< Back to Thought Leadership

Upcoming Changes to Your ERISA Plan Audits

Overview of SAS No. 136

On July 10, 2019, the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) issued Statement on Auditing Standards No. 136, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA (EBP SAS) for financial statement audits of employee benefit plans (EBPs) subject to the Employee Retirement Income Security Act of 1974 (ERISA). The EBP SAS was released in an effort to improve audit quality by making them more consistent and to enhance the communicative value and transparency of the auditor’s report.  The EBP SAS includes new performance and reporting requirements specific to ERISA audits.

Effective date and adoption

The EBP SAS will be effective for audits of ERISA plan financial statements for periods ending on or after December 15, 2020. Meaning, the 2020 calendar year-end audits conducted in 2021 will be required to follow the performance and reporting requirements of this new standard. Early adoption is not permitted.

Key changes

A new name and type of audit opinion

An audit performed pursuant to ERISA Section 103(a)(3)(C) will no longer be referred to as a “limited scope audit” as previously known, but rather going forward will be referred to as an “ERISA Section 103(a)(3)(C) audit.” ERISA section 103(a)(3)(C) permits plan management to elect to exclude from the audit certain investment information a qualified institution holds and certifies.  The EBP SAS does not change anything in ERISA, and therefore plan management’s ability to elect such an audit continues.

Form and content of the auditor’s report

The EBP SAS significantly changes the form and content of the auditor’s report.  Some of the important changes to ERISA Section 103(a)(3)(C) reports are as follows:

  • The “Scope and Nature of the ERISA Section 103(a)(3)(C) Audit” section is required to be placed before the “Opinion” and “Basis for Opinion” sections. This section acknowledges that management has elected to have an audit performed in accordance with section 103(a)(3)(C) of ERISA and describes this type of audit.
  • The “Opinion” section is required to follow the “Scope and Nature” section.
  • Under the EBP SAS, an ERISA Section 103(a)(3)(C) audit is unique to EBPs and is not considered a scope limitation. Therefore, the auditor will no longer issue a disclaimer of opinion due to information that is certified by a qualified institution. Instead, the auditor will express a new form of opinion (a two-pronged opinion) that is based on (i) whether the information not covered by the certification is presented fairly, in all material respects, and (ii) whether the certified investment information in the financial statements agrees with, or is derived from, in all material respects, the information prepared and certified by the qualified institution.
  • The “Basis for Opinion” section is new and includes a statement that the auditor is required to be independent and to meet the auditor’s other ethical responsibilities.
  • The EBP SAS contains incremental reporting requirements relating to management’s responsibilities for maintaining a current plan instrument, including all plan amendments, administering the plan, determining that the plan’s transactions that are presented and disclosed in the financial statements are in conformity with the plan’s provisions, and maintaining sufficient records with respect to each of the participants, to determine the benefits due or which may become due to such participants  In addition, the EBP SAS requires a new paragraph that describes management’s responsibility for the evaluation of whether there are conditions or events, considered in the aggregate, that raise substantial doubt about the entity’s ability to continue as a going concern.
  • The report will also include an expanded description of the auditor’s responsibilities, including the auditor’s responsibilities relating to professional judgment and professional skepticism, and the auditor’s communications with those charged with governance, In addition, this section explains that the ERISA section 103(a)(3)(C) audit did not extend to the certified investment information, except for certain procedures that are outlined in this section of the auditor’s report.

For an audit not subject to ERISA Section 103(a)(3)(C), the EBP SAS now requires the auditor, in situations when the auditor’s report on the audited financial statements contains an unmodified or a qualified opinion, to include a statement about whether, in the auditor’s opinion, the form and content of the information in the accompanying schedules are presented in conformity with the Department of Labor’s Rules and Regulations for Reporting and Disclosure under ERISA.

Audit performance requirements

The EBP SAS requires the auditors to perform certain procedures in all phases of an audit, including engagement acceptance, risk assessment and response, communication with those charged with governance, performance procedures, and reporting, that were not expressly required previously.  Most of the required procedures under the EBP SAS are already included as suggested audit procedures in the existing Audit and Accounting Guide, Employee Benefit Plans and our firm already performs these procedures. As a result, we do not expect the new requirements to result in significant changes to the procedures we perform. However, for some firms that do not currently perform the suggested procedures, substantial changes to audit planning and procedures may be necessary.

How these changes may affect plan management (sponsor/administrator)

As part of the auditor’s acceptance of the audit engagement, the auditor will request plan management to acknowledge in the engagement letter management’s responsibilities for maintaining a current plan instrument, maintaining sufficient participant records, administering the plan, and providing the auditor with a draft Form 5500 prior to the dating of the auditor’s report.  In addition, the new standard requires that the auditor obtain certain written management representations at the conclusion of the engagement regarding those responsibilities. It also includes new acknowledgements related to management’s responsibilities with respect to the investment certification when management elects to have an ERISA Section 103(a)(3)(C) audit.  Lastly, your auditor may request additional information from you in order to perform the plan audit, which may require you to spend more time preparing for the audit.

If you have any questions on how this new EBP SAS will impact your benefit plan audit, please do not hesitate to contact us.

Employer Tax Credits for Providing Paid Sick and Family Leave Related to COVID-19

The American Rescue Plan Act, enacted March 11, 2021, aims to deliver economic relief to families and workers. On April 21, President Biden announced a provision of the American Rescue Plan Act that allows eligible employers to claim refundable tax credits for providing emergency paid sick leave to employees who take time off for reasons […]

Learn More
Charity Reimbursement

Charity Reimbursement: Protecting it from Audit Scrutiny

There is a new audit trend coming down the pipeline that could impact your charity reimbursement for Medicare bad debt. In the past there was no enforcement of statements being sent to a charity patient before they were deemed indigent. Until a patient has been approved for charity, they are still deemed non-indigent. Auditors are […]

Learn More

HIPAA and Covered Entities

Anyone who works in the healthcare industry knows that their organization takes steps to protect patient health information under a series of guidelines known as HIPAA. There are several provisions to HIPAA that require organizations to use Federal guidelines to ensure digital health information is secure. Those provisions include: Privacy Rule Security Rule Enforcement Rule […]

Learn More