Investment Product and Service Launches

Principal debuts registered index-linked annuity solution; Jackson enhances RILA suite; Prudential Advisors introduces fee-based annuities; and more.


Principal Debuts Registered Index-Linked Annuity Solution

Principal Financial Group has launched its first registered index-linked annuity, Principal Strategic Outcomes.

The product is designed to meet the growing demand for annuity solutions as market uncertainty persists and as individuals nearing retirement seek help mitigating investment risk.

Never miss a story — sign up for PLANADVISER newsletters to keep up on the latest retirement plan adviser news.

“Sustained market uncertainty has investors thinking about their asset allocation mix which, along with volatile equity markets, has triggered movement to solutions that help individuals build retirement savings while managing their risk tolerance,” Sri Reddy, senior vice president for retirement and income solutions at Principal, said in a statement. “We built our RILA to help investors more confidently navigate diverse market conditions.”

Jackson National Life Enhances Registered Index-Linked Annuity Suite

Jackson National Life Insurance Co., the main operating subsidiary of Jackson Financial Inc., launched Jackson Market Link Pro II JMLPII and Jackson Market Link Pro Advisory II, two new RILAs.

JMLPII, commission-based, and JMLPAII, fee-based, allow consumers to grow assets before and during retirement, while offering different degrees of protection against unexpected market events.

“Since entering the RILA market in late 2021, Jackson is committed to enhancing our suite of products to provide competitive options that seek to address clients’ unique need,” Alison Reed, chief operating officer of Denver-based Jackson National Life Distributors LLC, said in a statement.

Prudential Advisors Introduces Fee-Based Annuities

Prudential Advisors has introduced fee-based annuities to its expanding advisory platform.

The new offering provides clients purchasing an annuity with investment advice for an asset-based fee. Clients will get an integrated view of their investments, including annuity assets, in a single report. The first annuity available will be the Prudential MyRock Advisor variable annuity.

“The addition of fee-based annuities was natural given the growth of our investments business,” Pat Hynes, vice president and head of field sales at Prudential Advisors, said in a statement. “At the same time, it was important that we took the time to get the client and adviser experience right.”

SoFi at Work Launches Student Loan Verification Service

SoFi at Work, which offers companies financial well-being and education assistance benefits, announced the launch of a student loan verification service.

The solution responds to the SECURE 2.0 retirement law allowing employers to match employees’ student loan payments with contributions toward retirement plans. For organizations looking to make the most of this policy change, SLV simplifies the process of linking matching employer retirement contributions to employee student loan repayments.

“Our Student Loan Verification service makes it easy for companies to put [SECURE 2.0’s] emerging, yet highly impactful benefit into action for a more inclusive future,” Barrett Scruggs, vice president and business lead of SoFi at Work, said in a statement.

John Hancock Investment Management Expands Alternatives Availability

John Hancock Investment Management, the U.S. division of Manulife Investment Management, announced expanded availability for its alternative investment product offering.

The firm broadened its registered alternative offerings to include semi-liquid tender offer funds that provide mass-affluent-eligible investors access to private securities.

“We are currently experiencing an economic and market environment with high uncertainties, notable volatility, and the prospect for weaker growth,” Nathan Thooft, CIO of multi-asset solutions at Manulife Investment Management, said in a statement. “With this in mind, our goal is to provide investors the opportunity to consider an increased allocation to alternatives, adding differentiated exposures to their portfolios.”

SEC Cyber Proposals Receive Mixed Feedback From Industry

Many comments offered tepid support for the SEC’s goal and asked for greater flexibility in reporting and rule harmonization.



Commenters replying to the Securities and Exchange Commission’s three cybersecurity proposals requested additional flexibility and two years to comply with anything the regulator adopts, based on responses submitted through the deadline Monday.

The three proposals, first published in March are known as Reg S-P, Reg SCI and New Rule 10 (sometimes called Reg BD). Many firms also requested that the rules be harmonized with each other.

Never miss a story — sign up for PLANADVISER newsletters to keep up on the latest retirement plan adviser news.

The Proposals

Reg S-P applies to broker/dealers and registered advisers. It requires covered entities to adopt policies to protect customer records and to notify clients who are affected by data breaches that could put them at risk. Covered entities must inform affected customers “as soon as practicable,” but no longer than 30 days after they become aware of the breach.

The update to Reg SCI expands the scope of entities subject to Regulation Systems Compliance and Integrity and would require SCI entities to maintain security policies and to undergo business-continuity and disaster testing. That testing would require SCI entities to assess how prepared they are to manage the unavailability of a third party to which they outsource.

This proposal would expand the definition of SCI entities to include registered security-based swap data repositories; broker-dealers registered with the SEC under Section 15(b) that exceed a total assets threshold or a transaction activity threshold in NMS stocks, exchange-listed options, U.S Treasury securities, or Agency securities; and all clearing agencies exempted from registration.

The proposal would require SCI entities to notify immediately the SEC of certain significant digital events, such as those that deny access to systems. This disclosure would be confidential.

Michael Pappacena, a cybersecurity partner at the ACA Group, explains that the SEC has been increasing its focus on the role of third parties and outsourcing in the financial industry. He says the SEC wants to see that “if you are trusting third parties with key business functions, that you are performing due diligence” and that core systems can survive if those third parties are affected by a digital attack.

New Rule 10 would require clearing agencies, securities exchanges, transfer agents and other actors to maintain policies designed to address their cybersecurity risks, which must be reviewed and updated annually. This rule would also require immediate confidential notice to the SEC of a cybersecurity incident.

Industry Feedback

The Investment Adviser Association offered qualified support for the proposals. In its letter to the SEC, the IAA stated that it supports requiring advisers to have an incident response program. The association requested that the program be limited to protecting sensitive data, not all data, and that the SEC narrow the requirement to monitor service providers to only those managing sensitive data.

On Reg S-P, the Financial Services Institute and Investment Company Institute both asked that the SEC modify the 30-day notification requirement. The FSI asked that the timeline be extended to 60 days and that the SEC account for state laws which also require notification. The ICI asked the SEC to account for police investigations into the incident, which may require confidentiality, and that the SEC allow at least 24 months to comply with the rule after it is finalized.

Nasdaq noted that law enforcement may even request a delay in disclosure as part of its investigation, so as to not inform perpetrators about what authorities know about a breach. Nasdaq urged the SEC to account for this possibility in its final rule and also requested that the SEC harmonize the disclosure timelines between the rules and between state governments with similar requirements.

Amazon Web Services elaborated on the concern of hasty public disclosure. Its comment explained that mass disclosure to affected customers could signal the existence of vulnerabilities, which could then be further exploited. AWS also noted that speedy disclosure requirements for all three rules would encourage false positives and misinformation, since there would be little time to review disclosures, which would only lead to more confusion.

Pappacena says immediate notification would be difficult to accomplish in practice, because the personnel who are informed enough about the incident to report it accurately would also be those working to correct the problem. The SEC also requires additional updates if anything in the disclosure becomes materially inaccurate, another burden for those trying to put out the fire.

The North American Securities Administrators Association wrote that, given the short window required for disclosure in response to a cybersecurity incident, some firms may be unsure of the extent of the breach and therefore unsure if disclosure is even required. To remedy this, the NASSA recommended that where the language “reasonably likely” appears in reference to determining if compromised data could cause substantial harm, it should be replaced with “reasonably possible” to clarify that if an organization is unsure of the extent, it should still disclose the potential compromise to the SEC or clients as appropriate.

«