COVID-19 Resources

What You Need to Know About New EBP Audit Requirements

Written by Missy Herbert on February 12, 2021

EBP Audit requirements image Warren Averett

Change is coming. Will you be prepared?

Each audit of employee benefit plan (EBP) financial statements covered by The Employee Retirement Income Security Act of 1974 (ERISA) ending on or after December 15, 2020, is subject to new standards introduced by the American Institute of Certified Public Accountants (AICPA).

Updates to EBP Audit Requirements 

The AICPA formalized the Statement on Auditing Standards (SAS) 136: Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA to simplify employee benefit plan audits in terms of the auditing process, as well as the reporting of audits.

These changes were introduced in response to a Department of Labor (DOL) report that found almost 40% of ERISA audits contained major deficiencies. The DOL, in conjunction with the AICPA, addressed these prevalent issues by way of introducing new standards that are designed to improve the quality of audits and enhance the value of the audit reports.

Specifically, these new standards apply to all year-end audits being conducted in 2021. The majority of changes resulting from these new accounting standards apply to the auditors, but there are also EBP audit requirements that apply to plan administrators.

Changes that Relate to Plan Administrators

Plan administrators have additional requirements for the auditing process. Specifically, plan administrators must provide auditors written support that details their due responsibility in the following:

  • Administering their EBP
  • Maintaining updated documents that govern their EBP
  • Maintaining records of activities and participants of their EBP
  • Confirming transactions reported in financial statements are in compliance with plan provisions

Another significant change brought forth by these new guidelines relates to Form 5500. Plan administrators are now required to provide auditors with a draft of their Form 5500 prior to the auditor dating the final audit report.

This draft needs to include all relevant documentation as well as supplemental schedules that relate to the information contained in Form 5500, both qualitatively and quantitatively.

New Requirements for Administrators 

SAS 136 places additional responsibilities in each phase of an EBP audit.

These new requirements cover areas that include risk assessment and response, performance procedures, engagement acceptance, dialog with those tasked with governance and reporting.

SAS 136 also features additional engagement acceptance duties and responsibilities of management regarding investment certification for an ERISA Section 103(a)(3)(C) audit, formerly known as a limited scope audit.

An auditor is required to inquire about the process of how management evaluated the third-party provider of investment information as being appropriately qualified.

Management Responsibilities 

The standards for an EBP audit set out the responsibilities of the plan’s management team.

As part of the pre-conditions of the audit engagement, an EBP auditor will request written documentation that your management team is responsible for making sure your plan is compliant. This step includes ensuring that plan documents remain current and plan distributions and contributions are in line with the provisions of the EBP.

A critical area of an audit of an EBP involves determining if plan liabilities are accounted for accurately in all financial statements. Your auditor will assess whether your plan obligations are estimated accurately and properly contained within your financial statements. Commonly, this step of the audit process involves the expertise of an actuary in order to assess plan obligations accurately.

Investment Certification Information 

Depending on whether your EBP is subject to a limited scope or a full scope audit, there are significant differences in the way that investments are tested. These differences represent significant ramifications for your audit, considering investments comprise the largest share of assets for an EBP.

A full scope audit involves various methods to assess whether, in fact, the investments are owned by the EBP, the investments are accurately recorded, the value of assets is determined correctly as of the date of the preparation of financial statements, and that all investment assets are accounted for in financial statements.

Also, a full scope audit determines whether the investment transactions and required disclosures follow the investment policies outlined in the EBP. The auditor will also analyze income records of the investments contained in the EBP.

If you opt for an ERISA Section 103(a)(3)(C) audit, you must provide written representations concerning the reliability of all certified investment details. This type of audit does not include the auditing of certified investment information, but does include examining the allocation of investment income to the participant accounts.

Subsequently, the auditor will assess these details and issue an opinion on the disclosures and amounts contained in the financial statements.

Form 5500

Under the new ERISA EBP audit guidelines, which generally begin with audits in 2021, plan sponsors must produce a completed or a substantially complete draft of Form 5500.

This requirement allows the auditor to examine documents for material misstatements of fact and material inconsistencies. This step is accomplished prior to the dating of the auditor’s report.

A substantially complete draft of Form 5500 includes all related schedules and forms associated with this document. If the auditor finds any issues related to the information disclosed with Form 5500, he or she is required to determine whether any revisions are required of the Form 5500 or the audited financial statements for all plans falling under the scope of ERISA.

Limited Scope Audits 

One of the significant changes to EBP audit requirements involves limited scope audits, renamed an ERISA Section 103(a)(3)(C) audit.

Under the new guidelines, plan administrators need to detail their responsibilities for investment certifications and all certifying institutions before the audit begins. This is performed by way of an engagement letter that specifies the process of certification, details the qualifications of the certifying institution, and declares that the plan administrator has verified that the certification is valid.

Notably, a limited scope audit will no longer feature a disclaimer of opinion for certified investment information. The auditor will instead offer their opinion on the presentation of all information now covered by the certification and detail the association of financial statements and certified investment information.

The Experts at Warren Averett Can Help

Administering an employee benefit plan that complies with EBP audit requirements can be challenging. For help in navigating this dynamic landscape, contact the audit experts at Warren Averett.

New call-to-action

Back to Resources
Top