Your organization’s retirement plan will generally require a benefit plan audit if the eligible participant count (including terminated employees who maintain an account balance) exceeds 100 at the beginning of the plan year. But what exactly will be audited and what are the auditors looking for?
This audit includes financial statements attached to the Form 5500 (the one exception is the *80-120 rule) and is intended to confirm the plan is operating within the guidelines of the plan documents and follows specific Department of Labor and IRS regulations.
Within the Form 5500 and accompanying financial statements, auditors will be looking for red flags in areas of plan management that may lead to plan fiduciary exposure to litigation and regulatory breaches. The main differences auditors find are:
- Documentation for all fiduciary level decision-making: ERISA fiduciary decision-making must follow the ERISA definition of procedural prudence, which entails a specific and rigorous process.
- Establishment of Retirement Plan Committee: Every Retirement plan should establish an oversight committee that meets regularly to review plan status and conduct plan management functions. This committee should be memorialized with a committee charter identifying fiduciaries and their functions and should be adopted via a board resolution.
- Formal Investment Policy Statement (IPS): An IPS provides a “road map” which must be followed for selection and monitoring all investments within the plan. A non-executed (unsigned) IPS is typically perceived by regulators and courts as not having an investment process, which may result in an indefensible fiduciary breach of duty.
- Definition of compensation: Definition of compensation is not always a simple matter. Because your plan may use different definitions of compensation for different purposes, it’s important to apply the proper definition for deferrals, allocations, and testing. A plan’s compensation definition must satisfy rules for determining the amount of contributions. If the definition of compensation found in the Plan Document is not administrated precisely for 401(k) purposes a fiduciary breach is likely. This can be a costly oversight.
- Minutes from retirement plan oversight committee meetings: Each Plan Committee meeting, with topics discussed and conclusions, must be documented to affirm procedural prudence.
- Definition of eligible employee: The definition of an employee, much like that of compensation, is sometimes misunderstood or inaccurately administered. An example would be that of part-time employees being ineligible for plan participation. The term part-time employee itself has no meaning under ERISA which focuses on hours worked when attributing eligibility to employees. This issue is often misunderstood.
- Documentation of service provider selection and monitoring: This issue is very important for many reasons. Those most impactful on plan fiduciaries are determining reasonableness of fees, services, and investment opportunities. The documentation of this process, in accordance with procedural prudence, is essential for fiduciary liability mitigation as it is the cause of much litigation.
- Cybersecurity controls: Plan Sponsors need to be mindful of the sensitive data they manage on behalf of retirement plan participants: their dates of birth, Social Security numbers, and account balances. Security breaches could occur through phishing, malware, or a stolen laptop, etc. This is a relatively recent but rapidly expanding area of potential fiduciary liability.
- Education to participants: In addition to providing all pertinent plan level information, it behooves plan sponsors to provide sufficient participant education such that participants are able to consistently make informed investment decisions.
- Delinquent remittances of Employee deferrals: Delinquent remittances are a frequent and typically unintentional fiduciary operational breach. It has been stressed by ERISA and in litigation activity that participant deferrals should be remitted to the investment providers as soon as administratively feasible. This has been interpreted to mean as soon as you are able to remit payroll taxes.
- Plan Forfeitures: Plan Forfeiture administration is another often misunderstood or overlooked operational responsibility. Plan forfeitures, employer contribution amounts that accrue when an employee leaves the Plan and their account is not fully vested, should be allocated at the end of each plan year in which they were accrued. If you hold forfeiture allocation longer, this becomes a fiduciary breach and one which can be time-consuming and administratively difficult to correct.
*The 80-120 rule provides an exception for growing businesses. If you (a) have between 80 and 120 participants, and, (b) were considered a small plan in the previous year, you can continue to file the shortened version of the form. When you report at least 121 participants, you must file as a large plan. If you file as a large plan after employing the 80-120 exception, you must continue to file as a large plan – even if your participant count drops below 120 – as long as you have at least 100 participants in your plan.