Tag: ethics

Interviewer’s Note: This column about fiduciary issues affecting public pension systems is the general responsibility of Suzanne Dugan, who usually writes the column or invites guests to offer some helpful commentary. Suzanne is the founder and head of the firm’s Ethics and Fiduciary Counseling practice, one of the country’s most active and recognized practices providing trusted counsel to public pension trustees and staff. Suzanne was recently named President of the National Association of Public Pension Attorneys (NAPPA). NAPPA is almost 40 years old and provides an important opportunity for public pension lawyers to come together to learn about the most critical matters affecting their work.

As Suzanne begins her one-year term as President of NAPPA, she thought this a good moment to flip the seats so she can share a little bit about her work on your behalf and as the leader of this group. Since she and I have spent the last couple of decades working on and discussing public pensions, I’ll serve as the foil in this conversation. Hope you enjoy.

Luke Bierman: You’ve been chosen by your peers to lead NAPPA. Tell us a bit about the organization—how you became involved, how it’s organized, and how NAPPA is different from other organizations that work with public pensions.

Suzanne M. Dugan: NAPPA is the only national professional association focused exclusively on public pension attorneys. The beauty of the organization is that it provides an opportunity to exchange information, advance knowledge and education, and foster best principles and sound practices in the field of public employee retirement systems. Public pension plans are a bit unique as they are not governed by ERISA but rather by provisions enacted in their home jurisdictions. These laws might be similar across states and municipalities, allowing members to share their experiences very neatly, but can also vary across the country, giving legal practitioners opportunities to learn about these differences and apply those lessons by analogy. NAPPA’s singular focus on public pensions and its approach of similarity and difference separates it from other organizations.

The organization hosts two educational programs each year. The Winter Seminar devotes a half-day each to NAPPA’s four sections—Benefits, Fiduciary and Plan Governance (my personal favorite), Investments, and Tax—as well as general interest topics on the final morning of the program. The Legal Education Conference, which runs for four days, focuses more about the law and legal issues affecting public pension plans on a wide range of topics and provides public pension attorneys with an opportunity to obtain continuing legal education credit. It is not unusual for several hundred lawyers to attend these programs, which are organized by the four sections I mentioned, as well as our education committees on topics such a cybersecurity and data privacy, funding challenges, public safety, securities litigation, and new member education. NAPPA also publishes a semi-annual newsletter, The NAPPA Report, that allows members to provide articles relevant for their peers in the public pension world.

I began my involvement as a member while working as Special Counsel for Ethics in the Office of the New York State Comptroller in the mid-2000s. After joining Cohen Milstein in 2011, I became involved with the section on Fiduciary and Plan Governance, presenting and organizing programs, and then was asked to assist with the New Member Education Committee. In 2024, I was thrilled when then-NAPPA President Laura Gilson, the General Counsel of the Arkansas Public Employees Retirement System, asked me to serve as Vice President. I’ve been lucky to see NAPPA from the perspectives of both in-house and outside counsel to public pension plans, which I think enhances my capacity to have a positive impact as President.

What really distinguishes NAPPA members is their commitment to the mission. Protecting the retirement security of educators, public safety officers, and other government employees is critically important, especially at a time when it feels as though government employees are under attack. It’s meaningful work for these attorneys, whose efforts benefit millions of retirees and the beneficiaries who depend on public pensions. Indeed, I’m a member of a public pension system after 20 years of public service in New York State, so I fully appreciate how important that pension check is to the beneficiaries of our clients. It’s essential to ensure that those checks get to those who devoted their careers to public service. We’re all proud to play a role in that important work.

LB: I know what you mean: I get one of those checks every month and share your enthusiasm and commitment to the beneficiaries of the public pension systems. To keep up to date with your practice, you recently attended NAPPA’s annual summer conference, which is where you became President. What were the most salient issues on the agenda?

SMD: There are some issues that are perennial, so NAPPA covers them at each meeting–professional ethics, recent litigation, federal legislation, and tax changes, for example. Other topics are more, well, topical—dependent on current trends. For example, cybersecurity and data privacy is top of mind these days, and we had a panel on that topic. I moderated a panel discussing the challenges of public comment periods on Board meeting agendas, and how to craft written policies that satisfy the First Amendment while allowing boards to function efficiently and effectively. We had a very well-received panel with Julie Reiser, co-chair of the firm’s securities practice, discussing the implications for public pension plans wrought

by the U.S. Supreme Court’s decision to overturn the Chevron deference doctrine. It was a wide-ranging agenda designed to keep public pension attorneys well informed.

LB: How does your work, and now leadership, at NAPPA complement your practice?

SMD: The best part is getting to know lawyers from around the country doing public pension law. I have learned so much from these people over the years. Of course, as I’ve gotten to know them, I feel comfortable calling them to ask questions, finding out how they approach challenges, learning what is new and coming my way. And I do like to help other attorneys, especially the new generation of lawyers who will be representing public pension systems for decades to come; the trust funds at the heart of the public pension world are not just long-term investors but are essentially perpetual ones, so it is not that hard to imagine that some of these lawyers new to NAPPA will be leaders of NAPPA in 2050. I enjoy that aspect of the organization and I hope that will be a part of the membership initiative I can foster as President.

LB: Thanks, Suzanne, for sharing more about NAPPA. Good luck in leading the organization.

The Summer 2025 issue of the Shareholder Advocate, our quarterly securities litigation and investor protection newsletter, features articles on:

Managing corporate risk in the AI boom
UFC fighters’ $375 million antitrust settlement
The role of an amicus brief in the Supreme Court’s to dismiss an appellate review of class certification as improvidently granted
Initial approval of investors’ $27 million settlement with InnovAge
An interview with Fiduciary Focus columnist Suzanne Dugan on her new role as president of the National Association of Public Pension Attorneys

For this edition of the Fiduciary Focus column, I was thrilled to sit down with Andrew Roth, who became the Executive Director and CEO of the Colorado Public Employees’ Retirement Association (PERA) in May of 2024.

Andrew has deep experience in public pensions, having arrived in Denver from Austin, where he was the Deputy Director of the Teacher Retirement System of Texas (TRS). Prior to that, he served as the Benefits and Services Executive Officer at the California State Teachers’ Retirement System (CalSTRS). Further evidencing his leadership role in the world of institutional investors, Andrew was recently elected to the Board of Directors of the Council of Institutional Investors (CII).

As you approach your first anniversary, how are you finding the transition to PERA, which is a bit smaller than TRS, but no less focused on the members and beneficiaries?

The transition from TRS to PERA has been greatly facilitated by a terrific executive team, supportive Board, and welcoming stakeholders. While PERA is a smaller organization than either CalSTRS or TRS in terms of assets under management and the number of both members and beneficiaries, what strikes me as unique is the complexity of the plan. Five divisions within the plan means five sets of distinct stakeholders, each with their own set of concerns. Complexity aside, PERA, like CalSTRS and TRS, is hyperfocused on its members, beneficiaries, and mission, which drives a strong collaborative culture that makes working here a rewarding experience.

What would you say are the biggest challenges you are facing in 2025 as you assist the PERA Board in fulfilling their fiduciary responsibilities?

The biggest challenge we’re facing in 2025 is the volatility in the market. PERA’s funded status is below the median of US Public Pension funds, which amplifies market uncertainties and swiftly captures the attention of the plan sponsor (the Colorado General Assembly) and our stakeholders. A big part of my job involves supporting PERA’s Board of Trustees with helpful information and guidance on complex investment, actuarial, and fiduciary concepts; when there’s a lot of noise generated by relatively short-term market events, that cacophony can distract and disrupt focus on PERA’s 30-year horizon and working toward the full funding of the plan.

Direction from Washington reflects very different approaches from those of the recent past, especially with changes in regulatory and economic priorities. How is PERA accommodating these adjustments in its planning?

Great question. PERA has historically, and continues to be, focused on generating the best risk-adjusted returns possible. We pay close attention to regulatory changes and economic priorities in both our state as well as in Washington. Shifts in priorities from either place result in the executive team and Board of Trustees making policy decisions as appropriate to accommodate the policy requirements generated either by our plan sponsor in the Colorado Legislature or by the federal government. PERA’s talented investment team’s focus on investing in what we know has served us well regardless of which direction the political winds blow.

There’s no doubt that the focus on ESG & DEI priorities has changed significantly in the current political climate. In what way should institutional investors focus on developments in this area?

A timely question, and one that is on the minds of many people in the financial world. After years of focusing on making improvements in the DEI-related space, new direction from the federal government raises significant questions and debate, and related activities may now result in serious consequences. Many corporate entities and institutional investors have responded by dropping or repurposing DEI-related initiatives to avoid triggering penalties or negative interest from the federal government. ESG is a little more complicated as due diligence requires investors to consider risk, including risks that may be related to environmental, social, or governance factors. Sound investment principles and fiduciary duties require institutional investors (and really any serious investor) to comprehensively consider all risks that may impact returns. Poor governance, unsound practices, and disregard for rules and regulations will negatively impact investment returns, which in my opinion means institutional investors will continue to evaluate risk and make decisions accordingly.

Artificial Intelligence (AI) is altering the way we think about accomplishing various tasks. Do you see this trend coming into play at PERA?

Yes, like most industries, public pension funds are considering AI technology and the use cases that can support and enhance our administration of the retirement plan benefits that are of crucial importance to our members and beneficiaries. While it undoubtedly has useful applications, AI requires scrutiny as its limitations and drawbacks are well documented and serious in nature. At PERA, we’ve established an AI policy and an AI council to evaluate the tools rapidly coming online in this space and assess how appropriate they are for our internal use. I’d describe PERA’s utilization of AI-related tools as somewhat limited in scope but useful in terms of facilitating production-related tasks.

You were recently elected to the Board of CII. How do you see this role as complimenting your role at PERA and assisting you in fulfilling your fiduciary duties?

As CEO, I am accountable for oversight of the entire organization, including the investment function. My previous roles in the public pension space were primarily focused on plan design, pension benefits, information technology, human resources, finance, shared services, and large-scale enterprise projects. Upon stepping into the CEO role at PERA, I wanted to lean in and deepen my investment knowledge. We are incredibly fortunate at PERA to have a talented and tenured investment team that has helped expedite this continued learning and development for me. Participating on the CII board provides me with an additional opportunity to expand my knowledge at an appropriate level about issues impacting institutional investors. This all helps me refine and calibrate the fiduciary lens through which I evaluate related issues affecting PERA and our important mission and purpose.

The start of a new year often brings change and fresh opportunities, and the world of public pensions is no exception.

For some pension plans, the new year may signal the appointment of new trustees to their boards. It’s essential for new trustees to educate themselves, particularly when it comes to the fiduciary responsibilities that form the foundation of everything they do. Even the most well-intentioned trustees must take care to fully understand their obligations as fiduciaries to prevent inadvertent errors that could potentially leave them in violation of their fiduciary duty. As we welcome these individuals to their important roles, we would like to take the opportunity to address some frequently asked questions, drawn from many years of experience in trustee training.

I am a new trustee on the board of a police and firefighters’ pension system elected by the police members. I owe a fiduciary duty to my constituents—the police members—to always act in their best interests. Correct?

Not exactly. Trustees owe a fiduciary duty to all the members of a public pension plan—not just the membership group from which they were elected. This duty of loyalty is central to every statement of fiduciary duty.

The duty of loyalty means that a trustee wears only one “hat.” The courts have determined that a trustee may not, at the same time he or she is serving as a fiduciary for all members, wear a second hat as a representative of the entity that appointed him or her. This can be hard, as constituents may expect their elected “representative” on the board to take care of their needs. But as the courts have consistently held and the U.S. Supreme Court has reiterated, the duty to the trust beneficiaries must overcome any loyalty to the interests of the party or parties that appointed the trustee.

But as a governor’s appointee to a state pension board, shouldn’t I be primarily concerned with the taxpayers? After all, taxpayer money flows into the fund from the state, which is the employer.

Trustees of public retirement systems are not fiduciaries for appointing authorities, employers who pay into the systems, unions, constituencies from which they are elected, taxpayers, or the public. Rather, as noted, the duty of loyalty provides that trustees always act in the best interests solely of the members and beneficiaries.

The duty of loyalty is closely related to and informed by the exclusive benefit rule, which provides that trustees shall administer their pension systems for the sole and exclusive benefit of the members and participants. The pension plan’s assets are held in a trust, and once contributions are made to that trust—whether by employees who are members of the plan or by states or municipalities who continue as employers—those contributions become part of the trust.

Moreover, public pension plans are generally considered “qualified” retirement plans under the Internal Revenue Code, which allows for tax advantages such as tax-deferred contributions and earnings growth for employees participating in the plan. The Internal Revenue Code specifies that no part of the corpus or income from the trust may be used for purposes other than for the exclusive benefit of the employees or their beneficiaries. Any violation of this “exclusive benefit rule” could put the tax qualification of the plan at risk.

As a fiduciary, I feel that “the buck stops with me.” Isn’t it my job to make decisions—not the job of the staff or outside experts?

The role of the board is certainly as the final decision-maker, but the answer to the question posed is a little more complex. The importance of governance is critical, since research indicates a strong positive correlation between good governance and a performance premium. The role of the board is one of oversight. As noted by the National Association of State Retirement Administrators, boards are established to oversee the operations of the system, to ensure that the system is fulfilling its statutory responsibilities related to retirement system functions. The board is also charged with establishing the policies of the system and with strategic planning. Staff, on the other hand, has responsibility for the day-to-day operation of the system, as well as the implementation of the policies and strategic plan set by the board. Consultants provide the outside expertise that enables both the board and staff to better fulfill their respective responsibilities.

Fiduciary law provides that a trustee has a duty to personally perform the responsibilities of a trustee except as a prudent person might delegate those responsibilities to others. In deciding whether, to whom, and in what manner to delegate fiduciary authority, and in monitoring those to whom they have delegated responsibility, trustees owe a duty to the beneficiaries to exercise fiduciary discretion and to act as a prudent person of comparable skill would act in similar circumstances (duties of prudence and care).

The law recognizes that a trustee cannot personally perform every function and does not possess all required expertise. Thus, trustees are authorized to delegate; delegation is, in fact, a critical part of a proper exercise of fiduciary duty. The decisions to appoint and monitor delegates are fiduciary functions: the trustee has a duty to properly select delegates and to monitor them.

Remember that fiduciaries are judged by the decision-making process they follow. Do you as a trustee have sufficient information from experts, both staff and independent outside experts? Does your board engage in a rigorous decision-making process in a manner consistent with procedural prudence? The process undertaken should be documented to demonstrate prudence in decision-making. And finally, fiduciaries have an ongoing duty to monitor decisions to make sure those decisions remain prudent.

There is no shortage of uncertainty in our world. That said, two certainties that bear directly on the fortunes of pension funds—death and taxes—have always impacted the work of public pension administrators. Now we can add a third certainty to this list: the necessity of cybersecurity preparation.

According to a recent Forbes report, there were 2,365 cyberattacks last year, with about 350 million victims. That represented a 72% increase in incidents since 2021, the previous high water mark for cyberattacks. On average, each cyberattack costs about $4.5 million. The most typical occur by email, text or phone, with familiar vendors the most common targets—Microsoft, Amazon, Google, and Apple, to name a few. The risk is apparent. And literally as I write this, a massive cyberattack at AT&T is being reported.

In June, during the National Association of Pension Plan Attorneys’ 2024 Legal Education Conference, a panel of experienced pension fund lawyers and consultants offered some guidance regarding cyberattacks and how to prepare. The following draws from their advice.

First and foremost, educate yourself about the risks surrounding cyberattacks. From there, it is necessary to develop policies, some of which will be mandated by law and others specific

to your organization. Importantly, administrators must clearly and unambiguously specify the chain of command and roles for dealing with cyberattack issues, including an actual attack. Response protocols also must be detailed and unambiguous, so that intrusions are dealt with as quickly as possible. These processes must accommodate the many different aspects of responding to an incident; internal protocols, governing laws and regulations, notifications, and timing are among the important considerations. The development of these rules is not for the faint of heart, since they may implicate legal requirements, enterprise-wide function, beneficiaries, external constituencies, and vendors, as well as incur a variety of other risks.

Once the rules and protocols are in place, it is necessary to undertake regular training, especially for the personnel responsible for dealing with a cyberattack. Since attacks can emanate from anywhere within the enterprise, all personnel must be trained to recognize risks of a cyberattack that may target their own computers so that they can prevent the organization’s systems from being invaded or raise an alert with those responsible for responding to a cyberattack. The training should also include drills to ensure that any actual response is quick and direct. There also must be regular review of the policies, protocols and practices with appropriate revisions and updates, especially since the breadth of risks posed by a cyberattack are constantly evolving. Vigilance is a key component to ensuring up-to-date security.

Among the many aspects of policy, protocol, and practice to be addressed is the essential challenge of notifying those potentially affected by an incident. Applicable federal, state, local, and in some circumstances even international laws govern notification requirements for law enforcement and affected members and beneficiaries. Privacy laws, including HIPAA for health information, and SEC requirements, must be considered. You may have contractual provisions governing third parties and vendors—not only regarding their roles in direct cyberattacks on the pension system but also to incidents affecting those parties that could implicate system information.

Cybersecurity insurance may also be warranted. First and foremost, the insurance available for these attacks must be scrutinized for coverage, exclusions, and cost, but other factors also come into play when selecting a policy. This is another area of significant variation and evolution so, again, regular review will be necessary.

As any incident is likely to involve issues with legal counsel and advice, consideration of the role of the attorneys involved should be resolved early so that issues surrounding privilege and work product can be understood. Maintaining careful records is, as always, essential to establish fiduciary compliance, and consideration to record development and retention to avoid the risks attendant these kinds of crisis situations should be given early and fully. Data are valuable in today’s operating environment, meaning information not directly affected by any specific attack must also be protected, so informed assessment in these matters should be given.

This litany of approaches to deal with the risk of cyberattacks is meant merely as an introductory primer. Even from this approach, though, the risks inherent in the enterprise and the opportunities for missteps during responses, which can be hurried and erratic if not well conceived and planned, are evident, with concomitant negative effect on fiduciary duty. The use of experts, both internal and external, may well be warranted in order to minimize what is now inevitable: the risk of harm from cyberattack.

With the 2024 general election only eight months away, now is a good time for ethics and compliance counsel of public pension funds to refresh their understanding of the Securities and Exchange Commission’s (“SEC”) Rule 206-4(5) under the Investment Advisers Act of 1940. It’s also a good time to remain vigilant about this so-called “Pay-to-Play Rule” and its implications.

Enacted in 2010, the SEC’s Pay-to-Play Rule limits investment advisors from making political contributions to certain state and local government officials and candidates who possess the authority to influence the selection of an investment manager for public pension funds. It should be noted that the Pay-to-Play Rule does not extend to federal officials and candidates. There is an exception to this rule when a certain state or local official is running for federal office. For example, if the Governor of California decides to run for the President of the United States, they would be limited from receiving political contributions from investment advisors because the governor has appointment authority over the California Public Employees’ Retirement System. In fact, this scenario played out in the 2012 presidential election. According to Washington Post columnist Dan Balz, Republican presidential nominee Mitt Romney eliminated Governor Chris Christie of New Jersey from his vice-presidential short list because Governor Christie would be prohibited from raising money from financial institutions under the Pay-to-Play Rule (Romney also asked Christie to resign as governor, but he refused to do so).

The Pay-to-Play Rule does not extend to every investment advisor. Specifically, the rule applies to political contributions by “covered associates,” who may be defined in two ways: (1) general partners, managing members, or executive officers of an investment advisor; and (2) employees who solicit a government entity such as a public pension fund for the advisor, directly or indirectly. The application of the rule may be tricky because it requires determining what investment advisor directly or indirectly supervises a covered associate. On its face, independent contractors may appear outside of the rule; however, an investment advisor may also indirectly supervise them, thus falling under the rule.

The Pay-to-Play Rule also puts in place a two-year “cooling off” period during which an advisor is prohibited from receiving compensation from a public pension fund for two years after an advisor or “covered associate” makes a political contribution. Again, there is an exception: the rule allows an advisor or “covered associate” to make de minimis contributions: (1) $350 per election cycle for candidates running for offices that the advisor can vote for; and (2) $150 for other candidates.

Here again, the rule can be tricky to apply because the rule extends to an individual who is not a covered associate at the time of the contribution but then becomes a covered associate during the two-year time period. For example, in 2022, the SEC fined the Asset Management Group of Bank of Hawaii where a similar set of facts occurred. According to the SEC’s administrative proceedings, in July 2018, an officer of the Bank of Hawaii, as a noncovered associate, made a $1,000 contribution to the then[1]governor of Hawaii. Three months later, the officer became an indirect supervisor of the bank’s Asset Group, which provided investment advisory services. This change in role converted the officer from a non-covered associate to a covered associate. The SEC determined that the Asset Group of Bank of Hawaii violated the Pay-to-Play Rule because the now covered associate or former bank officer made a political contribution to the governor of Hawaii during the “cooling off” period. The governor of Hawaii possesses the authority to influence the investment advisory services for the University of Hawaii, a client of the investment manager. As a result, the SEC prohibited the investment management firm from receiving advisory fees from the University of Hawaii.

Therefore, ethics and compliance counsel of public pension funds should take three steps going into the election season. First, ethics counsel should proactively communicate with investment managers about the Pay-to-Play Rule, encouraging such managers to identify “covered associates,” adopt preclearance policies, and carry out period compliance checks about campaign contributions to certain state and local officials. Second, ethics counsel should identify a list of local and state elected officials or candidates that possess authority to appoint or influence their pension fund. Finally, ethics counsel should consider reviewing and updating placement agent forms, including disclosures of political contributions under the Pay-to-Play Rule. A “placement agent” may be defined as an internal or external employee to an investment advisor that does marketing on behalf of the investment manager. In some instances, this may not apply since certain states and pension funds have banned the use of placement agents. Taking these proactive steps will provide public pension funds with assurances that there are no compliance concerns.