Are you preparing for your company’s first retirement plan audit? Has it been several years since your last retirement plan audit? Maybe your employee count is low enough that you don’t even need an audit yet. Whatever your situation, it is important to understand the operations of your plan and what controls should be in place. Following are the biggest pieces to consider when going through a plan audit.
Your plan’s service providers may include custodians, trustees, investment advisors, record keepers, payroll providers, actuaries, valuation experts, etc. Whatever their role, these organizations are required to provide independent audit reports of their internal controls – otherwise known as SSAE 16 reports (Statement on Standards for Attestation Engagements 16). It is essential to contact your service provider annually to obtain their SSAE 16 report. Review it to identify any exceptions in internal controls and determine what controls the plan sponsor should have in place.
The simplest method for documenting what controls are in place is to create a file that outlines:
You should keep a copy of all documents related to your plan. This includes:
Auditors will need various documents depending on materiality and samples selected for testing. Here is a list of some of the additional documents the auditor might request:
Trust statements
Signed certification (see below)
Participant level reporting
Contribution list by participant
Distribution list by participant
Listing of participant loans
Draft Form 5500
Compliance testing
Date of birth
Date(s) of hire
Date(s) of termination, if applicable
Plan compensation (The plan document will define what is included and excluded from gross wages for calculating contributions.)
Deferral contributions
Roth contributions
Matching contributions
Any other employee or employer contributions
What’s the difference between a full scope and limited scope audit? A limited scope audit can only be performed when a certification is provided by a bank, trust company, or insurance company that is regulated by a state or federal agency. They must certify to the completeness and accuracy of the trust statements they are providing. This certification allows the plan sponsor to request the auditor not perform auditing procedures related to the investments and investment income of the plan. The auditor would still need to test participant level transactions. The advantage of a limited scope audit is primarily cost. Because the auditor won’t be performing audit procedures for investments and investment income, audit fees are typically lower.
A full scope audit would require the auditor to perform audit procedures on investment, investment income, and participant level transactions. Due to the additional audit procedures required, the cost to perform a full scope audit will be higher. There may be reasons to have a full scope audit performed even when a certification can be provided by the service provider.
This level of detail may seem overwhelming. Kruggel Lawton professionals have assisted hundreds of clients who have plans ranging in size from $500,000 to $300 million. We’ll help you prepare for the audit, provide guidance on how to review an SSAE 16 report, and work with you and your service providers to ensure an efficient and timely audit. Give us a call or send us a message! You can also learn more about our Employee Benefit Plan Audit services here.
Written by: Steve Beasy, CPA - Partner
Email Me
Phone: 574.264.2247, x333