The AICPA Statement on Auditing Standards (SAS) No. 136, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA, as amended, primarily addresses certain performance and reporting requirements for audits of retirement plans subject to the Employee Retirement Income Security Act of 1974 (ERISA) and changes the form and content of the auditor’s report.
The Standard was originally effective for audits of employee benefit plan (EBP) financial statements subject to the ERISA for periods ending on or after December 15, 2020, but was delayed one year to December 15, 2021 due to the COVID-19 pandemic.
In 2015, the DOL’s Employee Benefits Security Administration (EBSA) published a study that examined the quality of audit work performed on employee benefit plans by independent qualified public accountants. The study found that 39% of employee benefit plan audits had one or more major deficiencies. There was a need to strengthen the quality of employee benefit plan audits and enhance auditor reporting. The AICPA’s response was SAS 136.
What is Changing?
The official 110-page SAS 136 includes a plethora of information and changes that affect all phases of the audit, including engagement acceptance to reporting. The following key provisions may have significant implications for plan sponsors.
Communication and Disclosure of Management’s Responsibilities in the Engagement Letter.
Management’s responsibility to maintain a current plan instrument, including all plan amendments, administering the plan, maintaining sufficient records for plan transactions and benefits, and their responsibility for the financial statements are now stated in the plan audit engagement letter. Management’s election of a Section 103(a)(3)(C) audit (previously a limited-scope audit) and their related responsibilities are also included.
The auditor’s responsibilities will continue to be disclosed in the auditor’s report and will include an emphasis on the definition of reasonable assurance, professional judgement and skepticism during the audit. The auditor’s opinion will make reference to the auditor’s independence and disclose the requirement to other ethical responsibilities.
ERISA Section 103(a)(3)(C) Audits and the Auditor’s Opinion
Under SAS 136, ERISA Section 103(a)(3)(C) audits (previously referred to as limited-scope audits) no longer have a scope limitation. Where an auditor would previously issue a disclaimer of opinion in the auditor’s report because of the scope limitation, the opinion will now provide a two-pronged opinion that will clearly state:
- an opinion on the fair presentation of information in the financial statements that is not covered by the certification and
- an opinion on whether the assets held by the qualified institution agrees to the information prepared by the qualified institution and that management has determined that the requirements under Section 103(a)(3)(C) have been met.
If a plan sponsor elects to have an ERISA Section 103(a)(3)(C) audit for their plan, the plan sponsor must provide the auditor with a written acknowledgement that this type of audit is permissible, and that the certification provided by the plan’s trustee/custodian satisfies the ERISA regulatory requirements. To meet these requirements, only qualified institutions can certify the plan’s investment information, they must certify as to the completeness and accuracy of the information, and the certification must be signed by an authorized individual of the qualified institution.
As plan sponsors begin to prepare for their upcoming retirement plan audits (for year-ends after December 15, 2021), it is important to understand their new responsibilities, evaluate current procedures, and implement any new procedures deemed necessary to comply with the new requirements when an ERISA Section 103(a)(3)(C) audit is applicable.