< Back to Thought Leadership

SAS No. 136 and Employee Benefit Plans: What is a Reportable Finding?

SAS No. 136 and Employee Benefit Plans: What is a Reportable Finding?

Plan management and plan sponsor personnel have likely heard from their auditors about auditing standard changes impacting their ERISA (Employee Retirement Income Security Act of 1974) audits for the Plan year ending December 31, 2021.

These changes primarily result from the implementation of AICPA Statement on Auditing Standards (SAS) No. 136, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA (“SAS 136”), which is effective for periods ending on or after December 15, 2021.

Impacts that SAS No. 136 Has on Written Communication

SAS No. 136 introduces and reiterates certain responsibilities for both plan management and auditors.

One such auditor responsibility relates to the communication of reportable findings.

SAS No. 136 indicates reportable findings as one or more of the following:

  • an identified instance of noncompliance or suspected noncompliance with laws or regulations;
  • a finding that is significant and relevant to the oversight function of those charged with governance;
  • or other deficiencies in internal controls not already communicated that merit management’s attention.

Prior to the implementation of SAS No. 136, auditors were only required to present within written communications to those charged with governance the identification of certain findings representing significant deficiencies and material weaknesses.

Significant deficiencies and material weaknesses represent control deficiencies or combinations of control deficiencies. This determination is based upon the auditor judgment and consideration with a focus on these three key areas: severity, materiality, and potential impact.

Under definitions established by auditing standards, control deficiencies exist when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent or detect misstatements on a timely basis.

Common examples of control deficiencies in employee benefit plan audits relate to errors in application of plan provisions (i.e., eligibility, eligible compensation, contribution limits). Written communication of control deficiencies that do not rise to the level of a significant deficiency or material weakness has not been required under auditing standards.

Under SAS No.136, the auditor’s written communications continue to include communication of any significant deficiencies or material weaknesses but now also includes communication of reportable findings.

The identification and determination of reportable findings is based on auditor judgment and may include findings related to compliance with laws and regulations, plan provisions, oversight, or financial reporting.

While control deficiencies are not required to be included in written communication, unless elevating to a significant deficiency or material weakness, reportable findings do not have a significance threshold. Therefore, communications given by the auditor under SAS No. 136 may include reportable findings related to control deficiencies that previously may not have required written communication.

It is important to note that reportable findings are internal plan communications, and they do not typically appear within an auditor’s report. However, this does not diminish the importance of the reportable findings.

What Does All of This Mean for My Business?

Plan management and those charged with governance have important ERISA fiduciary roles in their plan oversight capacity, including responsibility for proper plan administration. As such, fiduciaries have responsibilities to consider and address any reportable findings or control matters, to ensure continued compliance with plan provisions and proper oversight.

If you would like to discuss any of the changes to your employee benefit plans as a result of the issuance of SAS No. 136 in more detail, feel free to contact Debora Herbert, Senior Manager at dherbert@blueandco.com or Abby McDonough, Manager at amcdonough@blueandco.com.

Proposed Updates to Medicare Bad Debt Listing Template

Recently there have been conversations around the potential new template from CMS that will be used for the Medicare Bad Debt listing that is filed with your organization’s cost report. As of July 2022, this new template is still in the proposed stage, and Medicare is accepting comments. You do not have to use this new […]

Learn More
Picture of disctionary defining legislation | Senate Passes Inflation Reduction Act of 2022 | New Legislation

Senate Passes Inflation Reduction Act of 2022

By Amy Sandlin, CPA, Tax Senior Manager The Inflation Reduction Act of 2022 (the Act) passed in the Senate on Sunday, August 7, 2022, and is headed to the Democrat-controlled House where it is expected to pass on Friday, August 12. Experts expect this to be on President Biden’s desk by early next week. If […]

Learn More
INSIDE Public Accounting Top 100 Firms | Blue & Co. Ranks 52 on the INSIDE Public Accounting Top 100 Firms

Blue & Co. Climbs Six Spots on INSIDE Public Accounting Top 100 Firms List

CARMEL, Ind. (August 5, 2022) – Blue & Co., LLC is honored to announce that it has achieved the recognition of being ranked number 52 by INSIDE Public Accounting (IPA), based on the 2022 annual INSIDE Public Accounting Survey and Analysis of Firms. Blue previously was ranked at 58 in 2021, and 61 in 2020. […]

Learn More