Title: PLAN MANAGEMENT RESPONSIBILITIES OVER FINANCIAL STATEMENT REPORTING Diane Wasser, CPA Amper Politziner
1PLAN MANAGEMENTRESPONSIBILITIES OVERFINANCIAL
STATEMENT REPORTINGDiane Wasser, CPAAmper
Politziner Mattia LLPRandy Watson, CPAYanari
Watson McGaughey PC
2OUTLINE
- PRUDENT GOVERNANCE
- USER CONTROLS and MONITORING SERVICE PROVIDERS
- INVESTMENT VALUATION
- SAS 115
- PREPARING FOR THE ANNUAL AUDIT
- COMMON ERRORS NOTED DURING AN AUDIT
- CENTER TOOLS
3PRUDENT GOVERNANCE
- Fiduciary standards no change, just more
magnified in the current environment - What to do
- Have a Plan Governance Committee
- Have Committee meetings regularly
- Keep written meeting minutes
- Consider an Extra meeting in light of economic
conditions - Have an Investment Policy Statement
- Address financial stability of service providers
- Seriously consider an ERISA attorney relationship
4PRUDENT GOVERNANCE
- Critical to have an effective process to identify
and manage risk - Governance culture!
5Maintaining Effective User Controls and
Monitoring Service Providers
6Plan Sponsor Responsibilities
- Plan sponsor is subject to certain
responsibilities - With fiduciary responsibilities come potential
liabilities - Fiduciaries that dont follow basic standards
- May be personally liable to restore any losses to
the Plan - May be liable to restore any profits made as a
result of improper use of Plan assets - Responsibilities include Plan administration
functions - Maintaining books and records
- Filing complete and accurate Form 5500
- Establish safeguards to ensure fiduciary
responsibilities are met - One way this can be accomplished is by
implementing internal controls over financial
reporting
7Value of internal controls
- Internal controls protect your plan in two ways
- By minimizing opportunities for unintentional
errors or intentional fraud that may harm the
plan. - - Preventive controls, which are designed to
discourage errors or fraud, help accomplish this
objective. - By discovering small errors before they become
big problems - Detective controls, are designed to identify an
error or fraud after it has occurred.
8How to establish cost-effective controls
- Controls should be based on a systematic and
risk-oriented approach, to ensure that there are
adequate controls in areas with high risk, and
that controls are not excessive in areas with low
risk. Before making the decision to adopt a
control, analyze the costs of establishing and
maintaining it, and consider - The potential benefits the control will provide
- The possible consequences of not implementing it
9How to establish cost-effective controls
- DETERMINE YOUR PLANS CONTROL OBJECTIVES-
- The first step in establishing controls over
financial reporting at your plan is to determine
the objectives of the controls, or what you want
them to achieve reliable financial statements
that are prepared in accordance with generally
accepted accounting principles. Controls should
be designed to address components of the plans
financial statements, such as plan investments,
contributions, benefits, participant data and
plan obligations, participant loans, and
administrative expenses.
10Monitoring Controls
- Monitoring your controls is critical!
- Monitoring should be designed to identify and
correct weaknesses in internal control before
they can result in a significant misstatement in
your plans financial statements. - You should periodically review the design and
operation of your plans controls, and make
changes where they are not providing the desired
results
11Monitoring Activities
- Your monitoring activities should address the
following issues - Are internal controls in place and operating?
Establishing policies and procedures will have no
effect if they are not implemented. - Is the system working as designed?
- Are exceptions and problems identified and
resolved promptly? - Are the controls periodically reviewed?
12Internal Controls
- It is important to keep in mind that your
auditor, under his or her professional standards,
cannot be a part of your plans internal control.
13Examples of Selected Controls for Employee
Benefit Plans
14Contributions - Sample Controls
- Amounts of contributions by employers and
participants meet authorized or required amounts - Contribution requirements or limitations are
described in the plan instrument or collective
bargaining agreement. - Contributions are determined using approved
eligibility lists. - Actuary is used to make periodic valuations and
reports.
15Contributions - Sample Controls
- Contributions are recorded at the appropriate
amount and in the appropriate period on a timely
basis - Sponsor or employer payroll records are compared
with contribution calculations. In the case of
multi-employer plans, some form of periodic
payroll audit is performed. - Initial controls are established over
contribution records for both employer and
participant contributions (e.g., salary reduction
amounts, after tax and rollovers). - Clerical accuracy of contribution forms is checked
16Participant Data - Sample Controls
- Participant data entries are properly recorded on
a timely basis - Participant forms (e.g., enrollment, transfers,
investment allocation, etc.) are controlled and
are maintained for future reference. - The number of plan participants is reconciled
using enrollment forms. - Participant data entries are updated and
reconciled to employers personnel and payroll
records (or participating employers in a
multi-employer plan).
17Participant Data - Sample Controls
- Participant eligibility is determined in
accordance with authorization - Eligibility is defined in the plan instrument.
- Access to participants data is controlled to
prevent unauthorized changes or additions - Employee participation refusals are retained for
future reference.
18Reporting - Sample Controls
- Records are maintained in sufficient detail to
provide for proper and timely reconciliation - For defined contribution plans, the total of all
participant account balances is reconciled to the
net assets in the trustees/asset custodians
reports on a periodic and timely basis. - Financial statements, actuarial information,
disclosures, and supplemental schedules as
prepared are complete, accurate, and in
conformity with managements authorization - Procedures are established to identify required
disclosure items, for example, party in interest
transactions and transactions in excess of 5
percent of plan assets. - Review of all financial reports and filings.
19The Importance of Monitoring Service Providers
- Hiring service providers does not relinquish Plan
Managements ultimate responsibility for Plan
operations - Plan Management must
- Oversee the providers and assess their
performance - Meet regularly
- Review reports provided
20What does a SAS 70 mean to me?
- It outlines what user controls are required.
- It is not only for the Auditor!
- It should be reviewed by Plan Management annually
as part of the third party service provider
monitoring effort.
21INVESTMENT VALUATION
22INVESTMENT VALUATION
- PLAN MANAGEMENT IS HELD RESPONSIBLE FOR
INVESTMENT VALUATIONS AND FINANCIAL STATEMENT
DISCLOSURES Even where there are outside
investment custodians, asset or fund managers, or
other service providers to assist in determining
the value of investments on a plans financial
statements and Form 5500, the DOL holds plan
management responsible for the proper reporting
of plan investments. This responsibility cannot
be outsourced or assigned to a party other than
plan management.
23INVESTMENT VALUATION
- While management may look to a valuation service
provider for the mechanics of the valuation,
management should have sufficient information to
evaluate and independently challenge the
valuation. Therefore, it is important that plan
management is familiar with the plan assets in
which a plan invests and the methods and
significant assumptions used to value them,
especially for investments in securities or other
assets for which readily determinable fair market
values do not exist. - Controls to employ
24INVESTMENT VALUATION CONTROLS
- Investment transactions are recorded at the
appropriate amounts and in the appropriate
periods on a timely basis - Detailed subsidiary records are reconciled to
trust reports on a regular basis - Control totals from participants records are
compared to control totals from trust reports on
a regular basis. Report of trustees/asset
custodians independent auditor is reviewed - Purchases and sales (as a result of
contributions, distributions, etc.)of mutual
funds are reviewed to determine that the net
asset value agrees to published quotations. - Purchases and sales are reviewed to determine
that - the appropriate fair value was utilized.
25INVESTMENT VALUATION CONTROLS
- Investment assets are protected from loss or
misappropriation - Responsibility for investment decisions and
transactions is segregated from custodians
functions. - Financial stability of financial institutions
holding investments is reviewed. - Written-off investments are reviewed for possible
appreciation - Access to computerized investment records is
limited to those with a logical need for such
access
26INVESTMENT VALUATION CONTROLS
- Investments (other than insurance contracts with
insurance companies) are measured at fair value - Quotation sources and appraisal reports are
compared with recorded values. - Valuation methods are documented in the trust
agreement or plan committee minutes. - Investment criteria and objectives are authorized
and executed in accordance with formal
authorizations - Investment criteria or objectives are documented
in the plan instrument or plan committee minutes
27INVESTMENT VALUATION CONTROLS
- Review monthly trust reports
- Have regular communications with your investment
manager - Compare quotation sources and appraisal reports
with recorded values. - Compare values of pooled separate accounts and
common collective trusts to net asset values
calculated by the issuer.
28INVESTMENT VALUATION CONTROLS
- Obtain the financial statements of pooled
separate accounts and common collective trusts
and compare unit information contained in the
financial statements for reasonableness to the
unit values reported to the plan. - Document valuation methods in the trust agreement
or plan committee minutes. - Have the plan committee approve the basis for
good faith estimates including independent
appraisals, if any, and document the basis used.
29INVESTMENT VALUATION
- Plan management should review investment reports
detailing investment balances to ensure that they
are accurate and complete and report appropriate
investment values based on current or fair value
as of the date of the report. - The type of services a trustee or custodian is
engaged to perform will dictate what information
is received. The typical custodial service
provided by custodians and trustees includes
providing values that are based on the best
information available to them at the time of the
report.
30INVESTMENT VALUATION
- In cases where the plan invests in assets without
readily determinable fair values, and where the
trustee or custodian may have been hired only to
provide custodial services, the values in the
trust report typically will be a pass-through of
the values provided by the fund company or
limited partnership for commingled funds, or by a
boutique vendor or broker for non-marketable
securities.
31INVESTMENT VALUATION
- In such cases, the reported values are based on
the best information available to the trustee and
custodian at the time of the report, which may or
may not be fair value. - To obtain proper fair values for alternative
investments one may need to contract for
valuation services in addition to the custodial
services provided or, if one has access to
relevant information about the investment, they
can perform their own valuation. In any case, it
is important that management understands how the
investment values are determined so they can make
judgment regarding the reliability of the
information in the reports.
32INVESTMENT VALUATION
- Plan investments must be valued as of the plans
year-end. - Start to inquire NOW, if not already, as to
whether custodians will provide the information
necessary to prepare the required financial
statement disclosures regarding the valuation
inputs (Levels I, II and III) used to determine
investments values.
33INVESTMENT VALUATION
- Investment certifications by banks or similar
institutions do not relieve plan management of
its responsibility for properly reporting fair
values. - It is important to note that hiring an auditor to
perform an audit--whether full scope or limited
scope--does not relieve management of its
responsibility for the completeness and accuracy
of the plans investment information reported in
the Form 5500 and the financial statements.
34INVESTMENT VALUATION
- An independent auditor may be a good resource to
consult about the adequacy of valuation
techniques and the related disclosures,
Department of Labor and AICPA auditor
independence rules restrict what non-audit
(non-attest) services auditors can and cannot
perform for a plan for which they perform the
annual financial statement audit (for example,
Department of Labor rules prohibit the auditor
from maintaining financial records for the plan).
35INVESTMENT VALUATION
- A plan auditor may provide advice, research
materials and recommendations to assist you in
making decisions about the accuracy of investment
valuations and the adequacy of the related
disclosures, and in establishing internal
controls surrounding your investment valuations
and can also help with the financial statement
preparation.
36SAS 115 Changes in Internal Control
Communications
37SAS 115 - Communications of internal control
related matters to plan management
- Effective for periods ending after December 15,
2009 - Conforms definitions of control deficiency,
significant deficiency, and material weakness to
those in PCAOB AS No. 2 - The term significant deficiency replaces the term
reportable condition - Requires written communication of significant
deficiencies and material weaknesses to
management and those charged with governance - Should be communicated even if they were
communicated in connection with previous audits
38SAS 115 - Communications of internal control
related matters to plan management
- In an audit of financial statements, an auditor
is not required to perform procedures to identify
deficiencies in internal control (par. 4) or to
express an opinion on the effectiveness of an
entitys internal control (Not like SOX 404) - However during the course of an audit, the
auditor may become aware of control deficiencies
while obtaining an understanding of internal
controls, and assessing risk
39Changes in Internal Control Communications
- Main Changes
- Revised definitions of material weakness and
significant deficiency - Revised the list of deficiencies in internal
control that are indicators of material
weaknesses - No longer includes a list of deficiencies that
ordinarily would be considered at least
significant deficiencies - Illustrative letter has been amended
40Preparing for the Annual Audit
41Selecting the Auditor
- Firm Information
- Size, location, and history of the CPA firm
- Whether the firm is a member of the AICPA
Employee Benefit Plan Audit Quality Center
(EBPAQC) - Number of employee benefit plan (EBP) clients
- Number of similar type plan audits, including the
size of each plan (by number of participants
and/or amount of total assets) - Number of EBP clients gained/lost in the past
several years
42Selecting the Auditor
- States in which the firm is licensed to practice
- Firm references-especially from similar type
plans-and specific contact information - The firms latest Peer Review Report, Letter of
Comments, and firms response (if any) (Also
available for AICPA EBPAQC members at
http//www.aicpa.org/ebpaqc) - Whether the firm is subject to current litigation
- Whether the firm is the subject of any DOL,
AICPA, or State Society Ethics findings or
referrals
43Selecting the Auditor
- Whether the firm meets the independence standards
of the AICPA and DOL - The firms working paper retention and access
policies and requirements - If filed with the SEC 11-K, whether firm is
registered with PCAOB - Whether the firm has insurance coverage (errors
omissions, workers compensation, etc.)
44What to expect from the audit process
- Disruption from your daily routine
- Kick-off meeting
- Planning fieldwork stage
- Final fieldwork stage
- Closing meeting
- Final Product
45What to expect from the auditor
- Inquiries
- Requests for documentation
- Experience
- Knowledge of plan terminology
- Clear line of communication
- Agreed upon schedule
- Helpful recommendations!
46What the auditor is expecting of you
- Time
- Documentation requested
- Coordinate communication with third party
providers - Financial statements
47Utilize your service provider to help the audit
process
- Share your PBC listing with the TPA
- Audit Package
- SAS 70
- Documentation of participant transactions
- Form 5500
- Testing results
48What should the TPA provide the auditors?
- As much information as possible up front
- Provide timely answers to testing discrepancies
- May depend on how much responsibility the TPA has
with the plan, i.e., Are they the trustee?
Custodian?
49The TPA should provide
- Organized audit package
- Detailed listing of participant balances
- 157 information
- Draft Form 5500 and all related schedules
- Compliance and discrimination testing
- Allocation of employer contributions
- Loan roll-forward report
- Distribution report
- Transaction information
- SAS 70 report, if available
50What can you do to keep the fees down?
- Be prepared
- Respond timely to auditor inquiries
- Allow time
- Prepare or assist in preparing work papers
- Do your own word processing
51COMMON ERRORS NOTED DURING A PLAN AUDIT
52COMMON ERRORS NOTED DURING A PLAN AUDIT
- Improper application of the definition of
compensation - Improper application of the plans eligibility
provisions - Improper use of forfeitures in accordance with
the terms of the plan - Lack of attention to and documentation of user
controls - Lack of inclusion of finance and accounting in
the process - Timeliness of deferrals
- Actuarial census errors/outdated information
53TOOLS!
54Tools Available to Assist
- Employee Benefit Plan Audit Quality Center
- Website www.aicpa.org/ebpaqc
- Includes multiple resource centers with
information and tools on EBP topics. Includes
checklists and resources for research on EB
topics. - Includes online member discussion forums
- Includes Topix Primer Series
- Includes Plan Advisories for communication and
research on plan responsibilities. - Includes tools for Plan Sponsors
- E-alerts Upcoming developments and events
(archived on website) - Live Forum Member Conference Calls
- AICPA Accounting and Auditing Technical Hotline
- 1-877-242-7212, aahotline_at_aicpa.org
http//www.aicpa.org/members/div/infohot/index.htm
- AICPA Ethics Hotline (888)777-7077,
ethics_at_aicpa.org
55????????????
The material contained in this presentation is
for general information and should not be acted
upon without prior professional consultation.