ERISA Auditors Are Looking at These 4 Areas — Is Your Plan Ready?

In Brief:

Large plan threshold: Plans with 100+ participants with account balances at the start of the plan year generally require an ERISA audit, though the DOL’s 80-120 rule offers some flexibility for plans near that threshold.
Four core audit focus areas: ERISA auditors primarily examine plan document compliance, participant eligibility and enrollment accuracy, timeliness of contribution deposits, and nondiscrimination testing results.
Late contributions are the #1 finding: Delayed remittance of employee deferrals is one of the most common audit findings. Deposits must be made as soon as reasonably possible after payroll withholding.
SECURE 2.0 and LTPT rules are changing the landscape: New long-term part-time employee rules (500 hours for two consecutive years) and other SECURE 2.0 provisions mean plan documents and processes may need updating.
Year-round preparation reduces audit risk: Proactively reviewing plan documents, employee data accuracy, and contribution procedures helps sponsors avoid costly corrective actions.

Organizations that sponsor retirement plans have a responsibility to manage those plans according to a complex set of regulations designed to protect participants. These rules are outlined in the Employee Retirement Income Security Act (ERISA) and can be complicated. For many, compliance with these rules includes an annual employee benefit plan audit. The process is designed to ensure that the plan is operating as intended and that participants’ assets are being handled appropriately. Understanding what ERISA auditors review can help plan sponsors identify potential issues before any audit fieldwork begins. To help clients, prospects, and others, JLK Rosenberger has provided a summary of the key details below.

Understanding the EBP Audit

An employee benefit plan (EBP) audit is an independent examination of a benefit plan’s financial statements, operations, and compliance with applicable regulations. Audits are commonly required for retirement plans such as 401(k) and 403(b) plans, although certain health and welfare plans may also be subject to audit requirements.

In general, an EBP audit is required when a plan is considered “large.” For plan sponsors, this typically means the plan has 100 or more participants with account balances at the beginning of the plan year. The DOL’s 80-120 rule provides some flexibility for plans with fluctuating participant counts, allowing certain plans with fewer than 100 participants to continue filing as small plans until they exceed 120 participants.

During the audit, ERISA auditors perform testing and review documentation to determine whether the plan is being administered according to its governing documents and applicable regulations, such as the new provisions rolling out under SECURE 2.0.

Note: Any organization with a qualifying plan must file Form 5500 each year. The due date is the last day of the seventh month after the plan year ends. For organizations that follow a calendar year, that date is July 31, unless an extension is requested. If participant thresholds are met, ERISA audit findings must also be filed at the same time.

Key Areas Reviewed by ERISA Auditors

Do the plan documents match the way the plan is being administered?

Every retirement plan operates according to a written plan document. This document is like the rulebook for the plan, and it should list eligibility requirements and other key administrative procedures. Auditors compare day-to-day operations to the written document to see that they are aligned. Because laws and plan administration change over time, plan documents need to be updated regularly. Auditors also review fiduciary oversight. They want to see evidence that plan fiduciaries are actively monitoring the plan and making decisions in the best interest of participants. They may also review meeting minutes and other communication on plan administration.

Are eligible employees being identified and enrolled correctly?

Accurate employee records are critical to plan administration. Key information includes the hire date, termination date, hours worked and compensation can all affect when an employee becomes eligible to participate. Auditors closely review participant records to confirm that eligibility was determined correctly and that employees were given the opportunity to enroll within the correct time frame. Simple mistakes in the data can lead to audit findings and required corrective action. This area has been a focus in recent years partly because of new long-term, part-time (LTPT) employee rules that state these employees need 500 hours annually for two consecutive years (rather than the previous stipulation of three years) to qualify for plan participation.

Are contributions reaching the plan on time?

One of the most common findings during employee benefit plan audits is late remittance of contributions. Once employee deferrals are withheld from payroll, they generally must be deposited into the plan as soon as reasonably possible. Auditors closely review payroll records and contributions to see that employee and employer contributions are being deposited according to the rules. There are several correction programs to help employers fix mistakes, however, penalties may apply.

Is the plan meeting nondiscrimination requirements?

Retirement plans under audit are subject to annual nondiscrimination testing, most notably the ADP and ACP tests. These tests follow strict rules to show that the plan does not have an outsized benefit for owners, executives, and other highly compensated employees (HCEs). In order to pass, auditors look at employee classification, participation rates, and contributions, so plan sponsors often track these metrics throughout the year and adjust as needed. If the plan fails the testing requirements, it must be corrected right away in order to preserve the plan’s qualified status.

Best Practices for Plan Sponsors

Plan sponsors can reduce audit risk and improve compliance with a few proactive practices, including:

Review plan documents to confirm they reflect current regulations and plan operations.
Keep records of any plan-related meetings and communications.
Check employee data for accuracy across departments and any TPAs.
Standardize procedures to ensure timely deposits of both employer and employee retirement contributions.
Stay current with information issued by the DOL and IRS, including any information related to SECURE 2.0 compliance.