Los Angeles and Orange County employer sponsored retirement plans with 100 or more eligible participants will soon be impacted by changes contained in Statement on Auditing Standards (SAS) 136, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA. The new standard makes several changes to management’s involvement, auditor testing, and reporting requirements. The purpose is to overcome chronic plan audit quality issues and increase transparency. It also includes a new plan audit format, Section 103(a)(3)(c) audits which replaces the limited scope option. Other changes include an expanded engagement letter to detail the auditor’s responsibility of the audited financial statements and management’s responsibility for plan maintenance and financial reporting. In addition, the auditor’s report is expanded to include auditor and management responsibilities. Since the changes are effective starting on December 15, 2021, it is important for plan sponsors to become familiar with the changes. To help clients, prospects, and others, JLK Rosenberger has provided a summary of the key details below.
Benefit Plan Audit Deficiencies
A Department of Labor (DOL) report published in 2015 found that 39 percent of plan audits had serious deficiencies. When encountered the Form 5500 filing is rejected opening the door to fines and penalties. It is estimated these deficiencies could have potentially compromised around $653 billion in participant retirement assets. Since then, the American Institute of Certified Public Accountants (AICPA) has been working to improve plan audit quality. This includes the introduction of the Employee Benefit Plan Audit Quality Center that offers ongoing training, education, and planning tools to help members identify common deficiencies. The most common issues amongst all plan types include:
- Not properly applying risk assessment standards.
- Lack of audit documentation of procedures performed.
- Insufficient audit testing when engaged to perform a limited-scope audit.
- Insufficient audit testing of investments in full-scope audits or of investments not covered by the certification in a limited scope audit.
- Failure to obtain proper management representations.
- Improper auditor report issued.
- Insufficient testing of allocations to individual participant accounts.
- Failure to evaluate investment contracts for benefit responsiveness.
- Insufficient testing of compensation.
- Insufficient documentation of consideration of the existence of prohibited transactions.
- Insufficient testing of participant benefits, distributions, and withdrawals.
New Employee Benefit Auditing Standard Explained
SAS 136 addresses these issues and goes one step further. The new regulations enhance and clarify what plan management and auditors are responsible to complete. Expect changes in audit procedures, more communication, modified engagement letters, and a different auditor’s report.
The auditor’s report will now contain the following information:
- Professional judgments and skepticism.
- Auditor’s communication with plan management, sponsors, and/or fiduciaries.
- When needed, management’s responsibility for assessing going concern and the auditor’s subsequent acknowledgment of management’s assessment.
The engagement letter will now contain an outline of management’s responsibilities to maintain a plan instrument, administrative duties, record-keeping requirements, benefits, and financial statements. Plan sponsors also have more responsibilities, including:
- Determining whether the firm meets ERISA and AICPA qualifications to perform the audit,
- Recognizing in writing that an audit under ERISA is allowed, and
- Documenting all the above assessments.
Plan management must also provide a substantially completed Form 5500 draft before the audit report can be issued.
Further, the audit report will be more substantive. Auditors must now communicate additional reportable findings, including:
- Confirmed or suspected instances of non-compliance with laws or regulations.
- Findings the auditor believes is significant and relevant to financial oversight.
- Internal control deficiencies that haven’t been previously communicated.
Finally, limited scope audits are now known as ERISA Section 103(a)(3)(C) audits. This is still a cost-saving option for some plans as it does not require audit procedures over certain investments and investment income. However, plan management must ensure proper certification from a qualified institution.
The upcoming changes to benefit plan audits will mean an enhanced process for Los Angeles and Orange County plan sponsors. These changes will mean additional work for management before and during audit fieldwork. If you have questions about the information outlined above, or need assistance with your next 401k plan audit, JLK Rosenberger can help. For additional information call us at 949-860-9902 or click here to contact us. We look forward to speaking with you soon.