Don’t look now, but it’s audit time. Ugh! So much work, and why?

The short answer is that it’s required by the DOL per ERISA. ERISA mandates that employers sponsoring qualified plans like 401(k)s comply with specific requirements, including an annual Employee Benefit Plan (EBP) audit.

The main reason to have a 401(k) plan is to provide retirement benefits for participants and their beneficiaries. ERISA is tasked with protecting these benefits against any abuse or misuse of plan assets, ensuring they're there when participants retire. Enter the EBP audit.

Think of the audit as a safeguard. It’s there to protect plan participants and their retirement benefits. On the bright side, an audit can also help you and the plan sponsor improve plan administration and efficiency.

Not all 401(k) plans need an audit. EBP audits are necessary only for large plans, generally those with 100 or more participants with existing account balances at the start of the plan year, in this case, January 1, 2024. Previously, all eligible participants, whether they had an account balance or not, were counted to decide if a plan required an audit. But starting with plan years January 1, 2024, only participants with account balances are counted.

So, it’s time to determine which plans will be audited and gather participant and financial records to have them ready for auditors. You’ve been through audits before, so you know what’s expected. You think you’re prepared because you’ve kept careful records throughout the year, but there always seems to be something—perhaps inadvertent errors—that creeps into the plan’s administration to “rock the boat” and keep you awake at night crunching numbers in your head.

 Here are a few things to be aware of when preparing for annual EBP audits.

Common Mistakes

It's essential to know all the nuances of the plans you administer. Of course you do, you say, but do you really? Do your staff actually read and understand the documents of the plans they work on? It’s easy for inadvertent errors to creep in, but it’s often time consuming and expensive to fix.

Auditors report seeing the same types of mistakes plan after plan, year after year. Here are some of the more common operational mistakes auditors find:

• Failure to Follow The Plan’s Definition of Compensation: Compensation is one of the trickiest areas of plan administration and the problem most seen by auditors. The biggest offenders? Bonuses, overtime, fringe benefits, commissions, and manual or off-cycle payroll checks—are these to be included or excluded? Do payroll codes sync with the plan’s definition of compensation? Problems can easily occur when a new payroll system is installed without a thorough audit to ensure payroll codes are brought over correctly. Incorrectly administering compensation affects the amount of deferrals deducted from employees’ pay and can lead to incorrect nondiscrimination testing results as well.

• Late Contribution Remittances: These are also at the top of the auditor’s checklists. Contributions include pre-tax and Roth deferrals, voluntary after-tax contributions, company matching contributions, and participant loan repayments. One of the mistakes auditors find is that these contributions are not sent to the trustee in a timely manner. What is timely? As soon as administratively possible. Technically, it’s as soon as deferrals can be reasonably segregated from company assets, but no later than the 15th of the following month. However, practically, it’s the earliest deferrals have been segregated from company assets, based on the average from when the plan was first set up. That’s generally in the range of three to five days over the course of the plan year.

• Insufficient Documentation for Hardship Withdrawals: The IRS allows employees to withdraw deferrals before age 59 ½ under certain circumstances for an “immediate and heavy financial need”—if the plan document allows it—in the amount necessary to meet the financial need. Documentation includes a statement by the employee as to what the financial need is for, the amount, and that they don’t have other resources available to meet the need. Auditors often find, however, that there’s insufficient documentation on file for the hardship withdrawals that have been made from the plan.

• Failure To Maintain Plan Documents and Amendments: Insufficient plan documentation is another top compliance issue. What does that old adage say, “If it’s not in writing, it doesn’t exist!” ERISA must have had that in mind when it set its strict record-keeping documentation requirements. This not only applies to plan documents such as signed adoption agreements, but SPDs, amendments, annual reports, and plan committee meeting minutes as well. And don’t forget proper maintenance and retention of employee records.

Audit Package Summary

One of the first things the auditor will do is give you a list of what they expect you to provide as part of the overall audit package. To ensure you’re well prepared for an EBP audit, here’s a checklist of essential documents and related considerations:

• Plan Documents: Ensure that all plan documents, adoption agreements, amendments, SPDs, SARs, and service agreements are current and on file. Don't forget the minutes from plan oversight committee meetings.

• Internal Controls: Complete the internal controls checklist to show how you do what you do and that it's done timely.

• SOC-1 Report: Remind your plan sponsor that it's their responsibility to review these reports for the plan's service providers and document that they've reviewed them.

• Eligibility Testing: Verify the eligibility requirements for plan entry and ensure all employees are properly accounted for.

• Participant Testing: Check that participant deferrals match their compensation based on the plan document's definition of compensation.

• Contribution Testing: Ensure that deferrals withheld according to payroll reports match participant requests/changes and that matching contributions, if any, are properly calculated.

• Nondiscrimination Testing: Confirm that all non-discrimination tests were performed and that any failures were corrected.

The EBP audit is to confirm to you, your plan sponsor client, and the IRS and DOL that you and your client are administering the plan correctly. Yes, your client has the ultimate fiduciary responsibility to ensure the plan is run correctly, but you play a big part in the process since all information and data flows to and through you at some point in the process.

Overwhelmed? Stax.ai Can Help

Navigating the complexities of EBP audits can be daunting, but Stax.ai offers tools that simplify the process and enhance compliance:

• Automated Data Collection: Stax.ai automates the gathering of necessary data from various sources, ensuring accuracy and reducing manual effort. This streamlines preparation and minimizes the risk of errors.

• Real-Time Monitoring: The platform provides real-time monitoring of contribution remittances, alerting TPAs to any potential delays. This proactive approach helps maintain compliance with timely remittance requirements.

• Centralized Document Management: Stax.ai's centralized system organizes and stores all essential documentation, making it easily accessible for audits. This ensures that all required paperwork is complete and readily available.

• Plan Document Alignment: Once the plan document is analyzed, Stax.ai can set automated rules that reflect the plan’s specific provisions. Advanced validation tools ensure that compensation and other critical data align with the plan document's provisions, identifying discrepancies and ensuring compliance, reducing the risk of audit findings.

By leveraging these features, Stax.ai helps TPAs conduct thorough and efficient EBP audits, ensuring compliance and accuracy in 401(k) plan administration.

Final Thoughts

Stax.ai is dedicated to making the lives of TPAs easier and less stressful. Interested in a demo? Contact Stax.ai and let’s talk about how we can help you with your plan EBP audits this year.