By Paul Richmond, Chief Commercial Officer, Wellnecity
Many employers think once they have received a disclosure file from a vendor, they’ve checked the compliance box on vendor compensation.
They haven’t.
Disclosure is only a small piece of the puzzle. Fiduciary defensibility is something else entirely, and the gap between the two is where litigation lives.
The Question You’ll Be Asked
When compensation is challenged – and in 2025 it was challenged in 39 ERISA class actions targeting employer-sponsored plans – the question won’t be whether you received a disclosure document.
The question will be: What did you do with it?
- What steps did you take to determine whether the compensation paid was reasonable?
- Who reviewed it?
- Against what benchmark?
- How was that conclusion documented?
- When was it last revisited?
A disclosure file answers none of these questions, but a well-documented process does.
The Issue
The problem isn’t solved alone by documenting disclosures. It’s solved by data integration with a documented process for evaluating disclosures integrated with contract terms and claims data to verify reasonableness.
Vendor compensation doesn’t arrive in a single, legible number. It flows through administrative fees, network access charges, spread pricing, rebates, shared savings arrangements, and performance incentives, across multiple vendors, multiple contracts, and multiple reporting formats. Each disclosure file arrives in isolation. None of them are designed to be aggregated.
Most employers can confirm they received disclosures. What they cannot do is demonstrate a coherent view of total compensation – what it bought, whether it was competitive, or how that determination was made.
Just confirming receipt of disclosures is not a defensible position.
What Defensibility Actually Requires
This is not a one-time exercise. It is an operational discipline.
The Shift That’s Already Happened
The CAA expanded what vendors must disclose to employer-sponsored health plans. More importantly, it changed the burden of proof.
Scrutiny has moved downstream, from whether compensation is disclosed to whether it has been validated. Regulators and plaintiffs aren’t asking if you have the disclosure document. They’re asking if you did the work. The employers who are exposed are the ones who received disclosures, filed them, and assumed that was sufficient. It isn’t.
The Solution
If you were challenged tomorrow, could you validate your process? Do you even have a process?
Most employers don’t, and the reason isn’t negligence. It’s that the data required to build a defensible record is fragmented across vendors, contracts, and reporting formats that were never designed to work together. Solving that manually takes more resources than most teams have.
Wellnecity has built the tools to validate and bring to light vendor compensation. Aggregation, benchmarking, documentation, and ongoing monitoring, in one place, built exactly for this requirement.
The exposure is real, but the gap is fixable. You just want to ensure it is fixed before the question is asked so that you ensure your fiduciary defensibility is strong.