The bill amends ERISA to treat pharmacy benefit managers (PBMs) as fiduciaries for group health plans when they build or operate prescription drug networks or formularies, purchase drugs for a plan, negotiate rebates, process claims, or run utilization management. It also expands disclosure requirements for PBM and third-party administrator (TPA) services and prohibits contractual indemnification for fiduciary breaches by those PBMs.
This is a structural change: it shifts PBM conduct from a commercial/service relationship toward a fiduciary standard under ERISA, increases transparency about indirect and direct compensation, and creates new liability and compliance obligations for PBMs, TPAs, plan sponsors, and other parties that interact with drug pricing and network design. The amendments phase in for plan years beginning at least 12 months after enactment.
At a Glance
What It Does
The bill adds a new clause to ERISA section 3(21) that deems a person or entity a fiduciary if it maintains a prescription drug provider network or formulary, purchases prescription drugs for a plan, negotiates or aggregates rebates/price concessions, processes drug claims, or performs utilization management for a group health plan. It also amends ERISA section 408 to expand compensation-disclosure obligations to PBM and certain TPA services and amends section 410 to bar indemnification for breaches by those deemed fiduciaries.
Who It Affects
Primary targets are PBMs and TPAs that design networks, negotiate rebates, adjudicate pharmacy claims, or run utilization management for ERISA-covered group health plans; plan sponsors and health insurers who contract with PBMs; and sponsors of self-funded employer plans. Drug manufacturers, wholesalers, and pharmacies are indirectly affected because the bill alters the legal duties and disclosures governing intermediaries.
Why It Matters
Treating PBMs as ERISA fiduciaries elevates legal duties (loyalty, prudence, disclosure) and opens PBMs to fiduciary litigation and equitable remedies under ERISA. Expanded disclosure requirements aim to reveal indirect compensation flows that have been opaque to plan fiduciaries; together these changes could reshape commercial PBM practices and contract terms.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
The bill inserts a new subparagraph into ERISA’s definition of fiduciary (section 3(21)) so that PBMs and similar intermediaries become fiduciaries for group health plans when they perform specific functions—running a prescription drug network or formulary, buying drugs for the plan, negotiating rebates or other price concessions, processing and paying drug claims, or conducting utilization review and management. The drafting captures both direct contracting activity (e.g., purchasing drugs) and functional activities tied to plan administration (e.g., claims adjudication), so a range of business models could trigger fiduciary status.
To increase transparency, the bill expands the existing ERISA compensation-disclosure rules (section 408(b)(2)) to call out pharmacy benefit management services and third-party administrative services when the service provider or its affiliates/subcontractors reasonably expect to receive direct or indirect compensation tied to those services. The text references typical sources of payment—manufacturers, distributors, rebate aggregators, and group purchasing organizations—so disclosure obligations extend to common PBM revenue streams and to TPAs that negotiate provider reimbursement for plans.The bill also clarifies who counts as a “responsible plan fiduciary” for disclosure purposes: a covered service provider generally may not be the responsible fiduciary for those disclosures, but the bill carves out a PBM that sponsors its own employee plan so the PBM can serve as that plan’s responsible fiduciary.
Separately, the bill amends section 410(a) to prohibit indemnifying a person deemed a fiduciary under the new 3(21)(C) for breaches of ERISA duties and states that any contractual provision attempting such indemnification is void as against public policy.Practically, these changes create a compliance window by applying to plan years that begin at least 12 months after enactment. That interval gives plans and PBMs time to renegotiate contracts, change governance and disclosure practices, and prepare for possible increased litigation risk and Department of Labor enforcement focused on fiduciary compliance and compensation transparency.
The Five Things You Need to Know
The bill adds a new ERISA 3(21)(C) that deems an entity a fiduciary if it (i) maintains a prescription drug provider network or formulary or purchases prescription drugs for a plan, or (ii) negotiates/aggregates rebates, processes/pays prescription drug claims, or performs utilization review for a plan.
It amends ERISA section 408(b)(2)(B) to require covered service providers to disclose expected direct or indirect compensation tied to PBM services, explicitly listing manufacturers, distributors, rebate aggregators, and group purchasing organizations as possible payors.
Third‑party administrative services (TPA activities like adjudicating claims, maintaining records, negotiating reimbursement) are pulled into the same expanded compensation-disclosure rule as PBM services.
Section 410(a) is amended to bar indemnification for breaches by persons deemed fiduciaries under the new 3(21)(C); contractual indemnities or similar provisions that attempt to shield such fiduciaries are void.
The amendments apply to plan years beginning at least 12 months after enactment, creating a single phased-in effective date tied to plan-year start dates.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
When PBMs and related intermediaries become ERISA fiduciaries
This provision expands ERISA’s fiduciary definition to capture entities that either maintain a prescription drug network or formulary or purchase prescription drugs for a plan, and entities that negotiate rebates, process/pay claims, or perform utilization management on behalf of a plan. The practical effect is function-based: ordinary PBM activities that affect plan benefit design, pricing, and access can trigger fiduciary duties of loyalty, prudence, and disclosure, rather than leaving those activities as purely contractual services.
Expanded compensation disclosures for PBM and TPA services
This change obligates covered service providers to disclose expected direct or indirect compensation tied to PBM services—including establishing networks or formularies and purchasing drugs—and to third-party administrative services like claims adjudication and rate negotiation. By naming typical sources of indirect compensation (manufacturers, distributors, rebate aggregators, group purchasing organizations), the bill narrows ambiguity about what streams must be disclosed and forces plan fiduciaries to get visibility into commonly opaque rebate and fee flows.
Who must provide the disclosures (and an employer carve-out)
The bill prevents a covered service provider from being the 'responsible plan fiduciary' that issues the disclosures in the section—except it permits a PBM to be the responsible fiduciary when the PBM sponsors a plan for its own employees. That limits conflicts where a vendor both administers services and is expected to certify compliance, while preserving the ordinary employer-sponsor model for a PBM’s own employee plan.
Prohibition on indemnifying fiduciary breaches by covered PBMs
This provision adds a categorical rule that persons deemed fiduciaries under the new 3(21)(C) may not be indemnified or otherwise relieved of ERISA liability, and that contractual indemnities to that effect are void as against public policy. That both removes a common contractual safety valve for vendors and creates stronger standing for plan participants or sponsors seeking equitable relief or damages for fiduciary breaches.
Minor statutory wording correction
A small textual change replaces 'this clause' with 'this subparagraph' in an existing ERISA provision to preserve internal consistency after the new disclosure language is added. It's a bookkeeping item that prevents semantic ambiguity in the disclosure framework.
Phased-in application tied to plan years
The bill applies to plan years beginning at least 12 months after enactment. That single effective-date rule pushes enforcement to the start of the first plan year after a one-year window, affecting budgeting, contract renegotiation, and compliance planning for PBMs, TPAs, and plan sponsors.
This bill is one of many.
Codify tracks hundreds of bills on Healthcare across all five countries.
Explore Healthcare in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Plan participants and beneficiaries — Gain potential additional legal remedies and ERISA protections because PBMs performing covered functions would owe fiduciary duties of loyalty and prudence.
- Plan fiduciaries (employers and plan administrators) — Receive more detailed compensation disclosures enabling better oversight of PBM arrangements and bargaining leverage when evaluating value-for-money.
- Independent pharmacies and certain providers — Could benefit indirectly if fiduciary duties and disclosure reduce opaque steering practices (for example, contractual network design driven by undisclosed rebates).
- Plan-level third parties (auditors, benefits consultants) — Obtain clearer documentation and statutory hooks to audit rebate flows and compensation, supporting deeper fiduciary oversight.
Who Bears the Cost
- PBMs — Face higher compliance costs, new operational constraints, increased litigation and ERISA exposure, and limits on contractual risk-shifting (no indemnity for fiduciary breaches).
- TPAs and health insurers — Must expand disclosures, revise contracts, and potentially change business models if routine revenue streams now trigger disclosure obligations or fiduciary status.
- Plan sponsors/employers — Must conduct more rigorous vendor oversight, potentially procure legal and actuarial help to interpret disclosures and manage fiduciary risk, increasing administrative costs.
- Department of Labor and courts — May see increased enforcement and litigation burdens interpreting new fiduciary triggers and policing disclosure sufficiency, with attendant resource implications.
Key Issues
The Core Tension
The central dilemma is between stronger participant protections through fiduciary duties and transparency versus the risk of market disruption and higher costs: imposing ERISA fiduciary law on commercial intermediaries protects plan beneficiaries and tightens oversight, but it also raises litigation and compliance costs that could be passed on to plans or prompt contractual or structural workarounds that undermine the law’s intent.
The bill adopts a functional test to determine fiduciary status that relies on broad, economically driven activities (network maintenance, purchasing, rebate negotiation, claims processing, utilization management). That breadth helps capture commercially important PBM conduct but leaves open hard line-drawing questions: how much activity or what contractual form triggers fiduciary status, and whether certain integrated insurers or vendors can reconfigure services to avoid the label.
The disclosure expansion similarly forces previously opaque revenue flows into the open, but the statute ties disclosure to what a covered service provider or its subcontractors 'reasonably expect' to receive—an imprecise standard that will prompt disputes over forward-looking expectations and what constitutes sufficient disclosure.
Another implementation tension is economic: increasing fiduciary obligations and barring indemnities raise litigation risk and compliance costs for PBMs and TPAs. Those costs may be passed to plan sponsors or beneficiaries through higher administrative fees or altered benefit designs.
Separately, the statute’s carve allowing a PBM to be the responsible fiduciary for its own employee plan preserves employer autonomy for that narrow case but creates an asymmetry: vendors cannot self-certify disclosures for client plans but can for their own, which will complicate compliance workflows and audit trails.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.