Audits of financial statements are key factors to establish trust and reasonable assurance of your company’s financial reporting. It is common practice to hire an independent certified public accountant (CPA) to obtain reasonable proof that your financial statements are fair and accurate.
Employee benefit plan (EBP) financial statements are no different. It is critical to understand what an employee benefit plan audit entails and why it is an important process for your company.
The principal objective of an employee benefit plan audit is to provide information that is useful in assessing the plan’s present and future ability to pay benefits.
Testing for reasonable assurance and accuracy is important due to the multiple parties involved in the financial reporting process for an employee benefit plan. Typically, EBP financial reporting requires multiple participants including the plan sponsor’s financial accounting and human resources department, a third-party administrator, investment trustees and custodians, an actuary, ERISA legal counsel and an independent auditor.
Also, for an employee benefit plan audit, the plan’s financial reporting and audit environment are considerably unique and elevate the complexity of the audit. Among these unique characteristics are the nature of plan operations, the various laws, Department of Labor (DOL) and Internal Revenue Service (IRS) regulations, special reporting and audit requirements. In addition, other possible complicating components are plan documents, plan mergers, freezes or terminations and changes in service organizations.
Generally, the Employee Retirement Security Act of 1974 (ERISA) requires employee benefit plans with 100 or more participants to undergo an independent financial statement audit. It is part of the plan sponsor’s obligation to file a Form 5500.
What is ERISA?
At its core, the Employee Retirement Security Act of 1974 is a federal law that establishes minimum standards for most retirement and health plans in the private industry. Its primary goal is to protect individuals and their benefits. The law implements rules that qualified plans must obey to ensure that plan fiduciaries do not misuse plan assets. Additionally, the law requires plans to provide participants with information regarding plan features and funding free of charge.
Among the other standards in place are those for participation, vesting, benefit accrual and funding. The detailed funding rules require plan sponsors to provide adequate funding for the plan. Also, the law defines the length of time a person must work in order to qualify for plan participation, accumulate benefits, and obtain non-forfeitable rights to those benefits.
In most cases, ERISA does not cover plans established or maintained by government entities, churches for their employees, or plans maintained solely to comply with applicable workers compensation, unemployment or disability laws. It also does not cover plans outside of the United States.
Employee benefit plan financial statement audits provide an independent, third-party opinion to the participants, plan management, the DOL and other interested parties. The audit assesses the plan’s present and future ability to pay benefits.
A financial statement audit works to protect the financial integrity of the employee benefit plan, which in turn allows users to determine whether the necessary funds will be available to pay retirement, health and other promised benefits to the plan participants. The audit may also assist plan management in enhancing and streamlining plan operations by evaluating the strength of the plan’s internal control over financial reporting and identifying control weaknesses or plan operational errors. Furthermore, the audit helps the plan sponsor carry out its legal responsibility to file a complete and accurate Form 5500.
The auditor’s primary objective, under professional standards, is to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error. Subsequently, the auditor reports on the financial statements in accordance with their findings. In addition, the DOL expects the independent auditor to submit an opinion on the material fairness and accuracy of the DOL-required supplemental schedules attached to the Form 5500.
In order to achieve their objectives, the auditor plans and performs the audit to obtain reasonable assurance about the detection of material misstatements. They do so by assessing the reliability, fairness and appropriateness of the plan’s financial information as reported by plan management. Furthermore, the auditor tests evidence supporting the amounts and disclosures in the plan’s financial statements and DOL-required supplemental schedules of Form 5500, considers the accounting principles and significant accounting estimates made by management, and evaluates the overall financial statement presentation to form an opinion on whether the financial statements as a whole are free of material misstatement.
According to the American Institute of Certified Public Accountants (AICPA), financial statement audits for employee benefit plans typically cover the following areas:
Let’s take a closer look at each audit area.
1. Contributions from the employee and employer
The auditor tests contributions from the employee and employer to conclude whether the amounts received by or due to the plan are properly determined, recorded and disclosed in the financial statements. It also reveals whether any appropriate allowances have been made for uncollectable amounts.
2. Benefit payments
Through benefits tests, the auditor determines whether payments are in accordance with plan provisions and related documents. These tests also verify payments are for or on behalf of the individuals entitled to them and only those individuals. Additionally, the benefits tests assess the accurate allocation of recorded transactions to the proper account, amount and period.
3. Investments and investment income
In a full scope audit, the auditor applies procedures to determine whether investments are properly recorded, owned by the plan, valued as of the financial statement date (generally at fair value), and presented in the financial statements. The auditor also ensures the presentation of appropriate related disclosures, and that investment transactions follow the plan’s established investment policies. The auditor also tests the records of income from the plan’s investments.
On the other hand, in a limited scope audit, the auditor does not audit the certified investment information. This is particularly notable as investments are typically the most significant plan assets. However, auditors do test the allocation of investment income to individual participant accounts and evaluates the presentation of the investments in the financial statements and verifies the inclusion of appropriate related disclosures.
4. Participant data and allocations
The auditor applies procedures to relevant participant data, such as demographic data, payroll data relevant to determining contributions and benefit payments, participant elections, and benefit data to determine whether all covered employees have been properly included. This process also reveals whether plan management and the plan actuary had access to accurate participant data, if applicable.
The auditor completes this work concurrently with other audit areas such as contributions or benefits testing. They also test whether investment income has been properly allocated to individual participant accounts.
5. Liabilities and plan obligations
The auditor performs tests to determine whether the financial statements include reports of all plan liabilities. In a defined benefit plan, the auditor tests plan obligations to determine that they are properly estimated and reported in the financial statements. Testing plan obligations typically relies on the work of an actuary.
6. Loans to participants
Further tests of loans to participants and the related interest reveal whether the amounts due the plan have been properly identified, valued, recorded or disclosed in the financial statements.
7. Administrative expenses
Expense tests determine whether or not they followed agreements and received proper classification. The tests also reveal whether the financial statements show accurate records and disclosures related to administrative expenses.
Typically, auditors perform audits and report on the reporting entity’s financial statements, including all assets, liabilities and obligations, and financial activities. These particular audits, known as full scope audits, do not include client-imposed scope limitations or other restrictions.
However, ERISA is unique in that, upon satisfying certain criteria, it permits plan management to instruct the auditor to limit the scope of testing investment information. A limited scope engagement must be supported by a certification from a qualified entity as to both the accuracy and completeness of the plan’s investment information. This means that the auditor receives a certification statement from a bank or insurance company certifying that the investment information is complete and accurate. As such, there are no tests for the internal controls over the investments. Plan management is responsible for verifying that the limited scope conditions are satisfied.
What does a limited scope audit entail?
Under the parameters of a limited scope engagement, the auditor does not test the certified investment information. As noted above, this is important because investment information explains the most significant plan assets. Instead, the auditor continues to test participant data, including investment income allocation to individual participant accounts, and reviews contributions, benefits payments and other uncertified information.
Although an auditor performs the necessary processes on everything except the investment information, they disclaim an opinion – meaning the auditor cannot express an opinion – on the financial statements because of the significant portion of unaudited information (the investments).
Limited scope audits are not acceptable to the Securities and Exchange Commission (SEC) for the purposes of employee benefit plans filing Form 11-K with the SEC.
As of July 2019, the AICPA Auditing Standards Board (ASB) issued the final iteration of the Statement on Auditing Standards (SAS) No. 136, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA. The new standard is effective for audits of periods ending on or after December 15, 2020.
The new SAS, known colloquially as the EBP SAS, details new performance requirements for audits of employee benefit plan financial statements subject to ERISA. It also changes the form and content of the coinciding auditor’s report. More specifically, while it does not eliminate a limited scope engagement, it clarifies auditor expectations in those situations. Furthermore, the updated auditor’s report in these engagements provides greater transparency about the scope and nature of the audit and describes the procedures performed on the certified investment information.
For more information, please refer to the AICPA’s FAQ on the new standard.
For more information on this topic or to learn how Baker Tilly specialists can help, contact our team.