Skip to content

Preparing for Your Plan Audit, Part 3: Investment Certifications

Mar 15, 2022

The presence of an investment certification can alter the entire audit plan. Be sure to obtain your certification and make sure it is valid before your audit begins.

The most important thing to consider while preparing for your employee benefit plan audit is determining the type of audit to elect. There are two types of audits in place for an employee benefit plan. Those two types were formerly referred to as "full scope" or "limited scope" audits. However, with the introduction of Statement on Auditing Standards 136 (“SAS 136”): Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA, the two types of audits are now renamed as ERISA Non-Section 103(a)(3)(C) audits and ERISA Section 103(a)(3)(C) audits, respectively.

The type of audit plan management can elect depends on if the investments are held at a qualified institution that can provide a proper certification stating that the investment information is complete and accurate. It is important to note that the plan administrator is responsible for determining whether the certification is proper. A plan administrator that receives a proper certification is eligible to elect an ERISA Section 103(a)(3)(C) audit. In this case, the plan administrator will instruct the auditor not to perform auditing procedures on the investment information that has been certified. Consequently, the major benefit of an ERISA 103(a)(3)(C) audit is that it reduces the time and resources that would otherwise be required to audit the investments of the plan.

It is critical that the certification is proper to elect an ERISA Section 103(a)(3)(C) audit. Some of the requirements to consider are:

  • Only a qualified institution can certify. A qualified institution is a bank, trust company, insurance company or similar institution that is regulated, supervised and subject to periodic examination by a state or federal agency.
  • The certification is signed by an individual authorized to represent the qualified institution.
  • The certification specifies the plan name.
  • The certification(s) covers the entire audit period.
  • The certification covers both the completeness and accuracy of the investments and related investment activity.
  • The certification includes all the plan’s investments.

Previously, if plan management elected a limited scope audit, the auditor would issue a disclaimer opinion. Now, with SAS 136, if plan management elects an ERISA Section 103 (a)(3)(C) audit, the auditor will issue an unmodified opinion on audit areas that are not certified (e.g., participant data, contributions, benefit payments), and the auditor can perform limited procedures on investments.

When investments are not held at a qualified institution or when a certification is not proper, an ERISA Non-Section 103(a)(3)(C) audit would be requested by the plan administrator. In addition, when a company allows its employees to invest their 401(k) deferrals into company stock, an ERISA Non-Section 103(a)(3)(C) audit would be required to accompany the 11-K filing, regardless of whether a proper certification is provided. 

Below is an example of an ERISA Section 103(a)(3)(C) audit scope certification that complies with the requirements of 29CFR 2520.103- 5c. Source: AICPA Employee Benefit Plan Audit Quality Center.



  • Prepared by a qualified institution (or authorized agent).
  • Specifies the plan name.

Re: XYZ Profit Sharing and 401(k) Plan and Trust

Enclosed are the certified trust statements for the above referenced plan(s) for the following periods:

  • Certified trust statement covering the annual period through 12/31/20xx; and
  • Certified trust statement beginning 1/1/20xx through 12/31/20xx.


ABC National Bank hereby certifies that the information furnished pursuant to 29CFR2520.103-5c is complete and accurate.

Please contact your plan manager if you have any questions.




Jane Doe

Jane Doe

Vice President, ABC National Bank
  • Attached to (or included with) the plan investment information being certified.
  • Covers the entire period under audit.
  • The institution certifies to both the completeness and accuracy of the investment information; no caveats or other qualifying language.
  • Signed by an authorized representative of the qualified institution.

If the plan changed custodians during the year, plan management will want to ensure certifications are obtained from both custodians and the period the certifications cover is proper. Watch out for changes in custodians near the plan year-end as this can be tricky. It’s even more important to review the dates and the amounts including in the certification. 

For example: A December 31 plan year-end may have a change in custodian on December 31.  However, the old custodian liquidated the assets on December 31, and the new custodian received the assets on January 3. The old custodian may certify $0 in investments at December 31, however, they are still holding the cash. Cash is not an investment and cannot be certified. In this case, an ERISA Non-Section 103(a)(3)(C) audit would be required.

As you can see, there are numerous considerations. Some are straightforward, while others can be a bit tricky. If you have any questions, please reach out to one of our employee benefit plan specialists in EisnerAmper’s Pension Services Group.

Access the rest of this blog series below:

Part 1: Census Reconciliation

Part 2:  Timeliness Schedule

Part 4: SOC 1 REPORT

Part 5:  Minutes and Amendments

What's on Your Mind?

a person in a suit

Denise Finney

Denise Finney is the Partner-in-Charge of the Pension Services Group dedicated to employee benefit plan audits. With 15 years of public accounting experience, she specializes in assisting clients with annual audit requirements regarding employee benefit plans.

Start a conversation with Denise

Receive the latest business insights, analysis, and perspectives from EisnerAmper professionals.