MASSACHUSETTS MUTUAL LIFE INSURANCE COMPANY
                                   Defined Benefit and Defined Contribution

                                       Recordkeeping Operations System



                      Controls Specified by
                      MassMutual Business             Testing Performed by KPMG LLP and Results of Tests

                2.9 For participants who are       For a selection of participants inspected the automatically
                receiving periodic payments out of   generated confirmation letter and system records and
                PAS, participant change            determined that the letter agreed to system records and was
                confirmation notifications are     sent to participants following the processing of a participant
                automatically generated. (DB)      requested change relating to address, bank, name, or
                                                   beneficiary change.
                                                   No Exceptions Noted.

                2.10 Participants can initiate     Observed an attempt to sign into RetireSMARTSM, TRC, and
                indicative changes through,        RetireSMARTSM Mobile App and noted that the user ID will
                RetireSMARTSM. Participants can    lockout after a specified number of invalid logon attempts to
                change future investment elections   limit unauthorized access.
                using the RetireSMARTSM Mobile     Following lockout, observed a reset of the account password
                App. Plan Sponsors can also
                initiate participant indicative    by answering a set of predefined security questions within
                                                   RetireSMARTSM and TRC.
                changes through RetireSMARTSM
                via the TRC. Access to all systems   Observed a member of ETX acting as a Plan Sponsor log into
                requires a unique user identifier   the TRC production environment for the first time and
                and a Participant Identification   determined that they were prompted to make a password
                Number (PIN) or password.          change and add three security questions and answers.
                                                   Additionally, observed that TRC passwords were allowed to be
                Failure to enter the correct       reset only after successfully answering the security questions.
                RetireSMARTSM,
                RetireSMARTSM Mobile App or        Observed a series of attempts to sign into RetireSMARTSM
                TRC password or PIN after a        and RetireSMARTSM Mobile App and noted that participants
                predefined number of attempts will   must pass identity proofing and authenticate using multi-factor
                result in the user ID being locked,   authentication.
                participants can reset their
                password by answering predefined   No Exceptions Noted.
                security questions.
                The first time a Plan Sponsor logs
                into the TRC, they are prompted to
                enter a password change and add
                three security questions and
                answers. TRC passwords can be
                reset by the account holder after
                successfully answering the
                security questions.
                Effective 11/6/2019, prior to
                accessing RetireSMARTSM and
                the RetireSMARTSM Mobile App
                participants must pass identity
                proofing and authenticate using
                multi-factor authentication. (DB &
                DC)



               MassMutual Defined Benefit and Defined            Control Objectives, Related Controls and Tests of
               Contribution Recordkeeping Operations System                             Operating Effectiveness
                                                             41