< Back to Thought Leadership

Upcoming Changes to Your ERISA Plan Audits

Overview of SAS No. 136

On July 10, 2019, the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) issued Statement on Auditing Standards No. 136, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA (EBP SAS) for financial statement audits of employee benefit plans (EBPs) subject to the Employee Retirement Income Security Act of 1974 (ERISA). The EBP SAS was released in an effort to improve audit quality by making them more consistent and to enhance the communicative value and transparency of the auditor’s report.  The EBP SAS includes new performance and reporting requirements specific to ERISA audits.

Effective date and adoption

The EBP SAS will be effective for audits of ERISA plan financial statements for periods ending on or after December 15, 2020. Meaning, the 2020 calendar year-end audits conducted in 2021 will be required to follow the performance and reporting requirements of this new standard. Early adoption is not permitted.

Key changes

A new name and type of audit opinion

An audit performed pursuant to ERISA Section 103(a)(3)(C) will no longer be referred to as a “limited scope audit” as previously known, but rather going forward will be referred to as an “ERISA Section 103(a)(3)(C) audit.” ERISA section 103(a)(3)(C) permits plan management to elect to exclude from the audit certain investment information a qualified institution holds and certifies.  The EBP SAS does not change anything in ERISA, and therefore plan management’s ability to elect such an audit continues.

Form and content of the auditor’s report

The EBP SAS significantly changes the form and content of the auditor’s report.  Some of the important changes to ERISA Section 103(a)(3)(C) reports are as follows:

  • The “Scope and Nature of the ERISA Section 103(a)(3)(C) Audit” section is required to be placed before the “Opinion” and “Basis for Opinion” sections. This section acknowledges that management has elected to have an audit performed in accordance with section 103(a)(3)(C) of ERISA and describes this type of audit.
  • The “Opinion” section is required to follow the “Scope and Nature” section.
  • Under the EBP SAS, an ERISA Section 103(a)(3)(C) audit is unique to EBPs and is not considered a scope limitation. Therefore, the auditor will no longer issue a disclaimer of opinion due to information that is certified by a qualified institution. Instead, the auditor will express a new form of opinion (a two-pronged opinion) that is based on (i) whether the information not covered by the certification is presented fairly, in all material respects, and (ii) whether the certified investment information in the financial statements agrees with, or is derived from, in all material respects, the information prepared and certified by the qualified institution.
  • The “Basis for Opinion” section is new and includes a statement that the auditor is required to be independent and to meet the auditor’s other ethical responsibilities.
  • The EBP SAS contains incremental reporting requirements relating to management’s responsibilities for maintaining a current plan instrument, including all plan amendments, administering the plan, determining that the plan’s transactions that are presented and disclosed in the financial statements are in conformity with the plan’s provisions, and maintaining sufficient records with respect to each of the participants, to determine the benefits due or which may become due to such participants  In addition, the EBP SAS requires a new paragraph that describes management’s responsibility for the evaluation of whether there are conditions or events, considered in the aggregate, that raise substantial doubt about the entity’s ability to continue as a going concern.
  • The report will also include an expanded description of the auditor’s responsibilities, including the auditor’s responsibilities relating to professional judgment and professional skepticism, and the auditor’s communications with those charged with governance, In addition, this section explains that the ERISA section 103(a)(3)(C) audit did not extend to the certified investment information, except for certain procedures that are outlined in this section of the auditor’s report.

For an audit not subject to ERISA Section 103(a)(3)(C), the EBP SAS now requires the auditor, in situations when the auditor’s report on the audited financial statements contains an unmodified or a qualified opinion, to include a statement about whether, in the auditor’s opinion, the form and content of the information in the accompanying schedules are presented in conformity with the Department of Labor’s Rules and Regulations for Reporting and Disclosure under ERISA.

Audit performance requirements

The EBP SAS requires the auditors to perform certain procedures in all phases of an audit, including engagement acceptance, risk assessment and response, communication with those charged with governance, performance procedures, and reporting, that were not expressly required previously.  Most of the required procedures under the EBP SAS are already included as suggested audit procedures in the existing Audit and Accounting Guide, Employee Benefit Plans and our firm already performs these procedures. As a result, we do not expect the new requirements to result in significant changes to the procedures we perform. However, for some firms that do not currently perform the suggested procedures, substantial changes to audit planning and procedures may be necessary.

How these changes may affect plan management (sponsor/administrator)

As part of the auditor’s acceptance of the audit engagement, the auditor will request plan management to acknowledge in the engagement letter management’s responsibilities for maintaining a current plan instrument, maintaining sufficient participant records, administering the plan, and providing the auditor with a draft Form 5500 prior to the dating of the auditor’s report.  In addition, the new standard requires that the auditor obtain certain written management representations at the conclusion of the engagement regarding those responsibilities. It also includes new acknowledgements related to management’s responsibilities with respect to the investment certification when management elects to have an ERISA Section 103(a)(3)(C) audit.  Lastly, your auditor may request additional information from you in order to perform the plan audit, which may require you to spend more time preparing for the audit.

If you have any questions on how this new EBP SAS will impact your benefit plan audit, please do not hesitate to contact us.

woman using a quickbooks point of sale system

Blue & Co. Offers Expertise to Not-For-Profits Affected by QuickBooks Point of Sale Discontinuation

By Nancy Orben, CPA, Senior Manager, Laura Philpot, Senior Accountant, Business Services, and Lisa Totten, Senior Accounting Specialist at Blue & Co. Attention all not-for-profit organizations! Are you currently using QuickBooks Point of Sale in your gift shops, ticket sales, or day-to-day business? If so, you may have heard the recent news that Intuit will […]

Learn More

Contract Services: Impact on Wage Index

In the past several years, hospitals have continued to feel the impact of increased utilization of contract nursing and other contract services. Although these services have developed into a major expense line item, it is important for hospitals understand how expenses related to contracted services can impact the wage index factor for Medicare reimbursement. Contract […]

Learn More
shamrocks not-for-profit tips

3 Lucky Tips for Not-For-Profits to Avoid Bank Fraud

Trusted Insights from The National Bank of Indianapolis Nonprofit Services Team Not-for-profit organizations are increasingly falling victim to fraud, with a rising number of incidents and an ever-growing amount of money being lost. Fraudsters find it easy to target not-for-profits, as their publicly available 990s provide valuable information. Protecting your organization from such fraudulent activities […]

Learn More