The only thing constant is change. And now, the ERISA (Employee Retirement Income Security Act of 1974) Section 103(a)(3)(C) audit replaces the old 401(k) Plan Limited Scope audit. Details follow.

What is ERISA 103(a)(3)(C)?

This is the new audit standard for employee benefit plans subject to ERISA’s provisions. The ERISA 103(a)(3)(C) makes changes to both the auditors’ reports and the performance requirements of these audits.

When is it effective?

CPA firms nationwide are currently implementing the requirements for the 2021 plan year audits.

What is changing?

As before, pension plans with more than 100 eligible participants are required to be audited, and as the plan administrator, you can have us rely on the plan’s investment certification to limit the procedures we perform related to investments and investment income. The audit for your 401(k) plan used to be called a limited scope audit where the audit firm disclaimed an opinion on the financial statements (meaning they distanced themselves from providing an opinion at all). Now, audit firms will issue an opinion on the financial statements for your 401(k) plan and it will be known as an ERISA Section 103(a)(3)(C) audit which replaces the old 401(k) plan limited scope audit.

How does this affect the plan administrator?

As part of the engagement acceptance process for the audit, you need to take responsibility for a few items. 1) Determine that the ERISA 103(a)(3)(C) audit is allowed by showing your CPA firm that the investment information is prepared and certified by a qualified institution.  2) Assure that the certification is signed by an authorized person who is attesting that the investment reporting is complete and accurate. 3) Ensure that the financial statements and disclosures correctly reflect the certified information.

How do you know the certification is prepared by a qualified institution and is signed by the correct person?

Under DOL (Department of Labor) regulations, investments held by a bank, trust company, or similar institutions—or by an insurance company regulated and subject to periodic examination by a state or Federal agency—are qualified to certify investments. However, you also need to ensure that the certification says that the investments and income are: 1) complete and 2) accurate. Note: The person signing the certificate must be qualified—meaning that they would know this information is complete and accurate.

How do you know that the certified investments are appropriately measured?

The first step is to understand if your investments are measured at fair value or at contract value. This information can be found on the custodian’s website or in the custodian’s audit guide. If measured at fair value, determining the level within the fair value hierarchy is next. You should also determine if the value is readily determinable (meaning that you can easily look up the value of the assets online). If so, you can determine that they are valued appropriately based on the number of shares your plan holds. If it is not, you may need to look at your insurance or service contract to determine the valuation of the assets. You are ultimately responsible for ensuring that the financial statements report these correctly, however, your CPA can help you with understanding these valuations.

How do you know what investments are covered by the certification?

The certification statement will either come in a packet of documents covered by the certification, or explicitly tell you what statements are covered.

What does it mean that “you are responsible” that financial statements and disclosures properly state the certified information?

Although CPA firms can help you by preparing the financial statements and disclosures, you will need to understand what investments are covered by the certification and have enough understanding of the Plan and reporting requirements to know that the disclosures are adequate and correct.

Is there anything you need to look out for in the certification?

One thing is that not all investments may be covered by one certification. Therefore, you may need two or more certifications to cover all your investments. Another is that participant loans and related interest income may not be covered by the certification, which means that the CPA performing your audit will need to perform additional audit procedures in those areas.

What about the parts of the plan like distributions, forfeitures, contributions, and participant data that are not certified? Is that information still audited?

Yes. Your accountant will still audit other areas of your plan, by selecting sample items for testing to determine that plan provisions were followed correctly.

How can you be sure you’re catching everything?

The AICPA puts out a checklist: https://www.aicpa.org/resources/article/erisa-section-103-a-3-c-audits that will help you document your attention to the items for your 401(k) audit. It assures that your auditor  is able to perform an ERISA 103(a)(3)(C) audit.

More questions?

If you need help with the checklist, you may want to work with your audit engagement team at least the first time—to ensure it’s correct. If you have completed the checklist on your own, you’ll need send a copy to your CPA and keep another copy for your 401(k) files. Please note that each year, you will need to complete this checklist again.

Interested in having LSL perform your next 401k plan audit? Contact us to request a quote.