What Can I Do to Prepare for a 401k Audit? [This and Other FAQs About 401k Audits Answered]

Written by Missy Herbert, Dana Canterbury on December 21, 2020

Warren Averett 401k audit image

During a 401k audit, the auditor may identify practices, procedures and other internal processes that have the potential to cause plan compliance issues or need improvement. To ensure that your company is prepared for your 401k audit, and to avoid potential scrutiny regarding your fiduciary responsibility with respect to internal controls, plan compliance and best practices, there are a number of steps to consider as described below.

When Does My 401k Plan Need an Audit?

The general rule is that you need a 401k audit when your plan has more than 100 eligible participants as of the first day of the plan year. The audit needs to be performed within seven months following the last month of the plan year, though it’s possible to apply for an extension of an additional two and a half months.

The COVID-19 pandemic has caused some changes to the audit requirements. Contact Warren Averett for advice if you remain unsure of your responsibilities.

Who Is Considered an Eligible Participant?

An eligible participant refers to all active employees, as well as employees who have met the eligibility requirements but aren’t yet participating in the plan. In addition, terminated employees with a balance in the plan as of the first day of the plan year are also considered to be eligible participants.

What Is Involved in a 401k Audit?

401k plan audit requirements focus on two key aspects:

  • Financial reporting – The audit will verify the accuracy of all financial information contained in Form 5500 and relevant financial statements.
  • Compliance – The audit will determine whether the 401k plan complies with the IRS and Department of Labor (DOL) regulations and the plan documents associated with the plan.

What Can I Do to Prepare for the 401k Audit?

It is important to prepare for your 401k audit. In doing so, you ensure that the audit is more resource- and time-efficient for your staff, company and the auditor. Specifically, there are four 401k plan audit requirements you can focus on to ensure the process proceeds as smoothly as possible.

1. Organize Your Documents

The starting point of any 401k audit is providing plan-related documents to the auditor, so it’s in your best interest to ensure that your plan-related documents are current, organized and easily accessible.

This applies to not only your independent audit but also to your 401k plan if it is selected to be audited by the DOL.

The required documents for a 401k audit include:

  • Executed plan document, which includes the executed adoption agreement or volume submitter plans
  • IRS determination for the executed plan document
  • Historical and current plan summaries and descriptions of material modifications
  • Executed amendments to plan documents
  • Executed board minutes related to the plan
  • 401k minutes of the executive committee or other governing committee
  • Copies of the prior years’ Form 5500
  • Recordkeeping and trust agreements with plan recordkeeper and custodian
  • Copy of the fidelity bond insurance of the plan
  • Copies of the prior years’ audited financial statements
  • Other significant correspondence or agreements pertaining to the plan

2. Familiarize Yourself with Your Fiduciary Responsibility

Oversight of a 401k plan and effective fiduciary policy and oversight are critical elements in sound internal controls. Many plan sponsors may be unaware of the associated risks in being a fiduciary and that they could be liable for any breach in their responsibilities.

Many sponsors are not even aware that they are fiduciaries of the company’s 401k plan. Someone is a fiduciary of a 401k plan if the following criteria are met:

  • Exercise control or discretionary authority over plan assets
  • Exercise control or discretionary authority over plan management
  • Have responsibility or discretionary authority over plan administration

There are effective methods for fiduciaries to act in the best interests of plan participants and protect themselves from any liability. These best practices should include:

  • Develop investment policy
  • Keep committee minutes
  • Establish a 401k administration committee
  • Assess administrative fees associated with the plan
  • Seek external investment advice
  • Conduct community meetings regularly

3. Understand Operational Compliance

If a 401k plan is not operating according to the plan document specifications, the sponsor and plan have compliance issues. These must be addressed, and the plan must be brought into compliance with the DOL and IRS regulations.

There are many potential sources of errors that cause compliance issues. Some of the more common examples include:

  • Lack of review concerning the definition of compensation and payroll systems
  • Lack of cohesion between plan provisions and actual practices
  • Lack of timely deposits of participant deferrals

4. Review Your Internal Controls

A common challenge for smaller private businesses is that controls are often not prioritized when staff totals are less than 100 employees. Many sponsors misjudge that if an outside recordkeeper and custodian handle their 401k plan, then fraud or errors are unlikely to occur. Unfortunately, when there is a lack of oversight present, there is always the possibility of fraud to occur.

Many third-party administrators (TPA) produce a System and Organization Controls Report (SOC 1) that details the control structure in place, as well as often contains results and tests of the control structure effectiveness. These can be valuable for auditors and sponsors in examining the plans that they administer. Note that there is a section in the SOC 1 that outlines what plan sponsors need to do to effectively utilize the TPA.

What else do I need for Form 5500?

The 401k audit is a key step in fulfilling the requirement to file a Form 5500 for both small and large business entities. However, if you are considered a large plan, there are additional reports that are required for the audit and for the Form 5500 process.

Specifically, a large 401k plan must have a Schedule H attached to Form 5500. This supplementary document requires greater detail than the short form filing (Form 5500-SF). All details, as part of this form, must be reviewed by the auditor.

How do I get help with my 401k audit?

The more knowledgeable you are of the 401k audit requirements, the more prepared you are for your 401k audit, and the more efficient the entire process will be for your staff, company and the auditor.

If you need help navigating the process of managing your 401k audit, contact the benefit plan advisors at Warren Averett.
Employee Benefit Plan Audit - Download the Guide!

Back to Resources