With the new SECURE Act 2.0 up for review in the Senate, now is the time for HR professionals to get proactive about setting employees up for a successful retirement in the new landscape of retirement planning.

Our team of Retirement specialists broke down the most notable features of the SECURE Act 2.0 to help you and your team prepare.

The original SECURE Act (Setting Every Community Up for Retirement Enhancement) was passed in 2019 and went into effect in 2020. Its intent was to help employers offer retirement plans that empower workers at all income levels to save for their futures. Now, two years later, further reforms may be signed into law in a matter of months or even weeks.

Here’s what you need to know about the SECURE Act 2.0 and how it will affect your employees:

Raising the age of the Required Minimum Distribution (RMD.)

The age at which an individual is required to start drawing money out of their pre-taxed retirement accounts is going up. The first SECURE Act raised the age from 71.5 to age 72, and the new version includes a plan that extends it to age 73 in 2023, then to age 74 in 2030, and finally to age 75 in 2033. This is overall a positive change because individuals are no longer forced to take money out as early. Of course, if they want to, then they can, but it is not required.

The penalty for missing the RMD is less severe.

While it is still significant, the SECURE Act 2.0 lowers the penalty for missing the RMD.  In the scenario that an individual forgets to take money out from their retirement account, the penalty will be decreased. For example: In the past, if an individual was required to take out $10,000 from an IRA and forgot to do so, the penalty was 50%. So, that person would still have to take the $10,000 out, report it on their taxes, and then pay a $5000 penalty. The new SECURE Act 2.0 drops the penalty to 25%.


The SECURE Act 2.0 requires auto-enrollment to new employees. When a new hire starts at your company, they will automatically be enrolled in the firm’s retirement program at 3%. There is also an auto-increase feature, increasing the contribution each year by 1% until it reaches 10%. Of course, employees may opt to put in any amount they’d like, but this move ensures that the default for all employees is to contribute. While this is a great feature for many employees who would otherwise forget to enroll, this amount is often not enough for an individual to set up a successful retirement plan. There’s a chance this handy set-it-and-forget-it policy could leave some employees wondering why their nest egg isn’t what it needs to be.

Increased catch-up contributions. 

Under the current law, an individual is allowed to contribute more toward their retirement once they turn 50. With the SECURE Act 2.0, this allowance is increased at ages 62, 63, and 64. All catch-up contributions will be considered Roth contributions, which means the individual will pay taxes on them upfront. This new rule is helpful in that it gives individuals the ability to save more in that final push to prepare for retirement.

Retirement Savers’ Contribution Credit. 

We love this one. This credit is a dollar-for-dollar reduction that an individual does not need to pay back. It really is a tax credit just for saving up for retirement, which employees should be doing anyway. For those who are eligible, the credit is 50% per person – which means, if they are married, their spouse could likely take the same credit. That’s a win!

Student loans. 

This adjustment to the SECURE Act is about – you guessed it – matching contributions to student loan payments. As an employer, you may already have a program where you already pay or match your employees’ student loan payments. It appears that this new feature would make it so that these matches can go straight into the employees’ 401(k). This could be a great asset to recruitment for those employees who are not able to make both a student loan payment and a 401(k) contribution.

More potential Roth contributions. 

Currently, the employer match on retirement contributions goes into the traditional 401(k). However, in the SECURE Act 2.0, employer-matching contributions will be allowed to be made as Roth contributions. This is helpful for employees in low tax brackets saving up for Roth, as another way to get more dollars in their Roth 401(k), growing tax-free for their financial future.

Employers are now allowed to incentivize employees to participate in their retirement plan. 

Finally, employers are now able to encourage employees to participate in their retirement program by providing incentives, such as small gift cards. Any token that reminds an employee to participate is a win for both the employee and the employer.

In summary, the SECURE Act 2.0 provides more options for retirees, but the new rules can be a little complex. We recommend preparing communications for employees ahead of time so they can start thinking about their new landscape of retirement planning.

This is a great time for HR Professionals to review their company retirement programs and make changes to successfully recruit and retire valued employees. For an assessment of your current plan, guidance on choosing a new plan, or questions regarding the SECURE Act 2.0 or other retirement-related questions, please reach out to our Retirement team.  



October is National Cybersecurity Awareness Month, and as the world grows digitally, cybercrime and online fraud are becoming more complex. Our experts have put together a helpful guide for you to assess your cyber risk and whether you may need to update your cybersecurity plan in order to protect your business against cyber attacks.


Protect Your Business Against Cyber Attacks Infographic


Do you have a cybersecurity plan in place? 

Only half of all businesses in the United States have a cybersecurity plan in place – a shockingly low proportion, considering that cyber attacks do not discriminate. Every business, large and small, is a target. If you do not have a plan in place, now is the time to create one. (If you’re not sure where to start, you can reach out to a cybersecurity specialist for a free consultation!)

When was the last time you updated your cybersecurity plan? 

Of the businesses that have a plan for cybersecurity, a third have never updated their plans after the increase in remote and hybrid work operations that came with COVID-19 in 2020. At a time when exposure and risk is rising exponentially, it’s imperative to revamp your cybersecurity plan. Experts recommend reviewing and adjusting your plan at least once per year to protect your business against the latest malware and cyber attack strategies.

How do you keep your team aware of online threats that could put your business at risk?

Malicious emails have increased a whopping 600% since 2020. At the same time, ransomware is becoming more aggressive, with the average requested fee going from $5K in 2018 to $200K in 2020. It only takes one slip-up by a well-meaning team member to take down everything you’ve worked so hard to build. Make sure your whole team is educated on what cyber threats can look like and what to do if faced with a potential risk.

How does your website expose you to risk?

As cybercrime evolves, it’s important to know how your website holds up against current threats. Through our cybersecurity team and partners, we can put your site to the test against potential threats, so you can know where you stand, and we can work together to mitigate your risk.

What cyber protection is common practice for your industry and company size?

Discover how your competitors and others in your industry are protecting themselves. Using our cyber protection partner’s benchmarking tool, we can review the typical coverage of your industry for a company your size, so you’ll know exactly how you stack up.

What is your existing cyber liability, and which coverage is right for your business?

That’s what we’re here to help you find out. When you work with us to manage your cyber risk, our cybersecurity experts and partners analyze and assess the entirety of your cyber risk and build a custom program from the ground up. Our goal is to protect what you’ve built.

Cyber risks aren’t going away. But we’re here to help. We believe every business should be protected and our team is ready to partner with you to ensure your business has what it takes to stay safe online.


Contact our Cyber Security experts for a free consultation and protect your business against cyber attacks.