Employee benefit plans such as 401(k) plans are required by the Employee Retirement Income Security Act of 1974 (ERISA) to have an annual audit if there are 100 or more eligible participants at the beginning of the plan year. These audits provide information so the users are able to assess the plan's financial condition and identify any operational errors or control weaknesses of the plan. Initial audits can seem overwhelming and present challenges for the plan sponsor; however, proper planning can help to alleviate the challenges. In this article we discuss how to best plan and alleviate stress that can accompany a first-time 401(k) plan audit.
How do I know if my plan requires an audit?
The answer to this question depends on whether you qualify as a small or large plan when completing and filing the Form 5500, which is the annual report filed with the U.S. Department of Labor (DOL) that includes information about a company's employee benefit plans. If the plan has fewer than 100 eligible participants at the beginning of the plan year, then the plan is considered a small plan and no audit is required. If the plan has more than 100 eligible participants on the first day of the plan year, the plan is considered a large plan and would be required to complete Schedule H on the Form 5500 and include an audit with the filing.
There is one exception known as the "80/120 rule," which allows some small plans to avoid the audit requirement. If your plan has between 80 to 120 eligible participants on the first day of the plan year, then the plan sponsor may elect to file in the same manner in which the plan was filed in the prior year. For example, if a plan has 85 eligible participants on January 1, 2017, it may file in the same manner that it filed in the previous year; therefore, if the plan filed as a small plan in the prior year, it may file as a small plan again. You may elect this exception multiple times, but once the plan exceeds 120 eligible participants, the plan is no longer able to elect the exception allowed by the "80/120 rule." In essence, once a plan has been filed as a large plan, it may not be considered filing as a small plan unless the eligible participant number drops back down below 100.
Who is considered a participant in the plan?
For purposes of determining the audit requirement, you must determine the number of eligible participants. Eligible participants are all employees who are eligible to participate in the plan, regardless of whether or not they are making contributions to the plan. Eligible participants also include anyone who is not a current employee but has a balance in the plan, or their beneficiaries. There are instances when there may be less than ten people contributing to a plan, but they still meet the requirement of 100 eligible participants. The number of participants may not be the same on the last day of the year as it is in the following year, depending on the eligibility requirements of the plan.
When is the deadline for the audit?
If completing the Form 5500 as a large plan, the audit report and financial statements should be attached when filed. As such, the deadline is the last day of the seventh month after the plan year ends (July 31 for a calendaryear plan) with an optional two and a half month extension (October 15 for a calendar-year end plan).
Selecting an Auditor
Employee benefit plan audits can be complex, so choosing an auditor with the right experience is crucial. The following questions serve as a good guide for selecting an auditor for your plan:
- Is the firm a member of the American Institute of Certified Public Accountants (AICPA) Employee Benefit Plan Audit Quality Center (EBPAQC) Is the firm a member of the ? The AICPA has established this firm-based voluntary membership center for firms that engage in employee benefit plan audits. The AICPA also allows you to search for member firms of the EBPAQC who specialize in employee benefit plan audits.
- What is the size and experience of the engagement team? How do they further their professional development for employee benefit plan audits? Consider asking questions about how employees are trained, particularly for plan audits.
- Is the firm willing to share their recent peer review report? Members of the AICPA who provide assurance services are required to enroll in an approved practice monitoring program called the AICPA Peer Review Program. As part of the Peer Review Program, a firm is inspected every three years.
- Is the firm willing to share references for previous audits of other employee benefit plans? Vetting references can provide insight into the firm's experience.
- AICPA and the DOL require the auditor to be independent from the plan. Ensure your auditor is independent as you consider different audit firms.
- Are they properly licensed? Federal law requires a state license in order to conduct an employee benefit plan audit.
We recommend also consulting "The Importance of Hiring a Quality Auditor" from the AICPA EBPAQC, which is another advisory resource of information to help you select a quality auditor for your employee benefit plan.
PREPARING FOR THE AUDIT
As part of general auditing standards, an auditor must gain an understanding of the plan provisions and test operational compliance with those provisions. The rules of operation for a plan are within the plan document itself, so copies of the plan documents are typically the first items an auditor requests when conducting an initial audit. For a first time audit, the extent of the documents you need to provide to the auditor depends primarily on how long the plan has been in existence. The farther back the effective date of the plan, the more you need to keep and provide to the auditor.
What constitutes the plan document? The plan document is either an individually designed plan document (which is a plan just for you, typically drafted by an attorney), a volume submitter or prototype plan document (prepared by a third-party administrator or record keeper along with an adoption agreement), plus all amendments and restatements. Plan sponsors are required to keep the plan documents indefinitely as part of their permanent files.
Another area of focus for a first-time employee benefit plan audit is participant history. The auditor will need to test the reports and documents that support beginning participant balances. As such, it will be helpful and more efficient if plan sponsors are able to provide prior year participant level activity reports, as well as the support for key plan activity such as evidence of plan enrollment, deferral changes, distributions and loans. Having all relevant documents maintained, organized and accessible can make the audit process run smoothly.
Plan Level Records
In addition to participant level information, plan sponsors should also maintain records at the plan level, which includes historical Form 5500 filings, plan level activity reports, year-to-date payroll records, contribution records, employee census information and personnel files. Auditors will use this information for testing the areas of investments, loans, contributions, distributions, and benefit obligations.
Plan Processes and Procedures
During an initial audit, plan auditors will need to gain an understanding of the processes and procedures in place to ensure the plan is administered appropriately. First, we recommend that the plan sponsor identify who has primary oversight responsibility of the plan. As a fiduciary of the plan, this responsible person, or group of people, should be qualified to fulfill this responsibility, which could require training. In addition, operational employees from human resources, payroll, finance and management should receive the right training in their area of responsibility to function in compliance with plan provisions and ERISA. After identifying the person(s) responsible for the plan, we recommend establishing and documenting the processes and procedures in place to ensure the plan is administered appropriately. A policy which establishes a reliable system of internal controls can be a tremendous benefit in fulfilling compliance responsibility.
Your auditor may also ask to see copies of committee or board minutes, which are a great way to document considerations and decisions about the plan, including choosing service providers, investment strategies and monitoring expenses paid by the plan.
Considerations for Active and Inactive Participants
A participant's life cycle within the plan begins on their date of hire. New hires should be informed that the plan exists and be provided with basic information about their eligibility and the enrollment process. A participant is considered "active" when they reach the eligibility date. Plan sponsors should document notification of eligibility and enrollment. Once an employee enters the plan and becomes an active participant, they may be allowed to make contributions, take an in service distribution or loans. Oversight and documentation of these processes will help administrators avoid any mistakes that are not compliant with the applicable IRS rules.
A participant's lifecycle with the plan ends when their account balance is either fully distributed or forfeited. Your process documentation should assign the responsibility for accepting and processing any distribution requests to an individual within the plan sponsor organization. If a vesting provision exists within the plan, this individual should also be responsible for determining and reviewing credited service years. Procedures should also include at least an annual implementation of the force out provisions for participants with small balances. In addition, IRS guidance states that the plan's forfeiture account balance should be reduced to zero at least once a year, so having appropriate procedures in place will aid in meeting this requirement as well.
If you suspect you may need a first-time audit of your employee benefit plan, the first step is to determine your eligibility based on the Form 5500, and take time to review your plan documents. Work with a qualified employee benefit plan auditor to understand important timelines and due dates for the audit, and be prepared to address any audit findings that need attention.
For more resources and information regarding employee benefit plan audits, reach out to us at email@example.com, or contact the authors listed below.