Coordinating the Benefit Plan Audit and
Form 5500 Preparation

It’s July, so many practitioners find themselves focused on Form 5500 preparation and working through issues raised during the accountant’s audit of the benefit plan for which you provides services. A discussion of fair value reporting that applies to both large and small plan filers continue to crop up each year. While many of the issues discussed below have been with us in years past, a new spin on these topics may help you and your clients have a better experience this year.

The AICPA’s Audit & Accounting Guide for Employee Benefit Plans is an indispensable tool that should be on your shelf if your firm provides services to large plan filers. It contains a wealth of information about audit objectives and procedures, includes sample opinion letters and financial statements and notes, and is updated annually with the latest guidance. It has become a very robust reference. You may purchase a single copy or sign up for an annual subscription service at http://www.cpa2biz.com. You do not have to be an AICPA member.

Learn the Lingo
Every industry develops its own system of acronyms and jargon to enable like-minded professionals to quickly move through a discussion. To an outsider, it’s a foreign language. Accountants use terms such as internal control to describe methods of assigning authority and responsibility for plan operation, while audit risk is driven, in part, by the effectiveness of those same controls. And the material nature of an item often dictates the amount of time that will be spent discussing and resolving that issue.

Suppose a plan sponsor tasks one individual with responsibility for all activities associated with the plan’s day-to-day operation, including drafting of the financial statements. The audit risk in this example may be higher because the opportunity for fraud is increased. When specific duties associated with the plan’s operation are allocated among several individuals, the audit risk may be reduced because the likelihood of these individuals joining forces to misuse plan funds is lower. Ideally, assignment of duties to multiple individuals or entities creates inherent checks and balances that minimize risk.

Internal controls. Beginning with audits for 2007 plan years, many employers are for the first time completing internal control questionnaires to document their day-to-day handling of plan activities. This narrative includes discussions about the type of business the plan sponsor conducts and the current condition of its industry, as well as internal controls related to investments, contributions, distributions, payroll, and participant accounts. These can be lengthy documents; however, after the preparation of the documentation this year, the plan sponsor should be able to merely update this document in subsequent years.

New Statements of Accounting Standards (SAS). Auditors are implementing SAS 104 through 111 this year. The objective of these standards is to enhance the auditor’s application of the audit risk model by requiring them to have a deeper understanding of the entity, its environment and the risks of material misstatement and how the entity is mitigating these risks. This should enable the auditor to achieve a more thorough assessment of the risks associated with an engagement and then to improve the link between the estimated risks and the audit procedures to be performed on that engagement.

There is no magic formula for assessing audit risk. The auditor seeks to gather enough information to understand the risks of the entity and its environment (including internal control), evaluate the data, and then design an audit program that responds to the situation at hand.

Financial statements. It should be noted that the first paragraph of the auditor’s opinion letter always notes that....”These financial statements (and schedules) are the responsibility of the Plan’s management.” The purpose of the audit is not to create the financial statements and notes; rather, the audit process earns the plan the opinion letter that becomes part of what we reference generically as the “audit report.” To improve efficiencies, audit firms often provide report templates to aid the plan administrator in drafting the report before field work begins.

In order to maintain independence, the accountants who audit the plan should not be preparing the plan’s financial statements. Considering that many plan sponsors are hard pressed to add the burden of financial statement preparation to an already overworked in-house employee’s duties, pension practitioners members may fill a need by adding financial statement preparation to their menu of services. It can result in significant efficiencies for the plan sponsor, the service providers, and the auditor.

Even if a third-party develops the financial statements, the plan administrator must demonstrate that they are sufficiently knowledgeable about the financial statements but that time or resources prevented them from generating the statements themselves. The auditor would be required to issue a letter under SAS 112 if they believed the plan administrator was deficient in this regard.

SAS No. 70 (“SAS70")
Internal controls of a benefit plan include not only the controls in place at the plan sponsor, but also the controls at organizations that provide significant services to the plan, including recordkeeping and transaction processing. While the benefit plan auditor will evaluate the existence and effectiveness of internal controls at the plan sponsor as part of its field work, a Type 2 SAS70 allows service organizations to effectively disclose their control activities and processes to their customers and their customers’ auditors.

An example may help. ABC Pension Company (“ABC”) offers in-house daily valuation and administration. ABC uses SunGard daily valuation software and Schwab’s investment platform. Each of these entities - ABC, SunGard, and Schwab - typically engage auditors each year to produce a Type 2 SAS70 report that focuses on that entity’s operation. This report will be useful to the auditor in understanding each service organization’s controls in order to make an assessment of the risks of material misstatement and, ultimately, to determine the extent of further audit procedures. Without the SAS70, the benefit plan auditor would need to spend time with each of the entities providing services to the plan (in this case, ABC, SunGard and Schwab) to understand and evaluate their environment and internal controls.

Depending on the service menu your firm offers, there may be no SAS70. Pension firms that partner with insurance companies to provide services generally will not have a SAS70 if the pension firm’s duties relate primarily to nondiscrimination testing and reporting and disclosure matters. However, the insurance company that is providing recordkeeping, custody, transaction processing and other services to the plan will include a SAS70 report as part of its audit package.

Another point about SAS70 reports: these reports are not just casual reading for auditors. A thorough review of the report will show plan administrators situations in which the service organization is relying on the plan administrator (or another service provider) to have its own controls in place with respect to an activity. For example, the service organization processes distributions for terminated participants relying on the receipt of the plan administrator’s approval to do so. In this case, the plan administrator must have adequate controls in place so that only those participant or beneficiaries who have satisfied the terms of the plan are allowed to be paid out.

Limited-Scope Audits and Certifications
The plan administrator may engage an accountant to perform a full-scope audit of the financial statements in accordance with Generally Accepted Accounting Standards (GAAS). However, ERISA section 103(a)(3)(c) allows the plan administrator to instruct the auditor not to perform any auditing procedures with respect to investment information prepared and certified by a bank or similar institution or by an insurance carrier that is regulated, supervised, and subject to periodic examination by a state or federal agency who acts as the plan’s trustee or is custodian of all or a portion of the plan’s assets. The trustee or custodian must certify both the accuracy and completeness of the information if the limited-scope exemption is to be invoked.

This limited-scope exemption does not apply to information about investments held by a broker or dealer or an investment company. The exemption applies only to the investment information certified by the qualified trustee or custodian, and not to participant data, contributions, benefit payments or other information whether or not it is certified by the trustee or custodian.

The trustee or custodian may or may not be certifying the fair value of the assets under their control; rather, the certification may merely relate to the best available information in the records of the trustee or custodian. In this case, the limited-scope exemption may have narrow application if the fair value of certain investments must be independently ascertained and, therefore, full-scope procedures applied.

The limited-scope election is not available to plans that must file Form 11-K with the SEC.
Form 11-K is a special annual report required under Section 15(d) of the Securities Exchange Act of 1934 and applies to employee stock purchase plans, savings plans, and similar defined contribution plans that have plan assets invested in employer securities registered under the Securities Act of 1933.

Fair Value
With the implementation of SOP 94-4-1 during the 2006 audit season, Form 5500 preparers were faced with the knowledge that contract value, rather than fair value, had been routinely - and often mistakenly - reported on Form 5500 for defined contributions plans of both large and small plan filers. Informal discussions with DOL reveal the agency’s awareness of the discrepancy, although there appears to be little interest in pursuing this transgression. However, the DOL did speak to this issue in its May 8 webcast, expressing the notion that defined contribution plan filers should work to achieve fair value reporting, as required. [You can listen to a recording of this webcast at http://www.dol.gov/ebsa/newsroom/webcasts.html.]

A look at the official instructions to Form 5500 shows that terminology used to identify asset valuation requirements are inconsistent amongst the various schedules: Schedule A uses both Current Value and Contract Value; Schedule D asks for Dollar Value; and Schedules H and I use the terms Current Value, Fair Market Value, Fair Value, and Transaction Date Value (for 5% reportable transactions); and, also, Contract Value. The only definition of value in the official instructions to Schedules H and I is as follows: “... Current value means fair market value where available. Otherwise, it means fair value as determined in good faith under the terms of the plan by a trustee or a named fiduciary, assuming an orderly liquidation at the time of determination. See ERISA section 3(26).”

There is no specific definition for Dollar Value (Schedule D), nor are there examples of when the separate terms are not synonymous (and how so). Furthermore, there is disagreement among professionals as to the intended coordination of SOP 94-4-1 valuation criteria with values required to be disclosed on Form 5500 series reports.

DOL agrees that contract value may only be reported at line 6 of Schedule A, and otherwise on Schedules D, H, and I when the insurance contract is fully benefit-responsive. Other fully benefit-responsive stable value or synthetic contracts in defined contribution plans must be reported on Form 5500 at fair value. SOP 94-4-1 calls for defined contribution plan financial statements to be adjusted to contract value when the contract is fully benefit-responsive; therefore, any mismatch with the reporting requirements of Form 5500 must be reconciled in a Note to the financial statements.

Alternative Investments. An alternative investment is one for which no market price (i.e., fair value) is readily ascertainable. Think about it this way: can you go to the newspaper and find the closing market price at the end of the last business day? So, yes, pooled separate accounts and common/collective trust investment vehicles fall into the “alternative investment” category. As do hedge funds, private equity funds, real estate investments, and other vehicles that are not registered with the SEC.

So how is fair value determined? The auditor will work with the plan administrator to get values for the underlying investments. In some instances this may be a relatively simple task; for example, a pooled separate account that holds a mutual fund. The DOL has raised the focus on these alternative investments so it is likely that auditors will ask more questions about such investments when they encounter them in a plan’s portfolio.

Which Comes First?
If your firm is involved in the preparation of the plan’s financial statements and notes, preparing a draft of the Form 5500 for the auditor’s review poses no problem especially if there is little expectation of adjustments to the statements during the audit process. It is inefficient, however, to draft Form 5500 without a draft of the financial statements in hand.

The auditor’s responsibility for information reported in the Form 5500 does not extend beyond the financial information contained in the audit report, and the auditor is not required to verify any other data shown in the Form 5500. On the other hand, most auditors will want to see the entire Form 5500 filing to assure themselves of consistency between their understanding of the plan and that being reflected on the filing.

In Closing
It is important to recognize that each firm performing benefit plan audits will have its own approach to these engagements, in much the same way that pension firms offer a variety of service models. It is a rapidly evolving area, with the DOL actively auditing the auditors and keeping them on their toes.