SAS 136 and ERISA Section 103(a)(3)(c)

New standards have been released for reporting on financial statements of employee benefit plans (EBP). The changes are intended to enhance the quality and transparency of ERISA plans for both the participants and reporting agencies (i.e. ERISA, DOL, etc.) by prescribing certain audit procedures.

Under the new standard, “limited-scope” audits will now be referred to as “ERISA Section 103(a)(3)(c)”. This change is effective for all EBP plans with years ending after December 15, 2021. The changes will largely impact the audit’s presentation and documentation but should have no significant changes to the requirements of the plan administrator.

What are the key changes under the new standard?

There are new requirements for plan auditors in all phases of the audit. Areas with key changes include:

Engagement acceptance

Before engagement acceptance, auditors are now required to obtain management’s written acknowledgment of their responsibility in the following:

  • Administering their EBP
  • Maintaining updated documents that govern their EBP
  • Maintaining records of activities and participants of their EBP
  • Confirming transactions reported in financial statements are in compliance with plan provisions

Procedures for ERISA Section 103(a)(3)(c) audits

When management elects to have an ERISA Section 103(a)(3)(c) audit, the auditor must:

  • Evaluate management’s assessment of whether the entity issuing the certification is a qualified institution under DOL rules and regulations
  • Identify which investment information is certified
  • Read the certified investment information, compare it to related information presented and disclosed in the ERISA plan financial statements and ERISA-required supplemental schedules, and read the disclosures to assess accordance with the applicable financial reporting framework
  • Perform audit procedures on the financial statement information not covered by the certified investment information

Considerations relating to Form 5500 filing

Plan management will need to provide a substantially complete draft of Form 5500 prior to dating the auditor’s report.

Written representations from plan management

At the conclusion of the engagement, the auditor will request written acknowledgment from management of the same matters obtained before engagement acceptance. In addition, management will need to provide written acknowledgment that they have provided the auditor with the most current plan instrument for the audit period, including plan amendments.

Reportable findings

Auditors are now required to evaluate whether certain matters identified during the audit result in “reportable findings”. Reportable findings include:

  • Instances of noncompliance or suspected noncompliance with laws or regulations
  • Significant findings relevant to the fiduciary regarding their responsibility to oversee the financial reporting process
  • Indications of deficient internal controls that have not been previously reported and require management’s attention

Auditors and plan management may establish what would be considered a reportable finding during the engagement planning process. The auditor is required to communicate in writing to those charged with governance, on a timely basis, reportable findings from the audit procedures performed. The written communication should include a description of the reportable findings, context for the communication, and an explanation of the potential effects of the reportable findings.

Have more questions?

Get in touch with our EBP team today. Our team of experienced employee benefit plan auditors makes the 401(k) audit process simple and efficient. Our goal is to offer you a streamlined process with third-party communication — giving you more time to focus on your business, not filing through compliance documents.