Skip to content

ERISA Fidelity Bond: Avoiding Mistakes

Jun 19, 2026
Share

When you sponsor a retirement plan (like a 401k), you are trusted to safeguard the life savings of employees. That’s why a federal law, the Employee Retirement Income Security Act (ERISA) specifically requires you (and anyone handling plan funds) to obtain an ERISA Fidelity Bond. The purpose of an ERISA Bond is to protect the plan funds from acts of fraud or dishonesty committed by those administering the plan. The U.S. Department of Labor regulates ERISA Bonds, and failure to comply can result in investigation and penalties. Unfortunately, many retirement plan sponsors remain confused about ERISA Bonds, and make serious mistakes as a result. Read on for guidance from accountants, attorneys and ERISA fidelity bond experts. 

Understanding ERISA Bond Compliance

The possibility of misconduct involving a workplace retirement plan is downright frightening. To guard against acts of fraud or theft by those handling the plan, the Employee Retirement Income Security Act (ERISA)  Section 412 (and related regulations 29 C.F.R. § 2550.412-1 and 29 C.F.R. Part 2580) mandates that plan assets be strictly protected. To comply, retirement plan sponsors must obtain an ERISA Fidelity Bond which functions as a three-party surety agreement rather than a standard insurance policy. Under this arrangement, a surety company guarantees the honesty of those handling plan funds, such as sponsors, and ensures immediate reimbursement to the plan if acts like theft or embezzlement occur. Crucially, because this is a bond, the surety retains the legal right to then pursue the dishonest individual to recover the money paid out. This rigorous structure ensures that participants’ retirement savings remain shielded and recoverable in cases of malfeasance. 

Pointing out that many plan sponsors are confused about ERISA Bonds, accountant Kim Moore of Anders CPA cautions, “Failure to maintain an adequate fidelity bond is considered a compliance violation and may trigger additional scrutiny during an audit or regulatory review.” According to Moore, four common ERISA bond mistakes to avoid include:

  1. Bond coverage is below required thresholds
  2. Coverage was not maintained for the full plan year
  3. Bond is issued in the wrong name
  4. Plan asset growth has outpaced bond coverage

For further help understanding ERISA fidelity bonds, watch this brief video:ERISA Bonds Explained.

Ensuring Accurate ERISA Bonds

It’s wise for retirement plan sponsors to carefully select the surety company for their ERISA Bonds from the Treasury Listed (aka “T-Listed) companies. Before obtaining an ERISA Bond, it’s also important to make sure the surety company is financially sound, and provides knowledgeable service, ensuring compliance. For example, Colonial Surety Company is Treasury-Listed, rated “A” Excellent by AM Best, and staffed by a trained ERISA service team which consistently receives stellar Trustpilot reviews.

When obtaining and renewing an ERISA fidelity bond, retirement plan sponsors are advised by accountants to ensure compliance by meeting the following conditions: 

  • The bond must be issued in the name of the 401(k) plan, not the plan sponsor
  • The provider must appear on the U.S. Treasury Department’s approved surety listing
  • Coverage must be in place for the entire plan year, including the first day
  • The bond must cover at least 10% of plan assets
  • Coverage is generally capped at $500,000
  • Plans holding employer securities may require coverage up to $1,000,000

Personal Liability Risks Explained

Despite the critical importance of ERISA Bond compliance, plan sponsors should not stop there. Why? The vast majority of plan sponsors would never dream of committing an act of fraud or theft—but could easily make a mistake related to plan oversight, and under the high standards of ERISA, can be held personally accountable, as the ERISA Advisory Group points out: “Fiduciary liability under ERISA is not just a corporate issue. It can follow you individually.”

In the face of audits, investigations, regulatory actions or litigation, specific examples of what a retirement plan sponsor can be held personally accountable for as an ERISA fiduciary include:

  • Decisions: Do you have the right advisor, and investment options? 
  • Cost control: Are the plan fees reasonable and services solid?
  • Compliance: Do operations adhere to the plan document, and government regulations? 

Most plan sponsors delegate and outsource much of the work of the retirement plan, but under ERISA, the sponsor retains fiduciary obligations that can never be eliminated. For example, the decision to outsource, and the selection of vendors ultimately rests with the plan sponsor, as does the obligation to continuously monitor all plan service providers. 

One other area of risk that plan sponsors must guard against is cybersecurity. Since retirement plans contain money and data, they are lucrative targets for cybercrime. In fact, the Department of Labor obligates retirement plan sponsors to mitigate cybersecurity threats by following these guidelines: cybersecurity practices, which include having an expert response plan in place to curtail damages from cyber breaches. Note that failure to adequately address cybersecurity can even be considered a fiduciary breach for the sponsor.   

To help retirement plan sponsors across the country manage their ERISA Bond compliance and protect themselves and their companies against fiduciary and cyber risks, Colonial Surety Company offers an efficient, affordable and unique solution. 

Only Colonial Surety Company solves the complex puzzle of ERISA compliance and protection by putting three essential coverages into one seamless, affordable bundle:

  1. ERISA Fidelity Bond: Fulfills your federal mandate to protect plan funds from dishonesty. 
  2. Fiduciary Liability Insurance (FLI): Shields your personal assets, covering up to $1,000,000 in legal defense costs and penalties for administrative errors or oversight omissions.
  3. Complimentary $50,000 of Cyber Liability Insurance: Provides vital protection for the plan and company against regulatory actions following a data breach, directly addressing the DOL’s response plan recommendations.

Protect your retirement plan, your business, and your personal assets in one smart move: upgrade to Colonial Surety Company’s affordable bundle for retirement plan sponsors:

👉 Get Your Instant Quote & Download Your Proof of Coverage in Minutes

What Fiduciary and Cyber Liability Insurance Covers:

  • Administrative Errors: Mishaps such as improper enrollment, failing to process participant changes, or incorrect termination protocols.
  • Investment Mismanagement: Claims regarding negligent investment selections or poor financial advice offered to participants.
  • Excessive Fees: Lawsuits stemming from a failure to monitor and negotiate third-party service provider fees.
  • Cybersecurity Breaches: Failure to adequately mitigate cybersecurity threats or monitor vendor data security protocols.

Why Choose Colonial Surety Company?

  • Trusted & Reliable: U.S. Treasury Listed, Rated “A” (Excellent) by A.M. Best Company, and in business since 1930.
  • Direct & Digital: Skip the middle players. Quote, purchase, and download your full protection package entirely online in minutes.
  • The Carrier, Not a Broker: No agent markups, no waiting for a callback, and no unnecessary fees.
  • National Reach, Local Support: Licensed nationwide with a knowledgeable, US-based customer service team, trained on ERISA and ready to assist you.

Frequently Asked Questions (FAQs)

Does an ERISA bond protect the business owner?

No. An ERISA Fidelity Bond solely protects the retirement plan’s funds from internal theft or embezzlement. It provides zero financial protection for the business owner or plan sponsor against lawsuits, administrative oversights or regulatory actions.

What happens if I don’t report an ERISA bond on Form 5500?

Leaving the fidelity bond section blank or reporting an insufficient coverage amount (less than 10% of plan assets) is an immediate red flag for the Department of Labor. It significantly increases your risk of triggering a costly DOL audit or enforcement action.

Is Cyber Liability included in standard Fiduciary Insurance?

Generally, no. However, because the DOL now obligates plan sponsors to mitigate cybersecurity threats as part of their fiduciary responsibilities, Colonial Surety Company includes $50k of complimentary Cyber Liability Insurance within its ERISA protection bundle to help shield your company and plan from data breach liabilities.

Helpful Resources

Cyber for Plan Sponsors
Considering Private Assets For The 401K?

Will private credit and other alternative investments become part of the menu for your 401k plan?…

Jun 1, 2026

Cyber for Plan Sponsors
Financial Wellness At Work: Info, Education and Advice

The money worries of employees don’t stop during work hours, and of course financial stress distracts…

Jun 15, 2026

Cyber for Plan Sponsors
Survey Says: Cybersecurity Fatigue?

Frustrated. Confused. Fatalistic. Tuned out. According to a survey by the National Cybersecurity Alliance, though our…

Jun 15, 2026

Read Our Blog

Frequently Asked Questions (FAQs)