In July 2019, the AICPA Auditing Standards Board (ASB) issued a standard, Statement on Auditing Standards, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA (SAS 136). The effective date for SAS 136 is for periods ending on or after December 15, 2021. The SAS includes new performance requirements for an audit of financial statements of employee benefit plans subject to ERISA and changes the form and content of the related auditor’s report. While most of the new requirements impact the auditor, there are some changes plan sponsors need to be aware of.

Auditor’s report

SAS 136 aims to enhance the transparency and usefulness of communications included in the auditor’s report, therefore, the form of the auditor’s report and certain language within the auditor’s report will change.  In addition, limited scope audits will now be referred to as ERISA section 103(a)(3)(c) audits.  Previously with limited scope audits, the auditor was prohibited from providing an unqualified opinion on the plan’s financial statements. The limited scope auditor’s opinion was called a Disclaimer of Opinion because sufficient work had not been performed to form an overall opinion on the financial statements. The ERISA Section 103(a)(3)(C) audit will allow auditors to issue an opinion, however, the opinion will not extend to the certified assets. The auditor will provide an opinion on whether the information not covered by the certification is presented fairly and whether the certified investment information in the financial statements agrees with or is derived from the information prepared and certified by the certifying entity.

Management’s responsibilities

SAS 136 provides clarity on management’s responsibilities during the audit. The SAS requires that the auditor obtain certain written management representations in addition to those required by AU-C section 580.  Management must acknowledge within the management representation letter the following management responsibilities.

  • A current plan instrument has been maintained, including all plan amendments.
  • The plan has been appropriately administered, the plan’s transactions that are presented and disclosed in the financial statements are in conformity with the plan’s provisions, and sufficient records have been maintained for plan participants to determine the benefits due.
  • A completed draft of Form 5500 has been provided to the auditor prior to the dating of the auditor’s report.
  • When electing an ERISA Section 103(a)(3)(C) audit, management has determined that an ERISA section 103(a) (3)(C) audit is permissible under the circumstances:
    1. Investment information is prepared and certified by a qualified institution as described in 29 CFR 2520.103-8;
    2. The certification meets the requirements in 29 CFR 2520.103-; and
    3. The certified investment information is appropriately measured, presented and disclosed in accordance with the applicable financial reporting framework.

Communication with management

SAS 136 describes certain communications that management and/or those charged with governance should expect. The auditor should communicate in writing to those charged with governance, on a timely basis, reportable findings from the audit procedures performed relating to the plan provisions including an explanation of the potential effects of the reportable findings on the financial statements or to the plan. In addition, the auditor should communicate with those charged with governance the auditor’s responsibility with respect to Form 5500, procedures performed relating to Form 5500, and the results of those procedures.

Maintaining and properly administering a benefit plan in compliance with ERISA regulations is a complex undertaking. We encourage plan sponsors with ERISA plans to discuss SAS 136 with your auditor to learn more about what is expected to change in your plan audit.