401(k) Basics, Part 4 Notes to Financial Statements & Current Topics - PowerPoint Presentation

1. 401(k) Basics, Part 4Notes to Financial Statements & Current TopicsEmployee Benefit Plan Audit Quality CenterAICPA

2. Handouts for today’s event You can download presentation slides (in PDF format) and other handouts by clicking on in the toolbar at the bottom of your screenWebinar presentation slidesInstructions on how to obtain your CPE CertificateEBPAQC Tools and Resources (Updated)EBPAQC Tools:Primer, ERISA Section 103(a)(3)(C) audits of employee benefit plansTool, Documentation of the auditor’s evaluation of management’s assessment of an ERISA Section 103(a)(3)(C) audit certification Tool, Common Deficiencies in ERISA Section 103(a)(3)(C) audit certificationsTool, ERISA EBP financial statement audit special considerations – 2023

3. PresentersMarilee Lau – ModeratorJennifer Moore – PriceKubecka, PLLCKarolyn Ladas – Grant ThorntonGwen Mazzola – HoganTaylor LLP

4. TopicsERISA Section 103(a)(3)(C) Audits vs. Non-Section 103(a)(3)(C) AuditsReporting and financial statement disclosuresCurrent topicsIncluding DOL proposed changes, 2023 special considerations, SECURE 2.0 Act of 2022, Form 5500, pooled employer plans (PEPs), EBPAQC resources, and moreOpen Q&A4

5. Topics discussed on parts 1, 2, and 3ERISA rulesTypes of plans & key partiesPlanning and risk assessmentInternal controlsPlan document, SSAE 18, and payroll testingParticipant data testingContribution testingParties in interest and prohibited transactionsBenefit payments and notes receivableInvestmentsConcluding an audit5

6. ERISA Section 103(a)(3)(C) audits vs. Non-Section 103(a)(3)(C) audits

7. Statutory and regulatory basisSection 103(a)(3)(C) of ERISA Allows plan administrators to instruct the auditor not to perform any additional procedures with respect to the investment information prepared and certified by a qualified institution  The election is implemented by Title 29 U.S. Code of Federal Regulations (CFR) Parts 2520.103-8 and 103-12, which outline the Department of Labor’s (DOL) Rules and Regulations for Reporting and Disclosure under ERISA7

8. ERISA Section 103(a)(3)(C) audit decision tree (from the EBP Guide)8

9. Non-Section 103(a)(3)(C) auditThe plan auditor should be engaged to perform additional audit procedures whereThere are certification issuesi.e. assets are not held by a qualified institution, the investment information is not prepared and certified by a qualified institution, or the certification is not reliableThe plan administrator does not request an ERISA Section 103(a)(3)(c) auditSEC Form 11-K filers*Be aware that it is possible that some assets will not be in the custody of the Plan’s custodian and will fall outside of the certification.9

10. DOL Regulations 2520.103Provides sample certification language to be used by the certifying institutionThe XYZ Bank (insurance carrier) hereby certifies that the foregoing statement furnished pursuant to 29 CFR 2520.103-5(c) is complete and accurate.Indicates that the certification extends to “ordinary business records” of the certifying institution The certification must be signed by a person authorized to represent the insurance carrier or bank10

11. Who is qualified to certify investment information?“Bank or similar institution or by an insurance carrier that is regulated, supervised, and subject to periodic examination by a state or federal agency who acts as trustee or custodian”BankTrust company (or similar institution)Insurance carrierAgent can certify on behalf of qualified institutionModify report language – ABC as agent for XYZ Trust CompanyBroker/dealers and investment companies are not qualified to certify11

12. Certification StipulationsNot every certification is acceptableUnqualified institutions try to certifyQualified institutions provide certifications based on their ordinary books and records that may not be fair valueWatch for agency relationshipsCertification of transferred assets and/or change in trustee/custodians12

13. Questions to consider when reviewing a certificationIs the ENTIRE period under audit certified?Are all investments covered by the certification?Are notes receivable from participants covered by the certification?Was there a change in trustee/custodian during the year?Changes in custodians/trustees are common but can increase risk if not managed properlyPlan sponsors have a fiduciary responsibility to ensure that the change is monitored and performed properlyMust make sure transfer was complete and accurate at the plan and the participant level13

14. Investments – ERISA Section 103(a)(3)(C) audits vs. Non-Section 103(a)(3)(C) audits 14Audit ProceduresERISA Section103(a)(3)(C)Non-Section103(a)(3)(C)Confirm assets directly with custodian XAgree the certified investment information to the Plan’s financial statementXYear-end market value testing XInvestment transaction testing XTest investment income allocation to participantsXXDetermine that the Plan’s financial statement and disclosures are in compliance with GAAPXXOther audit procedures, such as testing of contributions, distributions, etc. XX

15. Testing TechnicalitiesLimited testing only applies to investment informationDoes not extend to participant data, contributions, benefit payments, required financial statement disclosures, etc.Plan investments not held by a qualifying institution, such as real estate, should be subjected to non-Section 103(a)(3)(C) audit procedures.Investment income allocation at the participant level and investment elections should be subjected to the same audit procedures as a non-Section 103(a)(3)(C) audit.15

16. AU-C section 703 (eff. for periods ending on or after 12/15/21)SAS 136 + amendments:SAS 138 (materiality)SAS 140 (supplementary information)SAS 141 (effective date)= https://us.aicpa.org/content/dam/aicpa/research/standards/auditattest/downloadabledocuments/au-c-00703.pdf 16

17. AU-C section 703 (SAS 136, as amended)Engagement acceptance – preconditions (.15-.17)Risk assessment and response (.18-.26)Communications with those charged with governance (TCWG) (.27-.28)ERISA Section 103(a)(3)(C) procedures (.29-.35)Written representations (.36)Forming an opinion and form of opinions (.37-.46)Form 5500 filings (.47-.59)Auditor’s reports (.60-.135)Non-Section 103(a)(3)(C) (.60-.84)ERISA Section 103(a)(3)(C) (.98-.126)ERISA required schedules (129-.135)17

18. Key ProvisionsEngagement AcceptanceRisk Assessment and ResponsePerformance ProceduresEvaluation and DocumentationReview of Draft Form 5500 prior to dating auditor’s reportManagement RepresentationsCommunications with Those Charged with GovernanceReporting18

19. Engagement Acceptance - Auditor responsibilitiesFollow AU-C section 210 Terms of Engagement and 703Preconditions: obtain an agreement from management that it acknowledges and understands its responsibility for:Maintaining a current plan instrumentAdministering the plan properlyIf electing an ERISA Section 103(a)(3)(C) audit Whether that is permissible under the circumstances, Investment information is prepared and certified by a qualified institutionCertification meets the requirements of U.S. Code of Federal Regulations (CFR) 2520.103-5Certified investment information is appropriately measured, presented, and disclosed19

20. Engagement Acceptance - Auditor responsibilities (Cont.)If electing an ERISA Section 103(a)(3)(C) audit Auditor needs to inquire of management how they determined that the certification is from a qualified institutionObtain the agreement of management or TCWG to provide a substantially complete draft of the From 5500 prior to the dating of the auditor’s report20

21. Engagement Acceptance - Management’s responsibilitiesMaintain a current plan document and amendments (collectively, the plan instrument)Administer the plan, which extends to maintaining sufficient participant recordsProvide the auditor with a substantially complete draft Form 5500 prior to the date of the auditor’s reportDetermine whether an ERISA Section 103(a)(3)(C) audit (formerly known as a limited-scope audit) is appropriateEvaluate the plan’s investment certification and financial information associated with that certification Determine whether the certified investment information is appropriately measured, presented, and disclosedUnderstand how transactions and amounts relating to the certified investment information are processed and reported21

22. Risk Assessment and ResponseObtain and read the plan documents, including amendmentsConsider relevant plan provisions when designing and performing audit proceduresParticipation and eligibility requirementsTypes of contributions and distributions allowedDefinition of compensationDistribution eligibility rulesReference AICPA Technical Questions and Answers (TQA) 6933.13 - .17 on relevant plan provisions22

23. Performing ProceduresPerform procedures necessary to become satisfied that amounts received or disbursed were determined in accordance with plan provisionsRare to not test any relevant plan provisionsEvaluate whether prohibited transactions are reported appropriately in supplemental schedulesTax status – has management performed compliance testing and corrected any failures?23

24. Obtain and read a copy of the certificationIdentify which investment information is certifiedPerform procedures on investments not covered by the certificationEvaluate management’s assessment of whether the entity issuing the certification is a qualifying institution under DOL regulationsCompare the investment information certified to the plan’s financial statementsIf certified investment information is determined to be incomplete or inaccurate, discuss with management and perform additional procedures24Procedures for Certification in an ERISA Section 103(a)(3)(C) Audit

25. Determine whether the form and content of the financial statement disclosures related to the investment information prepared and certified by the plan’s custodian are in conformity with the applicable financial reporting frameworkPerform necessary procedures to become satisfied that any received or disbursed amounts reported by the custodian were determined in accordance with the plan provisions [applicable for all audits!] 25Procedures for Certification in an ERISA Section 103(a)(3)(C) Audit (Cont.)

26. Evaluation and DocumentationIf the auditor determines it is not necessary to test any relevant plan provisions as part of risk assessment, they are required to document their considerationsWhen work performed results in items that are not in accordance with the plan instrument, evaluate whether the items are “reportable findings”Noncompliance with laws or regulations (AU-C 250)Significant to TCWG (AU-C 260)Internal control deficiencies (AU-C 265)26

27. Form 5500 ResponsibilitiesSubstantially complete = contains all forms and schedules that could have a material effect (qualitatively or quantitatively)Review for inconsistencies and determine materialityAudit and Accounting Guide Chapter 13 presents different situations where information is missing from schedules and whether the overall form would be substantially completee.g. Schedule C, Service Provider Information is missing. If service provider fees are immaterial, it might not be an issue, but if they are, auditor would need to further evaluate27

28. Management RepresentationsProvided the most current plan instrumentAcknowledge responsibility for administering the planMaintaining sufficient participant records to determine benefits due or which may become dueERISA Section 103(a)(3)(C) auditElection of this type of audit does not affect management’s responsibility for the financial statementsResponsibility to determine whether the audit is permissibleWhether the investment information is prepared and certified by a qualified institutionCertification meets the requirements in 29 CFR 2520.103-5Certified investment information is appropriately measured, presented, and disclosed28

29. Communication with Those Charged with GovernanceCommunicate reportable findings in writing to those charged with governance Include:A description of the reportable findingSufficient information to provide the contextExplanation of the potential effectsIf there are no reportable findings found during the audit, the auditor should not issue a written communication stating that29

30. Auditor’s ReportExpress an unmodified opinion when the ERISA plan financial statements are presented fairlyTwo-pronged opinion:Whether the information not covered by certification is presented fairlyWhether the certified information agrees to or is derived from the certification30

31. ERISA Section 103(a)(3)(C) reportThe ERISA section 103(a)(3)(C) report contains the following sections: Scope and Nature of the ERISA Section 103(a)(3)(C) Audit (required to be placed first) Opinion (required to follow the scope and nature section)Basis for Opinion (required to follow the opinion section)Going concern (if applicable)Key Audit Matters (if applicable)Responsibilities of Management for the Financial StatementsAuditor’s Responsibilities for the Audit of the Financial StatementsERISA-Required Supplemental Schedules31

32. EBPAQC ERISA Section 103(a)(3)(C) Audits Resource CenterPrimer, ERISA Section 103(a)(3)(C) audits of employee benefit plansTool, Common deficiencies in ERISA Section 103(a)(3)(C) audit certificationsTool, Conditions for plan management to elect an ERISA Section 103(a)(3)(C) auditTool, Documentation of the auditor’s evaluation of management’s assessment of an ERISA Section 103(a)(3)(C) audit certificationhttps://www.aicpa.org/interestareas/employeebenefitplanauditquality/resources/accountingandauditingresourcecenters/erisa-section-103-a-3-c-audits.html 32

33. Reporting and financial statement disclosures

34. Illustrative example: ERISA Section 103(a)(3)(C) Report versus a Non-Section 103(a)(3)(C) ReportTitle and addresseeScope and nature of the ERISA Section 103(a)(3)(C) auditAuditor’s opinionBasis for opinionGoing concernKey audit mattersResponsibilities of management for the financial statementsAuditor’s responsibilities for the audit of the financial statementERISA-required supplemental schedulesOther reportingSignature of the auditor and auditor’s addressDate of the auditor’s report34

35. Year 1 vs. year 2 unmodified ERISA Section 103(a)(3)(C)Current year – Unmodified ERISA Section 103(a)(3)(C) Report; Prior year – Limited Scope Disclaimer (Year 1)Current and prior year – Unmodified ERISA Section 103(a)(3)(C) Report (Year 2)Scope and Nature of the ERISA Section 103(a)(3)(C) Audit of the 2021 Financial StatementsScope and Nature of the ERISA Section 103(a)(3)(C) Audit Opinion on the 2021 Financial StatementsOpinion Basis for Opinion on the 2021 Financial StatementsBasis for OpinionGoing Concern (when applicable)Going Concern (when applicable)Key Audit Matters (when applicable)Key Audit Matters (when applicable)Responsibilities of Management for the 2021 Financial StatementsResponsibilities of Management for the Financial StatementsAuditor’s Responsibilities for the Audit of the 2021 Financial StatementsAuditor’s Responsibilities for the Audit of the Financial Statements“Other Matter – 2021 Supplemental Schedule(s) Required by ERISA” paragraph“Other Matter – Supplemental Schedule(s) Required by ERISA” paragraph“Other Matter – Report on 2020 Financial Statements” paragraph

36. Year 2 – ERISA Section vs. Non-Section 103(a)(3)(C)ERISA Section 103(a)(3)(C) reportNon-Section 103(a)(3)(C) reportScope and Nature of the ERISA Section 103(a)(3)(C) Audit N/AOpinion OpinionBasis for OpinionBasis for Opinion Going Concern (when applicable)Going Concern (when applicable)Key Audit Matters (when applicable)Key Audit Matters (when applicable)Responsibilities of Management for the Financial StatementsResponsibilities of Management for the Financial StatementsAuditor’s Responsibilities for the Audit of the Financial StatementsAuditor’s Responsibilities for the Audit of the Financial Statements“Other Matter – Supplemental Schedule(s) Required by ERISA” paragraphSeparate section “Report on Supplemental Schedule(s) required by ERISA”

37. Year 1 vs. year 2 ERISA Section 103(a)(3)(C) disclaimerCurrent year – Disclaimer on ERISA Section 103(a)(3)(C) Report; Prior year – Limited Scope Disclaimer (Year 1)Current and prior year Disclaimer on ERISA Section 103(a)(3)(C) Report (Year 2)Scope and Nature of the ERISA Section 103(a)(3)(C) Audit of the 2021 Financial StatementsScope and Nature of the ERISA Section 103(a)(3)(C) Audit Disclaimer of Opinion on the 2021 Financial StatementsDisclaimer of Opinion Basis for Disclaimer of Opinion on the 2021 Financial StatementsBasis for Disclaimer of OpinionGoing Concern (when applicable)Going Concern (when applicable)Key Audit Matters (when applicable)Key Audit Matters (when applicable)Responsibilities of Management for the 2021 Financial StatementsResponsibilities of Management for the Financial StatementsAuditor’s Responsibilities for the Audit of the 2021 Financial StatementsAuditor’s Responsibilities for the Audit of the Financial Statements“Other Matter – 2021 Supplemental Schedule(s) Required by ERISA” paragraph“Other Matter – Supplemental Schedule(s) Required by ERISA” paragraph“Other Matter – Report on 2020 Financial Statements” paragraph

38. ERISA Section 103(a)(3)(C) Reports versus Non-Section 103(a)(3)(C) ReportsDifferences mainly due to clarification that the ERISA Section 103(a)(3)(C) audit did not extend to investment information.As with the auditor’s reports under AU-C section 700A, the report must be tailored to reflect the financial statements for different types of plans, such as defined benefit plans and health and welfare plans.38

39. Illustrative Auditor’s Report – Non-Section 103(a)(3)(C) Audit (EBP Guide para. 14.29)401(k) plan unmodified opinionFor an employee benefit plan that is filing Form 11-K with the SECOmitted information in a schedule required under DOL regulationsOmitted schedule required under DOL regulationsQualified report on supplementary information – omitted information39

40. Illustrative Auditor’s Report – Non-Section 103(a)(3)(C) Audit (EBP Guide para. 14.29) (continued)Qualified report – disclosure of material prohibited transaction with party in interest omittedDisclosure of immaterial prohibited transaction with party in interest omittedProhibited transaction with party in interest that is also considered a related-party transaction40

41. Illustrative auditor’s report – ERISA Section 103(a)(3)(C) audit (EBP Guide para. 14.73)Standard ERISA Section 103(a)(3)(C) audit reportERISA Section 103(a)(3)(C) audit in prior yearERISA Section 103(a)(3)(C) audit in current yearERISA Section 103(a)(3)(C) audit in current year, prior year ERISA Section 103(a)(3)(C) audit performed by other auditorsChange in trusteeStandard ERISA Section 103(a)(3)(C) audit reports with omitted schedule required under DOL regulationsModified opinion on supplemental schedules – omitted information required under DOL regulation in an ERISA Section 103(a)(3)(C) audit engagement41

42. Common financial statement disclosuresDescription of the planGeneral descriptionEligibilityContributionsParticipant accountsVestingInvestment optionsParticipant loansPayment of benefitsForfeited accountsAdministrative expenses 42

43. Common financial statement disclosures (cont.)Summary of accounting policiesBasis of accountingUse of estimatesInvestment valuationPayment of benefits Investments Trustee certification, mentioning the certifying entityFair value disclosures (Level 1, 2, 3 table)Investments using NAV as a practical expedientInvestment contracts with insurance companiesRisks and uncertaintiesParties in interestPlan terminationTax status, including uncertain tax positions43

44. Common financial statement disclosures (cont.)Prohibited transactionsReconciliation to Form 5500Management statement on subsequent events44

45. FinREC recommendations all plans Dividends and Distributions--reinvestedDividends be considered investment income and shown separately from changes in fair valueCapital gain distributions may be considered either investment income and shown separately from changes in fair value or included as part of the net change in fair valueCash BalancesInterest bearing cash be shown as an investmentSince no cash flow statement is required, there is no need to classify short term investments as cash equivalents45

46. FinREC recommendations all plans typesSeparate disclosure of employer contributions relating to the correction of operational defects or other nonrecurring itemsAdditional disclosures and discussionBenefits paidOther income Other employer contributionsExpense offset arrangementsTransfers of assets to or from other plansFrozen or merged plansFull or partial terminationsChanges in service providers46

47. FinREC recommendations defined contribution plansExcess contributions/corrective contributionsAmounts may be netted against contributions received in the statement of changes with additional footnote disclosureInclude refund or payment as a payable to participantContributions receivableAdditional guidance added to include the factors that are to be reviewed in determining whether a receivable should be recognized and the relationship between employer and employees as compared to a DB planParticipant loans classified as a note receivable with additional disclosures for valuation, interest income, etc.47

48. FinREC recommendations defined contribution plansForfeituresAdded more discussion about forfeitures and use of forfeitures with recommended disclosuresRollover ContributionsSignificant rollovers be shown as a separate line item on the statement of changes in net assets available for benefitsDiscussion as to when a rollover is really a plan transferEmployee Stock Ownership PlansHow a leveraged ESOP plan worksESOP financial statements for leveraged ESOPs—FinREC recommends columnar format48

49. Form 11-K FilingsDo not file PCAOB auditor’s report with the Form 5500Preparing the financial statements may violate auditor’s independenceAuditors should not provide typing and word processing services nor financial statement templates that are not publicly available to audit clients (See Dec 2014 EBPAQC E-Alert)Archived annual webinar on 11-K Audits on website https://bcove.video/3G94I9p49

50. Current topics and resources

51. Current topicsSECURE 2.0 Act of 2022DOL proposed changesAICPA EBP AQC Tools and PrimersForm 5500Pooled employer plans (PEPs)New auditing standards51

52. SECURE 2.0 Act of 2022

53. SECURE 2.0 Act of 2022Contains sweeping changes relating to qualified retirement plans aimed atIncreasing retirement savings Simplifying and clarifying retirement plan rulesOther purposesPlan amendments generally need not be made until the end of the first plan year beginning on or after January 1, 2025However, plans must be operated in accordance with the effective date of each new provision!Passed by Congress on December 23, 2022.Signed into law by President Biden on December 29, 2022.53

54. Auto enrollment/auto-escalationSECURE 2.0New 401(k) and 403(b) plans must automatically enroll participants when they become eligible (employees may opt out of coverage)Initial rate of at least 3% but not more than 10% Each year thereafter amount is increased by 1% until it reaches at least 10% but not more than 15%Exemptions:  All existing 401(k) and 403(b) plans in effect on the date of enactmentSmall businesses with 10 or fewer employees New businesses (i.e., those that have been in business for less than three years)Church plans Governmental plansSection 101Effective for plan years beginning after December 31, 2024.54

55. Required minimum distributions (RMD)SECURE 2.0Required Beginning DateIncreased to Age 73 effective January 1, 2023Increase to Age 75 effective January 1, 2033PenaltiesPenalty for failing to take an RMD reduced from 50% to 25%If correction is made within two years the tax is further reduced to 10%Effective for taxable years beginning after December 29, 2022Section 107- RMDs-– Effective for distributions made after December 31, 2022, for individuals who attain age 72 after that date.55

56. Catch-up contributionsSECURE 2.0Effective for taxable years beginning after December 31, 2024Increased Limit on Catch-Up Contributions for Individuals age 60 to 63Greater of $10,000 or 150% of the regular catch-up amounts for 2024Adjusted annually for inflationEffective for taxable years beginning after December 31, 2023Catch-Up Contributions must be made on a Roth basisDoes not apply to employees with compensation of $145,000 or less (as indexed)Section 109-Catch-up contributions--Effective for taxable years beginning after December 31, 2024.56

57. Roth Matching and Nonelective ContributionsSECURE 2.0Effective for contributions made after December 29, 2022Employer matching or nonelective contributions may be made on a Roth basis57

58. Long-term, part-time employeesSECURE 2.0One significant change to provisions of SECURE Act requiring 401(k) plans to offer participation to long-term part-time workersLong-term part-time worker now defined as employee completing TWO consecutive years of service with at least 500 hours worked (instead of THREE years)Requirement extended to 403(b) plansStill awaiting Treasury/IRS regulations on original provisionsSection 125Effective for plan years beginning after December 31, 2024.The clarification is effective as if included in the 2019 SECURE Act, so effective beginning after December 31, 2020.58

59. Student loan paymentsSECURE 2.0Employers may make matching contributions under a 401(k) or 403(b) plan on employees’ qualified student loan payments “Qualified student loan payment” is defined as any indebtedness incurred by the employee solely to pay qualified higher education expenses of the employeeEmployees who receive such matching contributions are required to certify annually to the employer that such payment has been made on such loan, and employer may rely on the employee certification of paymentNote: For purposes of the nondiscrimination rules, student loan payments will not be treated as plan contributions, and a plan may separately test the employees who receive matching contributions on student loan payments in determining whether it satisfies the ADP testing requirements for a given plan yearSection 110Effective for plan years beginning after December 31, 2023.59

60. Missing participant “Lost and Found”SECURE 2.0Department of Labor (DOL) will have a database that will allow individuals who may have funds remaining in a retirement plan to search for current contact information for plan administratorsEnvisions plans transmitting information related to missing participants including those who have been paid out in the form of distributions to IRAsTime and form of information transmittal to be determined by regulationsSection 110Effective no later than December 29, 202460

61. Withdrawals for certain emergency expensesSECURE 2.0Exception from the 10% tax on certain early distributions:Distributions must be used for emergency expenses which are unforeseeable or immediate family needs relating to personal or family emergency expenseOne distribution, not to exceed $1,000, is permitted each yearParticipant can repay the distribution within three years No further emergency distributions are permissible during the three-year repayment period, unless repayment occurs Plan administrators generally may rely upon a participant’s self-certification; however, the IRS is authorized to issue guidance to address situations in which a plan administrator has actual knowledge to the contrary or there are employee misrepresentationsSection 115Effective for distributions made after December 31, 2023.61

62. Increased dollar threshold for mandatory distributionsSECURE 2.0Currently a retirement plan sponsor can distribute a terminated participant’s account, without the participant’s consent, if their balance does not exceed $5,000SECURE Act 2.0 pushes this to $7,000Effective for distributions on or after 1/1/24Section 304Effective for distributions made after December 31, 2023.62

63. Recovery of retirement plan overpaymentsSECURE 2.0Gives retirement plan fiduciaries discretion to not recoup overpayments mistakenly made to retireesFiduciary relief for failure to make the plan wholeFor ERISA-covered plans where a plan’s fiduciaries choose to recoup overpayments, limitations and safeguards applySection 301Effective upon enactment with certain retroactive relief for prior good faith interpretations of existing guidance. 63

64. CorrectionsSECURE 2.0IRS Employee Plans Compliance Resolution System (EPCRS) expanded to:Allow more types of errors to be rectified internally through self-correctionExample - allows for the correction of many plan-loan errors through the self-correction processGrace period allowed to correct, without penalty, reasonable errors in administering automatic enrollment and automatic escalation features occurring after December 31, 2023Errors must be corrected within 9½ months after the end of the plan year in which the mistakes were madeSection 305- EPCRS expansion-- Effective upon enactment.Section 350- Automatic features-- Effective for any errors after December 31, 2023. 64

65. 403(b) plansSECURE 2.0Conforms current hardship distribution rules for 401(k) plans to 403(b) plansLong-term, part-time employee provision extended to 403(b) plans subject to ERISA403(b) plans will now be allowed to invest in collective investment trusts (CIT)403(b) plans can join a multiple employer plan (MEP) or pooled employer plan (PEP)Section 602- Hardships--Effective for plan years beginning after December 31, 2023. Section 125- LT/PT employees-- Effective for plan years beginning after December 31, 2024.Section 128- CITs--Effective for amounts invested after date of enactment.Section 106- MEPS/PEPS--Effective for plan years beginning after December 31, 2022.65

66. Annual audits for a group of plansSECURE 2.0Clarifies that each plan filing under a group of plans (added by the SECURE Act) is required to submit audited financial statements if it has 100 participants or more.  Plans with fewer than 100 participants that are included in a group of plans are not required to submit audited financial statements.Section 345Effective upon enactment.66

67. SECURE 2.0 …things to think aboutUnderstand the sweeping changes impacting qualified retirement plans Changes have various effective datesWill require significant adjustments for employers, participants and their-party administratorsExtensive IRS and DOL guidance will be neededMay result in heavier administrative burdens and increased costs for employersParticipants will need education on updatesCoordination of updates with payroll providers and third-party administrators will be needed67

68. DOL proposed changes

69. DOL proposed changesVFCP self-correctionDOL proposed adding a self-correction component to its Voluntary Fiduciary Correction Program (VFCP)Expands types of transactions covered under VFCP and simplifies the administrative tasks necessary to receive reliefConditions for self correction of delinquent contributions and loan repayments Correction to take place within 180 days from the date of withholding or receiptLost earnings can not exceed $1,000Self-correcting plans would be required toUse program’s online calculator to determine lost earningsUse online portal to file a notice of the correction with DOLComplete and retain the self-correction retention record checklistProposal released in November 2022.Written comments due on or before January 20, 2023. DOL will notify the public of the availability of the amended and restated VFCP in a subsequent Federal Register document.69

70. DOL proposed changes (continued)Prohibited transaction exemption DOL also proposed a separate rule that would amend Prohibited Transaction Class Exemption (PTE) 2002-51To allow an employer to obtain excise tax relief for self-corrected late contributions meeting certain conditionsSelf-correcting plans would notify the DOL that a correction has taken place via an online portal (eliminating the need for a formal application and no-action letter)Would eliminate a cap on the total number of similar voluntary corrections the agency will process for a single planEmployer-sponsored plans currently only allowed to apply for one such voluntary correction every three years70

71. AICPA EBPAQC tools and primers

72. Special considerations – 2023NewERISA employee benefit plan financial statement audit special considerations – 2023 Provides overview of key considerations for December 31, 2022 year-end audits: Implementation of SAS No. 142, Audit EvidenceLegislative and regulatory developments (DOL and IRS guidance, SECURE 2.0 Act of 2022)Additional audit considerations related to the current economic and business environmentPooled employer plans (PEPs)Financial statement disclosures72https://www.aicpa-cima.com/resources/download/ebp-audit-special-considerations

73. Examples of written auditor communications for EBP auditsRevised toolThe non-authoritative tool is intended to assist in preparing written communications of matters identified during the financial statement audit to their employee benefit plan clients.It contains example comments taken from actual communications prepared by practitioners that may be useful in preparing required communications of internal control related matters and reportable findings identified in your audits, and observations arising from the audit that are significant and relevant to those charged with governance in their oversight of the financial reporting process.It includes considerations auditors should make in editing the examples for specific facts and circumstances based on the auditor’s professional judgment and requirements in the relevant professional standards.73https://www.aicpa-cima.com/resources/download/examples-of-internal-control-communications-for-erisa-plan-audits

74. Audit evidence toolsNewPrimer, Audit evidence in an employee benefit planDeveloped to assist in understanding the types of information that may be available to EBP auditors. Provides a basic overview of AU-C section 500, addressing terms and definitions; forms and sources of information in an EBP audit; evaluating audit evidence, including its relevance and reliability, and the controls over information to be used as evidence; audit evidence by EBP audit area; and references to other helpful resources.Tool, Common sources of audit evidence used in testing investment valuationsDeveloped to assist in identifying potential sources of audit evidence to be considered when testing the valuation of investments. The matrix provides general descriptions of common investments in EBPs and lists sources of audit evidence frequently used to support the investment balances, presentation, and financial statement disclosures. Includes helpful tips to better understand certain investments and issues that may affect audit considerations, and provides a general description of the appropriate classification on Form 5500 and other Form 5500 reporting requirements. 74https://www.aicpa-cima.com/resources/download/audit-evidence-in-an-employee-benefit-plan-primer https://www.aicpa-cima.com/resources/download/common-sources-of-audit-evidence-used-in-testing-investment-valuations

75. Form 5500 toolUpdated based on the 2022 Form 5500an overview of Form 5500 schedules, including tips and questions to consider in understanding the information and how it may relate to the audited financial statements;information and characteristics of Form 5500 reporting for auditors who are new to auditing ERISA plans.75https://www.aicpa-cima.com/resources/download/form-5500-considerations-for-auditors

76. Definition of compensation in an employee benefit planNew types of compensationNew types of pay, rewards, and benefits emerging (stipends for home internet, employee recognition, stay bonuses, gift cards, paying student loans, pet insurance, etc.)Employers may treat as a fringe benefit.Need to understand the definition of compensation within the plan documentEBPAQC Primer, Definition of compensation in an employee benefit plan76

77. Form 5500

78. SCHEDULE H – ACCOUNTANT’S OPINIONWith SAS 136, ERISA Section 103(a)(3)(C) audits (formerly called limited scope audits) are no longer disclaimer opinions in form under GAAS and in the Form 5500 Accountant’s Opinion sectionPart III: Accountant’s Opinion section has been updated for SAS 136ERISA Section 103(a)(3)(C) “clean” opinion (formerly limited scope)Disclaimer, such as those related to 403(b) plan for excluded contracts or lack of historical informationERISA non-Section 103(a)(3)(C) “clean” opinion (formerly “full scope”)78

79. 2023 Form 5500 UpdatesA consolidated Form 5500 reporting option for certain groups of defined contribution retirement plansImproved reporting by pooled employer plans and other multiple employer plans, including a new Schedule MEPA change in the participant-counting methodology for determining eligibility for simplified reporting alternatives available to “small plans”79Reference EBPAQC Alert No. 504 for relevant links related to the changes to the 2023 Form 5500.

80. 2023 Form 5500 Updates (continued)Additional breakout categories added to Schedule H breakout of “Administrative Expenses Paid by the Plan,” including “Independent Qualified Public Accountant (IQPA) fees.”Changes to Schedule R related to financial and funding reporting by PBGC-covered defined benefit plans.The addition of selected Internal Revenue Code compliance questions to improve tax oversight and compliance of tax-qualified retirement plans.Technical and conforming changes as part of the annual rollover of forms and instructions.80Reference EBPAQC Alert No. 504 for relevant links related to the changes to the 2023 Form 5500.

81. Pooled employer plans (PEPs)

82. Pooled employer plans (PEPs) Type of multiple employer plan (MEP)Effective January 1, 2021DOL EBSA issued registration requirements for PPPsAuditor independence considerations“Affiliate” definition in AICPA Professional Ethic Staff FAQs: Application of the independence rules to affiliates of employee benefit plans No model plan yetSECURE 2.0 Act amends ERISA to require PEPs to designate a named fiduciary (other than an employer in the plan) to be responsible for collecting plan contributions and to implement collection procedures.Audit and reporting requirements considerations summarized in EBPAQC Pooled employer plans (PEPs) special considerations82https://www.aicpa-cima.com/resources/download/pooled-employer-plans-peps-special-considerations

83. New standards

84. New auditing standards Effective periods ending on or after December 15, 2022Effective periods ending on or after December 15, 2023(with early implementation permitted)SAS 142, Audit EvidenceSAS 143, Auditing accounting estimates and related disclosures SAS 144, Use of specialists and use of pricing informationSAS 145, Understanding the entity and its environment and assessing the risks of material misstatement84

85. New auditing standard – SAS No. 142, Audit EvidenceEffective for periods ending on or after December 15, 2022Supersedes AU-C section 500, Audit Evidence and amends various other sections of SAS 122, Statements on Auditing Standards: Clarification and Recodification, as amended. Addresses the evolving nature of transacting business as well as the evolution of audit services. use of emerging technologies and techniques by both preparers and auditors, application of professional skepticism, expanding use of external information sources to provide audit evidence, and more broadly, the relevance and reliability of audit evidence. 85

86. SAS No. 142, Audit Evidence – Key changesExpanded guidance on evaluating whether sufficient appropriate audit evidence has been obtained.more broadly focused on considering the attributes of information to be used as audit evidence.attributes of reliable information include its accuracy, completeness, authenticity, and susceptibility to biasAutomated tools and techniquesProfessional skepticismManagement specialists86

87. Audit evidenceInformation may be obtained directly or derived individually or in combination from different sources:Management ExternalAuditor Evaluating audit evidenceRelevance Reliability AccuracyCompletenessControls over audit evidenceNew EBPAQC audit evidence resources87

88. Identifying and evaluating information to be used as audit evidence The types of information typically available (personnel file, payroll register, etc.).The forms of information (i.e., oral, visual, paper, electronic) typically available.The source of the information (plan sponsor, third-party, etc.).The sufficiency and appropriateness (relevance and reliability) of the audit evidence.Whether additional procedures need to be considered to substantiate the appropriateness (relevance and reliability) of electronic audit evidence*Example of additional procedures to substantiate appropriateness:If a SOC 1 report does not address certain controls that are relevant or significant to the plan’s operations, the auditor may need to consider contacting the service organization to obtain specific information or visit the service organization and perform such procedures.88

89. SAS No. 143, Auditing accounting estimates and related disclosuresWhy the changeConverge U.S. GAAS with ISAsTo help auditors appropriately address increasingly complex scenarios that involve accounting estimatesWhat is changingEnhanced risk assessment that is more specific to estimatesAudit procedures need to be responsive to the reasons for the assessed risk of material misstatementOther key conceptsApplication of scalabilityProfessional skepticism

90. SAS No. 144, Use of specialists and use of pricing informationWhat is changingAU-C Section 501, Audit Evidence – Specific Considerations for Selected Items - Enhances guidance about evaluating the work of management’s specialistAU-C Section 540, Auditing Estimates and Related Disclosures - New Appendix, “Use of Pricing Information From Third Parties as Audit Evidence”AU-C Section 620, Using the Work of an Auditor’s Specialist - Enhances guidance about evaluating the work of the auditor’s specialist

91. SAS No. 145, Understanding the Entity and its Environment and Assessing the Risks of Material MisstatementObjective:  To enhance the auditor’s risk assessment through focusing on:​Understanding the entity’s system of internal control​Addressing risks arising from an entity’s use of IT ​Determining risks of material misstatement, including significant risks​Consideration of the economic, technological, and regulatory aspects of the markets and environment​

92. SAS 145 (continued)Enhances:–requirements and guidance related to obtaining an understanding of the entity’s system of internal control and assessing control risk –guidance addressing the economic, technological, and regulatory aspects of the markets and environment of entities and audit firmsRevises: –definition of significant risk –requirements to evaluate the design and to determine whether certain controls have been implemented –requirements relating to audit documentation

93. SAS 145 (continued)New requirements:–separately assess inherent risk and control risk –assess control risk at maximum if auditor does not plan to test operating effectiveness of controls (i.e., assessment of risk of material misstatement is the same as assessment of inherent risk) –“stand-back” requirement intended to drive an evaluation of the completeness of the auditor’s identification of significant classes of transactions, account balances, and disclosures•New guidance–scalability–maintaining professional skepticism

94. In the future#AICPAebpStandardEffective DateSAS 146, Quality Management for an Engagement Conducted in Accordance with Generally Accepted Auditing StandardsEffective for periods beginning on or after December 15, 2025SAS 147, Inquiries of the Predecessor Auditor Regarding Fraud and Noncompliance with Laws and RegulationsEffective for audit of financial statements for periods beginning on or after June 30, 2023SAS 148, Amendments to AU-C Section 935, Compliance AuditsEffective for compliance audits for fiscal periods ending on or after 12/15/23 (except for the amendments related to AU-C 501 which are effective for periods ending on or after 12/15/22.)

95. In the future (continued)StandardEffective DateSAS 149, Special Considerations – Audits of Group Financial Statements (Including the Work of Component Auditors and Audits of Referred-to AuditorsEffective for periods ending on or after December 15, 2026

96. Questions & answer session

97. CPE certificateDon’t forget to download your CPE certificate!Click onNow!

98. We welcome your feedback!Please complete the online evaluation

99. Thank you

100. Appendix:EBPAQC and AICPA resources

101. EBP A&A Guide

102. EBP A&A Guide (August 2022 edition) Strongly recommend reading the guide!Available at aicpa.org:Online version (Online Professional Library) E-book versionPrint version102

103. EBPAQC resources

104. New AICPA websitewww.aicpa.org On the AICPA homepage….Use AICPA log inSet up personal profile and preferencesSave items (resources and articles) and set up shortcuts (EBPAQC)View section and firm memberships, credentials 104

105. New EBPAQC websiteBookmark the pagehttps://www.aicpa.org/topic/employee-benefit-plans Find tools and resources by type or topic At aicpa.org/EBPAQC105

106. EBPAQC resources and tools106AudienceAlertsShare with firm staffWebinars (live and archived)Firm staff (CPE available) Plan advisoriesShare with staff and clientsPrimersShare with staff and clientsAudit engagement tools and aidsShare with staffPractice management tools and aidsShare with staffWebsite aicpa.org/EBPAQCShare access with firm staff

107. EBPAQC alertsPeriodic news, developments, webcast registration107

108. Archived EBPAQC webcastsAU-C section 703 lightning round Q & AERISA section 103(a)(3)(C) audits: part 1ERISA section 103(a)(3)(C) audits: part 2Multiemployer plan audits Multiple employer plan auditsUsing SOC 1 reports in EBP auditsCurrent issues in defined benefit auditsUnique defined benefit plan issues – advancedActuarial reports in DB plan auditsHealth and welfare plans: part 1 – Basics and audit planningHealth and welfare plans: part 2 – Audit and reportingHealth and welfare plan advanced audit issuesEBP investments: part 1 – Common EBP investmentsEBP investments: part 2 – Auditing investmentsCommon plan operational errorsInitial EBP audits No CPE available for listening to an archived event108https://www.aicpa-cima.com/category/resources/employee-benefit-plans?type=video

109. Plan advisories SAS 136: An overview for plan managementERISA section 103(a)(3)(C) auditsImportance of hiring a quality auditorInternal controls and safeguarding plan assetsPartial plan terminationsUnderstanding auditor communicationsThe importance of retaining and protecting employee benefit plan recordsMonitoring of recordkeeping and reporting Valuing and reporting plan investments109https://www.aicpa-cima.com/category/resources/employee-benefit-plans?type=advisory

110. PrimersERISA Section 103(a)(3)(C) audits of employee benefit plansTimely remittance of employee contributions in DC retirement plansDefinition of compensation in an EBPPlan expensesParties in interest and prohibited transactionsTax and compliance issues for 401(k) plans403(b) plansMultiemployer employee benefit plans MEPs and MEWAsHealth and welfare employee benefit plansEmployee stock ownership plans (ESOPs) Cash balance plansActuarial methods in defined benefit pension plansMaster trusts in employee benefit plans Insurance company products offered to EBPsPlan investments in bank collective funds Stable value funds and investment contractsAlternative investments in employee benefit plans110https://www.aicpa-cima.com/category/resources/employee-benefit-plans?type=primer

111. Audit engagement tools and aidsForm 5500 considerations for auditorsPlan Sponsor tool – Analyzing timeliness of remittancesPeer review findings in employee benefit plan auditsERISA employee benefit plan financial statement audit special considerationsDC plan audit information request tracker (Excel)Identification of Parties In Interest and Related PartiesDocumentation of Procedures Performed to Identify Related Parties and Related Party Transactions, and Parties in Interest and Party in Interest TransactionsDocumentation of the Consideration of Potential Prohibited Transactions in an EBP Financial Statement AuditEBP Audit Internal Meeting Planning ToolEBP Audit Client Meeting Planning ToolPlan Governing Documents, Agreements, and Correspondence IndexSummary of Key Plan Document Provisions Relevant to a Defined Contribution Retirement Plan AuditDocumentation of Use of a Type 2 Service Auditor’s Report in an Audit of an Employee Benefit Plan’s Financial StatementsInternal Control Communication Examples Documentation of the Auditor’s Evaluation of Management’s Assessment of an ERISA Section 103(a)(3)(C) Audit CertificationCommon EBP Audit DeficienciesCommon Deficiencies in ERISA Section 103(a)(3)(C) Audit Certifications111https://www.aicpa-cima.com/category/resources/employee-benefit-plans?type=tool

112. Sharing access to the Center website with staffWhen your firm joined the Center, you received a welcome email that contained your firm’s unique activation link. You will need this link both to activate your account and to share access with others. There is no limit to the number of individuals in your firm to whom you grant access.If you no longer have that email or unique firm URL, the firm’s Designated Partner can contact the Center at EBPAQC@aicpa.org.112

113. Primer, ERISA Section 103(a)(3)(C) audits of employee benefit plansTool, Common deficiencies in ERISA Section 103(a)(3)(C) audit certificationsTool, Conditions for plan management to elect an ERISA Section 103(a)(3)(C) auditTool, Documentation of the auditor’s evaluation of management’s assessment of an ERISA Section 103(a)(3)(C) audit certificationERISA Section 103(a)(3)(C) audits resource center113https://www.aicpa-cima.com/resources/download/erisa-section-103-a-3-c-audits

114. EBP financial statement search tools

115. EBP financial statement search toolsDOL EBSA's expanded Form 5500 search tool search for filings using new filters including plan type, plan asset value, number of participants, employer plan types, business codes, form years, and locations (does not have text search)Click here for the EBSA Form 5500 Search.SEC Form 11-K Employee Stock Plan Annual Report database contains annual report filings of employee stock plansClick here for the SEC Form 11-K Employee Stock Plan Annual Report database.115