Annual Plan Audit: An Auditor's Perspective
Does your plan require an annual audit? If your eligible participant count (including terminated employees who maintain an account balance) exceeds 100 at the beginning of your plan will you be required to conduct a benefit plan audit including financial statements attached to the Form 5500 (the one exception is the *80-120 rule.) The audit is intended to confirm the plan is operating within the guidelines of the plan documents and follows specific Department of Labor and IRS regulations.
This article identifies auditors concerns in areas of plan management that may lead to plan fiduciary exposure to litigation and regulatory breaches. The main differences auditors find are:
• Documentation for all fiduciary level decision-making: ERISA fiduciary decision-making must follow the ERISA definition of procedural prudence, which entails a specific and rigorous process.
• Establishment of Retirement Plan Committee: Every Retirement plan should establish oversight committee which meets regularly to review plan status and conduct plan management functions. This committee should be memorialized with a committee charter identifying fiduciaries and their functions and should be adopted via a board resolution.
• Formal Investment Policy Statement (IPS): An IPS provides a “road map” which must be followed for selection and monitoring all investments within the plan. A non-executed (unsigned) IPS is typically perceived by regulators and courts as not having of an investment process, which may result in an indefensible fiduciary breach of duty.
• Definition of compensation: Definition of compensation is not always a simple matter. Because your plan may use different definitions of compensation for different purposes, it’s important to apply the proper definition for deferrals, allocations, and testing. A plan’s compensation definition must satisfy rules for determining the amount of contributions. If the definition of compensation found in the Plan Document is not administrated precisely for 401(k) purposes a fiduciary breach is likely. This can be a costly oversight.
• Minutes from retirement plan oversight committee meetings: Each Plan Committee meeting, with topics discussed and conclusions, must be documented to affirm procedural prudence.
• Definition of eligible employee: Definition of an employee, much like that of compensation, is sometimes misunderstood or inaccurately administered. An example would be that of part time employees being ineligible for plan participation. The term part time employee itself has no meaning under ERISA which focuses on hours worked when attributing eligibility to employees. This issue is often misunderstood.
• Documentation of service provider selection and monitoring: This issue is very important for many reasons. Those most impactful on plan fiduciaries are determining reasonableness of fees, services, and investment opportunities. The documentation of this process, in accordance with procedural prudence, is essential for fiduciary liability mitigation as it is the cause of much litigation.
• Cybersecurity controls: Plan Sponsors need to be mindful about the sensitive data they manage on behalf of retirement plan participants: their dates of birth, Social Security numbers and account balances. Security breaches could occur through phishing, malware, or a stolen laptop, etc. This is a relatively recent but rapidly expanding area of potential fiduciary liability.
• Education to participants: In addition to providing all pertinent plan level information, it behooves plan sponsors to provide sufficient participant education such that participants are able to consistently make informed investment decisions.
• Delinquent remittances of EE deferrals: Delinquent remittances is a frequent and typically unintentional fiduciary operational breach. It has been stressed by ERISA and in litigation activity that participant deferrals should be remitted to the investment providers as soon as administratively feasible. This has been interpreted to mean as soon as you are able to remit payroll taxes.
• Plan Forfeitures: Plan Forfeiture administration is another often misunderstood or overlooked operational responsibility. Plan forfeitures, employer contribution amounts that accrue when an employee leaves the Plan and their account is not fully vested, should be allocated at the end of each plan year in which they were accrued. If you hold forfeiture allocation longer, this becomes a fiduciary breach and one which can be time consuming and administratively difficult to correct.
Please contact your financial professional with any questions you may have.
*The 80-120 rule provides an exception for growing businesses. If you (a) have between 80 and 120 participants, and, (b) were considered a small plan in the previous year, you can continue to file the shortened version of the form. When you report at least 121 participants, you must file as a large plan. If you file as a large plan after employing the 80-120 exception, you must continue to file as a large plan – even if your participant count drops below 120 – as long as you have at least 100 participants in your plan.
ACR#3288292 10/20