The New EBP Audit Standard: Is Making Old Rules New Again Effective?

Posted by Maria T. Hurd, CPA, RPA

Large Plan 401k Audit - 401k Audit

A new auditing standard (expected to be issued in 2019), Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA (“Audit Standard” or “EBP SAS”) would be effective for audits performed starting in 2021 for plans with financial statement periods ending on or after December 15, 2020. Early adoption is not permitted.

Contrary to the rumor that the audit standard will significantly increase the extent and nature of audit procedures performed by auditors, we have not found any required procedures under the audit standard that our EBP audit team doesn’t already perform. Specific requirements listed in the new audit standard include:

  • The auditor should obtain and read the most current plan instrument for the audit period, including effective amendments (hereinafter referred to as the plan instrument), as part of obtaining an understanding of the entity enough to perform risk-assessment procedures.
  • When designing and performing audit procedures, the auditor should consider relevant plan provisions that affect the risk of material misstatement at the relevant assertion level for classes of transactions, account balances, and disclosures. Audit Assertions are the implicit or explicit claims and representations made by the plan sponsor personnel responsible for the preparation of financial statements regarding the appropriateness of the various elements of financial statements and disclosures. The different financial statement assertions attested to by a company’s preparer of such statements include assertions of existence, completeness, rights and obligations, accuracy and valuation, and presentation and disclosure.
  • The auditor should consider whether management has performed the relevant IRC compliance tests, including, but not limited to, discrimination testing, and has corrected or intends to correct failures, as applicable.
  • The auditor should evaluate whether prohibited transactions identified by management or as part of the audit have been appropriately reported in the applicable ERISA-required supplemental schedules. This step is required even if the effect of all nonexempt prohibited transactions is immaterial to the plan’s financial statements.
  • ERISA Section 103(a)(3)(C) audit (formerly limited scope audit), requirements will be discussed separately. You can read more about this in our previous blog titled, What’s the Difference between a Limited Scope and an ERISA Section 103(a)(3)(C) audit?

In our view, it seems unlikely that an auditor could remain compliant with the AICPA Audit and Accounting Guide for Employee Benefit Plans and the associated practice aids in the form of audit programs and checklists without having considered the plan provisions on the plan document and their effect on the financial statements, including the disclosure of prohibited transactions. In fact, all of the available EBP audit resources suggest testing whether plan transactions related to contributions, distributions, participant loans, and administrative expenses comply with plan provisions, tax law, and ERISA, all of which would be impossible without performing the above Requirements listed in the Final Balloted Draft.

Time will tell whether making old rules in the audit guide new again as requirements in an audit standard is an effective way to minimize the audit deficiency rate.

Photo by (License)