Increase plan participation 

Improve retirement outcomes 

Simplify plan administration 

As of 2025, employees who now work at least 500 hours per year over the course of two consecutive years (decreased from the previous three consecutive years) are now allowed to participate in their employer’s 401(k) plan.  

Mandates that catch-up contributions must be made on a Roth (after-tax) basis for any participants whose prior-year FICA wages were over ~$150,000 (indexed) beginning in 2026.Plan sponsors will need to work with their payroll providers and plan record keepers to identify affected participants for this requirement and ensure that Roth catch-up contributions for high earners are properly implemented starting in 2026.  

Plan sponsors will likely need to update plan documents, participant communications, and payroll coding to account for the Roth catch-up requirement.  

Plan sponsors may choose to adopt an increased catch-up contributions limit for participants ages 60-63 beginning in 2025, which is the greater of (1) $10,000 indexed or (2) 150% of the regular catch-up limit ($11,250 in 2025). 

SECURE 2.0 introduced several new withdrawal options that sponsors may choose to implement in their plans. This includes streamlined hardship distributions, withdrawals for participants diagnosed with a terminal illness, withdrawals for unforeseen personal or family emergencies, withdrawals for survivors of domestic abuse, and more. 

Auto-portability is a 401(k) plan feature that automatically moves small balances from a 401(k) plan when a participant terminates employment with their employer into a default IRA. Then, when the participant is matched with a 401(k) plan account at their new employer, the funds are automatically moved into the new employer’s plan.  

The caveat is that both the distributing plan and the new plan must be enrolled in auto portability. 

There are many nuances involved in auto-portability and service agreements with auto-portability providers must be closely reviewed. For examples, Roth and after-tax monies are not eligible for auto-portability, so a participant with both pre-tax and Roth/after-tax dollars will have their account split up, with the pre-tax portion being subject to auto-portability and the Roth/after-tax portion needing to be manually moved. 

Permanently permits HDHPs to offer first-dollar coverage for telehealth services without affecting HSA eligibility.  

Effective for all plans beginning on or after January 1, 2025 

Permits individuals to remain HSA-eligible even if receiving direct primary care services provided by primary care practitioners for a fixed fee 

Monthly fixed fee limits are $150 for individuals and $300 for families. 

This must cover only primary care services. 

Annual cap raised from $5,000 to $7,500 effective January 1, 2026 

Permanently permits Education Assistance Programs to pay or reimburse student loan payments on a tax-free basis. 

Employers may contribute up to $5,250 a year on a tax-free basis.  

Excludible amount indexed for inflation starting in 2027 

Permanently suspends the exclusion of employer-paid moving expenses. 

Exception for Armed Forces and members of the intelligence community.  

State PBM laws are rapidly expanding, with all 50 states considering legislation by mid-2025—many targeting transparency, pricing, and pharmacy access. 

ERISA preemption limits state authority, but laws regulating PBMs as third-party entities may still impact self-funded plans indirectly. 

The Roth catch-up contributions requirement must be implemented starting on January 1, 2026 based on the statutory (SECURE 2.0 Act) provisions. 

• The final regulations will apply beginning in 2027 for most plans (with certain exceptions  for governmental and collectively bargained plans).  

• Until 2027, plans may rely on a reasonable, good-faith interpretation of the regulations in complying with the statutory requirements. 

Plans may implement a “deemed election” feature in which an affected individual who elected to make catch-up contributions is deemed to have elected to make catch-up contributions as Roth catch-up contributions, provided that certain other requirements are met. 

Implementation of the Roth catch-up requirement will require interaction/coordination between the company, payroll provider, and TPA more than other 401(k) plan features typically do. 

Plan sponsors should not treat 2026 as a “test year,” but instead should begin implementation immediately to comply with this requirement by 2026, with the ultimate goal of a smooth transition into 2027 when the regulations begin to apply. 

Cybersecurity remains a critical topic for the DOL; plan audits now include a set of cybersecurity-related questions. 

 Plan fiduciaries have an obligation under ERISA to ensure that all plan service providers have a robust, comprehensive cybersecurity program consistent with the DOL guidance. 

While the DOL’s guidance is framed as best practices, it reflects regulatory expectations. Plan sponsors should treat this guidance as the baseline standard for compliance and risk mitigation. 

Group health plans must continue to cover, without cost sharing, services rated A or B by the U.S. Preventive Services Task Force. 

As the Advisory Committee on Immunization Practices (ACIP) updates its vaccine guidance, plan sponsors should coordinate with carriers and TPAs to ensure coverage aligns  

• COBRA rules may require plans to preserve certain pediatric vaccine coverage levels to the level that was in place on May 1, 1993. 

Employers are no longer required to automatically distribute Forms 1095-C or 1095-B to employees, provided certain notice disclosures are met  

In July 2025, the IRS updated its Internal Revenue Manual to clarify ACA enforcement procedures, including auditing Forms 1094 and 1094 emphasizing a focus on accurate reporting. 

Expanded U.S. tariffs may increase generic drug prices and cause supply chain disruptions, especially for antibiotics and injectables. Employers should work with PBMs on alternative sourcing and consider renewal terms to manage volatility. 

A recent Executive Order directs the DOL to propose rules extending ERISA’s fee-disclosure requirements to PBMs, requiring disclosure of direct and indirect compensation, which is anticipated to help plan fiduciaries assess and renegotiate pharmacy arrangements. 

CMS has revised the simplified method; plans must now cover at least 72% of drug costs and ensure access to retail pharmacies and both brand and generic drugs. Non-RDS plans may use the old method only through 2026.  

The first is excessive record-keeping fees. Plaintiffs argue that plans are overpaying for plan administrative services.  

The second is high managed account feed. These claims focus on whether participants are being charged unreasonably or too much for retirement plan services.  

The third is underperforming investment funds. These are allegations that plan fiduciaries failed to remove or replace poorly performing funds from the plan's overall lineup.  

The fourth is the improper use of forfeitures. These claims argue that the plan’s use of forfeitures to offset employer contributions first, rather than first reducing participant fees is a violation of ERISA, even though the law has long been that offsetting employer contributions with forfeitures is permissible. 

Be thoughtful and methodical when it comes to retirement plan management and make sure there is a process in place to monitor plan costs.  

Document any decisions made. Keep a record of any meetings, decisions, or rationale that are related to retirement plan performance.  

Regularly benchmark all fees, services, and investments in the retirement plans. The best practice is to use independent sources and document the comparisons that are made.  

Additionally, plan sponsors should monitor their service providers as well as 401(k) and retirement plan investment performance.  

Plan sponsors should establish and follow a clear forfeiture policy and ensure that the policy aligns with what is allowed by the plan document and is applied consistently and uniformly.  

AI is being used by plan service providers. Plan sponsors should understand what tools are being used by their service providers, how the results are being reviewed, and address the use of AI in their service agreements.  

AI tools may assist plan sponsors with conducting RFPs and RFIs by aiding with data gathering or the review process.  

AI may potentially become the next wave of employee benefits litigation. 

AI tools are being used by plaintiffs’ firms to file lawsuits (e.g., platforms like Darrow AI easily search annual filings and other public records to identify plan deficiencies and potential claims.)