Data & Research November 3, 2015

Study Gauges Worker Reaction to State-Run Retirement Plan

The majority of workers surveyed say such a program would be good for them, but a significant number still would not save or save enough.

Reported by

Rebecca Moore

A survey of workers not covered by an employer-sponsored retirement plan, conducted for the state of California, shows most think a state-run plan is a good idea.

Workers were told the California Secure Choice Retirement Savings Plan would automatically deduct a percentage of their pay and deposit it into an individual account for them; they would have the option to opt out or change the automatic enrollment percentage. Their accounts would be invested in an age-based fund managed by a private company selected and monitored by the state. At retirement, they could choose to convert their account balance into a lifetime annuity. Half were told they would be automatically enrolled at 3% of pay and the other half were presented with a 5% automatic deferral rate.

Never miss a story — sign up for PLANADVISER newsletters to keep up on the latest retirement plan adviser news. 

Six in seven of the 1,000 workers surveyed think it is a good idea, including 57% who say it is a very good idea. When shown an example of how savings in such a program could grow over time, 55% say it would be excellent or very good for them and another 26% say it would be good. Most respondents indicate they would participate in the program, with retention rates in the program higher for women than for men (77% vs. 71%) and the likelihood of staying the program increasing as personal income increases.

Automatically increasing contributions by 1% annually up to a maximum of 10% will not prevent most uncovered workers from participating—81% would stay in the program if it included automatic escalation. However, about one-third of workers would not participate if they could not access their money if they became seriously ill (32%) or if their spouse dies (32%). More than one-quarter would not participate if they could not access their money in the event of a job loss (28%) or a family member becoming seriously ill.

The study has relevance for states other than California that are starting or contemplating a state-run retirement program, and for the Department of Labor (DOL), which will soon issue guidance in support of this effort to expand retirement plan coverage for workers.

NEXT: Not all would embrace coverage

While the study found the vast majority of uncovered workers have the desire and the ability to put at least some money aside for retirement, not all would embrace coverage in a state-run plan.

They agree that saving for retirement is important (96% very or somewhat important), but retirement ranks second as an overall savings priority (45% rank it first or second out of six potential savings needs) after having an emergency fund. Nearly all indicate they could save at least some amount in a retirement savings plan available at work; however, two-thirds feel the most they could contribute is less than $100 per month.

When presented with the California Secure Choice Retirement Savings Plan, one-quarter of workers say they would opt out, regardless of whether the automatic enrollment deferral percentage is 3% or 5%. Eighteen percent would ask to have their deferral percentage changes. Of that group, 32% of those presented with a 3% deferral rate and 43% of those presented with a 5% deferral rate would ask that their deferral percentage lowered.

If the plan automatically escalated deferrals each year, one-third indicate they would ask their employer to stop auto escalation.

The leading barriers for not saving more for retirement include low earnings and the debt burden they carry—these two issues are the primary reasons for more than half of uncovered workers. Four in ten say a major reason is that they are more focused on their family, and nearly as many (36%) report that dealing with unexpected expenses is a major reason they don’t save more.

A report of study findings is here.

You Might Also Like:

In Practice

November 15th, 2024

How to Establish Better Decumulation Options for Future DC Plans

DC experts from TIAA discussed ways plans can help participants utilize their retirement savings at PLANADVISER 360.

Data & Research

November 13th, 2024

US Retirement Market Evolves Amid Growth, Challenges

A retirement data expert discusses the aging U.S. workforce, rising Social Security dependence and a retirement coverage gap affecting millions...

Data & Research

June 15th, 2024

Mutual Funds Maintain Lead in DC Adviser-Sold Market

DC adviser-sold plans recorded strong sales overall in Q1 2024, according to ISS Market Intelligence.

Products November 3, 2015

Are Advisers Ready for the Next Round of Risk Exams?

A white paper outlines some of the critical cybersecurity points to prepare for the SEC’s Risk Alert.

Reported by

Jilll Cornfield

Last year’s SEC Risk Alert focused on administration, but 2015 took a broader view of cybersecurity measures, cautions ExternalIT in a new white paper. ”Financial Firms Face Further Scrutiny of Their Cybersecurity Practices—Is Your Firm Ready?” gives a run down on the areas of focus—governance and risk assessment, access rights and controls, data loss prevention, vendor management, training and incident response—of the OCIE’s testing.

The threat to an adviser’s practice is real. In September, an investment adviser in St. Louis agreed to settle charges with the SEC for failing to establish cybersecurity policies before a data breach that compromised the personally identifiable information of about 100,000 individuals, including thousands of its own clients. The adviser stored sensitive personal information of its clients and others on a server hosted by a third party over four years, beginning in September 2009.

For more stories like this, sign up for the PLANADVISERdash daily newsletter. 

The server was attacked in July 2013 by an unknown hacker who gained access to the server’s data, according to the SEC. Among other failings, the adviser failed entirely to adopt any written policies and procedures to safeguard customer information, such as conducting periodic risk assessments or implementing a firewall. The firm did not maintain a response plan for cybersecurity incidents.

Luckily, the firm has not received any indications of a client suffering financial harm as a result of the cyber attack. Shortly after attack, the firm retained more than one cybersecurity consulting firm to confirm the attack and determine its scope, and notified every individual and offered free identity theft monitoring. The cost of the penalty was $75,000, according to published reports.

As an IT outsourcing firm specializing in financial services, External IT has firsthand knowledge of how firms handle cybersecurity, and uses real-life examples of how firms fail to meet the SEC’s requirements in its paper.

NEXT: Few firms have a good answer when the SEC asks, Who’s in charge?

During a governance and risk assessment, for example, the first question a firm has to answer is often, “Who is in charge of IT security?” The most common answers—the chief compliance officer, or no one specific person, or a third-party local IT vendor—are not good enough, according to External IT. “A CCO may not have the experience or education to evaluate security risk, and may rely on an outside consultant to assist the firm who could take months to become a proactive member of the firm’s team.” Dozens of firms were asked whether their outside IT firm has shown them IT security plans, audits or logs. Most admitted that nothing proactive was being done.

Basic controls can minimize the risk of data breaches, External IT points out, such as installing multi-factor authentication for users, stringent credentials and authorization methods, and updating access rights. In plain language and a real-life example, this means it might be helpful for the agency handling the firm’s cybersecurity to know if an employee who quit the firm on a Monday shared all his files over the weekend—a clear example of real controls in the hands of the people who need them.

Data loss prevention is another critical area of cybersecurity the SEC will monitor, and External IT found that more than 90% of firms archive their email, but far fewer actually monitor email. This monitoring process can be burdensome for staff, but affordable technologies are available.

Vendor management can be a sensitive area in cybersecurity, and the bigger the third-party partnership, the bigger the potential data breach, External IT contends. Firms owe it to their clients and themselves to choose vendors carefully after thorough due diligence. Vendor relationships, contract terms and the amount of oversight the firm applies to vendors should all be scrutinized. Firms need to keep records of the software and data that vendors can access—ironically, even those vendors hired to address cybersecurity risk.

”Financial Firms Face Further Scrutiny of Their Cybersecurity Practices—Is Your Firm Ready?” can be downloaded from External IT’s website.