2026 SECURE checklist: Are you on track with the provisions due this year?

Jun 15, 2026 | 401k Compliance, Regulations & Policies, SECURE Act

2026 SECURE checklist

Every year has its “you really can’t ignore this anymore” compliance items.

2026 is… one of those years.

To help, we put together this 2026 SECURE checklist to ensure you are on track with every compliance item due this year.

To be fair, most plan sponsors have been working through SECURE and SECURE 2.0 changes for a while now, like for catch-up contributions, auto-enrollment, and treatment of part-time employees. TPAs, recordkeepers, and advisors have been sending reminders, webinars, checklists, follow-up reminders to the reminders…

This article is mostly for the organizations whose TPA emails have slowly shifted from:

“Just checking in!”

to:

“Following up again regarding the required amendment deadline.”

(This is the year to carefully pay attention to communications from your TPA… you know, on the off chance that you’ve been flagging them to “read later.”)

Because, per IRS mandate, SECURE-related amendments and restatements must be formally implemented by December 31, 2026.

And from an audit perspective, the issue is usually not whether sponsors intended to comply. It’s whether:

  • The plan document was updated,
  • Operations actually followed the document,
  • And everyone agrees on what was adopted.

Sounds simple… but surprisingly ambitious, sometimes.

 

1. The 4th Cycle Restatement: This is not just “sign and file”

Many pre-approved plans are entering the IRS’s 4th remedial amendment cycle, which means plan documents are being fully restated to incorporate SECURE and SECURE 2.0 provisions.

Translation:
You are getting a very large document that few want to read carefully… and should anyway.

One of the biggest risks we see is sponsors assuming that the new adoption agreement automatically carries forward all prior elections.

Not always.

This is why it’s CRITICAL to compare the old adoption agreement to the new one LINE BY LINE and confirm:

  • eligibility provisions
  • matching contribution formulas
  • vesting schedules
  • compensation definitions
  • distribution provisions
  • Roth features
  • automatic enrollment settings
  • and other elections still reflect how the plan is intended to operate

And if it seems like we’re SHOUTING… we are. 😂 Because that’s how important this is. Once the document is signed, it becomes the operational standard that auditors will test against… line by line.

So take heed; the assumption “we thought it stayed the same” may not work in your favor later.

 

2. Compensation definitions: small wording, big consequences

SECURE-related restatements sometimes modify or clarify compensation definitions—an area sponsors should review very carefully.

A change in compensation definition can impact:

  • employee deferral calculations
  • employer match calculations
  • testing results
  • and correction requirements if payroll wasn’t administering compensation consistently

For example:
Are bonuses included? Overtime? Fringe pay? Differential wage payments?

If payroll is excluding compensation that the new document includes—or vice versa—the plan may already be operating incorrectly without anyone realizing it.

This is one of those areas where everything can appear perfectly fine… until your friendly neighborhood auditor compares payroll data to the signed document during your annual audit.

This is the “gotcha!” moment we all want to avoid.

 

3. Optional SECURE provisions still require actual decisions

SECURE 2.0 introduced several optional provisions, including things like:

  • increased cash-out limits
  • Roth treatment for employer contributions
  • matching contributions tied to student loan payments
  • expanded hardship withdrawal options

Not every sponsor adopted every provision—which is completely fine.

What matters is:

  • knowing which provisions were adopted,
  • when they became effective,
  • and whether their administration matches the plan document.

We sometimes see plans where a feature was discussed internally, partially configured operationally, mentioned in participant communications… but never formally adopted in the document.

That creates a very awkward scavenger hunt during an audit.

 

4. Your TPA should be guiding you through this year’s requirements

This is probably the most practical advice in this article.

If your TPA or recordkeeper is repeatedly asking for approvals, elections, signed amendments, or operational confirmations, now is the time to pay attention.

The plans that experience the smoothest audits are rarely the ones with zero issues. They’re the ones that addressed documentation and implementation early—before deadlines, year-end processing, and audit requests all collided at once.

Because there are few things less enjoyable than reconstructing plan decisions from:

  • old email chains,
  • meeting notes,
  • and a PDF titled “FINAL_v2_USE_THIS_ONE.pdf.”

Open up and read their communications. And if you’d like to geek out with even more detail on what’s required this year, check out this resource.

 

For most plan sponsors, this year is less about learning new SECURE rules and more about making sure the final implementation is complete, documented, and operationally consistent. We are in the home stretch!

If this article raised questions for your organization, consider us your friendly neighborhood auditors—we’re here to help. Contact Cassell Plan Audits today.  

 

Photo by Jakub Zerdzicki

Submit a Comment

Your email address will not be published. Required fields are marked *