The AICPA’s new audit standard will bring increased transparency and significant changes to the reporting and procedures for employee benefit plan audits. Known as the Statement on Auditing Standards No. 136 (SAS 136), Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to Employee Retirement Income Security Act of 1974 (ERISA), the new standard will increase responsibilities for plan auditors and sponsors alike.
SAS 136 applies to employee benefit plans that are subject to ERISA. Generally, ERISA requires audits of financial statements for plans that have 100 or more participants at the beginning of the plan year. Plans subject to ERISA typically include most defined contribution plans (401(k), 403(b) and Employee Stock Ownership Plans) as well as defined benefit pension plans and health plans.
SAS 136 was first issued in July 2019, but due to the COVID-19 pandemic, the effective date was delayed and is now effective for audits of financial statements for periods ending on or after December 15, 2021. With the effective date approaching, employee benefit plan sponsors will need to work to understand SAS 136 and its impact on the audit process.
Goal of SAS 136
The US Department of Labor (DOL) expressed concern over the quality of employee benefit plan audits after conducting a 2015 study that uncovered major deficiencies. The SAS 136 standards, issued in response, aim to increase the quality and transparency of audits for employee benefit plans under ERISA. Under the standard, audits are clearer and more comprehensive, and communication between all parties (auditors, sponsors, managers, those responsible for plan governance) is more substantial. Overall, SAS 136 strives to clarify each party’s role and responsibility throughout the audit process, while formalizing certain procedures that in the past were left to the auditor’s discretion.
ERISA Section 103(a)(3)(c)
One of the key changes under SAS 136 is that “limited-scope audits” are now referred to as ERISA Section 103(a)(3)(c) audits. ERISA Section 103(a)(3)(c) allows plan sponsors to elect to exclude certain investment information from the audit. For information to be excluded, a qualified institution (bank, insurance company, etc.) must certify the information is accurate and complete. The plan sponsor who elects an ERISA Section 103(a)(3)(c) audit must also provide the auditor with written acknowledgement that the audit is permissible and the certification complies with ERISA requirements.
ERISA Section 103(a)(3)(c) audits no longer have a scope limitation requiring a disclaimer of opinion; instead, auditors will now issue a two-pronged opinion including:
1. A statement of whether the information not covered in the certification is presented fairly in all material aspects
2. A statement of whether the certified investment information in the financial statements agrees with or is derived from the certification
Changes for Auditors
SAS 136 affects all phases of employee benefit plan audits, and thus auditors are the party most affected by the new standard. Under SAS 136, auditors now must:
-
-
-
- Gain an understanding of the entity and assess risk by acquiring and reading the most current plan document for the audit period, including effective amendments
- Obtain and report management’s acknowledgement of their responsibilities related to plan financial statements; disclose auditor’s responsibilities within the audit report including professional judgements, professional skepticism and communication with those responsible for plan governance
- Determine whether management has performed the relevant Internal Revenue Code compliance tests (when applicable)
- Obtain a substantially completed Form 5500 (including forms and schedules that could have material effect); read the form to identify possible material inconsistencies with the financial statements
- Identify plan provisions that are relevant to the audit and perform related necessary procedures
- Assess whether prohibited transactions identified by management or as part of the audit have been appropriately reported in applicable ERISA-required supplemental schedules
- Communicate reportable findings such as identified or suspected noncompliance
-
-
Changes for Plan Sponsors
Though SAS 136 is most impactful to auditors, plan sponsors will also experience notable changes. The new standard requires plan sponsors to provide additional information and documentation to the auditor, much of which will require advance planning, preparation and coordination. Under SAS 136, plan sponsors can expect:
- To experience increased communication
- To see a more thorough audit report
- To be required to supply auditors with a substantially completed draft Form 5500 at the start of the audit
- To acknowledge responsibility for the plan’s administration in the audit engagement letter
- To provide written representations of various responsibilities, including:
- Maintaining a copy of the current plan document and amendments
- Ensuring that plan transactions are consistent with plan provisions
- Maintaining sufficient participant records to determine the benefits due
Boulay Can Help
As the effective date approaches, plan sponsors must prepare for compliance by ensuring strong understanding of the new standard and making any necessary adjustments that will help them meet the new requirements of SAS 136. For more guidance on how these changes may impact your employee benefit plan, please contact a member of your Boulay client service team or contact us at 952.893.9320 or learnmore@boulaygroup.com.
This article was published in the December 2021 issue of the National Center for Employee Ownership‘s “Employee Ownership Report” Newsletter.