The countdown to revised ERISA employee benefit plan auditing standards officially began this summer when the AICPA’s Auditing Standards Board (ASB) released Statement on Auditing Standards No. 136, Forming an Opinion on Employee Benefit Plans Subject to ERISA (EBP SAS). The new standard takes effect for plan years ending on or after Dec. 15, 2020. Generally, it will affect audits of calendar year 2020 plans subject to the Employee Retirement Income Security Act of 1974 (ERISA) that are performed in 2021.
Changes to employee benefit plan (EBP) audit standards come a result of a 2015 study conducted by the Department of Labor (DOL) that found a 39% deficiency rate in EBP audits. The DOL asked the American Institute of Certified Public Accountants (AICPA) to initiate a project to help strengthen the quality of ERISA EBP audits and enhance auditor reporting. The EBP SAS is one of the outcomes of that project.
Although most of the EBP audit changes affect auditors, a few of the changes have implications for plan sponsors and their management teams. Plan sponsors, management, committees, and trustees/custodians should review the following to ensure their processes are prepared for the auditing standard changes.
What Your Plan Auditor Will Expect from You
A few of the changes will affect the documentation EBP auditors expect from your organization at the start of your audit.
Management Responsibilities: The new EBP auditing standard makes your management team’s responsibilities during an EBP audit even more defined. As a pre-condition of the engagement, your EBP auditor will ask for written documentation acknowledging your organization is the party responsible for plan compliance, including keeping the plan documents current, and that plan contributions and distributions follow the plan’s written provisions.
Investment Certification Information: If your organization opts for what is currently called an ERISA limited scope audit—referred to as an ERISA Section 103(a)(3)(C) audit in the new EBP SAS—you will be required to provide certain written representations related to the reliability of the certified investment information.
Currently, auditors may issue a disclaimer of opinion for an ERISA limited scope audit. The EBP SAS clarifies the auditor’s role in an ERISA 103(a)(3)(C) audit (formerly an ERISA limited scope audit) by requiring an auditor to issue an opinion on the fair presentation of the amounts and disclosures in the financial statements, other than those derived from certified investment information, and that the information related to assets held and certified by a qualified institution agrees with the information prepared and certified by an institution that management determined meets the requirement of ERISA Section 103(a)(3)(C).
Complete Form 5500: Plan sponsors must be able to produce a completed (or substantially complete draft) Form 5500 in order for their auditor to identify material inconsistencies and material misstatements of fact, if any, with the audited ERISA plan financial statements prior to dating the auditor's report. A draft of the Form 5500 that is substantially complete will include the related forms and schedules.
What to Expect From Your Plan Auditor
EBP auditors will also have new considerations, as the EBP SAS affects nearly every part of the ERISA plan audit. Plan sponsors and management teams will likely notice some of these changes when it comes to how your auditor is required to convey plan deficiencies to the management team in writing.
A Closer Look at Plan Compliance Issues: Areas of plan reporting that tend to have a high rate of compliance issues, such as prohibited transactions, will be getting a closer review from your plan auditor. The new EBP SAS encourages plan auditors to review the plan provisions that carry the greatest risk of material misstatement at the appropriate assertion level. Translation: the higher the risk of material misstatement, the closer the auditor scrutiny.
Risk Assessment Results: EBP auditors will be looking for anything that meets the threshold of reportable findings when they conduct the plan audit. If they find issues that reach the reportable findings level, your EBP auditors will send written notice of these findings to your management team in a “timely manner.” Your plan auditor may have additional points to discuss with your management team, such as questions about your investment certification information, if you are undergoing an ERISA Section 103(a)(3)(C) audit. If there were no reportable findings, do not expect a communication from your auditor to that effect.
Preparing for Your First Audit under the EBP SAS
For your ERISA EBP audits that are subject to the new EBP SAS, plan sponsors will want to be sure they have acknowledged—in writing—that they are:
- Maintaining a current plan instrument
- Administering and determining that plan transactions are presented and disclosed in the plan’s financial statements in conformity with plan provisions.
- Maintaining sufficient records for plan participants.
If you elect an ERISA section 103(a)(3)(C) audit (formerly an ERISA limited scope audit), you will also be required to acknowledge in writing that you have determined:
- An ERISA section 103(a)(3)(C) audit is permissible.
- The entity preparing and certifying the investment information is qualified to do so.
- The certified information is appropriately measured, presented and disclosed.
Where to Address Questions
Auditors cannot early adopt the EBP auditing changes, which means you and your plan auditors have some time to evaluate your EBP audit process and any changes needed before the effective date of the EBP SAS. If you have any concerns about employee benefit plan audit standard changes, you should contact a member of our EBP team.
Published on August 27, 2019