I honestly think of compliance like a rollercoaster. We ramp up slowly to any new employee benefits compliance obligation, there’s a period of free-fall where we struggle with guidance and advice, then we glide smoothly to the end thinking, “that wasn’t so bad.”

We did this when the Consolidated Omnibus Budget Reconciliation Act (COBRA) was enacted…and the Health Insurance Portability and Accountability Act (HIPAA)…and the Patient Protection and Affordable Care Act.

Now, we’re faced with various transparency elements found in the Consolidated Appropriations Act of 2021 (CAA). The question is whether this law requires additional focus from plan sponsors, specifically, self-funded ERISA plan sponsors.

What are Your Fiduciary Responsibilities?

To get where we need to go, let’s go over what your fiduciary responsibilities are. At a broad level, you must run the plan solely in the interest of participants and beneficiaries and for the exclusive purpose of providing benefits and paying plan expenses. This includes:

For those who are considered plan fiduciaries, the duty to act prudently is considered a central tenet. That translates into several items that any plan sponsor should be doing on a regular basis:

Operating the plan in accordance with the plan document.

This means being familiar with the document and reviewing it both before signing it and while it’s in force. Unlike that agreement you accept from Apple whenever they upgrade your phone software, there’s no excuse for not knowing what’s in your plan document.

Performing due diligence when hiring service providers.

This includes sending an RFP, documenting the process, making meaningful comparisons, and then documenting your selection. If you work with a consultant, you’ll want to be sure they are addressing this issue for you and will retain a record of their actions.

Limiting and documenting plan exceptions.

For example: If you allow a parent to add a newborn to your plan after your 30- or 31-day special enrollment period has ended, you’ve just made an exception that you would have to apply to other plan participants. That also means that your plan document should change to reflect this.

Avoiding prohibited transactions.

For this, I’m talking about avoiding a sale/lease/exchange between the benefit plan and a party in interest, lending money or any other extension of credit between the benefit plan and a party in interest, and furnishing goods/services/facilities between the benefit plan and a party in interest.

There’s more nuance, of course, but those are some of the basics.

Does the CAA Change the Game?

After the CAA, we are all wondering, is there more? With all the focus on transparency, is the health and welfare benefit side of the house moving to parallel the retirement industry?

In 2006, Congress passed the Pension Protection Act. This law (along with a lot of litigation) seemed to usher in a transformation that created transparency and exceptionally strong fiduciary responsibility that is found in the industry today. Arguably, the “Private Health Insurance and Public Health Provisions” found in Division BB of the CAA are beginning this process on the health benefits side of the house.

These newer transparency pieces include an advanced Explanation of Benefits, enhancements to a participant’s ID card, regular updates to provider directories, the removal of gag clauses from healthcare providers’ contracts, reporting drug and medical costs through the RxDC reporting, linking machine-readable files to a public website, creating a self-service price comparison tool in multiple formats, obtaining a mental health and substance use disorder comparative analysis to ensure parity, and reading through your broker-consultant’s regular compensation disclosure.

What’s a Fiduciary to Do?

If you’re a self-funded plan sponsor, you will note that the control over most of those items falls squarely on the shoulders of your pharmacy benefits manager (PBM), your carrier, your third-party administrator (TPA), or your broker-consultant. Unfortunately, ERISA makes it clear that legal liability for CAA compliance rests with the plan fiduciary, which must always act in the best interests of the plan participants.

Knowing that you cannot disclaim that fiduciary responsibility, how do you protect yourself from possible legal exposure? Here are a few thoughts:

  1. Read your plan document(s) and discuss them with legal counsel prior to signing.
  2. Make sure you understand the criteria for evaluating vendor performance. No one is suggesting you must consistently pick the lowest-cost vendor, but you should have a good idea why a higher-priced one may be chosen. Maybe it’s because their customer service is exceptional, and your employees find the plan easy to work with. Or, maybe it’s because more highly rated healthcare providers are on the plan.
  3. Study your vendor compensation information. Ask questions to be sure you understand it and are comfortable with the value you are receiving for what you are charged.
  4. Be sure you or your broker-consultant have asked whether all gag clauses are removed from your vendors’ contracts. Employers are going to be asked to attest to this fact by December 31, 2023. It is a great idea to retain an email from your vendors indicating they believe the gag clauses are removed. That shows a good faith effort to comply.
  1. Continue to submit the annual RxDC reporting, looking over your costs and the PBM contracts.

As with any new compliance requirements, we seem to be in the free-fall period, where plenty of previously unknown vendors come out of the woodwork and try to convince you that you need their services just to avoid painful litigation and fines. Things may be murky now, but they are not that complicated. You need to be involved in your vendor selection and vendor monitoring. You need to watch out for the reasonableness of fees and pricing. Be sure someone is asking about those participant disclosure requirements, like the directory updates, price comparison tool, etc. Recognize that part of the point of the new transparency regulations is to give a plan sponsor more tools to review its benefit offerings to ensure they are meeting employee needs and use those tools as you are able.

Most importantly, you need to focus on doing the best you can for plan participants. This compliance picture — and any additional actionable responsibilities — will become much more clear over time. Hang tight, and we’ll all glide to a stop soon thinking, “that wasn’t so bad.”

If you have additional questions or concerns about the provisions of the CAA and how they affect you, please don’t hesitate to contact your Holmes Murphy service team.