Blossoming Tree

How TPA Software is Changing

William Freedman

Topics: Third Party Administrators


  • Technology is increasingly becoming part of a retirement TPA’s livelihood.
  • Tech-savvy custodians are making it easier for retirement third-party administrators to streamline their offerings.
  • In recent years, data security has become the most critical technological challenge for TPAs.
  • The Labor Department only recently issued data security guidelines, so this space is evolving.

TPA Technology

As we’ve noted before in this space, there are compelling reasons for a process-oriented go-getter to establish their own business as a third-party administrator for retirement accounts. There is a low barrier of entry, as the level of regulation is minimal compared with that of most financial sector jobs.

But that doesn't mean there are no barriers. And, increasingly, technology is one. Sure, you could conceivably run the whole show with a double-entry journal and general ledger, but that’s not a plan to be successful.

Your success plan should not only include a software package to manage all that data; it should also have the capability of locking it all down tight.

When dealing with sensitive customer data, there isn't room for error. Therefore, third-party administrators will often team up with a trusted custodian to provide high-level data security and asset custody. Since custodians are regulated financial institutions, TPAs can outsource strenuous compliance requirements.


TPA Services to Seek Out

Let’s assume that you’re already well-versed in spreadsheets, so you have the quantitative skills to do the job as a TPA. If you’re running your business on Microsoft Excel, though, you’re working harder than you must.

The first step is to find fit-for-purpose software. Many platforms exist in the data aggregation space, but almost none of them have the financial infrastructure to hold and safeguard account assets – many are glorified spreadsheets.

One crucial aspect of running a successful third-party administration business is streamlining client activity, everything from onboarding to compliance. Nobody wants to rely on (and pay for) three separate software packages to run their entire business.

Accounting Ledger

Some primary functions to look for in TPA software:

  • Ability to create self-directed account types
  • Regulatory compliance
  • Records management
  • Client onboarding
  • Front-end user portals
  • Business dashboards
  • Client filtering
  • Document management
  • Retirement account reporting
  • Tax services

Again, a lot of what you will find today regarding TPA software will act as a CRM – which is fine if that is what you need (or already have back-office solutions in place).

However, suppose you are an existing TPA looking to overhaul an existing platform. In that case, it is possible to integrate back-office custody and account options into existing systems through an API or Application Programming Interface.

The benefit of integrating with another institution's API is that you can maintain the look of an existing platform while providing better services with more account options to your customers.


Data Security

If you want to know what technological issue is most on the minds of TPAs today, it would have to be data security.

That’s because of a spate of recent court decisions that placed liability for cyber hacks on 401(k) plans squarely on the recordkeepers. The most notable of these was Abbott Laboratories when one of its employees was robbed of $245,000 by a raider in India who preyed on a "forgot password" vulnerability.

“Plan sponsors of corporate 401(k) accounts may be breathing a collective temporary sigh of relief after a U.S. District Court judge in Illinois recently rejected an argument that Abbott Laboratories was partially liable in the case of a former employee who had her retirement funds fraudulently withdrawn,” David Weldon reports for BenefitsPRO. “The recordkeeper or administrator of the 401(k) account … did not fare as well, and a suit against that company from the account participant remains in effect.”

Data Warehouse


While the law on this is still evolving – the Labor Department only promulgated guidance last month, according to JDSupra – there are technological best practices.

As outlined by the Department, they come down to this: Protect the infrastructure, information systems, and the information in the systems from unauthorized access, use, or other malicious acts by enabling the organization to:

  • Identify the risks to assets, information, and systems.
  • Protect each of the necessary assets, data, and systems.
  • Detect and respond to cybersecurity events.
  • Recover from the event.
  • Disclose the event as appropriate.
  • Restore normal operations and services.

Easier said than done, of course. But this is why it is crucial to partner only with other financial institutions that value data security and take it seriously.


At the close

One metaphor for thinking about a TPA career is as an academic career at a state school. It’s not that hard to get started – fill out the paperwork and take out the loan.

But getting in doesn’t mean you’re going to be successful. Only one-third of incoming students to these institutions graduate in four years. Look to the student on your left, then look to the student on your right; only one of your three is going to make it out on schedule.

The key to success? Do your research, think about your pain points, and seek out technological solutions to remove the heavy burdens from your day-to-day ops.


William Freedman writes about business, technology, and finance for Global Finance, Macrotrends, AlphaSense, Sharestates and other news outlets. He holds an MBA in international finance from The American University and serves on the board of governors of the New York Financial Writers' Association.

Want to learn more about our solutions for Third Party Administrators?

Request Demo