Plan governance Fiduciary Considerations in the Evolving World of AI

Private sector employer-sponsored retirement plans are governed by the Employee Retirement Income Security Act (ERISA).¹ Largely unchanged since its passage in 1974, the definition of fiduciary (though highly contested through the years) remains the same, along with the core fiduciary duties of loyalty and prudence.² A half-century later, ERISA remains a law of process, rather than outcomes, which gives wide discretion to plan fiduciaries. But with this freedom comes responsibility, particularly regarding technologies like artificial intelligence (AI) that are new and still developing. 

This article will address considerations for plan fiduciaries in the face of AI and best practices for living in an AI-focused fiduciary world.

What is AI?

AI is a widely bandied about term that can be – and has been – applied to a wide variety of applications. But if you ask AI (specifically Copilot), it will tell you:

Artificial intelligence (AI) refers to computer systems that perform tasks requiring human-like judgment, learning, or decision-making. For financial consultants, AI is best viewed as a tool that can enhance efficiency and insight, but one that still requires human oversight. 

AI in the fiduciary’s toolkit

AI can do many things to help support the fulfillment of fiduciary obligations, but ultimately, AI cannot be a substitute for a fiduciary who is, under ERISA, responsible for the discretion over the plan assets and plan decisions, ensuring that they are in the best interests of participants and beneficiaries.

When leveraging AI, fiduciaries should keep in mind these five key principles:

1. Human accountability remains paramount: AI can inform and support analysis, but fiduciaries retain ultimate responsibility for all decisions and client outcomes. If there is a problem or concern, plaintiffs’ attorneys, the Department of Labor (DOL), and the Internal Revenue Service will be looking for a firm or person to hold accountable, not AI. 

2. Understand and assess the source data environment: Fiduciaries should know what information the AI relies on, whether it draws from a closed, curated dataset (and which one[s]) or a broader, open environment. An example of a closed or curated database would include a financial consultant using a portfolio analytics tool built by their firm (or another vendor) that only draws on approved datasets, such as Morningstar or Bloomberg. Contrast this with a financial consultant using ChatGPT to search for general market information, whereby the information in this open dataset is unknown, pulling from many sources, some of which may be unreliable or out of date.

3. Evaluate model integrity and currency: Confidence in the information a fiduciary gathers from AI depends on how the AI platform is trained, tested, updated, and prompted for those results. This includes the frequency and quality of new data inputs. Building on the last principle, it is important for fiduciaries to understand the dataset universe.

4. Monitor risks, bias, and controls: Effective use of AI requires awareness of error rates, safeguards to mitigate bias, and the ability to override or challenge outputs. Just like humans, AI has been known to make mistakes due to bad data or inaccurate “prompts.” For example, a financial consultant might be looking for ways to benchmark fees against a peer group. An AI tool might say, based on the information available, the recordkeeper’s fees are reasonable. However, the peer group considered might be skewed toward larger plans or fail to consider the average account balance.

5. Ensure strong governance and oversight: Fiduciaries (including advisors, consultants, and their firms) should maintain clear internal policies, controls, and accountability frameworks governing AI use. Also, remember some AI tools not only draw from “open” sources, but they store inquiries and results in an unsecured environment.

Keeping these core principles in mind, let’s explore a few practical ways fiduciaries may encounter with AI and best practices to implement in these situations. 

Meeting minutes:

The most common way to document fiduciary decisions is through meeting minutes. They not only serve as official overview of the committee’s activities, but they also provide evidence of a fiduciary process for auditors and examiners.

Keeping these goals in mind, fiduciaries should be cognizant of the implications for meeting minutes.

• Fiduciary benefit: There are two key benefits for fiduciaries when leveraging an AI notetaker during meetings. First, fiduciaries can gain efficiencies and save time in the meeting follow-up. Second, fiduciaries can focus more on the discussion and less on taking notes, which ensures a more productive and thoughtful meeting.
• Fiduciary risk: The fiduciary risks of virtual notetakers and recording meetings include the potential for multiple sets of minutes that may be contradictory, as well as the potential for mis-transcribing or mis-transcribing recording more than was intended. 
• Best practices: Fiduciaries might want to consider the following with AI notetakers for meeting minutes:
  • Ensure all parties have agreed to the use of the virtual notetakers.
  • Do not save as a transcript from the meeting; rather ensure the fiduciaries are using a version that provides a summary and removes the recording.
  • Leverage as a summary to support drafting minutes and not the final record.

Service provider use of AI:

Plan service providers such as recordkeepers and third-party administrators are already leveraging AI for back office workflows and efficiencies, as are employers in an array of industries. Common examples of use cases by service providers include drafting participant communications, preparing and even delivering participant education meetings, as well as projecting and recommending ways to spend the next best dollar through predictive nudges in the employees’ saving journey. Ironically, though there are cybersecurity risks that come with AI usage, some service providers are using AI to prevent cybersecurity breaches. For example, AI tools are able to learn the normal behavior of an individual. 

Although far from an exhaustive list, it is clear there are benefits of service providers leveraging AI, but there are also risks.

• Fiduciary benefit: The potential benefits of service providers range from time savings (which may translate to cost savings) to faster response times for participants, and greater error detection which lowers risk.
• Fiduciary risk: While the DOL has not yet issued formal guidance related to the use of AI, there is corollary guidance of which fiduciaries must be aware, including guidance related to cybersecurity. The primary risk of service providers using AI is the handling of (and potential for mishandling) participant data. There is also a risk that some recommendations or materials may be biased based on the universe of data from which the information is gathered. 
• Best practices: Fiduciaries should consider the following when engaging with service providers today, recognizing nearly all service providers are already using some form of AI:
  • Inquire about the use of AI and understand how it is being used and what data is involved in its use.
  • In requests for proposals (“RFPs”) or other negotiations with service providers, inquire about how data is used, protected, stored, transmitted, and who has access to it. Leverage the DOL’s guidance from 2024 related to cybersecurity and other resources such as the Government Accountability Office report related to participant data for key questions and appropriate responses to your data-related inquiries. 
  • Inquire regarding data destruction practices at the conclusion of the contract.

In summary, Al can be an important and empowering tool that can potentially enhance and expand both the quality and timeliness of fiduciary oversight and response. However, those advantages do not excuse or supersede the responsibility of plan fiduciaries to independently evaluate and ascertain the quality and accuracy of those outputs. “Trust but verify,” seems appropriate counsel to bear in mind throughout.