The New World of 403(b) - Cammack LaRhette Consulting
Transcription
The New World of 403(b) - Cammack LaRhette Consulting
The New World of 403(b): Audits, Filing and Regulatory Compliance Confidential Information – © 2009 All Rights Reserved Meet the Speakers Confidential Information – © 2009 All Rights Reserved 1 Mike Webb,AIF®, CEBS Vice President, Retirement Plan Services Mike Webb joined Cammack LaRhette Consulting in 1991 and has provided retirement plan consulting services spanning several industries for over 15 years, including hospitals and health care systems, cultural institutions, foundations and manufacturing concerns. Mike’s background is in the area of operational compliance. He was primarily responsible for establishing retirement plan operating systems that comply with the latest federal regulations, through onsite support of human resources, information systems, and payroll departments of large employers. Mike was awarded the Accredited Investment Fiduciary® designation from the Center for Fiduciary Studies, a nationally recognized training organization for fiduciaries, in 2005. In addition, he is currently the co-moderator of Plan Sponsor’s “Ask the Expert” column for 403(b) plans. Mike is also currently the chair of the National Tax Sheltered Accounts Association’s (NTSAA) Educational Committee, and was honored for his contributions to the organization in 2004. He is also a frequent contributor to NTSAA/ASPPA joint designation program for 403(b) professionals, and has been a featured speaker at several NTSAA National Conferences and Webinars, including most recently a presentation in April 2008 on the 5500 requirements for 403(b) plans. Mike’s writing credits include an article in the May/June 2006 Journal of Retirement Planning (“Healthcare Savings Plan Service Provider Consolidation: A Case Study”) and an article in the September/October 2009 issue of The Profit Sharing/401(k) Council of America’s Defined Contribution Insights (“The time is Now to Gear Up for the New 5500 Requirements”). Mike has also served as an instructor for the CEBS program of the International Foundation of Employee Benefit Plans. Mike received a BS degree from Northwestern University, and a Master’s degree in Media Administration from Syracuse University. He is a Registered Representative with the Financial Industry Regulatory Authority (FINRA). Confidential Information – © 2009 All Rights Reserved 2 Ed Hilgendorf Director Plan Compliance & Reporting Plan Sponsor Services Ed Hilgendorf is the Director of TIAA-CREF’s Plan Reporting and Audit group. Ed joined TIAA-CREF in 1999 and formerly was the manager in the Internal Audit group. He created and led TIAA’s Sarbanes Oxley Controls group focused on the regulatory environment and SOX. Prior to joining TIAA-CREF, Ed worked as a Public Accountant. Ed is a Certified Public Accountant and received a BBA/MBA in Accounting and Computer Information Systems from Baruch College in New York. Confidential Information – © 2009 All Rights Reserved 3 Dave Delgado Benefit Plan Services Dave Delgado has 22 years of experience with Crowe Horwath LLP specializing in the areas of employee benefits and qualified retirement plans. His group specializes in benefit plan audits, employee stock ownership plan administration and 401(k) plan administration. Dave supervises over 200 audits of defined benefit pension plans, 401(k) plans, and other employee benefit programs. He consults with clients on a variety of plan qualification and administration issues, including designing and implementing 401(k) plans and other retirement programs. Dave is a member of the American Institute of Certified Public Accountants and is certified to practice accounting in fourteen States. David is also on the board of DePaul University’s Ledger and Quill alumni organization and is on the Finance and Audit committees for Edward Hospital in Naperville, Illinois. Dave received his B.S. in Accounting degree from DePaul University. Confidential Information – © 2009 All Rights Reserved 4 Top Ten Actions Colleges/Universities Should Take NOW in the Current 403(b) Landscape (From the Home Office in Cyberspace) Mike Webb, AIF™, CEBS, Cammack LaRhette Confidential Information – © 2009 All Rights Reserved 5 #1 Hire an Auditor! • For ERISA 403(b) plans, 5500 reporting conforms to 401(k) rules for 2009 plan year • More complex – may require accounting assistance, especially with multiple vendors • Outside audit beginning in 2009 for large (100+ participant) ERISA plans • If you are a large ERISA plan sponsor and you have not already hired an auditor, you should do so ASAP • Process will be lengthy for 2009; if you wait until the last minute, audit will not be completed Confidential Information – © 2009 All Rights Reserved 6 #2 Finish your Plan Document • ERISA Plans: amending your plan document to conform to final regulations • Non-ERISA Plans: drafting new document or amending existing document • January 1, 2010: deadline for plan document • However, 403(b) compliance deadline – January 1, 2009 – WAS NOT EXTENDED • Relief for 2009 is limited Confidential Information – © 2009 All Rights Reserved 7 #3 Examine vendor contracts • Ownership of the contract • Individual– employee owns and has rights • Individual contracts/custodial agreements • Group contracts with individual certificates • Group– employer has rights • Employer can move out all assets from noncompliant contracts; not an option with individual • At some vendors, individual contracts will be problematic, since contracts are not under employer control, and plan level data for coordination of loans, hardships, etc. will not be available • In addition, certain contracts will be exempt from 5500 reporting/audit requirements Confidential Information – © 2009 All Rights Reserved 8 #4 Revisit Non-ERISA status • No issue for Public universities or Denominational colleges university who sponsor church plans; Government/Church plans not subject to ERISA • Some private universities have historically attempted to take advantage of an ERISA “safe harbor” exemption that dates from 1979 • It appears that there is a sufficient conflict between the safe harbor and the final 403(b) regulations that it may be difficult/impossible to satisfy both sets of rules • Thus, private universities who wish to maintain non-ERISA status should seek the advice of benefits counsel with specific expertise in this area Confidential Information – © 2009 All Rights Reserved 9 #5 Consider Vendor Consolidation • Difficulty in complying with 5500/audit requirements for 2009 Plan year • Difficulty in complying with new regulations using multiple vendors: • Regulations require that the employer (or a third party) is to coordinate vendor compliance with specific provisions, such as loan limits and hardship distribution restrictions. • If any vendor utilizes individual annuity contracts/custodial agreements, such arrangements may not allow for the plan level reporting required to comply with the 403(b) regulations. Confidential Information – © 2009 All Rights Reserved 10 #5 Consider Vendor Consolidation • Leverage purchasing power of the institution so that employees can obtain a benefit that is more cost effective than they could obtain on their own. • The division of purchasing power among several vendors has a negative impact on pricing and plan features. • Vendor enrollment packages encompass an overwhelming amount of material (basic information such as fees, loan provisions, etc. are frequently lacking). Confidential Information – © 2009 All Rights Reserved 11 #5 Consider Vendor Consolidation • Too many investment options! • Consolidation can bring about administrative simplicity (outsourcing), improved investment options, better education & communication services, and significant cost savings for participants. Confidential Information – © 2009 All Rights Reserved 12 #6 Consider Plan Consolidation • Compliance burden/liability multiplied by number of plans you maintain, especially if ERISA • In multiple vendor situations often a separate plan was established for each vendor, or separate plans were established for elective deferrals and employer contributions • No current legal requirement to do so Confidential Information – © 2009 All Rights Reserved 13 #7 Reign in your investment choices • As with multiple vendors, a large number of investments can complicate audit process • Even in a single vendor plan, 100+ investment options can exist • A common misconception in ERISA plans is that fiduciaries are protected under 404(c) if they offer a “universe” of investment choices; 404(c) does not absolve a fiduciary of the duty to prudently select/monitor the array of investment from which a participant may choose, as well as the vendor who administers the array • University studies have demonstrated that a large number of investments discourage participation. Confidential Information – © 2009 All Rights Reserved 14 #8 Consider a Due Diligence process • For ERISA plans, focused review process helps to maximize investment results • Establishes a process that helps protect the plan, participants and the organization by minimizing liability (especially important in today’s environment of increased fiduciary scrutiny and a litigious society) • Confirms that the plan is deriving value from fees paid to investment providers • Helps ensure that the plan maintains compliance and competitiveness in the industry • Ensure that informed decisions are made and consistent with prudent investment practices/policy Confidential Information – © 2009 All Rights Reserved 15 #9 Conduct an RFP • Request for Proposal (RFP) process frequently used to consolidate defined contribution plan into a single ongoing program • Even if you are absolutely delighted with current provider(s), best practice is to conduct every 3-5 years • Current vendor search environment extremely favorable • Selected vendor should be able to consolidate data from inactive vendors necessary for compliance with final 403(b)/5500 regulations Confidential Information – © 2009 All Rights Reserved 16 #10 Don’t forget the Notice! • Final regulations require that participants be provided with meaningful notice of the right to make elective deferrals at least once per plan year • For 2009 plans with a calendar plan year should provide notice no later than December 31st, 2009 • Notice can be simple– no model notice/language as yet • Notice must generally be provided to ALL employees; old exclusions, such as those for visiting professors and collectively bargained employees, no longer exist. Confidential Information – © 2009 All Rights Reserved 17 WORKING TOGETHER TO PREPARE FOR THE NEW 403(B) PLAN REPORTING AND AUDIT REQUIREMENTS 403(b) Plans Subject to ERISA For institutional investor use only. Not for use with or distribution to the public HOW WE GOT HERE IRS final regulations (2007) First interpretive ruling in more than 40 years Narrows the differences between other employer-sponsored retirement plans and 403(b) plans DOL FAB (2007) Safe harbor plans Determination based on all relevant facts and circumstances Involve ERISA counsel DOL final regulations (2007) Revokes filing exemption Mandates electronic filing Acknowledgement of similarity to qualified plans For institutional investor use only. Not for use with or distribution to the public 19 HOW TO BE SUCCESSFUL Early involvement of the finance function Early selection of and discussions with plan auditor Preparation Availability of resources Status of plan’s records Documentation of internal processes Documentation of internal controls Identification of alternate vendors - Orphan contracts - Disability contracts For institutional investor use only. Not for use with or distribution to the public 20 INTERNAL CONTROLS Processes and procedures that prevent or detect errors Controls can be in place in many different parts of the process At your institution At your payroll provider At your plan recordkeeper Auditors are required to understand and evaluate internal controls The presence of effective internal controls may reduce the amount of testing that an auditor must perform For institutional investor use only. Not for use with or distribution to the public 21 SAS 70 OPINIONS Fair Presentation – Is the description accurate and does it include everything an auditor would expect it to? (Type I and Type II) Design – Are the controls designed appropriately to meet the control objectives as of a specified date? (Type I and Type II) Operating Effectiveness – Are the controls operating effectively over a specified period of time? (Type II only) Unqualified Opinion – Good Qualified Opinion – Bad For institutional investor use only. Not for use with or distribution to the public 22 New Reporting Requirements for Plans Subject to ERISA For institutional investor use only. Not for use with or distribution to the public 23 MAJOR NEW FILING REQUIREMENTS FOR 403(b) PLANS SUBJECT TO TITLE 1 OF ERISA Effective for the 2009 Plan year, 403(b) plans that are subject to Title 1 of ERISA will be subject to the same Form 5500, Annual Return/Report of Employee Benefit Plan, requirements as 401(k) type plans Completion of the entire Form 5500 – not just the current informational and benefit code items Generally, for plans with over 100 participants a financial statement audit will also be required For institutional investor use only. Not for use with or distribution to the public 24 WHAT ARE THE AUDIT REQUIREMENTS? Large plans will be required to have their financial statements audited by an independent auditor for plan years beginning on or after January 1, 2009. Must include a comparative Statement of Net Assets. Must attach a complete financial statement, including the auditors’ opinion and any applicable footnotes to the financial statements. Auditors will assess the reasonableness of the beginning balances. For institutional investor use only. Not for use with or distribution to the public 25 ARE THERE ADDITIONAL REQUIREMENTS? Summary Annual Report Electronic Filing For institutional investor use only. Not for use with or distribution to the public 26 WHEN IS THE FORM 5500 DUE? If your plan year ends: January 31 February 29 March 31 April 30 May 31 June 30 July 31 August 31 September 30 October 31 November 30 December 31 Your filing due date is: Your extended due date is: August 31 November 15 September 30 December 15 October 31 January 15 November 30 February 15 December 31 March 15 January 31 April 15 February 29 May 15 March 31 June 15 April 30 July 15 May 31 August 15 June 30 September 15 July 31 October 15 For institutional investor use only. Not for use with or distribution to the public 27 TIAA-CREF’s Plan Reporting and Audit Support For 403(b) Plans Subject to ERISA and First-Year Audit Requirements For institutional investor use only. Not for use with or distribution to the public 28 WHAT TIAA-CREF IS DOING TO ASSIST WITH PLAN REPORTING AND FIRST- YEAR AUDIT ISSUES Developed industry standard reports Issuing 2008 plan reports and certification of end-of-year asset values for 403(b) plans with more than 50 participants Providing standard auditor reporting package Publishing Plan Sponsor Reporting & Audit Guide Including 403(b) plan population in SAS 70 for 2008 and future years Enabling online auditor access For institutional investor use only. Not for use with or distribution to the public 29 AUDITOR ACCESS: AS EASY AS 1 – 2 - 3 For institutional investor use only. Not for use with or distribution to the public 30 WHAT TIAA-CREF IS DOING TO ASSIST WITH PLAN REPORTING AND FIRST-YEAR AUDIT ISSUES (cont’d) Outreach 403(b) Resource Center 403(b) Outlook article series Webinars Workshops ACCESS e-newsletter Mailings SPARK Industry association meetings For institutional investor use only. Not for use with or distribution to the public 31 A CENTRAL PLAN REPORTING RESOURCE For institutional investor use only. Not for use with or distribution to the public 32 PLAN REPORTING AND AUDIT SUPPORT Comprehensive reporting package consisting of 16 reports for the 2008 Plan Year End report package. New Plan Sponsor Reporting & Audit Guide Enhanced client experience on the web Industry-standard validations and controls Draft signature-ready Form 5500 for plan year ending 2009 For institutional investor use only. Not for use with or distribution to the public 33 For institutional investor use only. Not for use with or distribution to the public 34 FORMAT SELECTION PAGE For institutional investor use only. Not for use with or distribution to the public 35 DOWNLOAD POP-UP AND ZIP FILES For institutional investor use only. Not for use with or distribution to the public 36 CONFIRMATION PAGE For institutional investor use only. Not for use with or distribution to the public 37 TIAA-CREF’s Plan Sponsor Reporting & Audit Guide – 2008 Plan Year Reporting for Clients with 403(b) Plans For institutional investor use only. Not for use with or distribution to the public 38 PLAN SPONSOR REPORTING & AUDIT GUIDE SECTION ONE. INTRODUCTION CHAPTER 1: TIAA-CREF SECTION TWO. PLAN SPONSOR GUIDE CHAPTER 2: YEAR-END REQUIREMENTS CHAPTER 3: PLAN YEAR-END REPORT PACKAGE OVERVIEW CHAPTER 4: REPORT DESCRIPTION, SAMPLES AND USE SECTION THREE. AUDIT GUIDE CHAPTER 5: GENERAL AUDITOR GUIDANCE CHAPTER 6: STATEMENT ON AUDITING STANDARDS (SAS) 70 CHAPTER 7: LIMITED-SCOPE VS. FULL-SCOPE AUDIT CHAPTER 8: REPORTING INFORMATION RELATED TO TIAA-CREF INVESTMENTS SECTION FOUR. FREQUENTLY ASKED QUESTIONS SECTION FIVE. APPENDICES For institutional investor use only. Not for use with or distribution to the public 39 CERTIFICATION LETTER For institutional investor use only. Not for use with or distribution to the public 40 For institutional investor use only. Not for use with or distribution to the public 41 For institutional investor use only. Not for use with or distribution to the public 42 SUPPLEMENTAL FINANCIAL REPORTS Participant Detail Summary Transaction History by Fund Report Contribution Report Loan Activity Report for Participant Loans Loan Activity Report for Plan Loans Outstanding Loan Report for Participant Loans Outstanding Loan Report for Plan Loans Distribution Report Direct Fee Report Forfeiture Account Report Forfeiture Account Report – Legacy System For institutional investor use only. Not for use with or distribution to the public 43 For institutional investor use only. Not for use with or distribution to the public 44 For institutional investor use only. Not for use with or distribution to the public 45 For institutional investor use only. Not for use with or distribution to the public 46 For institutional investor use only. Not for use with or distribution to the public 47 For institutional investor use only. Not for use with or distribution to the public 48 For institutional investor use only. Not for use with or distribution to the public 49 SUPPLEMENTAL REPORTS TO SUPPORT FORM 5500 5500 Reportable – Schedule of Assets Held for Investments 5500 Reportable – Statement of Changes to Net Assets Supplemental Reports Included in the 2009 Reporting Package: Schedule A (Insurance Information) Schedule C (Service Provider Information) Schedule D (DFE/ Participating Plan Information) Schedule H (Financial Information) Schedule H, Line 4i (Schedule of Assets) Schedule I (Financial Information— Small Plan) Rate Basis for Retirement Annuities and Group Retirement Annuities For institutional investor use only. Not for use with or distribution to the public 50 For institutional investor use only. Not for use with or distribution to the public 51 For institutional investor use only. Not for use with or distribution to the public 52 ACTION ITEMS 9 Engage your organization’s Finance and Accounting team 9 Determine who “owns” the audit 9 Ensure the right people in your organization have access to the secure administrator website - Compliance and Reporting role to access plan financial reports 9 Establish internal policies, procedures and controls 9 Evaluate the timely remittance of employee contributions 9 Select an independent qualified auditor 9 Authorize your auditor to have access to the auditor reporting package for your plans 9 Email us your auditor contact info at [email protected] to have them receive an email invitation to our auditor webinars 9 Share the Plan Sponsor Reporting & Audit Guide with your auditor 9 Contact your Institutional Relationships Team or the Administrator Telephone Center with any questions For institutional investor use only. Not for use with or distribution to the public 53 HELPFUL WEBSITES Department of Labor (DOL) website: http://www.dol.gov/. For Small Pension Plan Audit Waiver type in “Small Pension Plan Audit Waiver” in the search field. The DOL provides Electronic Filing requirement on their website: http://www.efast.dol.gov The DOL provides guidance on selecting an independent qualified auditor on their website: http://www.dol.gov/ebsa/publications/selectinganauditor .html For institutional investor use only. Not for use with or distribution to the public 54 The 403(b) Plan Sponsor Resource Center of the AICPA’s Employee Benefit Plan Audit Quality Center also has helpful information on audit quality and auditor selection. http://ebpaqc.aicpa.org/Resources/Plan+Sponsor+Resource+ Center TIAA-CREF Individual & Institutional Services, LLC and Teachers Personal Investors Services, Inc., members FINRA, distribute securities products. Annuity contracts and certificates are issued by Teachers Insurance and Annuity Association (TIAA) and College Retirement Equities Fund (CREF), New York, NY. ©2009 Teachers Insurance and Annuity Association-College Retirement Equities Fund (TIAA-CREF) New York, NY 10017 C44922 For institutional investor use only. Not for use with or distribution to the public 55 Preparing for the Audit of Your 403(b) Plan Prepared and presented by: Dave Delgado, Partner (630) 586-5197 Crowe Horwath LLP 56 Presentation Highlights ¾Your responsibility to the plan ¾The audit team ¾Finding a qualified Independent Plan Auditor ¾Why does a quality plan audit matter? ¾Plan service Providers ¾Limited vs. Full-Scope Audits ¾Information needed for the audit 57 Your Responsibility to the Plan As a plan sponsor, you are responsible for the following: ◦ Plan design and documentation ◦ Timely and accurate administration and record keeping (including record retention) ◦ Trustee services ◦ Ensuring plan is in compliance with its tax exemption ◦ Employee communication and education ◦ Investment management (i.e., investment mix and offerings) 58 The Audit Team- Who is involved? Who is in charge? Designate one individual with the primary responsibility for the audit and a team that can respond to the auditors regarding: ◦ ◦ ◦ ◦ payroll, plan administration, plan governance and financial accounting (application of GAAP to benefit plan) . 59 Finding a Qualified Independent Plan Auditor Select an auditor who has prior experience with benefit plans and can perform a quality audit. The auditor should be a member of the AICPA Employee Benefit Plan Audit Quality Center (EBPAQC) For assistance with selecting a qualified audit to audit your plan, consult the following: ◦ The United States Department of Labor website “Selecting An Auditor For Your Employee Benefit Plan” (http://www.dol.gov/ebsa/publications/ selectinganauditor.html) 60 Finding a Qualified Independent Plan Auditor (continued) Below are a few questions and responses from the United States Department of Labor website “Selecting An Auditor For Your Employee Benefit Plan” that should help you determine if your auditor is qualified: y Is a plan auditor required to be licensed or certified? ◦ y Is a plan auditor required to be independent? ◦ y Auditors of employee benefit plans should not have any financial interests in the plan or the plan sponsor that would affect their ability to render an objective, unbiased opinion about the financial condition of the plan. Should a plan auditor have experience in auditing employee benefit plans? ◦ y Federal law requires that an auditor engaged for an employee benefit plan audit be licensed or certified as a public accountant by a State regulatory authority. One of the most common reasons for deficient accountants’ reports is the failure of the auditor to perform tests in areas unique to employee benefit plan audits. The more training and experience that an auditor has with employee benefit plan audits, the more familiar the auditor will be with benefit plan practices and operations, as well as the special auditing standards and rules that apply to such plans. Should I request references and check licenses? ◦ When engaging an auditor, you may wish to obtain references and discuss the auditor’s work for other employee benefit plan clients. If you have additional questions, you may also wish to verify with the appropriate State regulatory authority that the provider holds a valid, up-to-date license or certificate to perform auditing services. 61 Why Does a Quality Audit Matter? Per the EBPAQC, a quality audit is necessary for the following reasons: ◦ It helps ensure the financial integrity of the plan and protects plan assets. ◦ It helps the plan administrator carry out its legal responsibilities to file a complete and accurate annual return/report for the plan each year. 62 Plan Service Providers Determine who are the third party services providers that will provide the information needed to complete the audit of your plan. These third party service providers may include the following: ◦ ◦ ◦ ◦ ◦ Payroll provider (i.e., ADP, Ceridian, Paychex, etc.) Custodian/trustee (i.e., TIAA-CREF, Fidelity, Vanguard, etc.) Investment manager(s) Recordkeeper Legal counsel 63 Limited vs. Full-Scope Limited-Scope Audits Full-Scope Audits y A qualified trustee or custodian (i.e. bank or insurance company) certifies in writing that their plan level financial reports are complete and accurate y The auditor should obtain an understanding of internal controls regarding plan investments (i.e. fair value, investment income etc.) y The auditor can rely on the accuracy and completeness of the plan level investment information certified information (plan assets and investment income) without having to test it. y y The auditor does not need to obtain an understanding of the certifying institution’s internal controls regarding investments. y The scope limitation and the corresponding limitation of the auditor’s work extend only to investments and related investment information certified by the qualified trustee or custodian. The objectives of auditing procedures applied to investments and related transactions are to provide the auditor with a reasonable basis for concluding: ◦ whether all investments are recorded and exist and owned by the plan ◦ whether investments transactions are recorded and investments are valued in conformity with generally accepted accounting principles (GAAP) ◦ .whether investment transactions are initiated in accordance with the established investment policies. 64 Service Provider Audit Information Necessary plan information for the audit includes the following: ◦ Plan level reporting for the current year including summary of yearto-date plan activity, detail of significant categories of transactions (such as contributions, distributions, purchases and sales, loan payments, etc.), and detailed listing of investments as of the plan year end. ◦ Plan level reporting for the prior year including detailed listing of plan investments as of the end of the prior year. (Note: If the plan changed service providers, you will need to request this information from the prior provider.) ◦ Participant level reporting summarizing the activity for each participant account for the whole plan year. ◦ Will the service provider have a Type II SAS 70 for the plan year? ◦ Will the service provider certify the plan investment reports, allowing the auditor to perform a limited-scope audit? 65 How Do I Prepare for the Audit? Get your plan’s books and records in shape. ◦ General ledger and trial balance; ◦ Contribution schedules, including date remitted and deposited and record of proper authorization; ◦ Copies of wire transfers or other documentation showing date and amount of deposits; ◦ Copies of all paper documents (such as disbursement, investment allocation, contribution deferral percentage election, participation, etc.); and ◦ Copies of interim reports and statements. Establish and document internal controls over the plan’s financial reporting process. ◦ Authorization of plan transactions (such as investment offerings and policies, investment transactions, contribution formulas and allocation practices, benefit payments, administrative expenses, etc.); and ◦ Monitoring of service providers, including review of SAS 70, documentation of user controls, and understanding investment valuation methodology (FAS 157). Ensure that the plan is in compliance with the tax exemption requirements. 66 Questions to Expect from Your Auditor Below are a few questions to expect from your auditor as noted on the EBPAQC website: ◦ Have any plan amendments been adopted or become effective for the year under audit, or after the plan’s year end? ◦ Who will prepare a trial balance of all financial activity of the plan for the year? ◦ Who prepares the Form 5500s and plan financial statements? What are their qualifications and experience? ◦ Who reviews service-provider activity to determine whether services are compliant with agreements, contracts and/or other such agreements? ◦ Who internally reviews the SAS 70 report and who monitors user controls as detailed in the SAS 70 reports? ◦ Does plan management focus on creating a culture of honesty, openness and assistance with employees who participate in the plan? For a list of questions to expect from your auditor, consult the EBPAQC website. ◦ http://ebpaqc.aicpa.org/Resources/EBPAQC+Primers/403(b)+Questions+to+Expect+from+ Your+Plan+Auditor.htm 67 Audit Information Requests In order to complete the audit of your plan, your auditor will request documents, schedules, and information from plan management covering various aspects of your plan. Typically, the audit information request will be communicated in a planning letter or client assistance letter. The requests will fall into the following general categories: ◦ ◦ ◦ ◦ ◦ ◦ ◦ ◦ General plan information Plan internal controls Financial reporting information Cash and investments Contributions, rollovers, and forfeitures Benefits paid and expenses Documentation requested for selected participants Compliance testing documentation 68 General Plan Information Requests A few common audit requests for general plan information are as follows: ◦ Executed copies of the latest plan documents and trust agreements, plus any amendments ◦ Copy of the summary plan description (SPD) and, any summary of material modification (SMM) ◦ Sample of enrollment packages provided to employees ◦ Listing of members of the board of directors/trustees, audit committee and internal committee responsible for plan oversight/governance ◦ Listing of key accounting and management personnel associated with the plan, including contact information ◦ Copy of employee handbook or personnel manual ◦ Copies of minutes from board/committee meetings ◦ Copy of most recent IRS determination or opinion letter for the plan ◦ Copy of proof of fidelity bonding related to benefit plans ◦ Copy of ethics and employee conduct policy, if not included in personnel manual ◦ Copies of fraud hotline (i.e., whistle-blower) logs and dispositions 69 Plan Internal Control Requests A few common audit requests for plan internal control information are as follows: ◦ Copies of any procedural/process memos or flowcharts detailing the key controls of the plan (eligibility, contributions, distributions, payroll, etc.) ◦ Copies of job descriptions ◦ Copies of accounting manuals ◦ Copies of internal control documentation of payroll and human resources systems ◦ Copy of SAS 70 from third-party administrators and service providers, along with documentation of the plan’s responses to the “user controls” identified therein 70 Financial Reporting Information Requests A few common audit requests for financial reporting information are as follows: ◦ Year-end reporting packages from third-party administrator (most recent plan year activity, when available) and investment statements ◦ For limited scope audit, copy of qualified bank or insurance company certification of plan investments held in accordance with 29 C.F.R. § 2520.103-5. ◦ Draft copy of financial statements, including: Statement of Net Assets Available for Benefits at plan year end (with comparative statement as of prior plan year end) ◦ Statement of Changes in Net Assets Available for Benefits for the plan year 71 Financial Reporting Information Requests (cont.) ◦ Notes to financial statements, including description of the plan, summary of accounting policies, investment information disclosures, any related party transactions, any plan termination provisions, plan tax status ◦ Supplemental schedules as required by instructions to Form 5500 ◦ Copy of draft and final Form 5500 (when available) 72 Cash and Investment Requests A few common audit requests for cash and investment information are as follows: ◦ Copy of investment policy statements ◦ Statement of plan assets as of plan year end and plan activity for the year ended, including schedule of assets held and schedule of reportable transactions, as applicable ◦ Reconciliation of the aggregate of the participant accounts to assets per the trust statements, with explanations for any variances ◦ Statement of plan assets and plan activity for first quarter after end of the plan year ◦ Bank statements of all cash accounts held outside of the trust, if any ◦ Executed copies of the contracts/policies for any insurance contracts ◦ Access during audit fieldwork to participant balance reports as of plan year end 73 Contribution, Rollover and Forfeiture Requests A few common audit requests for contribution, rollover, and forfeiture information are as follows: ◦ Reconciliation of total participant contributions per the recordkeeper to total plan contributions per the trustee at the end of the plan year ◦ Payroll records for each location participating in the plan ◦ Detail listing of employee and employer contributions and loan repayments with pay period ending dates and dates when contributions/loan repayments were remitted to the trust ◦ Reconciliation of employee deferrals, employer match/discretionary and loan repayments per the trustee to payroll totals and amounts recorded by recordkeeper ◦ Contributions receivable detail (employee and employer) as of plan year end (if any) ◦ Employer matching and/or profit sharing contribution, if any, support (contribution authorization and wire transfer support) ◦ Detail of rollovers into the plan ◦ Detail of forfeiture accounts, if applicable 74 Benefits Paid and Expense Requests A few common audit requests for benefits paid and expense information are as follows: ◦ Listing of all distributions by type (e.g., hardship, termination, death, QDRO), made during the plan year (the listing should tie in total to total distributions per the trust statements) ◦ Distribution application forms for selected audit sample ◦ Detail of any benefits approved but unpaid as of plan year end, if any ◦ Report of disapproved benefit payment, if any ◦ List of and explanation of deemed distributions, if any ◦ Check register ◦ Documentation of the client and recordkeeper procedures for investigating long-outstanding benefit checks ◦ Detail of any administrative expenses paid by the plan or reimbursed by the sponsor (e.g., accounting fees, investment fees, legal fees, appraisal fees, trustee fees) 75 Documentation for Selected Participant Requests A few common audit requests for documentation for selected participants are as follows: ◦ ◦ ◦ ◦ ◦ ◦ ◦ ◦ ◦ ◦ ◦ ◦ ◦ ◦ Personnel file information, including: I-9 Form noting date of birth, date of hire Employment application Salary information sheet or hourly rate form 403(b) enrollment or opt-out form Copies of 1099-Rs Timecards Payroll registers Participant statements (either printed or online) for individuals selected for contribution, eligibility and distribution testing Investment election form or record Distribution request form Canceled checks for selected audit sample Loan request form, including promissory note and amortization schedule Rollover contribution request form, including copy of check or evidence of wire transfer 76 Compliance Testing Requests A few common audit requests for compliance testing information are as follows: ◦ Copy of the year-end compliance testing required by the Internal Revenue Code including documentation of any action required by the testing results ◦ IRC §415 annual additions limit IRC ◦ §414(s) compensation testing ◦ IRC §414 controlled group/ affiliated service group analysis ◦ IRC §401(a)(9) minimum required distribution calculations 77 Resources Below is a list of resources available to help you prepare for the audit of your plan: ◦ Employee Benefit Plan Audit Quality Center x http://ebpaqc.aicpa.org/ ◦ United States Department of Labor x http://www.dol.gov 78 Questions? Michael A. Webb, AIF®, CEBS Vice President, Retirement Plan Services Cammack LaRhette Consulting New York City, NY Phone: 646-839-8232 Email: [email protected] Ed Hilgendorf Director, Plan Reporting and Audit Group TIAA-CREF New York, NY Phone: 212-490-9000 ext 7632 Email: [email protected] David Delgado Benefit Plan Services Partner Crowe Horwath, LLP Oak Brook, IL Phone: 630-574-7878 Email: [email protected] Confidential Information – © 2009 All Rights Reserved 79