As those of you who were able to attend our recent know, there is a lot going on in the benefits world these days. From continuing remote work complexities to hastily-drafted legislation to a constant stream of guidance, it can sometimes feel impossible to take it all in. With that in mind, we have wrapped up a few of our favorites here to help keep your company compliant and ready to face 2022.

Remote Workforce Policies

As discussed in our recent webinar, many employees have been working remotely (and sometimes out-of-state) for some time. While employees working remotely for a limited duration and based on governmental work-from-home mandates have a better chance of being deemed incidental employees to that state of residence, as time goes on, it gets harder to call this out-of-state work incidental. In addition, many employers have started to roll out longer term work-from-home and hybrid remote work arrangements that often allow for out-of-state work. This passage of time, the intent to allow long-term work from home, and an evolving governmental regulatory environment increases the risk of employees being considered permanent working residents from their home. While we wish there was an easy answer, remote work arrangements (especially when they involve a state away from an employer’s usual place of business) call for a case-by-case review and the development of clear remote work policies. These policies are necessary to ensure compliance with all potential state taxes and state employee laws. Employers may also wish to consider clear policies regarding how long someone may work from home in a state outside the jurisdiction.

Employee Retention & Deferred Compensation

Another current hot topic in our world is employee retention. As more out-of-state employers have started conducting national searches and have moved to allowing new hires to work from home, we have seen pressure on local employers to retain their key employees. Effective ways to help incentivize key employees to pass on those remote offers include deferred compensation and bonus structures. (These programs can also be key tools to incentivize a new hire to accept an offer.) It is important to remember that deferred compensation is subject to Internal Revenue Code Section 409A, and failure to meet the Code’s requirements may result in a hefty income tax. Many providers are delaying implementation of deferred compensation plans due to demand, which may lead to mistiming your plan with your expectations and promises, so early planning is often key when it comes to implementing these programs.

CARES Act/ARPA

Many of the pandemic provisions within the CARES Act and the ARPA included provisions which were placed into legislation rather quickly to address what were seen as immediate needs related to the pandemic. As a result, the ultimate text, impact, and interpretation of those laws is very limited, and application is sometimes uncertain. For example, the IRS recently issued COBRA premium assistance guidance, yet the COBRA premium assistance component of the ARPA is set to expire in fewer than 60 days (September 30, 2021). While much of the COVID-19 pandemic has involved reacting to regulation with best efforts, it is important to continuously review policies and procedures impacted by the CARES Act and the ARPA to ensure continued compliance with the most updated guidance and requirements.

Cybersecurity

In today’s environment, one of the greatest risk areas for sponsors of health and retirement plans is cybersecurity. In April of this year, the Department of Labor recognized this risk by publishing specific cybersecurity guidance with the Employee Retirement Income Security Act (ERISA) in mind. As many plan sponsors are updating prototype and individually designed retirement plans in 2021 and are entering new Health Plan contracts for January 1, 2022, we recommend including cybersecurity language within plan documents and contracts. In addition, we recommend that the Plan Committees/Trustees review internal and vendor cybersecurity protections (with regard to both financial and individually identifiable data) on at least an annual basis, as a cybersecurity breach can be extremely costly to Plan Sponsors and their participants.