In 2015, the Department of Labor issued a critical report noting serious auditing deficiencies found in 39% of employee benefit plan audits. As part of a proposal to address these deficiencies, the AICPA has issued Statements on Auditing Standards (SAS) No. 136 and No. 137. These new statements seek to improve plan audit quality, increase reporting transparency, and further clarify management’s role in plan compliance and operations. The new standards are effective for plan audits of financial statements for periods ending on or after December 15, 2020.
SAS No. 136 and No. 137 provide specific engagement acceptance and audit performance requirements for plan audits and change the form and content of the related auditor’s report. The standards create a new ERISA Section 103(a)(3)(C) audit report. The ERISA Section 103(a)(3)(C) audit replaces the “limited scope” audit and is available as a reporting option for plans with investments held by a qualified institution.
As part of engagement acceptance for an ERISA Section 103(a)(3)(C) audit, plan management will need to confirm in writing that:
- the plan qualifies for an ERISA Section 103(a)(3)(C) audit;
- investment information is prepared and certified by a qualified institution such as a bank or similar institution or
regulated insurance carrier; and
- the certified information is appropriately measured, presented and disclosed.
As a pre-condition of the engagement, the auditor will ask for written acknowledgement of management’s responsibility for:
- plan compliance;
- maintaining a current plan document; and
- ensuring plan contributions and distributions follow the plan’s written provisions, and records are maintained for
Management is also required to provide a draft Form 5500 (the plan’s annual regulatory filings) prior to issuance of the financial statements so that the auditor may review it for consistency with the plan financial statements. At the conclusion of the audit, the auditor will require written acknowledgement of the above responsibilities as part of the management representation letter.
The standards specify that the auditor obtain and read the plan document and current amendments and design procedures that test relevant plan provisions. Identified reportable findings are also required to be communicated in writing, and in a timely manner, to those charged with plan governance.
If you have questions or would like more information, please contact Lisa Carrick at firstname.lastname@example.org or 844.4WINDES (844.494.6337).