New Audit Responsibilities for Plan Sponsors

New Audit Responsibilities for Plan Sponsors

| March 18, 2022

No one wants to be caught flat-footed when the auditors come calling. And with a new standard issued by the American Institute of Certified Public Accountants (AICPA), both the auditors and plan sponsors will be subject to new responsibilities.

The AICPA’s Statement on Auditing Standards (SAS) No. 136, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA, raises the bar on benefit plan audits. Issued in 2019, the standard was originally scheduled to go into effect in 2020 but was delayed due to the pandemic. It is now effective for audits of ERISA plan financial statements for periods ending on or after December 15, 2021.

Audit Required Changes

SAS 136 impacts all ERISA plan audit phases and makes significant changes to the content of audit reports in an effort to promote greater transparency. But in addition to the impact on accounting professionals who conduct the audit, the new standard introduces new requirements for plan sponsors. For example, when receiving a “limited scope audit” — a term the new standard replaces with “ERISA Section 103(a)(3)(C) audit” — auditors will no longer issue a disclaimer of opinion and will instead provide an audit report. But before the auditor can accept the audit, the plan sponsor must indicate in writing that he or she permits the engagement and that it will meet ERISA requirements.

Plan sponsors are also now required to acknowledge responsibility for administering the plan in the audit engagement letter. What’s more, at the end of the audit, they need to acknowledge additional responsibilities such as maintaining a copy of the plan document, ensuring transactions conform to the plan’s provisions, and maintaining sufficient participant records to determine benefits due to them.

Further changes in the standard come from new provisions regarding completion of Form 5500. Before the audit engagement, plan sponsors will need to provide the auditor with a substantially completed copy of the form, as well as its schedules. The auditor will then compare the form against the financial statements to determine if there are any material discrepancies and indicate whether either the form or the statements require any corrections

What Impact Do These Changes Have?

Compliance with SAS 136 will result in a much more thorough audit, and a more revealing report on the organization’s compliance with ERISA requirements. With that in mind, plan sponsors should note the potential for additional exposure to legal risk. According to ERISA expert Timothy Verrall in a recent article, the audit report, which may disclose noncompliance issues, is attached to Form 5500 and then becomes publicly available.

“Anyone can look at it,” Verrall says in the article. “One way lawsuits get started is people doing searches on Form 5500 data filings. This could potentially provide a new source of ammunition to plaintiffs’ lawyers.”

“That said, from a pragmatic perspective most issues reported in annual auditor's reports are of a limited, and even individual, nature,” says Joel Shapiro, SVP ERISA of NFP “and they are often immediately remedied, thereby leaving little real ‘meat on the bone” for class action plaintiffs attorneys as the result."

With so much change being introduced, sponsors will want to ensure they’re adequately prepared to meet the new requirements and thoroughly understand their responsibilities. That way, when the auditors come knocking, you won’t be caught unaware. To see the full AICPA revision, download SAS 136 from the institute’s website (PDF).

How Stonebridge Can Help

It can be a bit overwhelming to administer a company retirement plan, given all the documentation nuances let alone the deadlines! At Stonebridge Financial Group, we work exclusively with retirement plans and can help you with everything from designing to running your plan. Delegating fiduciary responsibilities can be a great solution for plan sponsors who lack time and the knowledge of ever-changing requirements to manage a retirement plan -- it's is all we've done since our inception back in 2004! Our robust service offering starts with ERISA 3(21) and 3(38) services and is the tip of the iceberg. We are consultants that help you with every aspect of your plan:

  • Complete IRS and CPA audit support - we have ex-auditors on staff!
  • Participant 1:1 and group education
  • Fee benchmarking
  • Implementing cybersecurity best practices 
  • Ensuring participant retirement readiness
  • Consulting on financial wellness
  • Committee fiduciary training
  • Process creation and documentation
  • Plan design
  • Contribution match modeling
  • Annual plan compliance review
  • And so much more

We become your outsourced retirement plan officer who dives into the morass of retirement plan details and resolves issues so you don't have to!

Please click here to schedule a short call, give us a call at (855) 530-0500 x601 or email We look forward to helping your committee successfully fulfill their fiduciary duties with ease and excellence!