Fiduciary liability insurance protects the trustees, officers, employees, and the sponsoring organization itself against personal liability for breach of duty in the administration of employee benefit plans. ERISA fidelity bonds — a separate instrument required by federal law — protect the plan itself against fraud and dishonesty by anyone who handles plan funds. Together they form the protective stack every plan sponsor needs.
The Employee Retirement Income Security Act of 1974 ("ERISA") imposes the strictest fiduciary duties known in American civil law. Fiduciaries are held to "the prudent expert" standard, must act solely in the interest of plan participants, and bear personal liability for breaches — their own and, in many cases, their co-fiduciaries'. The plaintiffs' bar has built an entire practice around ERISA litigation, and the claims have only become more frequent and more expensive.
Fiduciary liability insurance — a third-party liability policy that pays defense costs, settlements, and judgments arising from claims that a fiduciary breached duties under ERISA in the administration, investment, or oversight of an employee benefit plan, including health, retirement, and welfare plans. Distinct from the ERISA bond, which is a fidelity instrument protecting plan assets from theft.
Fiduciary liability vs. ERISA bond — two different instruments
Plan sponsors regularly confuse the two, often discovering the difference only when a claim arises. They serve different functions, are required (or recommended) for different reasons, and respond to different events.
The ERISA bond
ERISA Section 412 requires every person who "handles funds or other property" of a covered employee benefit plan to be bonded against loss caused by acts of fraud or dishonesty. The minimum bond amount is the greater of $1,000 or 10% of the funds handled, with a floor of $1,000 and a cap of $500,000 per plan — except that plans holding employer securities require a $1,000,000 cap. The bond runs to the plan as the insured party. It does not protect the fiduciary; it protects the plan from the fiduciary. Failure to maintain an adequate ERISA bond is a reportable item on the Form 5500 and is a common DOL examination finding.
Fiduciary liability insurance
Fiduciary liability insurance, by contrast, is a third-party liability policy. It protects the fiduciary against personal liability for breach-of-duty claims brought by plan participants, beneficiaries, the Department of Labor, the IRS, the PBGC, or co-fiduciaries. It pays defense costs, settlements, and judgments. The premium is paid by the plan sponsor; the protection runs to the individuals (and often the sponsor entity) who serve as fiduciaries. Modern policies include extensive coverage extensions for voluntary compliance programs, HIPAA penalties, settlor function claims, and IRS / DOL penalties under EPCRS and VFCP.
Both instruments are needed. The ERISA bond is legally mandatory and protects the plan; fiduciary liability is not legally mandatory but is operationally essential and protects the people running the plan.
Who is a fiduciary?
ERISA defines a fiduciary functionally, not by title. A person is a fiduciary to the extent they:
- Exercise discretionary authority or control over plan management or administration
- Exercise authority or control over plan assets
- Render investment advice for a fee with respect to plan assets
- Are named as a fiduciary in plan documents (the "named fiduciary")
In practice this captures: plan administrators, plan committee members (investment committee, benefits committee), trustees, the C-suite of the plan sponsor when they make fiduciary decisions, and often outside service providers who exercise discretion. The HR director who selects the 401(k) recordkeeper is exercising fiduciary discretion. The CFO who signs the plan's investment policy statement is acting as a fiduciary. Personal liability follows the function, not the title.
What fiduciary liability responds to
Imprudent investment selection or monitoring — the dominant class of modern litigation, including 401(k) excessive-fee cases, underperformance claims, and "stable value" suits
Excessive fees — recordkeeper, investment management, advisory, and revenue-sharing fees alleged to be unreasonable
Breach of the duty of loyalty — self-dealing, prohibited transactions, conflicts of interest
Improper handling of plan assets — late deposits of employee contributions, commingling, prohibited loans
Improper denial of benefits — wrongful claim denials under both ERISA and the Affordable Care Act
Discrimination in plan administration — particularly under nondiscrimination rules in IRC § 401(a) and Title VII
COBRA notice failures and continuation-coverage administration errors
HIPAA privacy and security breaches involving plan PHI
Failure to provide required disclosures — SPDs, SARs, fee disclosures, 404(a)(5) notices
Errors in plan administration — eligibility determinations, vesting calculations, distributions
Cyber-related plan losses — increasingly litigated as fiduciary breach for failure to safeguard participant data
What is covered (and what is not)
A modern fiduciary liability policy provides:
Defense costs for covered claims, on either duty-to-defend or indemnity basis
Settlements and judgments for breach of duty, errors, omissions, or acts in plan administration
HIPAA penalties by endorsement on most modern forms
Section 502(c) penalties for failure to provide required information to participants
Voluntary compliance program coverage — IRS EPCRS and DOL VFCP corrective filings
Settlor function defense — defense for claims relating to plan design decisions that are not fiduciary in nature
Pre-claim inquiry costs for DOL or IRS investigations before a formal claim is asserted
Policies generally exclude: criminal acts (after final adjudication), intentional breaches of trust, benefits actually owed under the plan (because that is plan liability, not fiduciary liability), and ERISA Section 502(l) penalties (which by statute are not insurable). Most policies also limit or exclude claims arising from employer securities held in the plan — a critical exclusion review point for ESOPs and plans with company stock.
Recent litigation trends every plan sponsor should know
The fiduciary litigation landscape has changed materially in the last decade. The plaintiffs' bar has industrialized 401(k) and 403(b) excessive-fee cases, with several firms maintaining standing class-action templates that they file the moment a Form 5500 reveals a target plan. Healthcare plan fiduciary litigation — modeled on the 401(k) wave — has now arrived, with hospital systems, large employers, and pharmacy benefit manager relationships drawing the first cases. Cyber-incident litigation against plan fiduciaries has produced a small but growing line of cases alleging that failure to protect participant data is itself a fiduciary breach.
For plan sponsors, the practical implication is consistent: document the prudent process. Fiduciary liability claims are largely process claims. Courts repeatedly hold that the question is not whether the outcome was good but whether the deliberative process was prudent and well-documented. Insurance is the second line of defense; documentation is the first.
Coverage applications
Fiduciary liability and ERISA fidelity bonds are separate instruments quoted from separate applications. Most plan sponsors need both. We can quote any combination of the applications below in a single submission.
The fiduciary liability application is the primary submission for this page. It gathers ownership and entity structure, financial profile (current and prior fiscal year balance sheet and income items), auditor information and any going-concern history, plan-by-plan data (plan name, type, current asset value, latest FYE annual contributions, current participant count, and active/frozen/sold/terminated status across DB, DC, ESOP, self-funded welfare, and other plan types), ERISA compliance posture (prohibited transaction review, eligibility / vesting / blackout compliance, employer-securities holdings), regulatory exposure history (DOL, IRS, PBGC, foreign agency), defined-benefit plan funding status and any cash-balance conversions, plan amendments and merger / termination activity, delinquent contributions or plan loans, healthcare benefit-determination authority, related-party investment relationships, and the names of the firms providing CPA, legal, actuarial, and investment-advisory services to the plans.
ERISA fidelity bonds use plan-specific applications: standard plans (single-employer qualified plans with qualifying assets only) in English or Español, or the non-standard application for Taft-Hartley / multiemployer plans, multiple-employer plans, plans with non-qualifying assets, and hi-cap excess-layer fidelity. Commercial crime / fidelity bonds for the sponsor entity use the small-business commercial crime application.
Required attachments for the fiduciary liability application depend on plan type and limit: the sponsor financial statement is required for any DB, self-funded welfare, ESOP, church, government, or quasi-governmental plan; plan financial statements are required for DB and self-insured welfare plans at limits above $1,000,000; sponsor and plan financial statements are required for each DC plan at limits above $5,000,000; an Employer Securities Supplemental Application is required for any ESOP or DC plan holding employer securities; and the most recent Form 5500 is required for every plan listed. For dedicated ERISA bond placements, our sister site ERISA-Bonds.com issues bonds in all 50 states, Puerto Rico, and the U.S. Virgin Islands.
Common questions
Is the ERISA bond legally required?
Yes. ERISA Section 412 requires every person handling plan funds to be bonded — there is no exemption for small plans, and the requirement applies to qualified retirement plans, welfare plans subject to ERISA, and certain church and government plan equivalents. The DOL routinely flags missing or inadequate bonds during Form 5500 review and during plan audits. Failure to maintain the bond is a fiduciary breach in itself, exposing the responsible parties to personal liability for any plan loss that the bond would have covered.
Does D&O insurance cover ERISA fiduciary claims?
Generally no — and this is the most common and most damaging coverage assumption plan sponsors make. Standard D&O policies exclude ERISA claims, often by explicit endorsement. A few private-company D&O forms include narrow fiduciary coverage as an extension, but the limits are typically inadequate for a real ERISA matter and the form gaps are significant. A dedicated fiduciary liability policy is the right instrument.
What limit do we need?
The honest answer is: it depends on the size and complexity of the plans. Common starting points are $1M to $5M for small plans, $5M to $25M for mid-market sponsors, and $25M to $100M+ for large plan sponsors with company stock or complex investment lineups. Excess fiduciary capacity is widely available, and stacking dedicated fiduciary towers on top of management liability programs is increasingly common.
Does the policy cover plan sponsor decisions, or only fiduciary decisions?
The policy covers fiduciary decisions — those exercising discretion over plan administration, investment, or asset handling. "Settlor" functions — decisions about plan design, amendment, or termination — are not fiduciary functions under ERISA and are not covered by traditional fiduciary liability. Most modern forms include limited "settlor coverage" by endorsement to defend the inevitable settlor-function lawsuits even though the underlying conduct is not fiduciary in nature. This endorsement is essential and easily overlooked.
What about cyber-related plan losses?
The DOL has issued guidance making clear it views cybersecurity as a fiduciary obligation. Plan participants whose data is compromised or whose accounts are drained by social engineering routinely sue both the recordkeeper and the plan fiduciaries. Fiduciary liability policies are slowly evolving to address this; we coordinate fiduciary, cyber, and crime coverage to close gaps and avoid overlaps when these events occur.
The ERISA bond protects the plan from the fiduciary. The fiduciary liability policy protects the fiduciary from the participant. You need both. Confusing the two is how plan sponsors discover, mid-claim, that they bought half the protection they thought they had.
Speak to an underwriter
Plan structure, asset size, and any employer-securities exposure drive the placement strategy. Call (800) 373-2804 and we will walk you through the right combination of bond limit and fiduciary policy structure for your plans.