Reading through the 133-page exposure draft for the Proposed Statement on Auditing Standards (SAS) Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA, issued back in April 2017, and then comparing it to the final 100+ page standard approved in September 2018, may not sound like a fun way to spend a Sunday morning sipping a coffee (or three), but I disagree.
Lucky for you, I have captured the highlights here. And it really is exciting. Our feedback was incorporated into the final standard both through written comments on the exposure draft and a voice via our firm’s Director of Quality Assurance, who holds a seat on the Auditing Standards Board.
"Limited scope" audits will no longer exist
The debate over the “limited scope” audit has been going on for years. The new standard is designed to help auditors clearly understand their responsibilities in performing an audit, and provide plan sponsors, plan participants, the Department of Labor (DOL), and other interested parties with more information about what auditors do in situations when audits are limited in scope by the plan’s management, which is permitted by DOL reporting and disclosure rules.
Once effective, Audit Committee and Board of Director meetings in which plan financial statements are presented will include more clarity into what an employee benefit plan audit entails, based on revisions to the auditor’s report. I know I would frequently kick off meetings covering the auditor’s report opinion by explaining what a “limited scope” audit was. As a “limited scope” audit will no longer exist, the revised auditor’s report language clearly articulates what the auditor is, and is not, opining on.
When is the new standard effective?The effective date is “to be determined” as it will be aligned with the new overall auditor’s reporting standard once that is finalized, and the standard does not permit early adoption. So there is still time to educate and prepare all parties involved.
Probably the biggest conversation piece around the water cooler for the new standard is the lingo. The “limited scope” audit language will be going away and now the auditor’s report and all related language will refer to an “ERISA section 103(a)(3)(C)” audit. I know, it’s a mouthful―try and say that one three times fast!
The auditor's report will look much different
The auditor’s report under an ERISA section 103(a)(3)(C) audit will look significantly different from the old “limited scope” auditor’s report, once the standard is effective. There are several illustrative examples of reports included in the standard to refer to. One thing you will immediately notice―the auditor’s report is getting longer and not shorter. Some highlights:
|•||The Opinion section will include two bullets that explicitly state, in basic summarized terms: (1) the certified information agrees to the financial statements, and (2) the auditor’s opinion on everything else, which the auditor has audited.|
|•||Other Matter―Supplemental Schedules Required by ERISA section will include two bullets that explicitly state, in basic summarized terms, (1) the certified information agrees to the financial statements and (2) the auditor’s opinion on everything else, which the auditor has audited in relation to the financial statements. Sound similar to the Opinion section? Well, that’s because it is!).|
Other key takeaways
|•||Auditors will be required to make inquiries of management to gain assurance they performed procedures to determine the certifying institution is qualified for the ERISA section 103(a)(3)(C) audit, as it is management’s responsibility to make that determination.|
|•||Fair value disclosures included within the plan’s financial statements are also included under the certification umbrella and subject to the same audit procedures. As an auditor, if anything comes to our attention that does not meet expectations, we would further assess as necessary.|
|•||The auditor is required to obtain and read a draft Form 5500 prior to issuance of the auditor’s report.|
The final standard also removed some highly debated provisions included in the draft proposal as follows:
|•||There is no report on findings required, but the auditor is required to follow AU-C 250, AU-C 260 and AU-C 265. Should anything arise that warrants communication to those charged with governance, those findings must be communicated in writing. Be sure to grab another coffee and refresh yourself on AU-C 250, AU-C 260 and AU-C 265!|
|•||The new required procedures section for an audit was scrapped and replaced with an Appendix A for recommended audit procedures based on risk assessments. There are some great tools there to look at.|
|•||The required emphasis-of-matter section paragraph section of the auditor’s report was also scrapped.|
Questions about the new employee benefit audit standard or employee benefit plan audits
At BerryDunn, we perform over 200 employee benefit plan audits each year. If you have any questions, we would love to help. And we’ll keep the acronyms to a minimum. Please reach out with any questions.