Posted by Tyler J. Starr, CPA
If you’re gearing up for your first 401(k) audit, you might be wondering what information the auditor will need. To help you get ready, we’ve put together a sample checklist of documentation needed for a 401(k) or 403(b) plan audit. Keep in mind that your auditor will customize requests based on the specifics of your retirement plan, so they may not need every single item included on this sample list and conversely, additional backup may be needed. While the list might seem overwhelming at first, it’s important to remember that many of the items will be provided by the plan’s third-party administrator or recordkeeper, as applicable. As a first step, you should authorize view-only access to the plan’s webstation for your auditor. Direct access to the webstation will streamline the process, allowing your auditor the ability to directly download or request the necessary reports from your recordkeeper, easing your document production burden.
General Plan Information
Sample Checklist of Materials:
- Executed copies of the latest plan document, adoption agreement, plan amendments and the most recent IRS determination letter, advisory letter, or opinion letter, as applicable.
- Copy of the summary plan description (SPD) and summary of material modification (SMM), if any.
- List of members of the board of directors/trustees, audit committee, investment committee, and plan officials responsible for plan operations, oversight and governance, as applicable.
- Minutes from board/committee meetings, if applicable.
- Proof of ERISA fidelity bond.
- Contact information for all service providers and parties-in-interest.
- Executed copies of agreements with service providers, including current rate schedules, if applicable.
- 408(b)(2) and 404(a)(5) disclosures and evidence of their receipt and distribution, respectively.
- Access to online reports from recordkeepers, custodians, third-party administrators, and payroll companies, and custodians, as applicable.
Plan Internal Controls
- Sample of enrollment packages, loan applications, distribution forms provided to employees, and a description of the approval process for each of the relevant plan transactions. These can be online or on paper.
- Completed internal control questionnaire.
- Copy of SOC 1 or 2 report on controls at service providers, along with documentation of the plan’s specific “user controls” necessary, as identified therein. If the SOC 1 report does not cover the full plan year, a gap letter indicating whether the controls at the organization have changed.
Financial Reporting Information
- Year-end reporting packages from third-party administrator and investment statements.
- For ERISA Section 103(a)(3)(C) audits, a copy of the certification from a regulated financial institution, such as a bank or insurance company, in accordance with 29 CFR 2520.103-5.
- Draft Form 5500 as soon as it is available.
- Discrimination testing for the plan including ADP, ACP, top heavy, Section 415, Section 404, any 401(a)(4) testing, as applicable.
- Employee census file used for discrimination testing.
Payroll Reports
- Payroll-by-payroll detail – excel file showing paycheck detail for the full plan year by employee, by pay date, including all wages and 401(k) deductions. A template is available for reference.
- Form W-3 and/or W-2s, as requested.
Testing for Selected Participants
- Hiring documents, such as I-9 Forms, to support employee demographic data.
- Evidence of notification of eligibility to participants who have decided not to contribute.
- Deferral election forms, if paper forms are used. If electronic, we will generate a deferral election and deferral election change report.
- Distribution and loan withdrawal forms, if paper forms are used. If electronic, we will obtain backup through our webstation access.
- Hardship support or copy of the participant’s compliant self-certification, as applicable.
