribution or other transactions that you didn’t make.
Hoeppner also advises regularly monitoring your log-in history. “Most online accounts will allow you to view your log-in history. If you notice odd activity, you may want to change your password and contact your financial institution.”
Physical security of distribution requests is also important. Not all providers allow for online distribution requests. Paper forms should only be accessible for download online after logging in to your account. Forms that are accessible to the public can easily be completed by anyone. If submitting a form via email, attach using a secure encryption system.
Hoeppner talked of a situation where a participant’s email had been hacked. “We heard of an incident where a participant emailed a distribution request form directly to their former employer and that email was intercepted by someone who changed the account number for the direct deposit of the funds. By the time participant caught the change, the money was already gone. It is extremely important to always use a secure system when sending any sensitive information.”
If you have concerns about this issue, contact Aaron Hoeppner or any Kruggel Lawton team member and they’d be happy to help you to figure out next steps and put you in touch with the right people to help you to secure your retirement accounts.