When Is a 401k Audit Required for Your Plan?

Employers sponsoring 401(k) plans must navigate various regulatory requirements, including the annual 401(k) audit. This article clarifies when an audit is necessary and outlines the general process.

Understanding the Audit Requirement

The primary trigger for a 401(k) plan to undergo an annual audit is the “100-participant rule.” This rule states that a plan with 100 or more participants on the first day of its plan year is considered a “large plan” and must include an audit report with its annual filing. The Department of Labor (DOL) and the Employee Retirement Income Security Act (ERISA) of 1974 establish these regulations.

The method for counting participants changed for plan years beginning on or after January 1, 2023. Previously, the count included all eligible employees, even those without an account balance. Under updated guidance, only participants with an actual account balance at the beginning of the plan year are included. This change has potentially reduced the number of plans requiring an audit, especially for those with many eligible but non-participating employees.

An exception to the 100-participant rule is the “80-120 participant rule.” This rule offers flexibility for plans with fluctuating participant counts. If a plan had between 80 and 120 participants on the first day of the plan year and filed as a “small plan” (fewer than 100 participants) in the prior year, it may continue to file as a small plan and defer the audit. However, if the count exceeds 120, or if the plan previously filed as a “large plan,” an audit becomes mandatory. This prevents unexpected audits due to minor fluctuations.

Gathering Information for an Audit

Once a 401(k) plan requires an audit, the plan sponsor must gather specific information and documentation. Auditors typically request the formal plan document, including any adoption agreements, amendments, and the summary plan description. They also need the IRS determination or opinion letter.

Financial records are a key part of the audit documentation. This includes trust statements, investment statements, and reconciliation reports. Information related to participant loans, distributions, and rollovers, and supporting records, will also be required. These documents allow the auditor to verify financial reporting accuracy and proper handling of participant funds.

Participant-specific data is crucial for the audit. This includes an employee census report, payroll registers, and records of participant deferral elections and changes. Documents like enrollment forms, eligibility records, and evidence of birth and hire dates for participants are typically requested. Results from compliance testing, such as Actual Deferral Percentage (ADP) and Actual Contribution Percentage (ACP) tests, are also necessary to demonstrate adherence to non-discrimination rules.

Agreements with service providers, such as third-party administrators (TPAs), recordkeepers, and investment managers, are required. Internal control documentation, showing payroll, contribution, and distribution procedures, helps auditors understand the plan’s operational environment. A fidelity bond, protecting the plan from fraud by those handling assets, must also be in place and documented.

Navigating the Audit Steps

The 401(k) audit process begins with the plan sponsor selecting an independent qualified public accountant (IQPA). An engagement letter is then issued, outlining the audit’s scope, responsibilities of both parties, and the agreed-upon fees.

Following engagement, the auditor commences fieldwork and data review. During this stage, the auditor examines the gathered plan documents, financial statements, and participant data. They scrutinize payroll records, contribution remittances, and distribution records to confirm accuracy and compliance.

Testing is a core component of the audit, where the auditor performs procedures to verify plan operations. This involves testing contributions for timeliness and accuracy, distributions for proper authorization and amounts, and participant data for accuracy, including eligibility and deferral rates. The auditor also assesses the plan’s internal controls to determine their effectiveness.

Regular communication occurs between the auditor and plan sponsor. Auditors discuss findings or discrepancies. This allows for clarification and resolution before the audit concludes. Upon completion of fieldwork and testing, the auditor prepares a draft audit report for sponsor review before finalization.

Completing the Annual Filing

The 401(k) audit culminates with integrating the audit report into the plan’s annual Form 5500 filing. The audit report is a mandatory attachment for large plans. The audited financial statements and auditor’s opinion must be appended to Schedule H of Form 5500.

Form 5500 is an annual report required by the Department of Labor (DOL) and the Internal Revenue Service (IRS) for most ERISA-subject employee benefit plans. For calendar-year plans, the initial filing deadline for Form 5500 is July 31st of the year following the plan year-end. An extension to October 15th can be obtained by filing Form 5558 by the original due date.

All Form 5500 series returns, including the audit report, must be filed electronically through the DOL’s EFAST2 system. This ensures timely and efficient submission. Accurate and timely filing of Form 5500 with the audit report is crucial for maintaining compliant status.