403(b) Plans
Part II – what can you expect from your auditor
You need an audit – what you can expect
This ErisaALERT is the second in a series covering issues facing 403(b) plan sponsors. Our first in the series discussed the rules regarding who is subject to an audit as well as tools available to help you select an auditor. This issue will address what to expect from your auditor during the audit process and the last issue in the series will address gathering the data the auditor will need.
The First Steps
It all boils down to questions and answers, data requested and data provided. The auditors will ask a lot of questions, request a lot of plan information and then carefully examine your answers and the information you provided. It pays to be prepared!
Questions
There will be questions for management, service providers and internal staff responsible for operating the plan. The questions range from general questions to the details of procedures and controls. The following is a sampling of questions from Questions to Expect from Your Plan Auditorwhich can be found at the AICPA Employee Benefit Plan Audit Quality Center:
- Have there been any participant complaints?
- Who prepares the Form 5500s and plan financial statements? What are their qualifications and experience?
- Who is responsible for reconciling third-party records and reports?
- Have there been any changes in plan management or internal systems (e.g., payroll, human resources, in-house recordkeeping, etc.) during the year under audit?
- Who reviews service-provider activity to determine whether services are compliant with agreements, contracts and/or other such agreements?
- Have there been any changes in service providers (e.g., trustee/asset custodian, investment managers, recordkeeper, legal counsel, etc.) during the year under audit?
- Do any of the service providers provide SAS 70 reports? Are they Type I or Type II reports?
- What functions are managed by third-party administrators (benefit approval, benefit payment, tax compliance)?
Data Requests
Once again the AICPA’s Employee Benefit Plan Audit Quality Center provides guidance. In its Sample Auditor Request List for Plan Information, you may be asked to provide (among many other items):
- Executed copies of the latest plan documents and trust agreements, plus any amendments as well as agreements with service providers
- Copy of the summary plan description (SPD) and, any summary of material modification (SMM)
- Sample of enrollment packages provided to employees
- Listing of members of the board of directors/trustees, audit committee and internal committee responsible for plan oversight/governance as well as key accounting and management personnel associated with the plan, including contact information
- Copy of employee handbook or personnel manual
- Copies of minutes from board/committee meetings
- Number of eligible plan participants at the beginning and end of the plan year
- Copies of any procedural/process memos or flowcharts detailing the key controls of the plan (eligibility, contributions, distributions, payroll, etc.)
- Year-end reporting packages from third-party administrator (most recent plan year activity, when available) and investment statements
- Copy of the year-end compliance testing required by the Internal Revenue Code including documentation of any action required by the testing results including: universal availability testing, IRC §402(g) deferral limit testing and IRC §415 annual additions limit.
Bottom Line
Without planning, the information requested and the questions asked about the form and operation of 403(b) plans can be overwhelming to plan sponsors and their service providers.
What steps should you be taking now:
- Indentify who will be the internal point person for the audit; if you don’t have the personnel or are concerned that you may lack the expertise, get help!
- Review the available information provided by the AICPA and think about where you get the information; you should start gathering some of the information. (contracts, compliance testing results etc.)
- Talk to your service provider if you haven’t already done so; ask what information your service provider can give to your auditors.
- Begin the dialog with your auditors; when will the audit begin, how long can you expect it will take; based on the auditor’s experience how much of your time will be involved.
Note: all links are active as of the date of issuance of this ErisaALERT.
Disclaimer: This material is for the sole purpose of providing general information and does not under any circumstances constitute legal advice and should not be used as a substitute for legal advice. You should seek the advice of counsel when applying the requirements to your plan. For more information on this ErisaALERT contact us by phone at 610-337-7270 and ask for Paul Protos or 610-524-5351 and ask for Mary Andersen or 973-994-7539 and ask for Theresa Borzelli.
