Best Practices For Avoiding Plan Compliance Issues
Editor: What are the key challenges for employers who sponsor employee benefit plans in complying with ERISA?
Finney: With a plethora of rules and regulations imposed by the Department of Labor (“DOL”) and the Internal Revenue Service (“IRS”), the key challenges for employers are to understand their responsibilities and the regulations and stay current with new laws and additional requirements to ensure that they effectively monitor their employee benefit plan and maintain the plan’s tax qualified status.
Editor: How can a qualified employee benefit plan auditor be of assistance?
Finney: With the assistance and coordination of ERISA professionals, such as dedicated ERISA plan auditors as well as ERISA counsel, investment advisors, third-party service providers and custodians, employers can receive the expert advice to help them maintain compliance. By having annual employee benefit plan audits of the plan’s financial statements by a firm that specializes in the area, employers of large plans (more than 100 eligible participants) are meeting annual reporting requirements imposed by ERISA and also receiving expert advice on certain internal control matters and best practices. For example, our pension services group performs employee benefit plan audits and consulting services for over 325 employee benefit plans including all types of defined benefit plans and defined contribution plans. Most often they include 401(k) plans, Form11-K filings, defined benefit pension plans, 403(b) plans, and health and welfare plans.
Editor: Are there different types of employee benefit plan audits? How can employers prepare for an audit?
Finney: There are two types of plan audits, full-scope and limited-scope audits. The first step in determining which type of audit is available is to find out who holds the investments of the plan and whether or not a DOL certification under 29 CFR 2520.103-5 is available and acceptable. If investments are held at a bank, trust or insurance company and they provide a certification as to both the accuracy and completeness of the investment information of the plan as of and for the period under audit, then the employer can choose to engage an auditor to perform a limited scope audit. Broker/dealers and investment companies are not qualified to certify, so a full scope audit would be performed. If there is an 11-K filing requirement, then a full-scope audit would be performed regardless of where the investments are held.
One of the keys to a successful audit is planning. Well in advance of the audit, employers should ask their plan auditors for an all-inclusive list of items that will be needed from the employer and thirdparty service providers. It is helpful when there is one point person at the employer who is assigned to gather the information for the audit and coordinate with other employer personnel and service providers. In most cases, custodians will provide a package (referred to as the “auditor’s package”) specifically for the auditor, which the auditor can access on-line directly with the service provider once the employer authorizes the access. The auditor’s package can include a substantial amount of information needed for the audit, such as the certification, schedule of assets held, plan activity, participant account summary, contribution, distribution and loan reports, SAS 70 reports and a draft of the Form 5500.
Editor: What are some of the new changes in Form 5500 that became effective in 2009?
Finney: There were several changes in Form 5500, the most prominent being EFAST2, which requires electronic filing for all 2009 returns. When applicable, the plan’s financial statements, independent auditors’ report, and Schedules MB and SB will need to be attached to the filing as portable document format (PDF) files. The extension, which is prepared on Form 5558, is filed using a paper form and does not need to be attached to the Form 5500 filing. However it is recommended to retain a copy.
Schedule SSA has been eliminated from the Form 5500 filing because this schedule contains Social Security numbers. Since Form 5500 is filed electronically, it will be available for the public to view on the Internet, including all attachments, so it is extremely important not to include personal information such as Social Security numbers. In addition, there are new reporting requirements for reporting service provider fees and other compensation on Schedule C. Also, indirect compensation is separately identified on Schedule C, and the instructions provide a definition and an example of indirect compensation. It includes expense reimbursement payments that are charged against and are reflected in the value of the plan’s investments, such as management fees paid by a mutual fund to its investment advisor and 12b-1 distribution fees. These Schedule C changes should serve to provide increased transparency on fees paid by plans.
Editor: A common error for employers is to fail to make remittances of employee contributions in a timely manner. What are the penalties that apply for such a “prohibited transaction”?
Finney: DOL regulations require large plans (plans with more than 100 eligible participants) to remit employee contributions as soon as they reasonably can be segregated from the employer’s general assets, but in no event to exceed the 15th business day of the month following the month the contributions are received or withheld by the employer. Lack of adherence to DOL guidelines constitutes a prohibited transaction, and penalties apply and are due from the employer.
More specifically, there’s a 15 percent excise tax on lost earnings, which is filed on Form 5330 by the employer. The employer makes the participants whole by calculating the amount of lost earnings from the time the employer should have made the contribution to the plan through the date the contribution actually was made to the plan.
As a practical recommendation, employers should determine a reasonable timeframe in which they can remit employee deferrals, document the timeframe and monitor the remittances on an ongoing basis. If a remittance is determined to be late, the employer should have a process in place to resolve the prohibited transaction and to make the participants and the plan whole as well as pay any applicable penalties.
Editor: What is the obligation of employers to ensure that third-party service providers perform their roles correctly? How should sponsors protect themselves in this regard?
Finney: A significant amount of the processing of plan transactions usually is performed by third-party service providers. Therefore, it is imperative that employers not only review but also document their review of the procedures used by these third-party service providers on a consistent basis. Essentially the controls at the service providers become part of the internal control structure of the plan.
One way for an employer to perform due diligence on the competence of a third-party provider is by obtaining and reviewing a Statement on Auditing Standards No. 70 (SAS 70) Type II report, which describes the controls and the detailed testing of the controls of the third-party service provider. SAS 70 reports are performed by independent certified public accountants and usually are prepared over a six-month period or annually. SAS 70 reports include useful tools in assessing the reliability of the third party’s controls over the processing and security of the plan as well as participant data and activity.
In addition, user controls recommended by the third-party providers and user manuals should be reviewed regularly, and ongoing assessments should be made of the operations and controls at the plan sponsor. These procedures must be in place to assure proper and complete transmission of data to third parties, proper and complete receipt of data from third parties and, when necessary, timely reconciliation of data.
Editor: Why is having a formal plan for the administrative committee to oversee and document how the plan is being operated a sound recommendation for any pension plan, no matter how small?
Finney: Plan oversight is very important. In an effort to provide documentation of the plan oversight process, a formal Plan Administrative Committee should be considered to monitor the plan’s operations. Without a formal governing body such as this, there may be a perception that the employer is not performing his or her fiduciary duty adequately under ERISA. Fiduciaries, such as this committee, depend on formal processes and good recordkeeping to demonstrate that they are meeting their fiduciary obligations under ERISA. The committee should meet, at the very least, annually and record in its minutes any decisions regarding amendments, modifications, review of third-party providers, or anything affecting the plan’s operations.
Editor: Do you recommend that an Investment Policy Statement be included in the drafting of the plan documents? If so, what elements should it contain?
Finney: ERISA requires, among other things, that plan sponsors establish a prudent process for selecting investment alternatives and service providers; ensuring fees paid to services providers and other plan expenses are reasonable; determining that investment alternatives are prudent and adequately diversified; and monitoring service providers and investment alternatives to assure that they continue to be appropriate over time.
Although not required, to assist employers in complying with this fiduciary responsibility, plan sponsors should consider implementing an Investment Policy Statement. This Investment Policy Statement usually includes, but is not limited to, outlining investment objectives, defining the roles of those responsible for the plan’s investments, describing the criteria and procedures for selecting investment options, describing the criteria and procedures for selecting investment managers, and describing ways to address investment options and investment managers that fail to satisfy established objectives.
Editor: Should compliance with the provisions of the Investment Policy Statement become a part of the minutes of the Plan’s Administrative Committee?
Finney: An Investment Policy Statement provides guidelines and support for crucial investment-related decisions made on behalf of the plan and should be reviewed at least annually. It can be amended to reflect changes in the markets, plan participant objectives or other factors relevant to the plan. Once again, this process should be recorded in the minutes to document the employer’s fulfilling its responsibilities and fiduciary obligations under ERISA.
Editor: In addition to engaging an audit firm knowledgeable about employee benefit plan audits, do you also recommend that outside counsel conversant in the employee benefits area be engaged to review the plan document and plan operations?
Finney: Due to the volume and complexity of the regulations promulgated by the IRS and the DOL regarding ERISA, in addition to engaging an audit firm knowledgeable about employee benefit plan audits, I recommend retaining outside counsel specializing in ERISA to independently review the plan document and plan’s operations. ERISA attorneys can assist plan sponsors in their review of the plan’s provisions, address any concerns regarding untimely remittances and provide additional guidance on the proper correction methods if a prohibited transaction has occurred as well as assist in designing a governance process.