ERISA Audits: When Is One Required for Your Plan?

An audit under the Employee Retirement Income Security Act of 1974 (ERISA) is an independent examination of a company’s retirement plan. The primary goal is to ensure the plan is managed for the benefit of its participants and that its financial statements are presented accurately. This process protects the assets held within retirement plans, such as 401(k)s, from misuse. The audit confirms that the plan is operating in accordance with regulations set forth by the Department of Labor (DOL).

Determining the Audit Requirement

The necessity of an audit is directly tied to the number of participants in a retirement plan. A plan is considered a “large plan” and requires an audit when it has 100 or more participants on the first day of the plan year. For new plans, this count is taken on the last day of the initial plan year.

A specific provision, known as the “80-120 Participant Rule,” offers flexibility for growing plans. If a plan had between 80 and 120 participants at the start of the year and filed its previous Form 5500 as a “small plan,” it can continue to file as a small plan and forgo the audit. This exception allows a plan to avoid the audit requirement until the participant count reaches 121 at the beginning of a plan year. Once a plan files as a large plan, it must continue to do so, even if the participant count later drops below 120.

For plan years beginning on or after January 1, 2023, the count includes only individuals who have an account balance in the plan. This includes active employees currently contributing, as well as former employees who still maintain a balance. Beneficiaries of deceased participants who are entitled to benefits from the plan are also included in this count.

Information and Documents for the Audit

Preparation for an ERISA audit involves gathering a specific set of documents for the independent auditor’s review. These materials provide the evidence needed to evaluate the plan’s financial health and operational integrity. The auditor will request the following:

• Plan governance documents to understand the rules under which the plan must operate. This includes the formal plan document, the adoption agreement, any subsequent amendments, and the IRS determination or opinion letter providing evidence of the plan’s tax-qualified status.
• Financial records to trace and verify the assets held by the plan. The auditor will need complete trust or custodial statements for the entire plan year and a detailed trial balance. If the plan sponsor elects an ERISA Section 103(a)(3)(C) audit, a specific certification from the financial institution holding the assets is required.
• Data related to participants and their contributions to verify that transactions were handled correctly. This includes a complete employee census with names, hire dates, and compensation details. Payroll records are needed to trace employee deferrals and employer contributions, and records of participant loan repayments are also reviewed.
• Records for all money leaving the plan, such as paperwork for all distributions, rollovers, and new participant loans. The auditor will also ask for copies of agreements with all service providers and a draft of the Form 5500 to ensure the audited financial statements will align with the report being filed with the DOL.

The Audit Examination Process

The examination begins with an assessment of the plan’s internal controls. The auditor reviews the established processes for transactions, such as remitting employee contributions or processing distribution requests. This is done to evaluate the reliability of the systems in place and to determine the extent of further testing.

The next phase involves substantive testing, where the auditor selects a sample of transactions to verify their accuracy and legitimacy. An auditor might select a group of employees and trace their elected 401(k) deferrals from payroll records to the plan’s trust statements. This test verifies that the correct amounts were withheld and remitted to the trust in a timely manner as required by DOL regulations.

Alongside substantive testing, the auditor performs compliance testing to ensure the plan’s day-to-day operations adhere to the terms of the official plan document. This can involve reviewing the records of newly hired employees to verify they were offered enrollment into the plan as soon as they met the eligibility requirements. The auditor may also check that the correct definition of compensation was used when calculating employer matching contributions.

Throughout these testing phases, communication between the auditor and the plan sponsor is ongoing. The auditor will have questions and require clarification on specific transactions or procedures. This interactive process helps the auditor gain a complete understanding of the plan’s operations and allows the sponsor to provide context for unusual items.

The Auditor’s Report and Filing

The culmination of the audit process is the independent auditor’s report, which expresses an opinion on the fairness of the plan’s financial statements. The most common and desirable outcome is an unmodified, or “clean,” opinion. For a full-scope audit, this signifies that the financial statements are presented fairly, in all material respects, in conformity with U.S. accounting principles.

When an ERISA Section 103(a)(3)(C) audit is performed, the auditor issues a different type of unmodified opinion. This report has two parts. One part opines on whether the financial information not covered by the certification is fairly presented, and a second opines on whether the certified investment information matches the certification.

In some cases, the auditor may issue a qualified opinion, which indicates that the financial statements are fairly presented, but there is a specific, isolated issue that deviates from accounting standards. An adverse opinion is more serious and states the financial statements are materially misstated. A disclaimer of opinion is issued when the auditor was unable to obtain sufficient evidence to form an opinion.

The final step is for the plan administrator to attach the complete auditor’s report to the annual Form 5500 filing. This report, including the audited financial statements and supplemental schedules, must be submitted electronically to the Department of Labor. The filing deadline is seven months after the end of the plan year, though a two-and-a-half-month extension can be requested.