Litigation trend puts health plan fiduciaries on notice

Contributors

Beth Latchana SVP, Director of Compliance Consulting, People Solutions blatchana@lockton.com 517.449.2615

Brandon Gray AVP, Professional & Executive Risk bgray@lockton.com 816.777.7431

Kevin Hewgley SVP, Professional & Executive Risk khewgley@lockton.com 314.496.9029

Contents

Recent high-profile litigation
Who is a fiduciary?
Low barrier to litigation
Fiduciary risk transfer
Building effective insurance programs
Prudent practices
Get in touch

Over the past few years, lawsuits alleging violations of fiduciary duty under the Employee Retirement Income Security Act of 1974 (ERISA) have mainly focused on excessive fees in administering retirement savings plans. A series of recent lawsuits, however, apply a similar legal theory to health and welfare plans.

These legal actions emphasize the reality that any employer that sponsors benefit programs can be exposed to fiduciary liability, making effective risk management critical for organizations, their executives, and plan fiduciaries. Building effective insurance programs, strengthening plan governance, and bridging internal knowledge gaps can help benefit plan sponsors forge a more cohesive risk culture and mitigate costly litigation.

Recent high-profile litigation

In March 2025, several participants in a JPMorgan Chase health plan sued the company as well as individual directors on its Compensation & Management Development Committee as plan fiduciaries. The plaintiffs in the case, Stern et al. v. JPMorgan Chase, accused the defendants of “breaching their fiduciary duties by agreeing to grossly inflated prescription drug prices, costing the JPMorgan Plan and its participants/beneficiaries millions of dollars through higher payments for prescription drugs, higher premiums, high out-of-pocket costs, higher deductibles, higher coinsurance, higher copays and suppressed wages.”

JPMorgan Chase, like many employers that offer prescription drug benefits, contracts with a pharmacy benefits manager (PBM) to provide plan participants with lower negotiated drug prices, rebates, access to drug formularies and improved claims processing. The practice of using a PBM is intended to create administrative efficiencies and savings on drug costs, which continue to rise and are one of the key drivers of health plan expenses.

The plaintiffs cited as an example of plan mismanagement the cost of generic drugs for treatment of multiple sclerosis compared with the plan’s cost — a difference of more than $6,000 per prescription, which plaintiffs alleged JPMorgan Chase agreed to pay to its PBM vendor. According to the lawsuit, the defendants’ mismanagement extended across all 366 generic drugs on the plan’s formulary for which public information was available, resulting in an average markup for participants/beneficiaries of 211% of pharmacies’ acquisition cost for those same medications.

Notably, the plaintiffs asserted the defendants’ actions were “not merely inattentive or negligent” but willful. In their lawsuit, plaintiffs stated the defendants failed to adequately:

  • “Negotiate or re-negotiate the plan’s contract” with the PBM and failed to prudently exercise their rights under that contract.
  • “Consider contracting with a different PBM” for all the plan’s prescription drugs.
  • “Consider carving out their specialty-drug program from their broader contract” with the PBM.

The suit added that “fiduciaries of similar plans across the country have conducted comprehensive plan reviews and concluded their plans’ interests were best served by carving out specialty pharmacy benefits from their overall PBM contract.”

Similar lawsuits alleging breach of fiduciary duty related to the cost of prescription drugs in health plans were filed in 2024 against Johnson & Johnson and Wells Fargo & Company. Even though the courts initially dismissed the breach of fiduciary duty claims on procedural grounds, they left open whether J&J and Wells Fargo had breached their ERISA fiduciary duties. This left the door open for plaintiffs to refile their motions; as of this date, plaintiffs in the J&J suit have refiled.

Who is a fiduciary?

ERISA requires fiduciaries of employee benefit plans — retirement savings plans, such as 401(k)s, as well as health and welfare plans — to act in the best interests of plan participants and beneficiaries by exercising care and prudence in the selection, management, and maintenance of the benefit plans and service providers. This includes defraying reasonable plan administration expenses and owing a duty of loyalty to plan members/beneficiaries.

But who exactly is a fiduciary for purposes of meeting these requirements?

A plan fiduciary can be named in plan documents or identified by the services he or she provides to a plan. Whether identified by name or not, a person who exercises discretionary authority or control over the benefit plan or its assets is considered a functional fiduciary. Benefit plans subject to ERISA can have multiple fiduciaries. This means any employee, director, officer, or benefits committee member who selects, manages, or maintains employee benefit plans are deemed to be fiduciaries.

Fiduciary liability risks stem from regulatory enforcement or private litigation, such as the class-action lawsuits filed against JPMorgan Chase, J&J, and Wells Fargo. Examples of such liability for violating fiduciary obligations can include fines, personal liability for plan losses, bans on providing future services to benefit plans and even prison sentences. Regulatory fines and criminal charges for ERISA fiduciary violations typically occur in the most egregious cases. Private civil actions remain the principal driver of ERISA litigation.

Low barrier to litigation

Another reason plan sponsors and fiduciaries can expect their liability exposures to grow is the relatively low bar for plaintiffs to file lawsuits alleging breach of fiduciary duty. Plaintiffs’ law firms that found success in the past decade with excessive-fee litigation against retirement benefit plan sponsors are now turning their attention to different types of plans, including health and welfare plans, specifically applying to medical insurance, vision, and dental plans; they can also extend to some fringe benefit plans.

ERISA litigation over excessive fees in retirement plans began in the mid-2000s and then surged in 2020, when nearly 100 cases were filed — a more than fivefold increase from the previous year, according to a report by AIG. Such lawsuits have been steadily filed since, targeting a wide range of plan sizes across almost every industry, AIG found. Among the allegations common in excessive-fee suits are:

  • Paying excessive fees to service providers.
  • Failing to use plan “purchasing power” to control costs.
  • Failing to monitor fees paid to service providers.
  • Failing to monitor or supervise discretionary fiduciaries or trustees.
  • Lacking a regular request for proposal (RFP) process for plan vendors.
  • Providing inconsistent or incomplete notifications and disclosures to plan participants.

Some federal courts have held that the defendant, not the plaintiff, has the burden of proof in ERISA cases, which has made it easier for plaintiff claims to survive motions to dismiss, AIG explained. Since 2015, only one-third of excessive-fee class action cases have been dismissed. When fiduciary liability litigation proceeds to the trial phase, defense costs skyrocket.

Most ERISA plans are required to annually file a plan return known as the federal Form 5500, which provides detailed information on the plan sponsor, type of plan, and the plan’s service providers. Because these forms are open to public inspection, it’s relatively easy for plaintiffs to find plan information. If a Form 5500 indicates a benefit plan has not been updated in several years, that could be interpreted as a breach of fiduciary duty — and that plan could become a target for plaintiffs’ counsel.

Fiduciary risk transfer

With fiduciary liability exposures increasing, having appropriate insurance coverage in place is important. Plan sponsors, however, must understand the limitations of different kinds of policies, so they can ensure optimum risk transfer for fiduciaries and executive leadership teams.

Organizations may already have a variety of relevant insurance policies in place, including directors and officers liability (D&O) insurance, which is intended to cover wrongful acts in managing corporate entities. Fidelity bonds, meanwhile, can protect the plan against losses from fraud or dishonesty, and employment practices liability (EPL) coverage protects employees from employment-based litigation.

Individual fiduciary responsibilities, however, differ from those of corporate directors and officers. For this reason, sponsors should consider purchasing fiduciary liability insurance, which is designed to cover losses arising from the specific acts of selecting, managing, and maintaining employee benefit plans and service providers. At a minimum, committees and companies should undergo the underwriting process to determine if they are deemed to be insurable risks and then complete cost-benefit analyses when buying such coverage.

Fiduciary liability insurance protects fiduciaries against claims alleging mismanagement, negligence, or breaches of fiduciary duty in the administration of employee benefit plans, trusts or other fiduciary responsibilities. This coverage is particularly relevant for fiduciaries overseeing employee benefit plans governed by ERISA, such as 401(k) plans, pension plans, and health and welfare plans.

Fiduciary liability policies typically provide coverage for:

  • Legal defense costs. Policies generally cover attorney fees, court costs, and other expenses incurred in defending against related claims, even if those claims are unfounded. Unlike other policies — general liability, for example — defense costs are included within aggregate limits.
  • Settlements and judgments. Policies pay for settlements and damages resulting from covered claims, up to the policy limits.
  • Insured persons. Fiduciary liability policies protect both individual fiduciaries, such as benefit committee members, and organizations sponsoring covered plans.

Fiduciary liability insurance is distinct from other forms of insurance, though it may complement them. D&O insurance, for example, protects corporate directors and officers from claims related to their management decisions, but policies typically contain broad “based upon or arising out of” exclusions for ERISA violations and the fiduciary duties specific to employee benefit plans. Fiduciary liability insurance fills this gap.

Fidelity bonds, meanwhile, satisfy requirements under ERISA that sponsors of most benefit plans be bonded to protect against theft of fraud by plan administrators. These bonds, however, do not provide coverage for alleged breaches of duty or negligence, which are covered under fiduciary liability insurance.

Building effective insurance programs

When evaluating fiduciary liability insurance options, fiduciaries and organizations should consider several factors, including coverage limits and retentions. It is imperative to ensure a policy has adequate coverage limits that align with corporate risk tolerance. Quantitative considerations include plan asset size, plan structure, litigation trends, and defense costs.

Fiduciaries and organizations should also work with their brokers to:

  • Ensure broadness of coverage. Risk professionals and brokers should confirm that policy language covers all relevant fiduciary activity and types of plans. Most modern fiduciary policies account for all plan types, but some policy forms still require that certain plans — for example, employee stock ownership plans — be endorsed to a policy for coverage.
  • Weigh the cost of premiums against the potential financial impact of fiduciary claims. This is particularly important for organizations with large or complex plans. While litigation trends are challenging, fiduciary liability coverage remains relatively affordable when compared to other insurance products.
  • Carefully review exclusions to understand what is not covered.

Plan sponsors should work with several stakeholders — including corporate risk managers (if applicable), human resources executives, internal and outside counsel, and insurance brokers — to review existing policies and additional options. This group can also identify scenarios in which these policies may — or may not — come into play.

Prudent practices

While insurance can serve as an important backstop in the event of losses, plan sponsors should also take additional steps to promote diligence in plan administration. This can mitigate fiduciary liability risks and potentially reduce the likelihood of litigation.

Among other actions, plan sponsors may benefit from:

  • Establishing governance committees. A committee is a wise idea to formalize plan decision-making and foster a thorough, cautious approach to administering employee benefit plans. This is best done in collaboration with legal counsel to draft a committee charter. Meetings should be regularly scheduled.
  • Documenting all committee activities. Plan sponsors should create and maintain minutes of each committee meeting and document all the actions taken by benefit committees.
  • Identifying fiduciaries and implementing training. A fundamental step in mitigating liability risk is to make fiduciaries aware of their responsibilities and support them in fulfilling their duties. Creating internal checklists for fiduciaries’ key functions is also a smart move.
  • Developing policies and procedures. Any benefit plan may encounter unusual situations. Policies and procedures developed with the assistance of expert advisors can empower fiduciaries to address common and uncommon plan administration scenarios.
  • Conducting reviews of plan documents and provider contracts. Fiduciaries should look closely at contracts with PBMs, third-party administrators (TPAs), and other service providers for terms, fees, services provided, performance guarantees, and other items.
  • Negotiating indemnification agreements with service providers. These agreements should be included in contracts to protect the plan and plan sponsor from errors caused by a provider.
  • Holding RFPs every three to five years, at a minimum. Extending an invitation to consider proposals from plan vendors on a recurring basis is one way to demonstrate that fiduciaries are looking out for plan participants/beneficiaries’ interests and seeking the highest value from service providers for the plan.
  • Ensuring the annual federal Form 5500 is properly updated. Companies should not simply carry over information year over year. Instead, they need to consider and update critical responses around reviews of plan designs and fees.

Get in touch

For more on how you can manage fiduciary liability, including through Lockton’s Fiduciary Governance Toolkit, contact: Lockton People Solutions or Lockton Professional and Executive Risk.

Back to top

This document and the guidance included is not all-inclusive and is not intended to be construed as legal advice. Any and all actions should be taken under the direction of counsel.

Companies and employers owe it to their employees serving on compensation and benefit committees, to ensure their personal liability is protected and safeguarded. While such personal indemnification is not a right and is a privilege, all employees should be expected to truly benefit from the services employers are providing them and know those services are duly and fairly priced competitively and clearly, concisely, and consistently communicated to all employees.

© 2025 Lockton Companies. All rights reserved.