Did you know that if an auditor detects discrepancies or deficiencies while performing an employee benefit plan audit, the auditor will communicate these to the plan sponsor in a management letter included with the audit? Management letters detail internal control-related problems or the failure of plan sponsors to fulfill their fiduciary duties. It’s important to address any items listed in the management letter promptly. Otherwise, errors could magnify and become more problematic and costly in the long run.
The Employee Retirement Income Security Act (ERISA) defines a fiduciary as a person who performs one of the following duties:
According to the ERISA Prudent Person/Exclusive Benefit Rule, fiduciaries are required to “discharge their duties solely in the interest of plan participants and beneficiaries and for the exclusive purpose of providing benefits for them while defraying reasonable plan administrative expenses.”
More specifically, fiduciaries must perform their duties with the “care, skill, prudence and diligence of a prudent person under the circumstances.” Duties must also be performed “in accordance with the plan documents and instruments” and fiduciaries must diversify plan investments “so as to minimize risk of loss under the circumstances.”
While ERISA doesn’t specify a degree of concentration that would violate the diversification requirement, it does state that fiduciaries should consider a few specific factors when making investment decisions:
Among the most common fiduciary duties of employee benefit plan sponsors are to review and reconcile plan statements, conduct investment team meetings, remit employee deposits on a timely basis, review plan investment options and performance, send required annual disclosure to plan participants, and follow the plan documents.
Some plan sponsors hire third-party administrators (TPAs) to perform some of these duties, such as sending out annual disclosures. However, it remains the sponsor’s fiduciary duty to ensure that disclosures are sent on time.
Fiduciaries should meet regularly and document the items discussed and actions taken. These responsibilities may fall to an individual, a plan investment committee or the plan sponsor’s audit committee.
Auditors are required to communicate to plan sponsors certain internal control deficiencies that are identified during an audit. These exist when the design or operation of a control does not allow management or employees to prevent, or detect and correct, misstatements on a timely basis. Internal control deficiencies can be categorized as one of the following:
Material weakness – This is a deficiency, or combination of deficiencies, in internal control in which there is a reasonable possibility that a material misstatement of the entity’s financial statements will not be prevented, or detected and corrected, on a timely basis.
Significant deficiency – This is a deficiency or a combination of deficiencies, that is less severe than a material weakness but important enough to merit attention by those charged with plan governance.
Deficiency in design or operation – Internal control deficiencies can be deficiencies in design or operation. A deficiency in design exists when a control necessary to meet the control objectives is missing or an existing control is not properly designed so that, even if the control operates as designed, the control objective would not be met. Meanwhile, a deficiency in operation exists when a properly designed control does not operate as designed or the person performing the control does not possess the necessary authority or competence to perform the control effectively.
Carefully reviewing the management letter can yield additional benefits beyond addressing fiduciary- and internal control-related matters. Management letters often contain guidance and suggestions for improving plan policies and procedures and boosting efficiency.
For example, by reconciling employee deposits on a monthly or quarterly basis, you might be able to identify and correct errors before they’re spotted by the auditor. This can streamline the audit and potentially reduce audit costs.
Whether you’ve received a benefit plan audit management letter or not, ensuring the integrity of the plan is your fiduciary duty. But fulfilling all the aspects of this responsibility can be challenging. Reach out to our Benefit Plan Audit experts today to learn more about how to keep your benefits plan financially healthy and strong.
