Theft of 401(k) account balances by cybercriminals or other types of criminals is an actual thing and they will become more and more popular as long as third party administrators (TPAs) fail in their role and don’t use common sense.
The latest lawsuit by Raymond J. Mandli and Mandli Communications, Inc.—claims that the TPA, American Trust made an unauthorized distribution in the total amount of $124,105 from Mr. Mandli’s plan.
Apparently, someone called American Trust and requested distribution paperwork from Mr. Mandli’s Plan account. The paperwork was sent to an email address that was not in American Trust’s records as being Mr. Mandli’s email address or by mail to a physical address that was not in American Trust’s records as being Mr. Mandli’s address. That should have been a clue.
The form was returned and included a “Daytime Phone Number” that was not any phone number that was ever Mr. Mandli’s or Mandli Communications’ phone number and that was not any phone number in American Trust’s records as being Mr. Mandli’s or his company’s phone number. That should have been another clue.
The withdrawal form for the plan, called for the distribution to be paid by check but the TPA paid via ACH. The person who stole the money, use a voided check with Mr. Mandli’s name on it, the check was #100—which is usually a clue that the bank account is new.
The TPA returned the money that was withheld for taxes but never retrieved the money from Mr. Mandli. I will certainly be interested to read on American Trust’s answer and see whether a quick settlement was hatched.