In the context of claims processing for self-insured plans, Third Party Administrators (TPAs) play a critical role in designing internal controls to ensure accuracy and timeliness. However, relying solely on the TPA’s internal control structure may not be sufficient for a plan sponsor. This is where User Entity Controls (UECs) come into play, providing essential oversight to ensure the proper functioning of the system. The specific UECs required by the plan sponsor vary based on the intricacies of the TPA’s claims processes and procedures.
While there isn’t a one-size-fits-all list of UECs, plan sponsors can refer to common controls that are generally expected. It is advisable for a plan sponsor to regularly review its TPA’s SOC 2 Report, obtained annually, to gain insights into the necessary UECs.
Expected Controls To Have in Place
Outlined below are examples of generally expected controls that a user organization should have in place:
- Authorization and review controls for new plan details or changes to existing plans, ensuring accurate and timely submission to the TPA.
- Controls for reviewing the benefit administration source document for completeness and accuracy, with a mechanism to investigate and resolve exceptions in collaboration with the TPA.
- Controls for correcting and resubmitting erroneous plan or enrollment data in a timely manner.
- Evaluation controls for determining the completeness and accuracy of enrollment information and claims pricing services provided by the TPA.
- Authorization and review controls for enrollment changes, ensuring complete, timely, and accurate submission to the TPA.
- Controls for sharing member accumulators with the TPA in a complete, timely, and accurate manner.
- Monitoring and review controls for claims detail, fund requests, receipts, and funds summary reports, addressing completeness, accuracy, and duplicate payments, with a process for investigating and resolving exceptions with the TPA.
- Authorization and response controls for exception reporting, ensuring timely, accurate, and complete responses to the TPA.
- Controls to ensure TPA contracts are fully executed, facilitating timely incorporation of changes in terms and conditions.
In instances where the plan sponsor’s TPA lacks a SOC 2 or similar report, it is imperative to engage in a collaborative dialogue to comprehend the control environment and the specific UECs necessary for ensuring claims are processed in a complete, accurate, and timely manner. A well-designed and operational set of UECs is crucial, as even with effective internal controls, the plan sponsor may face TPA failures if UECs are not properly established.
Strengthen Your Claims Processing Oversight
In conclusion, the implementation and consistent oversight of User Entity Controls significantly contribute to the reliability and efficiency of claims processing, safeguarding against potential pitfalls and ensuring seamless collaboration between plan sponsors and TPAs. Elevate your claims processing oversight by initiating a thorough review of your UECs, engaging in open communication with your TPA, and ensuring alignment with industry best practices. Strengthen your commitment to accuracy and timeliness in claims processing today.
Authors: Tina Getshall | [email protected] and Matthew Dubnansky, CPA, Partner |[email protected]
Contact Us
For more information on this topic, please contact a member of Withum’s Self-Insured Health Plan Advisory Services Team.
