2012-03-14 Prep for your EBP Audit


Published on

Published in: Economy & Finance
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

2012-03-14 Prep for your EBP Audit

  1. 1. Getting Prepared for Your Employee Benefit Plan Audit Lawrence J. Hoffman, CPA/CFF CVA CFE Partner March 14, 2012Thrive. Grow. Achieve.
  2. 2. AGENDA• Seminar Objectives• Who Are the Players?• Employee Benefit Plan Audit Requirements• The Importance of a Quality Plan Audit• Understanding Your Auditor’s Responsibilities• Understanding Your Responsibilities• Working with Your Auditor• Common Audit Findings• Suggested Resources• Q&ABenefit Plan Audit/ Page 2
  3. 3. SEMINAR OBJECTIVES• Help you to better prepare for your EBP audit• Make your audit more efficient and timely• Better understand what your auditors do in an audit• Anticipate areas of concern for auditorsBenefit Plan Audit/ Page 3
  4. 4. WHO ARE THE PLAYERS?• Sponsor – Generally the employer.• Participant – Employee, former employee, beneficiaries, members.• Trustee (Fiduciary) – Responsible for the operation and administration of the plan assets.• Plan Administrator – Day-to-day administration of the plan. Could be the sponsor; a trustee (bank trust dept); insurance company; investment advisor; or a person designated by the Trustee, if an unrelated third party – “Third Party Administrator” (TPA).• Custodian – Charged with the safekeeping of the plan assets.• Service Providers – Benefits consultant, investment manager, accountants, lawyers.Benefit Plan Audit/ Page 4
  5. 5. EMPLOYEE BENEFIT PLAN AUDITREQUIREMENTSTYPES OF PLAN’S REQUIRING AN AUDIT• Defined Contribution Plans• Defined Benefit Plans• Health and Welfare PlansTYPES OF PLANS THAT DO NOT REQUIRE AN AUDIT• Governmental plans (ERISA section 3(32)• Church plans (ERISA section 3(33)• “Safe Harbor” Plans (DOL regulation 29 C.F.R. 2510.3-2(f)Benefit Plan Audit/ Page 5
  6. 6. EMPLOYEE BENEFIT PLAN AUDITREQUIREMENTSAUDIT REQUIREMENT• Generally when a plan has 100 or more participants at the beginning of the plan year.• A participant is defined as those who are eligible to participate in the plan (that is, contribute to the plan), as well as those who are participating.• Must count those obtaining or maintaining benefits – those who are no longer employed yet have vested balances or benefits to be paid.• 80/120 Rule.Benefit Plan Audit/ Page 6
  7. 7. EMPLOYEE BENEFIT PLAN AUDIT REQUIREMENTSIf last year you filed Form 5500-SF and this year you have: Participants Tax Filings Audit Required? <100 File Form 5500-SF No 100-120 Can elect 5500-SF No >120 Must file Form 5500 YesIf last year you filed a Form 5500 and this year you have: <100 File Form 5500-SF No >100 Must file Form 5500 Yes Benefit Plan Audit/ Page 7
  8. 8. EMPLOYEE BENEFIT PLAN AUDITREQUIREMENTSAUDIT SCOPE• Full Scope Audit.• Limited Scope Audit: ̵ C.F.R. 2520-103.8. ̵ Proper certification from a qualifying institution-bank, trust company or insurance company ̵ Only applies to investment and investment-related information at the plan level. ̵ Must include the words “complete and accurate.” ̵ Authorized signature on certification.Benefit Plan Audit/ Page 8
  9. 9. EMPLOYEE BENEFIT PLAN AUDITREQUIREMENTSFILING REQUIREMENTS• Form 5500 (with audited financial statements for large plans).• Due 7 months after year end (e.g., 12/31 year end = 7/30 due date).• Automatic 2½ month extension if Form 5558 is filed with IRS.Benefit Plan Audit/ Page 9
  10. 10. THE IMPORTANCE OF A QUALITY PLANAUDIT• An important accountability mechanism.• Plan Administrator’s duty to hire an independent auditor and ensure the plan has obtained a quality audit in accordance with ERISA and DOL requirements.• ERISA holds Plan Administrators responsible for ensuring that plan’s financial statements are properly audited in accordance with generally accepted auditing standards (GAAS).• Penalties for audit failures can be substantial! ($1,100 a day capped at $50,000 per annual report filing where the required auditor’s report is missing or deficient.)• Your audit firm should be a member of the AICPA Employee Benefit Plan Audit Quality Center.Benefit Plan Audit/ Page 10
  11. 11. UNDERSTANDING YOUR AUDITOR’SRESPONSIBILITIESAUDIT OBJECTIVES • Expression of an opinion on the financial statements. • Auditor is responsible to plan and perform the audit to obtain reasonable assurance that material misstatements, whether caused by error or fraud, are detected. • The audit is conducted in accordance with auditing standards generally accepted in the United States. • Generally accepted auditing standards require, among other things: ̵ Proper planning and risk assessment. ̵ Understanding the design and implementation of internal controls. ̵ Gathering of sufficient evidence. ̵ Documentation of findings.Benefit Plan Audit/ Page 11
  12. 12. UNDERSTANDING YOUR AUDITOR’SRESPONSIBILITIESRISK ASSESSMENT: • Plan management – tone? • Control environment. • Financial condition of plan sponsor and industry. • Plan administration and personnel. • Accounting and personnel records. • Fraud risk factors. • Change in trustees, custodians or other advisors. • Significant accounting or auditing issues – MAPS, e.g., hard-to-value investments, fair value disclosures.Benefit Plan Audit/ Page 12
  13. 13. UNDERSTANDING YOUR AUDITOR’SRESPONSIBILITIESFRAUD RISKS • Trustee of small plan created a fictitious employee in the census data, made employer contributions, and then took out loans against the balance. • HR manager requested distributions for persons who left Company 2+ years ago. He had been successful 3 times for over $10,000. Discovered when bank refused to direct the deposit, since deposit name differed from account holder’s name. • Plan investments managed in-house. Company controller is also Plan Administrator. Controller borrowed funds from the plan to cover cash flow needs of the Company. • An HR employee, who also assisted with payroll, diverted both payroll taxes and plan contributions into his personal account for six months, then left the country. This employee also had responsibility for reconciling payroll bank accounts.Benefit Plan Audit/ Page 13
  14. 14. UNDERSTANDING YOUR AUDITOR’SRESPONSIBILITIESFRAUD RISKS (CONT.) • A person was offered a job but never actually started the job. The plan sponsor entered the person as an employee into the HR system, enrolled the person in the plan, and then started issuing paychecks with deductions for contributions to the plan. This went on for three years, until the employee running the scam requested a distribution, at which time the fraud was discovered.Benefit Plan Audit/ Page 14
  15. 15. UNDERSTANDING YOUR AUDITOR’SRESPONSIBILITIESINTERNAL CONTROLS AND CYCLES: • Contributions and receivables. • Disbursements and payables. • Investments. • Payroll. • Financial reporting.Benefit Plan Audit/ Page 15
  16. 16. UNDERSTANDING YOUR AUDITOR’SRESPONSIBILITIESAUDITOR WILL ALSO CONSIDER, AMONG OTHER MATTERS: • Existence and valuation of investments (based on audit scope). • Receivables, including participant loans. • Completeness and timeliness of employee and employer contributions. • Accuracy of benefits paid and benefit obligations. • Appropriateness of plan expenses.Benefit Plan Audit/ Page 16
  17. 17. UNDERSTANDING YOUR AUDITOR’SRESPONSIBILITIESAUDITOR COMMUNICATIONS • Required to make certain communications to “those charged with governance” at the beginning and end of the audit (SAS 114 letter). • Engagement Letter. • Management Representation Letter. • Communicating Internal Control Related Matters Identified in an Audit (SAS 115 letter): ̵ Material Weaknesses. ̵ Significant Deficiencies.Benefit Plan Audit/ Page 17
  18. 18. UNDERSTANDING YOURRESPONSIBILITIES • The financial statements are those of plan management – only the opinion is the auditor’s! • Know your plan and plan requirements. • Know your service providers and their responsibilities. • Make sure participant accounts and information is reconciled to the service organization records on a timely basis (contribution records and census data agree with payroll information).Benefit Plan Audit/ Page 18
  19. 19. UNDERSTANDING YOURRESPONSIBILITIES • System of internal controls (who has access to the data provided to the service organization and can override controls?) • Controls of a benefit plan are composed of controls at both the plan sponsor, as well as at the service organization (SAS 70 report). Review these reports. • The DOL holds plan management responsible for the proper reporting of plan investments. Watch for proper fair value reporting and disclosures.Benefit Plan Audit/ Page 19
  20. 20. WORKING WITH YOUR AUDITOR• Have a point person.• The “PBC” list.• Timely turnaround of requested documents and schedules (but review them first!).• Contact your service providers early to assure they will have the necessary information on a timely basis, e.g., “audit package.”• Obtaining service organizations’ SAS 70 control reports (now SOC 1, 2 and 3 reports).• Scheduling audit field work – be ready!Benefit Plan Audit/ Page 20
  21. 21. COMMON AUDIT FINDINGS• Late deposit of participant deferrals and loan repayments.• Failure to properly apply plan’s definition of compensation.• Failure to follow plan’s eligibility provisions.• Failure to update plan documents.• Incorrect employer contributions (including match).• Failure to properly apply plan’s vesting provisions.• Improper use of plan forfeitures.Benefit Plan Audit/ Page 21
  22. 22. SUGGESTED RESOURCES• Selecting an Auditor for Your Employee Benefit Plan, DOL Employee Benefits Security Administration: http://www.dol.gov/ebsa/publications/selectinganauditor.html• AICPA Employee Benefit Plan Audit Quality Center: http://www.aicpa.org/InterestAreas/EmployeeBenefitPlanAuditQuality/Membershi p/Pages/Find%20a%20Member%20Firm.aspx• RAFFA, P.C. website – Employee Benefit Plan Services Resource Center: http://www.raffa.com/services/?sec=4&subSec=43Benefit Plan Audit/ Page 22
  23. 23. QUESTIONS AND ANSWERSBenefit Plan Audit/ Page 23
  24. 24. LAWRENCE J. HOFFMAN SENIOR PARTNERLawrence is a senior partner with RAFFA. He has over 30 years of audit, accounting, tax and consulting experience inpublic accounting and the private sector. Lawrence started his career with a “Big Four” accounting firm inWashington, D.C. and progressed quickly. He started his own CPA firm in 1982 and, in seven years, grew that practiceto one of the Washington D.C.’s largest firms. His firm also specialized in nonprofit organizations, along with other for-profit industries and specialized consulting services. Lawrence is a Certified Fraud Examiner and Certified ValuationsAnalyst. Over the years, Lawrence developed a nationally recognized practice in forensic accounting andinvestigations. In 2008, he merged his practice with RAFFA.His experience with nonprofit organizations includes charitable organizations and foundations, churches and religiousorganizations, trade associations, private clubs and country clubs, health care and elder care. Understanding theinternal management and accountability needs of nonprofit organizations, Lawrence has assisted in the start-up anddevelopment of numerous nonprofit organizations and has served on several boards throughout his career. He has alsoassisted nonprofits with fundraising strategies and program development and has been an instructor at various industryconferences on nonprofit accounting, auditing, forensic accounting and other financial management topics. Lawrence also has extensive expertise in the regulations governing benefit plan audits. He is RAFFA’s designatedpartner with the AICPA’s Employee Benefit Plan Audit Quality Center (EBPAQC). In this capacity, he coordinates thefirm’s membership compliance with the EBPAQC, disseminates information to RAFFA staff performing EBP audits andcoordinates RAFFA’s audit process and system of quality control. Lawrence also Benefit Plan Audit/ Page 24
  25. 25. LAWRENCE J. HOFFMAN SENIOR PARTNERoversees and performs all quality control reviews for the firm’s pension and employee benefit plan audits. Hisknowledge of accounting and auditing standards and regulations governing employee benefit plan audits includesdefined benefit, defined contribution, employee stock ownership, 403(b), 457, and other employee benefit plans.Lawrence, who holds his CPA license in the Commonwealth of Virginia, is a member of the American Institute ofCertified Public Accountants and the Virginia State Society of Certified Public Accountants. He is also a member of theNational Association of Certified Valuation Analysts and the Association of Certified Fraud Examiners and is a certifiedin Financial Forensics by the American Institute of Certified Public Accountants. He received a Bachelor’s degree inaccounting from Mount St. Mary’s College.As a private pilot, he sits on the Board of Directors of Mercy Medical Airlift, an affiliate of Angel Flight and hasvolunteered and completed numerous missions for Angel Flight and for animal rescue organizations. He is also a boardmember and chairs the Finance Committee for New Hope Housing. Lawrence has been very active during his careerwith assisting numerous nonprofit organizations as a volunteer, board member, and trusted advisor. Benefit Plan Audit/ Page 25
  26. 26. THANK YOU!Benefit Plan Audit/ Page 26