In July 2019, the AICPA Auditing Standards Board issued the Statement on Auditing Standard (SAS) 136, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA. This long-awaited standard will be effective for employee benefit plan audits ending on or after December 15, 2020, and will address specific performance and reporting requirements while also changing the form and content of the auditor’s report. The overall purpose of the standard is to enhance the quality of employee benefit plan audits through changes related to both auditor and management responsibilities.
The changes to the form and content of the auditor report are very significant. Under this new standard, the term “limited-scope audit” has been replaced with ERISA Section 103(a)(3)(c). As a result, the Opinion Section of the report will now be in two parts. The first part will address the amounts and disclosures not covered by the certification and will affirm that they are in accordance with the applicable financial reporting framework, while the second will state whether the investment information related to the certification agrees with the information provided by a qualified institution. In addition, the new performance requirements also call for an expanded description of the management’s and auditor’s responsibilities.
These performance requirement changes affect many parts of the audit, including engagement acceptance. SAS 136 states specific requirements for the auditor regarding engagement acceptance, which include management’s acknowledgement and understanding of their responsibilities. These responsibilities include maintaining all plan instruments/amendments and administering the plan in conformance with the plan documents. In addition, if they have elected ERISA Section 103(a)(3)(C), formally a limited-scope audit, then it is also management’s responsibility to determine that such an audit is permissible and that the information is certified under the requirements and by a qualified institution. The auditor will also have to audit and evaluate management’s process for this responsibility.
There are several other areas affected by this new standard, including risk assessment, evaluating misstatements/non-compliance and the communication of such matters to those charged with governance, and various tax and compliance responsibilities for both the auditor and the sponsor. Just remember that there will be several changes that impact the responsibilities of auditors and management. While the implementation of this standard is still a few years away, auditors and plan sponsors should discuss these details as they begin to wrap up their current audits.
You’ve heard our thoughts… We’d like to hear yours
The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at contactSD@schneiderdowns.com.
Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.