The Protecting Americans’ Retirement Savings Act (PARSA, S.928) amends ERISA to bar employee retirement plans from engaging in specified transactions with entities the bill defines as foreign adversary entities or sanctioned entities. It adds new proscriptions — including acquiring interests, lending, furnishing goods or services, transferring plan assets or participant data — and creates narrow carry-forward exceptions for existing holdings and pre-enactment contractual commitments.
PARSA also expands required plan disclosures, demanding line-item reporting of any holdings tied to the bill’s enumerated sanctions and foreign-adversary lists, identification of fiduciaries and investment vehicles, and details about ongoing binding agreements. The bill forces plan sponsors, recordkeepers, and fiduciaries to reconcile portfolio exposures and data flows against a set of federal lists and to prepare for agency regulations due within 180 days and effective no later than one year after enactment.
At a Glance
What It Does
The bill amends ERISA section 404(a) to make it a breach of fiduciary duty to enter into transactions that would result in plan interests, loans, supplies, asset transfers or participant-data transfers to a covered entity. It authorizes limited exceptions for investments already held or for pre-existing binding agreements if the fiduciary follows new disclosure and certification steps in section 103(b)(3).
Who It Affects
ERISA plan fiduciaries, recordkeepers, plan administrators, institutional asset managers, and funds that hold or replicate exposure to entities on specified Commerce, Treasury, DoD and other federal lists — including many China-related lists named in the bill.
Why It Matters
By grafting national-security-oriented blacklists onto ERISA duties and coupling that with granular disclosure requirements, the bill will force rapid portfolio reviews, new compliance processes for indirect exposures (derivatives/vehicles), and operational controls around participant data sharing.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
PARSA inserts a new subsection into ERISA’s duty provisions that makes it a violation for a fiduciary to allow plan transactions that would create an interest in, or that transfer assets or participant data to, an entity the statute identifies as a covered entity. The prohibited transaction list is broad: acquisition of interests (including indirect and derivative positions), lending or credit extensions, provision of goods or services, and transfers of plan assets or participant data.
The bill treats transfers of participant data as a fiduciary-controlled activity for which liability can attach.
The statute defines covered entities in two buckets: 'foreign adversary entities' (tied to the statutory concept of a 'covered nation' under 10 U.S.C. 4872(d), including special administrative regions) and 'sanctioned entities' (a set of named federal lists maintained by Treasury, Commerce, DoD, FCC, and CBP, among others). The definition of 'interest' explicitly captures direct and indirect ownership, derivatives, and any contractual arrangement that seeks to replicate returns tied to a covered entity, which pulls many pooled funds and swap-based exposures into scope.Because immediate divestment could be impractical, PARSA includes narrow continuity rules.
Plans that hold a covered-entity investment on enactment may keep it if the fiduciary meets the new disclosure and justificatory requirements added to ERISA’s reporting rules. Similarly, plans bound by pre-enactment contracts can fulfill those agreements until expiration or permitted termination, again subject to specific reporting.
Finally, the bill requires the Department (referred to here as the Secretary) to publish implementing regulations within 180 days and sets a hard requirement that those regulations take effect no later than one year after enactment, creating a near-term compliance timetable for plan sponsors and service providers.
The Five Things You Need to Know
PARSA adds a new paragraph (404(a)(3)) to ERISA making it a breach of fiduciary duty to cause a plan to acquire an interest in, lend to, furnish goods/services to, or transfer plan assets or participant data to a covered entity.
The bill defines 'interest' to include direct and indirect ownership, derivatives, and contractual arrangements that replicate returns tied to a covered or sanctioned entity, broadening scope beyond equity holdings.
It enumerates the federal sources that count as 'sanctioned entity' lists (including the Commerce Entity List, Denied Persons List, Unverified List, Military End User List, Treasury’s NS–CMIC list, DoD China-related list, FCC Covered list, and specific Uyghur-related lists).
Plans holding covered-entity investments on enactment may continue to hold them only if the fiduciary complies with added section 103(b)(3) disclosure requirements; pre-enactment binding agreements are grandfathered until expiration or termination if additional disclosures are made.
The Secretary must issue implementing regulations within 180 days, and those regulations must take effect no later than one year after enactment, establishing a short regulatory lead time.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Short title — Protecting Americans’ Retirement Savings Act
This brief section names the Act and establishes its citation as PARSA, which matters because subsequent references in the statute and implementing guidance use that short title. It contains no substantive rulemaking or compliance text but is the legal handle for the amendments that follow.
New fiduciary prohibition on transactions with covered entities
This is the operative change to ERISA’s prudent-person duty: the bill inserts a new paragraph that treats specified transactions with covered entities as violations if the fiduciary knows or should know they will result in plan exposure. The prohibited categories are defined functionally (acquisition of interests, lending, furnishing goods/services, transferring assets or participant data), which means compliance requires both investment screening and operational controls to prevent data flows. The provision also expands the definition of fiduciary for purposes of data transfers to include any person with discretionary authority over participant data, potentially pulling in third-party recordkeepers and cloud providers.
Grandfathering: existing holdings and pre-enactment contracts
Recognizing practical constraints, the statute allows plans that currently hold covered-entity investments to retain them if the fiduciary satisfies new disclosure conditions added to section 103(b)(3). Plans in binding contracts entered before enactment may perform under those contracts until expiry or permitted termination, but only if the fiduciary meets an expanded set of disclosure and certification obligations. Those grandfathering rules limit immediate forced divestment but impose reporting and justification duties that will drive near-term administrative work.
New line-item disclosure obligations for plan assets tied to covered entities
The bill amends ERISA’s reporting rules to create three new disclosure items. One requires identification of any plan assets tied to sanctioned entities and their aggregate value and list origin; another requires detailed, line-item reporting of exposures to foreign adversary entities, including investment vehicle names, fiduciary responsible, and fiduciary rationales; the third mandates disclosure of ongoing agreements grandfathered under the prior section, including assets involved and expiration/termination dates. Those disclosures will appear in plan filings and participant-facing materials, increasing transparency but also creating new operational and legal review work for sponsors and service providers.
Statutory definitions of foreign adversary, covered entities, and sanctioned lists
This subsection supplies the statutory definitions that drive scope. It imports the 'covered nation' concept from 10 U.S.C. 4872(d) for 'foreign adversary' (and expressly includes special administrative regions), defines 'foreign adversary entity' broadly to capture government bodies, armed forces, leading political parties, entities organized or headquartered in the adversary, and those subject to their direction or control. It also enumerates specific federal lists whose entries count as 'sanctioned entities' — a cross-agency menu including Commerce, Treasury, DoD, FCC and CBP lists — and adopts a regulatory cross-reference for the term 'control.' These choices make statutory scope dependent on evolving administrative lists and cross-reference to other agencies' rules.
180-day rulemaking directive and one-year effective deadline
The Secretary must issue implementing regulations within 180 days of enactment and those regulations must take effect not later than one year after enactment. The bill thus creates an administrative sprint: agencies will need to specify compliance mechanics, enforcement approaches, and potentially safe-harbors within a compressed timeframe, while plans and service providers must start remediation planning immediately to meet the upcoming regulatory framework.
This bill is one of many.
Codify tracks hundreds of bills on Finance across all five countries.
Explore Finance in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Plan participants and beneficiaries concerned about national-security exposure — the bill forces disclosure and limits plan ties to entities the statute deems security risks, increasing transparency about whether retirement assets are linked to those entities.
- National-security and foreign-policy agencies — the statute leverages ERISA to reduce U.S. capital flows to entities on specified federal lists, aligning private capital with federal sanctions and export-control priorities.
- Fiduciaries and service providers that proactively divest or build compliant products — managers who offer screened/shareholder-safe funds can win business from sponsors seeking to meet the new prohibitions and disclosure expectations.
Who Bears the Cost
- ERISA plan fiduciaries and sponsors — they must screen for indirect exposures (derivatives, funds of funds), update procurement and contract language, and document fiduciary reasoned judgments to avoid breach liability, all of which increase compliance costs.
- Asset managers and funds with China-related or other covered exposures — many vehicles will need restructuring, de-risking, or termination; managers may face forced redemptions and reputational pressure if listed on enumerated federal lists.
- Recordkeepers, custodians and cloud providers that handle participant data — the expansion of 'fiduciary' for data transfers creates obligations to police data flows and may require new contractual controls and technological safeguards.
- Regulatory agencies and the Department of Labor — the short statutory timetable and cross-agency reliance on external lists will require interagency coordination and likely new guidance, imposing resource demands.
Key Issues
The Core Tension
The bill forces a trade-off between protecting retirement assets from exposure to nationally risky counterparties and preserving fiduciaries’ ability to pursue financially optimal diversification: it prevents certain relationships on security grounds but offers limited grandfathering and defers critical compliance guidance to a compressed regulatory process, leaving fiduciaries to reconcile financial prudence with new statutory security constraints.
PARSA ties ERISA liability to a moving target: enumerating covered entities by reference to multiple federal lists creates a compliance landscape that will shift as agencies add or remove names. That design centralizes national-security lists but decentralizes interpretive control, because ERISA compliance will hinge on Commerce, Treasury, DoD, FCC, and CBP list management and interagency judgments about scope.
Fiduciaries must therefore monitor several administrative sources, increasing operational complexity.
The statutory definition of 'interest' sweeps in derivatives and replication strategies, which raises two implementation challenges. First, many collective investment vehicles and swaps will have indirect exposure that’s hard to trace to an underlying entity; second, obligating fiduciaries to prevent transfers of participant data to covered entities pulls in non-investment contracts and third-party service arrangements (cloud, analytics, identity verification).
The bill leaves key enforcement modalities and potential safe harbors to forthcoming regulations, creating near-term uncertainty about remedies, excise taxes, or private litigation risk. Finally, the financial trade-off — restricting investments on national-security grounds — is unresolved by the statute: it does not provide a clear mechanism for fiduciaries to weigh expected financial return against national-security exposure, beyond the disclosure and continuity provisions.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.