If you offer your team a health or retirement plan, you’re already dealing with ERISA. But here’s a common mistake I see all the time: assuming your insurance carrier handles all your ERISA compliance. This isn’t true. The legal responsibility is yours, and mistakes can lead to Department of Labor audits and hefty fines. Don’t worry, though. Most compliance gaps are completely preventable. We’ll walk you through a simple ERISA compliance checklist and explain how professional ERISA compliance services can help you secure your plan and protect your business.
Schedule a free consultation with WHIA to find out exactly where your benefits compliance stands today.
This ERISA compliance checklist walks you through every requirement that matters for Washington State employers with group health plans, from Summary Plan Descriptions to Form 5500 filing. Keep it bookmarked, share it with your HR team, and use it as a baseline for your annual compliance review.
What Is ERISA and Who Needs to Comply?
ERISA is a federal law enacted in 1974 that sets minimum standards for employee benefit plans offered by private-sector employers. It covers group health insurance, dental and vision plans, life insurance, disability coverage, retirement plans like 401(k)s, and flexible spending accounts (FSAs).
ERISA applies to nearly every private employer that offers a benefit plan to employees, regardless of company size. If you have even one employee enrolled in a group health plan, ERISA likely applies.
There are a few exceptions. Government employers, church plans, and plans maintained solely to comply with workers’ compensation or unemployment laws fall outside ERISA. But for most Washington businesses with 20 to 300 employees, ERISA coverage is a given.
One important detail: ERISA preempts state insurance regulations for self-funded health plans. That means if your company self-funds its health benefits, federal ERISA rules take priority over Washington State insurance law. This distinction affects everything from plan design to claims appeals.
What Plans Does ERISA Cover?
ERISA casts a wide net, covering the most common benefits employers offer. The law groups these into two main categories: retirement plans and health and welfare plans. If you provide benefits that fall into either of these buckets, you’re required to follow ERISA’s rules. Let’s break down what that includes.
Retirement Plans
When you think about long-term employee benefits, retirement plans are often the first thing that comes to mind. ERISA was specifically designed to protect these assets for your team. The law establishes minimum standards for most private-sector retirement plans, including popular options like 401(k)s, 403(b)s, and defined benefit pension plans. It ensures that funds are managed responsibly and that employees receive the information they need about their investments. If your company offers any type of retirement plan to help your employees save for the future, you can be certain that ERISA’s requirements for reporting, disclosure, and fiduciary conduct apply to you.
Health and Welfare Benefit Plans
Beyond retirement, ERISA also governs what are known as health and welfare benefit plans. This category includes the core benefits that support your employees’ immediate well-being. If you offer group health insurance, dental and vision plans, life insurance, or disability coverage, these are all subject to ERISA regulations. The same goes for other benefits like flexible spending accounts (FSAs) and health reimbursement arrangements (HRAs). For most Washington businesses, these plans form the foundation of their benefits package. As your dedicated benefits partner, we help small groups and large organizations manage these plans while ensuring every aspect remains compliant with federal law.
What ERISA Doesn’t Mandate
While ERISA’s reach is broad, it’s also helpful to know what it *doesn’t* cover. The law doesn’t actually require any employer to establish a benefit plan in the first place. It only sets the rules for plans that already exist. Furthermore, certain types of organizations are exempt from ERISA altogether. These include government entities (like city or state employers), church plans, and plans maintained solely to comply with state-mandated workers’ compensation or unemployment laws. For the vast majority of private companies in Washington, however, these exemptions don’t apply. If you’re a private employer offering benefits, it’s safe to assume you need to be ERISA compliant. If you’re unsure where you stand, our team can help you get started with a full compliance review.
Your Essential ERISA Compliance Checklist
Below is a practical, section-by-section breakdown of what ERISA requires. Use this as a working checklist for your annual benefits review.
1. Create and Distribute Summary Plan Descriptions (SPDs)
Every ERISA-covered plan must have a Summary Plan Description. The SPD is the primary document that tells employees what the plan provides, how it operates, and what their rights are. According to the Department of Labor, SPDs must be written in plain language that participants can understand.
Your SPD must include:
- Plan name, employer identification number (EIN), and plan number
- Type of plan (health, dental, retirement, etc.)
- Name and address of the plan administrator
- Eligibility requirements and enrollment procedures
- Description of benefits and any cost-sharing (deductibles, copays, coinsurance)
- Claims filing procedures and appeal rights
- Plan amendment and termination provisions
- COBRA continuation coverage rights
- Statement of ERISA rights
New employees must receive their SPD within 90 days of becoming plan participants. When you make significant changes to a plan, you must distribute a Summary of Material Modifications (SMM) within 210 days after the plan year ends.
Other Required Employee Communications
Beyond the SPD, ERISA requires you to maintain open and clear communication about your benefits. Think of it as building trust and making sure your team feels supported. The U.S. Department of Labor is clear that plans must give participants important details about how the plan works and how it’s funded. This also means telling employees about their rights, like how to get benefits, file claims, and appeal decisions if a claim is denied. Your plan must have a straightforward process for handling these claims and appeals. Ultimately, the law requires you to provide easy-to-understand summaries of your benefit plans, so everyone can confidently use the benefits you provide. It’s a lot to track, which is why many businesses partner with a dedicated broker to manage these communications.
2. Consolidate with a Wrap Plan Document
Here is where many employers fall short. Your insurance carrier’s certificate of coverage is not an ERISA plan document. It does not contain all the language ERISA requires, such as the named fiduciary, plan administrator details, and claims appeal procedures.
A wrap plan document “wraps” around each carrier contract (medical, dental, vision, life, disability) and adds the ERISA-required language. Without a wrap document, each individual benefit technically operates as a separate, non-compliant ERISA plan.
If your company offers multiple benefits but has no wrap document, this should be your first action item.
Talk to a WHIA benefits advisor about getting your wrap plan documents in order. Our compliance attorney subscription covers document preparation and review.
3. Complete Your Form 5500 Filing
Most ERISA-covered plans with 100 or more participants must file Form 5500 annually with the Department of Labor. The filing is due by the last day of the seventh month after the plan year ends (July 31 for calendar-year plans). You can request a one-time extension using Form 5558, which gives you an additional 2.5 months.
Small plans (fewer than 100 participants) that are fully insured or unfunded may qualify for a filing exemption. However, this exemption does not apply to all plan types. According to the DOL, late or incomplete Form 5500 filings can result in penalties of $250 per day, up to $150,000 per filing.
Key items to verify for your Form 5500:
- Accurate participant count as of the first day of the plan year
- Correct plan financial information
- Independent auditor’s report (required for large plans with 100+ participants)
- Schedule A (insurance information) and Schedule C (service provider compensation), if applicable
- Electronic filing through the DOL’s EFAST2 system
4. Understand Your Fiduciary Duties
ERISA designates anyone who exercises discretionary authority or control over plan management or plan assets as a fiduciary. That includes the business owner, HR director, benefits committee members, and any third-party administrators (TPAs) with decision-making authority.
Fiduciary duties under ERISA include:
- Duty of loyalty: Act solely in the interest of plan participants and beneficiaries
- Duty of prudence: Make decisions with the care, skill, and diligence of a knowledgeable benefits professional
- Diversification: For retirement plans, diversify investments to minimize large losses
- Plan compliance: Follow the terms of the plan documents, unless they conflict with ERISA
Fiduciary breaches carry personal liability. That means a plan fiduciary can be required to restore losses to the plan out of their own pocket. This is one reason why periodic fiduciary training and documented decision-making processes are so important.
When evaluating vendors, carriers, and plan funding structures, document your selection process. Showing that you compared options and made informed decisions is key to demonstrating prudence.
Key Protections for Your Employees Under ERISA
While ERISA compliance can feel like a maze of administrative tasks, its core purpose is to protect your employees and their families. Understanding these protections isn’t just about checking a box; it’s about recognizing the value and security you provide through your benefits package. When your team understands their rights, it builds trust and reinforces that you have their best interests at heart. These protections ensure that the benefits you promise are benefits they can actually count on, from retirement savings to critical health coverage.
Protecting Plan Assets
ERISA establishes strict rules to safeguard the money in your employee benefit plans. It requires that plan assets be held in a trust, separate from the company’s own funds, to protect them from business creditors. As we covered earlier, anyone with control over plan management is a fiduciary who must act in the best interest of your employees. This is a legal requirement to manage funds prudently. Furthermore, if a plan is ever terminated, ERISA has rules to ensure employees receive all the benefits they have already earned through vesting, providing a crucial financial safety net and peace of mind for your team.
Specific Protections for Retirement Plans
For retirement plans, ERISA provides a few unique and powerful safeguards. If your company offers a traditional defined benefit pension plan, the Pension Benefit Guaranty Corporation (PBGC) acts as an insurance policy. Should the plan end without enough funding, the PBGC may guarantee a portion of the promised benefits. ERISA also establishes important spousal rights. This means that if a plan participant passes away, their spouse generally has a right to a portion of the retirement benefits, ensuring that surviving family members have financial support during a difficult time. These protections are fundamental to securing an employee’s financial future.
Specific Protections for Health Plans
When it comes to health benefits, ERISA’s protections are vital for everyday well-being. Through the Health Insurance Portability and Accountability Act (HIPAA), ERISA prohibits health plans from discriminating against employees based on their health status. This ensures that a pre-existing condition won’t prevent someone from getting coverage. The law also mandates certain minimum standards of care. For example, it requires plans to cover maternity care, including specific hospital stay lengths for new mothers and their newborns, and ensures that mental health benefits are offered on par with medical and surgical benefits. These rules help create a fair and comprehensive health plan for all your employees, whether you’re a small group or a large corporation.
Understanding ERISA Rules for Retirement Plans
Beyond general protections, ERISA sets specific rules for how retirement plans must operate. While our expertise at WHIA is centered on health benefits, we believe in empowering you with a holistic view of your compliance duties. For many businesses, a retirement plan is a cornerstone of the compensation package. Knowing the rules around participation, vesting, and fund access will help you administer your plan correctly and answer your employees’ questions with confidence. Here’s a quick rundown of what you need to know.
Types of Retirement Plans
ERISA governs two primary types of retirement plans. The first is the defined benefit plan, often called a traditional pension. These plans promise a specific, pre-determined monthly payment to employees upon retirement, usually based on salary and years of service. The second, and more common, type is the defined contribution plan, such as a 401(k) or 403(b). In these plans, the final retirement benefit isn’t guaranteed. Instead, it depends on the amount contributed by the employee and employer, as well as the investment performance of the funds in the account. Understanding which type you offer is the first step in managing your plan correctly.
Key Rules for Plan Participation and Vesting
ERISA sets minimum standards for when employees can join a plan and when they gain ownership of employer contributions. Generally, you must allow employees to participate after they turn 21 and complete one year of service. Once they are in the plan, vesting schedules determine when they earn the non-forfeitable right to your company’s contributions. A “cliff” vesting schedule might require an employee to work for three years to become 100% vested, while a “graduated” schedule allows them to gain ownership incrementally over several years. These schedules are a key feature of your plan design and an important retention tool.
Rules for Accessing Retirement Funds
Employees can’t just take money out of their retirement accounts whenever they want; ERISA sets clear rules for access. Participants can typically receive distributions when they retire, leave the company, or become disabled. Some plans may also permit withdrawals for specific financial hardships, though this is not a requirement. Additionally, many 401(k) plans offer a loan provision, allowing employees to borrow against their vested balance. If you offer loans, you must follow ERISA’s strict guidelines, which dictate maximum loan amounts, reasonable interest rates, and repayment terms to ensure the loan is treated as a legitimate transaction and not just a premature distribution.
How Does COBRA Fit Into ERISA Compliance?
The Consolidated Omnibus Budget Reconciliation Act (COBRA) is technically an amendment to ERISA, so COBRA compliance is part of your ERISA obligations. Employers with 20 or more employees on more than 50% of typical business days in the prior calendar year must offer COBRA continuation coverage.
Your COBRA compliance duties include:
- Providing an initial COBRA notice to new plan participants and their spouses within 90 days of coverage starting
- Sending a COBRA election notice within 44 days of a qualifying event (termination, reduction in hours, divorce, etc.)
- Offering 18 months of continuation coverage for most qualifying events (36 months for certain events like divorce or dependent aging out)
- Allowing a 60-day election period and 45-day initial premium payment window
- Not charging more than 102% of the full plan premium (employer + employee share, plus a 2% administrative fee)
COBRA notice failures can result in penalties of $110 per day per affected individual. For a detailed walkthrough of COBRA obligations specific to Washington employers, see our COBRA employer guide for Washington State.
What Claims Procedures Does ERISA Require?
ERISA sets strict timelines for processing benefit claims and appeals. Your plan must have a written claims procedure that participants can access, and the procedure must meet specific requirements.
For group health plan claims:
- Urgent care claims: Decision within 72 hours
- Pre-service claims: Decision within 15 days (one 15-day extension allowed)
- Post-service claims: Decision within 30 days (one 15-day extension allowed)
- Appeals: At least one level of internal appeal, with a decision within 30 days for pre-service and 60 days for post-service
After exhausting internal appeals, participants have the right to file a lawsuit or request an external review. Plans subject to the ACA must also comply with external review requirements. If your company must also file ACA reports, keep in mind that these reporting obligations run parallel to your ERISA duties.
A common mistake: relying entirely on your insurance carrier to handle claims and appeals without verifying that the carrier’s process meets ERISA timelines. As the plan sponsor, you are responsible for ensuring compliance, even when you delegate administration.
Mastering ERISA Record-Keeping Requirements
ERISA requires plan administrators to maintain records sufficient to determine the benefits due to each participant. There is no single record-keeping format required, but the DOL expects you to retain the following documents:
- Plan documents and all amendments
- SPDs and SMMs
- Form 5500 filings and supporting schedules
- Trust agreements (if applicable)
- Insurance contracts and carrier certificates
- Board resolutions related to plan adoption or amendment
- COBRA notices and proof of delivery
- Claims and appeals records
- Enrollment and eligibility records
- Fiduciary meeting minutes and decision documentation
Best practice: retain all plan records for at least six years after the filing date of the Form 5500 for that plan year. Some attorneys recommend seven years as an extra buffer. Store records electronically with access controls and backup procedures in place.
Avoiding Costly ERISA Non-Compliance Penalties
ERISA violations carry real financial consequences. Here is a quick reference for the most common penalty triggers:
| Violation | Penalty |
|---|---|
| Failure to provide SPD on request | Up to $110 per day per participant |
| Late or missing Form 5500 | $250 per day, up to $150,000 |
| COBRA notice failures | $110 per day per affected individual, plus excise tax of $100/day under IRC Section 4980B |
| Fiduciary breach | Personal liability to restore plan losses; possible removal as fiduciary |
| Failure to file SAR (Summary Annual Report) | $250 per day, up to $150,000 |
The DOL has increased enforcement activity in recent years. In fiscal year 2024, the Employee Benefits Security Administration (EBSA) recovered over $1.4 billion in direct participant benefits through enforcement actions. Smaller employers are not exempt from audits, and the DOL frequently targets companies that have filed late or incomplete Form 5500s.
Steep Penalties for Late Form 5500 Filing
The Form 5500 filing is a non-negotiable annual task for most employers with 100 or more plan participants. This report is due to the Department of Labor by the last day of the seventh month after your plan year concludes—that’s July 31 for most calendar-year plans. While you can file for a 2.5-month extension, missing the deadline invites serious trouble. According to the DOL, late or incomplete Form 5500 filings can result in penalties of $250 per day, up to a staggering $150,000 per filing. Even if you run a smaller plan with fewer than 100 participants, don’t assume you’re exempt, as the filing exemption for fully insured plans doesn’t apply to all plan types. Getting this form filed correctly and on time is a critical piece of your compliance puzzle, and it’s an area where expert guidance can prevent costly mistakes.
Common Fiduciary Mistakes to Avoid
One of the most significant risks under ERISA is fiduciary liability, and it’s easier to become a fiduciary than you might think. ERISA designates anyone with discretionary control over plan management or assets as a fiduciary—that includes business owners, HR directors, and even members of a benefits committee. The stakes are incredibly high because fiduciary breaches carry personal liability. This means a plan fiduciary can be required to restore losses to the plan out of their own pocket. This is a key reason partnering with an expert broker is so valuable. Documenting your decision-making process and undergoing regular fiduciary training aren’t just best practices—they are essential safeguards for you and your company.
Your Annual ERISA Compliance Calendar
Staying compliant is easier when you build ERISA tasks into your annual benefits calendar. Here is a sample timeline for calendar-year plans:
| Month | Action Item |
|---|---|
| January | Confirm participant count for Form 5500; review plan documents for needed updates |
| February – March | Distribute updated SPDs or SMMs if plan changes took effect January 1 |
| April | Begin Form 5500 preparation; gather financial data and service provider disclosures |
| July 31 | Form 5500 filing deadline (or file Form 5558 for extension) |
| September | Distribute Summary Annual Report (SAR) within 9 months of plan year end |
| October – November | Open enrollment; review fiduciary responsibilities; compare employer health insurance plan options |
| December | Complete annual fiduciary review; document vendor evaluation and plan decisions |
If your plan year does not follow the calendar year, shift these deadlines accordingly. The key is building these tasks into your HR workflow so nothing falls through the cracks.
Contact WHIA for a free benefits consultation and let us help you build an ERISA compliance calendar tailored to your plan year.
Simplifying ERISA Compliance for Washington Employers
For most mid-market employers, the challenge is not understanding what ERISA requires. It is having the time, expertise, and systems to stay on top of every requirement, every year.
Here is what makes compliance harder than it should be:
- Your HR team handles enrollment, onboarding, payroll, and benefits administration. Compliance gets squeezed out by day-to-day tasks.
- You rely on your insurance carrier for plan documents, but carriers provide certificates of coverage, not ERISA-compliant plan documents.
- You may not have a benefits attorney on retainer, so legal questions pile up until renewal season.
- Form 5500 filing and wrap documents require specialized knowledge that many HR generalists do not have.
This is where working with a dedicated benefits advisor makes a measurable difference. At Washington Health Insurance Agency, every client receives an annual benefits compliance attorney subscription as part of our advisory package. That means your team has year-round access to a compliance attorney who can review plan documents, prepare wrap documents, answer ERISA questions, and help you stay ahead of filing deadlines.
We also help Washington employers evaluate whether their current plan structure, whether fully insured or level-funded, aligns with their compliance capacity. Self-funded plans, for example, bring additional ERISA obligations that require more hands-on fiduciary oversight.
WHIA works with small groups and large groups across Washington State. Whether you have 25 employees or 250, our team evaluates your compliance posture alongside your benefits strategy so you can address gaps before they become penalties.
Partnering with an Expert for Peace of Mind
The stakes for ERISA compliance are high, especially since fiduciary breaches can lead to personal liability. That means you, as a business leader, could be required to restore plan losses from your own pocket. This isn’t a risk you have to carry alone. Partnering with a benefits expert shifts the burden from your shoulders to a team that lives and breathes compliance. Instead of trying to interpret dense regulations or hoping your carrier documents are sufficient, you gain a proactive partner. A dedicated account manager can help you document your fiduciary process, prepare wrap documents, and ensure you meet every deadline, giving you the confidence that your benefits plan is built on a solid, compliant foundation.
Frequently Asked Questions About ERISA Compliance
Does ERISA apply to small businesses?
Yes. ERISA applies to any private-sector employer that sponsors an employee benefit plan, regardless of size. Even a company with five employees and a group health plan is subject to ERISA. The only exception based on size is COBRA, which applies to employers with 20 or more employees. For more on health insurance requirements for small businesses, see our dedicated guide.
What is the difference between ERISA and ACA compliance?
ERISA governs the administration and management of employee benefit plans (health, retirement, disability). The ACA (Affordable Care Act) sets rules for health coverage specifically, including the employer mandate for companies with 50+ full-time equivalent employees and marketplace reporting requirements. Both laws apply simultaneously to employer health plans, so you need to comply with each. Learn more about group health insurance requirements.
Do I need a wrap plan document if I only have one health plan?
Yes. Even with a single carrier, you still need a document that includes all ERISA-required provisions (named fiduciary, plan administrator, claims and appeals procedures, ERISA rights statement). Your carrier’s certificate of coverage does not contain all of these elements. A wrap document fills the gap.
How Often Should You Review and Update Your SPD?
You must distribute a Summary of Material Modifications (SMM) within 210 days after any plan year in which a significant change occurs. At minimum, you should review and update your SPD annually during open enrollment to reflect any carrier, plan design, or eligibility changes.
Can I be personally liable for ERISA violations?
Yes. ERISA imposes personal liability on plan fiduciaries who breach their duties. If you are the named plan administrator, business owner, or a member of the benefits committee, you could be required to restore losses to the plan from your personal assets. This is why documenting your decision-making process and working with qualified advisors is so important.
Find the Right ERISA Compliance Services for Your Business
ERISA compliance is not a one-time project. It is an ongoing responsibility that touches plan documents, fiduciary decisions, claims procedures, government filings, and employee communications. The checklist above covers the essentials, but every employer’s situation is different.
Washington Health Insurance Agency helps businesses across Washington State build benefits programs that are not just cost-effective, but compliant from day one. Our advisory package includes a compliance attorney subscription, annual plan document review, Form 5500 support, and year-round access to a dedicated account manager who knows your business.
Schedule your free benefits consultation today and let us show you how WHIA can take the compliance burden off your plate.
Key Takeaways
- ERISA compliance is your legal duty, not your carrier’s: It’s a common mistake to assume your insurance provider handles everything. As the employer and plan sponsor, you are ultimately responsible for ensuring your benefit plans meet all federal requirements.
- Your plan needs its own official documents: The certificate of coverage from your insurer is not a substitute for a compliant Summary Plan Description (SPD) or a Wrap Plan Document. These formal documents are required to consolidate your benefits and fill in the gaps left by carrier paperwork.
- Build compliance into your yearly calendar: Staying compliant is an ongoing process, not a one-time fix. By scheduling key tasks like Form 5500 filings, document reviews, and employee notice distributions, you can avoid last-minute scrambles and costly penalties.