Enhancing Employee Benefit Plan Audit Quality

Andrea Wright, CPA Partner, Johnson Lambert LLP
Trends in Accounting, Auditing, and Consulting

Employee benefit plans are the cornerstone of companies’ compensation strategies, offering employees valuable retirement, health, and welfare benefits. With the increasing complexity of regulatory requirements and a growing emphasis on transparency and accountability, ensuring the quality of employee benefit plan audits has become a top priority.

According to its November 2023 Audit Quality Study, the United States Department of Labor’s (DOL’s) Employee Benefits Security Administration found that almost 30% of employee benefit plan audits had major deficiencies. Although an improvement from its previous 2015 study, which found 39% of audits with major deficiencies, there remains room for enhancements.

CHALLENGES IN ENSURING AUDIT QUALITY

Employee benefit plan audits serve multiple critical purposes. First, they provide reasonable assurance to plan participants, sponsors, and regulatory bodies that the financial statements fairly represent the financial position and operations of the plan. This assurance is essential for maintaining trust and confidence in the plan’s management and administration. Secondly, they play a vital role in regulatory compliance. Employee benefit plans are subject to numerous federal and state regulations, including the Employee Retirement Income Security Act of 1974 (ERISA). Compliance with these regulations isn’t only a legal requirement but also essential for protecting the rights and interests of plan participants.

Of course, despite the importance of these audits, ensuring their quality poses several challenges. One significant challenge is the complexity of regulatory requirements governing these audits. ERISA, for example, imposes specific reporting and disclosure requirements on plan sponsors and administrators, requiring auditors to possess a deep understanding of these regulations.

Moreover, employee benefit plans come in various forms, each with its own unique accounting and reporting requirements. This may include defined contribution plans (e.g., 401(k) plans), defined benefit plans (also called pension plans), and health and welfare plans. Auditors must tailor their procedures and approaches to address the specific risks and characteristics of each type of plan, which adds to the complexity of the audit process. Understanding the type of plan under audit and the unique risks related to the plan are critical first steps in planning and performing a high-quality audit.

Another challenge is the reliance on third-party service providers, such as plan administrators and custodians, for the provision of essential data and information. Coordinating with these service providers and ensuring the accuracy and completeness of the information obtained can be challenging, particularly in cases where multiple service providers are involved. Notably, overreliance on third-party service providers remained a deficiency theme of the DOL’s November 2023 study. It’s also been a significant area of concern since the initial 2005 study and remains an area for continued training and education.

Lastly, resource constraints and time pressures can compromise audit quality. As auditors strive to meet tight deadlines and budgets, there may be a temptation to cut corners or rely too heavily on automated tools and procedures, potentially overlooking significant risks or control deficiencies.

BEST PRACTICES AND STRATEGIES FOR ENHANCING AUDIT QUALITY

In spite of these challenges, there are several best practices and strategies that auditors and plan sponsors can adopt to enhance the quality of employee benefit plan audits:

1. Invest in Training and Education: Auditors should stay abreast of the latest regulatory developments and accounting standards impacting employee benefit plans. This includes attending relevant seminars, obtaining specialized certifications, and participating in industry forums and discussions. Auditors performing employee benefit plan audits could also consider joining the AICPA Employee Benefit Plan Audit Quality Center.
2. Develop Comprehensive Audit Programs: These programs should include detailed procedures for assessing the valuation of plan assets, testing the completeness and accuracy of participant data, and evaluating the effectiveness of internal controls.
3. Collaborate Effectively With Plan Management: This practice is essential for a successful audit. Auditors should engage with plan management early in the process to gain a thorough understanding of the plan’s operations, objectives, and risks. Regular communication throughout the audit ensures that any issues or concerns are promptly addressed.
4. Exercise Professional Skepticism: When necessary, auditors should question assumptions and challenge management representations. This includes conducting thorough substantive testing and obtaining corroborating evidence from third parties to validate the accuracy and completeness of financial information.
5. Conduct Internal Quality Reviews: These reviews should evaluate compliance with professional standards and firm policies. Notably, they can provide valuable feedback to auditors by identifying areas for improvement, ultimately enhancing the overall quality of audit engagements.

High-quality audits are essential for maintaining the integrity and trustworthiness of employee benefit plans. When you invest in training and education, develop comprehensive practice aids and tools, and foster collaboration between auditors and plan management, you have a better chance of enhancing the effectiveness and quality of employee benefit plan audits. Ultimately, as protectors of the public interest, it’s our duty to weed out audit deficiencies moving forward.

Related Content:

• Best Practices for Performing a Quality Audit: Here's how to ensure your audit engagements are efficient (e.g., on budget) and effective (e.g., have no deficiencies).
• What Happens When Audit Meets AI? New research on artificial intelligence in audit examines the impact when human auditors trust—or don’t trust—the machines.