View PDF

An employee benefit plan’s first audit is always a challenging process, but it need not be painful! Taking a few steps early on will save you a lot of time and stress when the auditors show up at your door. Here are a few tips to help you survive your first plan audit:

• 1. Plan Governance
  
  Solid, documented Plan governance is the foundation of a well-run plan. Most importantly, it should be clear who is responsible for overseeing the plan’s operations. Every plan should have a group charged with fiduciary responsibility and oversight for the plan. Generally, it’s best to have a committee in place to keep track of regulations, manage plan changes, monitor service providers, monitor the plan’s investment performance and plan costs and make decisions on changes to investment options. Keeping written minutes of committee meetings provides evidence that there is a formal decision-making process in place, and helps to document that the plan sponsor is meeting its fiduciary responsibility. At the beginning of the audit, your auditors will inquire who is charged with governance and how those duties are carried out. This information is used both to evaluate the Plan’s internal control structure and for reporting purposes. At the end of your audit, a report will be made to the individuals who are identified as being charged with plan governance.

• 2. Monitoring Service Providers
  
  Most companies outsource at least one aspect of their 401(k) plan processing. Payroll, participant activity recordkeeping, and custody of assets are the most commonly outsourced processes. One important item to consider is the control environment of these service providers. A SAS 70 report provides information on the controls in place at a service provider, and, in the case of a Type II report, whether these controls are operating effectively for a specified period of time. This report gives a plan administrator valuable information. It details client responsibilities (user controls) that must be in place to ensure that the third party’s processing can be performed properly. This report also gives information on strengths and weaknesses at your service provider, which allows informed decisions on in-house controls. For example, if your recordkeeper has a lack of controls over loan processing, extra procedures may be required to assure that loans are reported correctly. During the audit, your auditors will request a copy of the SAS 70 report, and will want to verify that you a) have reviewed it and b) are performing the user controls listed in the report.

• 3. Investment Certification
  
  A number of defined contribution plans qualify for limited scope audits as defined by the Department of Labor. This reduces the audit procedures that are normally required to be performed on investments, and the overall length of the audit. In order to qualify for a limited scope audit, the following requirements must be met: the plan cannot offer employer securities as an investment option , and the custodian must be qualified to provide an asset certification. Generally banks, trust companies, and insurance companies may certify assets. Check with your custodian during the year to determine whether they can provide a certification of the investments and investment activity for the year. Generally, an auditor’s package is provided with the certification, and includes a number of reports that the auditors will need.

• 4. Plan Documents
  
  It is imperative to review the plan document. Yes, it’s a few hundred pages long, and has large chunks of legalese, but it’s worth it. The plan document spells out exactly how every aspect of the plan should operate. It’s best to go through the plan document thoroughly, long before it’s time to start the audit. This will help you get familiar with the details, and gives you the opportunity to make sure that your plan is operating in accordance with the plan document on a daily basis. In particular, take a look at how the plan defines compensation, and whether it matches up to the compensation being used to calculate payroll deductions and match or profit sharing calculations. It’s also very important to make sure that the document has been updated for any amendments that have been approved, and that the plan has been amended to reflect changes to laws and regulations. Knowing what’s in your plan document will help ease the audit process. After all, the plan document is the most important item to your auditors. Every element of testing, from contributions to distributions, is based on what is defined in this document.

• 5. Investments
  
  Reporting requirements vary based on the type of investments held by a plan. Does the Plan offer a stable value fund? If so, there are certain required disclosures for such investments. Does the Plan offer investment in Limited partnerships? Such investments are alternative investments. Investment valuation is at times an area requiring additional work for Plan Sponsors, as you are required to ensure that plan investments reported on Form 5500 and the audited financial statements are properly valued.

Now is the time to start planning for your plan’s first audit. Generally, the Department of Labor requires an audit for plans with more than 100 eligible participants at the beginning of the plan year. Getting an early start gives you and your auditors the necessary time to prepare for the upcoming audit, and will help you avoid the stress of a last-minute filing. With these five tips, you can hopefully have a pain-free initial plan audit.