The Department of Labor’s (DOL) Employee Benefits Security Administration (EBSA) just dropped its national enforcement projects list for 2026.
Why should you care? DOL investigators will spend their time and resources on 6 major areas, including PHI handling, plan equity, and fiduciary responsibilities—plus a bonus area that didn’t make the “national project” list but still raises plenty of eyebrows.
If your plan has gaps in these specific spots, you’re much more likely to face scrutiny.
Just as with everything else benefits administration, your compliance strategy shouldn’t be reactive. When you can anticipate upcoming compliance challenges, you can prevent issues long before they hit your desk and the DOL’s radar.
Feeling anxious already? Make sure your benefits administration platform is stepping up as a partner here to help you evaluate, fix, and manage your benefits accounting needs. Schedule a 20 minute demo with us to learn more about what this looks like.
Cybersecurity remains a top priority as we continue to rely heavily on digital systems and AI. Plan fiduciaries (those on the line for data compliance) are accountable for ensuring—and maintaining—robust safeguards to house and protect personal health information (PHI) and prevent breaches.
Data and cybersecurity are also a top priority for the EBSA, Instead of simply punishing mistakes, the DOL pushes plan sponsors to put best practices in place.
What EBSA is looking for: Are plans and service providers adhering to cybersecurity best practices? Be aware, as part of its investigations, EBSA reviews how plans and service providers protect their systems and data from cyber threats.
How you can stay ahead: Your mission is simple. Keep all the personal and financial data employee benefit plans collect safe and keep it away from the wrong people.
The mental health parity act is top of mind for the government—and your employees—right now. If your plan has more roadblocks and hurdles in place for mental health and substance abuse care compared to medical or surgical care, you may be at risk for an audit.
The good news is that the mental health parity act has been around for a while, and while the guidance sees annual updates, the goal stays the same: Ensure access to care is equitable across the plan.
What EBSA is looking for: Serious violations that can effectively block people from getting care.
These barriers include (but aren’t limited to):
How you can stay ahead: This focus on parity lines up with the recent mental health parity act enforcement push. If you haven’t checked your non-quantitative treatment limitations (NQTLs) lately, put it on your to-do list now.
The No Surprises Act (NSA) helps prevent patients from getting bankrupting bills for out-of-network care they couldn’t avoid. Now, the DOL checks if plans stick to the rules.
What EBSA is looking for: Egregious gaps in your plan designs.
This includes (but also isn’t limited to):
How you can stay ahead: Perform your own audit to review your plan designs and how they adhere to the current guidance for the mental health parity act.
This project makes sure workers receive the retirement benefits they have earned, especially in difficult circumstances.
What the EBSA is looking for: Gaps in plan design and neglect of duty
Investigators will be particularly focused on looking at:
If a plan sponsor checks out or neglects its duties, the DOL refuses to let retirement dollars disappear.
How you can stay ahead: Ensure that your plans include a streamlined process to distribute funds to beneficiaries in a timely manner. This includes looking at service SLAs, documentation, and ensuring you’re clearly asking for the right documentation when employees list beneficiaries.
This one dives right into criminal abuse of employer-sponsored health plans. Contributory plans cover a wide range of plans, including group health plans, pensions, and retirement plans. These plans are also vulnerable to criminal abuse.
What the EBSA is looking for: Employers that are grossly misappropriating plan assets and employee contributions.
Employers, or others with authority over plan assets, may convert employee payroll contributions for their own personal use or they may misapply employee contributions to cover business expenses.
How you can stay ahead: It’s as simple as “don’t do that.” Make sure you understand the back end of your benefits administration accounting structure and ensure funds are going to the right accounts.
Protect workers who put their hard-earned money into retirement and group health plans from theft, embezzlement, and other criminal acts. If plan contributions disappear instead of hitting the plan funds, criminal investigators from the EBSA come calling.
It’s critical that plan sponsors understand where employee contributions to group health plans are sent (e.g. to which accounts) and how they are spent.
The DOL technically left this off the “national project” list for 2026 but put a spotlight on it anyway.
They’re coming after abusive Multiple Employer Welfare Arrangements (MEWAs) and chasing fraudulent operators.
What the EBSA is looking for: MEWAs that are set up to misappropriate funds—intentionally or not.
Some operators love to set up fraudulent MEWAs, use them to collect premiums, then vanish and stiff claims. The DOL makes it a priority to identify, shut down, and block these scammers from starting new arrangements under fresh names.
What you can do to stay head: It’s important to have full transparency of your plan’s accounting, transactions, and processes so that you can easily spot audit instead of waiting for a crisis to arise.
Looking at this list can overwhelm anyone. Compliance isn’t something you can set and forget. You have to keep up with ongoing requirements. If you feel the pressure stacking up, you’re not alone. HR teams juggle a dozen priorities every day.
Here’s what you can do next:
Too much to handle? That’s where ComplianceDashboard comes in to help. Our solution transforms these intimidating regulations into a custom, easy-to-follow compliance calendar. No more guesswork—just actionable steps. Stay proactive and keep your plan audit proof.
