This is from Adam Lilling, writing at CFO.com:
An employee benefit plan (EBP) that has over 100 participants is required to have an audit to accompany the filing of its Form 5500. Many CFOs consider these audits unnecessary and delegate the audit process to the controller or human resource manager.
What many finance chiefs don’t realize, however, is that in doing so they are ceding all control of the management of a risk that can come back to bite them personally. Failure to submit an EBP audit that meets standards can result in the U.S. Department of Labor bringing civil action against the plan sponsor and/or fining the sponsor up to $1,100 a day without limit. In such cases, the plan sponsor often incurs legal fees and spends a significant amount of time trying to resolve the situation.
The Employee Retirement Income Security Act (ERISA) requires plan administrators to ensure that plan financial statements are audited in accordance with Generally Accepted Auditing Standards, and that they are presented in accordance with Generally Accepted Accounting Principles, both of which are specialized for EBPs. Hiring an auditor is considered a fiduciary obligation, and failure to properly fill that obligation may result in personal liability for the officers of the plan sponsor – including the CFO.
In May, the DOL released a study titled “Assessing the Quality of Employee Benefit Plan Audits” that concluded that 39% of the audits inspected were deficient, up from 19% in 1997. To limit their firm’s risk exposure, CFOs of companies that sponsor plans should challenge their auditors to ensure they are providing quality audits that meet standards. ...
Remitting Employee Contributions on a Timely Basis
Plan sponsors have the fiduciary responsibility to transmit employee contributions to the plan “as of the earliest date on which such contributions can reasonably be segregated from the employer’s general assets,” according to the Code of Federal Regulations. The lack of a bright-line rule for large filers (generally defined as those with over 100 participants) creates ambiguity in testing. Generally, the auditor will consider the sponsor’s ability to remit tax payments and the sponsor’s general history of remittance.
To avoid issues in the future, the sponsor should set up automatic remittance from its payroll company to the plan. Often sponsors have overly complicated systems that involve sending checks to a third-party administrator before it gets to the trust company, or being dependent on one employee who may have other responsibilities or may be out of the office on the day the contributions need to be remitted.
Those manual functions often do not add value and put the sponsor at risk for remitting participant contributions late. ..
Demographic Data
The sponsor is required to keep an accurate census of plan participants and amass appropriate supporting documentation. The census is used as a basis for such plan decisions as those involving inclusion and exclusion from the plan, eligibility for employer contributions, vesting, and benefit payments. A sponsor that neglects this responsibility may have an inaccurate census or inadequate supporting documentation. The auditor must read the plan document to determine which demographic criteria are necessary to test. Common demographic attributes that need to be tested are dates of birth, sex, dates of hire, and dates of termination.
To improve the quality of the census and documentation of demographic data, the sponsor should conduct internal audits on the census. The human resources manager should test a certain number of employees in the census each month by inspecting personnel files and comparing the demographic data in them against the census, just as an auditor would. If the human resource functions are decentralized, the manager should test different locations and compare the record keeping policies at each location. ...
Full story posted here.