May 2024 ERISA Litigation Update: 

Given the continuing wave of ERISA litigation, this article has become a mainstay of The Speed Reader. A sample of recent cases is provided below. 

The most common type of ERISA case for approximately the past 18 years involves retirement plan participants’ allegations that plan fiduciaries caused participants to pay excessive recordkeeping and investment fees and included one or more poorly-performing investment options in the plan. Recent cases in this category include the following:

  • Wilcox v. Georgetown University (dismissed on April 23 by the U.S. Court of Appeals for the District of Columbia Circuit)
  • Brookins v. Northeastern University (procedural ruling issued on April 17 by the U.S. District Court for the District of Massachusetts)  
  • Perkins v. United Surgical Partners International, Inc. (procedural ruling issued on April 11 by the U.S. Court of Appeals for the Fifth Circuit)

Other types of recent ERISA cases are as follows:

Valentine v. J.P. Morgan Chase & Co. (complaint filed on May 3 in the U.S. District Court for the Southern District of New York):  This class action lawsuit involves data thieves gaining unauthorized access to a retirement plan administrator’s systems and obtaining its clients’ employees’ full names, addresses, payment and deduction amounts, and Social Security numbers. The plaintiffs, who are participants in retirement plans administered by the defendant, allege that the data breach “was a direct result of Defendant’s failure to implement adequate and reasonable cyber-security procedures and protocols necessary to protect its clients’ employees’ [sensitive information] from a foreseeable and preventable cyber-attack.”

More specifically, the plaintiffs contend that the defendant did not use reasonable security procedures and practices for the sensitive information it maintained, such as encrypting the information or deleting it when it was no longer needed. The defendant allegedly could have prevented the data breach by taking several steps that include the following:

  • Implementing an awareness and training program, so employees are aware of the threat of ransomware and how it is delivered.
  • Enabling strong spam filters, to prevent phishing emails from reaching the end users and authenticating inbound email using technologies like Sender Policy Framework.
  • Scanning all incoming and outgoing emails to detect threats and filter executable files from reaching end users.
  • Set anti-virus and anti-malware programs to conduct regular scans automatically. 

The plaintiffs mainly seek a court order requiring the defendant to protect (including through encryption) all data collected through the course of its business in accordance with all applicable regulations, industry standards, and federal, state, or local laws and to compensate the plaintiffs for their losses and attorneys’ fees, costs, and litigation expenses.  

The Procter & Gamble U.S. Business Services Company v. Estate of Jeffrey Rolison (decided on April 29 by the U.S. District Court for the Middle District of Pennsylvania):  Mr. Rolison was an employee at Procter & Gamble before his death on December 14, 2015. Over the course of his employment, he accumulated approximately $755,000 in that company’s retirement plan. This case addressed who his beneficiary is regarding that plan benefit.

As of April 17, 1987, Mr. Rolison’s named beneficiary, per a paper document filled out and signed by him, was a Ms. Losinger. Their relationship ended in 1989 when Losinger left Mr. Rolison and remarried. Throughout the course of his 29-year employment, Mr. Rolison was periodically informed by his employer of his option to designate an online beneficiary or, otherwise, his previous paper-designated beneficiary would receive his plan benefit. Although Mr. Rolison signed onto his online plan account many times, he never made an online beneficiary designation.

Ms. Losinger contended that Mr. Rolison never attempted to change his beneficiary designation despite being “repeatedly informed” of his lack of an online beneficiary and that, absent such a designation, the paper enrollment form will be followed. His estate, however, argued that his failure to designate an online beneficiary or inquire into his paper beneficiary over his nearly 30 year employment indicate that he intended his estate to receive his retirement plan benefit (or else he would have made the appropriate online designation).

The court began its analysis by citing U.S. Supreme Court precedent, under which ERISA fiduciaries must administer a plan in accordance with the documents and instruments governing the plan, making payments to a beneficiary who is designated by a participant or by the plan’s terms. In addition, other courts have ruled that under ERISA, when there is a named plan beneficiary and a third party which cites extrinsic documentation to show that the named beneficiary is invalid, courts favor “uniform and efficient plan administration that would be undermined if an employer had to consider benefit claims form sources extrinsic to the plan documents.” Based on those authorities, and on the fact that Mr. Rolison never changed his paper beneficiary designation form naming Ms. Losinger., the court ruled in favor of Ms. Losinger.