DOL Just Wrote The Safe Harbor Argument
You Have Ten Days To Help Put It On The Record.
Executive Brief
A safe harbor is one of the most valuable things a fiduciary can have. It’s a legal provision that says: if you do X, you’re presumed to have met your duty of prudence.
You don’t have to prove everything went right. The burden shifts. That protection is worth a great deal when the lawsuits come.
The DOL’s proposed PBM fee disclosure rule includes a “reactive” safe harbor. It protects fiduciaries who discover their PBM failed to disclose required information and respond correctly: request correction, notify DOL if nothing changes, consider termination. React prudently to a discovered problem. Get protected.
That’s a meaningful step forward. It’s also the minimum version of what’s possible.
A fiduciary who selects a PBM whose contract prohibits the practices disclosure is meant to reveal has done more than the reactive framework requires.
There’s nothing to discover. The problem was eliminated at the point of selection. That path deserves its own “proactive” safe harbor. And with ten days left in the DOL comment period, there’s still time to say so.
The DOL rule requires disclosure.
The CAA requires reporting.
A fiduciary-aligned contract prohibits all of them.
Three frameworks. One objective: protect plan participants from opaque PBM practices.
What a Safe Harbor Actually Is
Most fiduciaries have heard the term. Fewer can define it precisely. That matters here, so let’s be specific.
A safe harbor is a legal provision that grants presumptive protection when you meet defined criteria. You don’t have to prove you did everything optimally. You don’t have to win a facts-and-circumstances battle. You demonstrated the required conduct, so the law presumes you satisfied your duty.
The classic example in benefits law is the QDIA: the qualified default investment alternative safe harbor. If a participant in your 401(k) doesn’t make an investment election, their contributions go into a qualifying default fund. The fiduciary selected a QDIA. That selection earns safe harbor protection for the resulting investment outcomes. No transaction-by-transaction review required. Selection-based protection.
The automatic rollover safe harbor works the same way. Select a provider meeting specified criteria for small balance rollovers. The selection satisfies the duty of prudence, full stop.
In both cases, the Department of Labor recognized that proactive, structured selection by a fiduciary deserves a presumption of prudence. The law rewards doing the work upfront.
The Safe Harbor on the Table
The DOL’s proposed PBM fee disclosure rule (RIN 1210-AB37) creates what practitioners are calling a reactive safe harbor. The mechanics are straightforward.
Your PBM is required to disclose compensation information: spread pricing amounts, retained manufacturer revenue, pharmacy clawbacks, administrative fees, affiliated pharmacy relationships. If your PBM fails to make those disclosures and you didn’t know about the failure, you get protection, provided you take the right steps once you find out. Request correction. Notify DOL if the PBM doesn’t comply. Consider terminating the arrangement.
Discover the problem. Respond correctly. Get protected.
This is a real improvement over the current environment, where fiduciaries can be sitting on undisclosed PBM compensation arrangements with no clear path to protection. The DOL’s framework gives fiduciaries a defined response protocol and legal cover for following it.
The problem is structural. The reactive safe harbor assumes you’ll eventually find out about problematic practices. It assumes disclosure actually happens and is accurate. It assumes your contract gives you the tools to verify and act. Those are significant assumptions given what plan sponsors encounter when they try to audit their PBMs.
A review of more than 30 PBM contracts conducted by Nautilus Health Institute found roughly half contained at least one provision designed to make disclosure structurally unverifiable: auditor gag clauses prohibiting your own auditor from reporting findings back to you, audit payments conditioned on signing a release of all claims for the audit period, and pre-emptive waivers of beneficial interest in manufacturer revenue. The reactive safe harbor doesn’t help fiduciaries whose contracts make it impossible to use.
There’s a better approach. It starts before signature.
The Safe Harbor That Doesn’t Exist Yet
Here’s the argument Nautilus Health Institute has put into their DOL comments, and the one worth understanding before the comment period closes.
If the purpose of disclosure is to enable fiduciaries to identify and address problematic PBM practices, what do we say about a fiduciary who selects a PBM whose contract prohibits those practices from the start?
• No spread pricing. Actual acquisition cost billed to the plan, period.
• 100% pass-through of all manufacturer revenue. Nothing retained.
• Unrestricted audit rights. Full verification.
• Admin fees as the sole source of compensation. Fully disclosed.
That fiduciary has accomplished the objective of the disclosure framework through different means. There’s nothing problematic to surface because it was contractually eliminated at the point of selection.
The proposal is to add a proactive path to the safe harbor. Select a PBM with contractual commitments that prohibit the practices requiring disclosure and receive the same presumption of prudence the reactive framework provides. Prevention at least as protective as correction.
This isn’t a novel regulatory concept. On March 30, the DOL published a proposed pension plan safe harbor establishing exactly this principle: fiduciaries who follow a structured, prudent process when selecting investment alternatives receive a presumption of prudence. The Department articulated three governing principles. ERISA is grounded in process. Fiduciaries have maximum discretion in selection decisions. When fiduciary decision-making follows a prudent process, arbiters should defer with a presumption of prudence.
That is the proactive PBM safe harbor argument. The DOL wrote it. In a different context. Just two weeks before the comment deadline.
Alden Bianchi, the ERISA attorney leading the American Bar Association’s working group responding to this rule, publicly identified this connection and called the proactive safe harbor “an idea that deserves serious attention.”
He arrived at that conclusion independently, after reviewing the pension safe harbor and the Nautilus proposal together. When the ABA’s lead ERISA voice on this rule calls your argument serious without being asked, that’s worth noting.
The DOL isn’t being asked to invent something new. It’s being asked to apply a framework it’s actively building in one fiduciary context to another fiduciary context of identical character.
That argument belongs in the comment record. Ten days remain.
What to Do First Thing Monday
1. Read the Nautilus DOL Safe Harbor Overview.
The overview document walks you through the issues, covers potential questions and objections, and provides a sample comment letter.
2. Forward this newsletter your general counsel.
The proactive safe harbor argument sits at the intersection of ERISA fiduciary duty and contract design. Your GC or outside ERISA counsel should know the comment period closes April 15 and may want to weigh in directly.
3. Pull your current PBM contract. Before the comment period closes, ask whether your current arrangement would qualify for the proactive safe harbor if DOL recognized one. Does your contract prohibit spread pricing? Require 100% pass-through? Allow unrestricted audit access without gag clauses or release conditions? If the answer is no, you have context that belongs in your comment letter, and a contract worth renegotiating.
4. Submit a comment letter by April 15.
Comments on RIN 1210-AB37 are submitted at regulations.gov. A comment doesn’t need to be long or technical to count. A paragraph explaining your direct experience trying to obtain PBM contract transparency, audit your PBM, or understand your compensation arrangements carries weight policy analysis cannot replicate.
In Closing
The reactive safe harbor the DOL is proposing is a step in the right direction. It gives fiduciaries a defined path to protection when things go wrong. But the stronger play has always been getting the contract right before anything goes wrong.
The comment period doesn’t close until April 15. That’s enough time to put the proactive safe harbor argument on the record. It’s enough time to document what your organization has experienced trying to get transparency from your PBM. It’s enough time to ask the DOL to recognize what sophisticated plan fiduciaries are already doing.
The people who rely on you deserve contracts built to protect them upfront. That’s what this argument is for.
Here’s to clearer thinking, stronger plans, and better outcomes for the people who rely on us.
All the best,
P.S. After April 15, we’ll shift from what fiduciaries should put in the comment record to what your contract needs to say.
Subscribe & Share
🔗 Subscribe: Was this newsletter forwarded to you? Signup to receive The Health Plan Compliance Advantage every Monday.
📤 Share: Forward this issue to your General Counsel, CFO, or outside ERISA counsel. The April 15 deadline is close enough that the heads-up matters.
💸 SPECIAL OFFER: Newsletter subscribers receive 10% off any Validation Institute service. Use code FIDUCIARY10 at checkout.
────────────────────────────────────────
A Note of Appreciation
Alden Bianchi is an Employee Benefits and Executive Compensation lawyer. He has advised corporate, not-for-profit, governmental, and individual clients on executive compensation and employee benefits issues. After four decades of law firm practice, Alden recently joined his long-time client SBMA, a subsidiary of Acrisure.
Don’t be a bystander. Change the status quo and reap the benefits of The Health Plan Compliance Advantage. Schedule an introductory call with us.
