Audit and Assurance » Employee Benefit Plan Audit Services » Employee Benefit Plan Audit Resources for Plan Sponsors 

401(k) Compliance Checklist for Plan Sponsors

401(k) Compliance Checklist for Plan Sponsors

By David Torrillo
SHARE THIS

This checklist helps plan sponsors identify common 401(k) compliance and audit-readiness issues before audit season, Form 5500 filing deadlines, or regulatory scrutiny create pressure.

TABLE OF CONTENTS
    Add a header to begin generating the table of contents

    401(k) compliance issues are easier to address before audit season, Form 5500 deadlines, or regulatory questions create pressure. For plan sponsors, a structured review can help identify documentation gaps, participant count issues, contribution timing concerns, internal control weaknesses, and plan operation issues before they become larger problems.

    LBMC created this 401(k) compliance checklist to help plan sponsors, finance leaders, HR teams, benefits administrators, and fiduciary committees review the areas that most often affect audit readiness and plan governance.

    Use this page as a high-level review. For the full printable checklist, download LBMC’s complete 401(k) Compliance Checklist for Plan Sponsors.

    Download the Full 401(k) Compliance Checklist

    Why 401(k) compliance review matters before audit season

    A 401(k) plan audit is not just a financial reporting exercise. Auditors often review participant data, contributions, distributions, plan financial statements, internal controls, compliance with plan documents, and required disclosures. LBMC’s existing EBPA content also emphasizes that plan sponsors should review governance and documentation practices as part of audit readiness.

    The earlier a plan sponsor reviews these areas, the easier it is to correct missing documentation, confirm participant counts, coordinate with recordkeepers, and prepare for Form 5500 filing requirements.

    A proactive checklist can help plan sponsors:

    • Identify documentation gaps before fieldwork begins
    • Confirm whether participant counts may trigger audit requirements
    • Review whether plan operations align with plan documents
    • Assess contribution timing and remittance practices
    • Strengthen fiduciary committee documentation
    • Prepare payroll, census, and recordkeeper data
    • Reduce last-minute disruption during filing season

    Compliance review should happen before the audit, not during the audit.

    401(k) plan governance checklist

    Strong plan governance starts with clear documentation and consistent oversight. Plan sponsors should be able to show how decisions are made, who is responsible, and how the plan is monitored over time.

    • Are current plan documents and amendments organized and accessible?
    • Are fiduciary committee meetings documented?
    • Are plan decisions supported by meeting minutes or written records?
    • Has the investment policy statement been reviewed recently?
    • Are service provider responsibilities clearly understood?
    • Are prior audit findings or compliance issues tracked through resolution?

    For the complete governance review worksheet, download the full checklist.

    Download the Full Checklist

    Participant count and audit threshold review

    Participant counting is one of the most common areas of confusion for plan sponsors. A plan may approach or cross the audit threshold because of hiring growth, expanded eligibility rules, automatic enrollment, mergers or acquisitions, or terminated employees who still have account balances.

    LBMC’s EBPA content notes that many sponsors discover they crossed the threshold after the plan year has already begun, which can create avoidable pressure near filing deadlines.

    • Has the plan confirmed participant counts with the recordkeeper?
    • Are eligible employees included, even if they do not contribute?
    • Are terminated employees with balances included?
    • Has the prior-year Form 5500 filing status been reviewed?
    • Is the plan within the 80–120 participant transition range?
    • Is the plan likely to cross the large-plan threshold in the next year?
    When Is an Employee Benefit Plan Audit Required?

    Plan document and operational compliance checklist

    A major source of 401(k) compliance risk is a mismatch between what the plan document says and how the plan actually operates. Auditors and regulators may look at eligibility, compensation definitions, contribution limits, employer match provisions, vesting, loans, distributions, and plan amendments.

    The uploaded LBMC auditor guide notes that a thorough audit should assess whether the plan operates in accordance with executed plan documents, amendments, summary plan descriptions, eligibility provisions, compensation definitions, contribution limits, and timely deposit requirements.

    • Are eligibility rules being applied consistently?
    • Does payroll use the correct definition of compensation?
    • Are employee deferrals and employer contributions calculated according to plan terms?
    • Are plan amendments reflected in operations?
    • Are participant loans administered according to plan provisions?
    • Are hardship distributions and other distributions properly documented?

    Contribution timing and payroll review

    Contribution timing is one of the highest-risk areas for many 401(k) plans. Late participant deferrals can create prohibited transaction concerns and may require correction.

    LBMC’s uploaded guide specifically notes that late participant deferrals remain one of the most scrutinized enforcement areas, and that participant contributions for large plans must be segregated from general assets as soon as administratively feasible.

    • Are employee deferrals remitted consistently and on time?
    • Are remittance timelines documented?
    • Are payroll files reconciled to recordkeeper reports?
    • Are employer matching contributions calculated correctly?
    • Are late deposits identified and corrected when needed?
    • Are payroll and census controls documented?
    Need help reviewing contribution timing? Talk with LBMC.

    Form 5500 and audit-readiness checklist

    For plans that require an audit, Form 5500 readiness depends on clean documentation, timely reporting, accurate participant counts, and coordination between the plan sponsor, auditor, recordkeeper, TPA, and other service providers.

    A qualified independent CPA firm must perform the audit and attach the auditor’s report to Form 5500 when required. LBMC’s EBPA content also notes that auditors commonly review participant data, contributions and distributions, plan financial statements, internal controls, compliance with plan documents, and required disclosures.

    • Has Form 5500 filing status been confirmed?
    • Are audited financial statements required this year?
    • Has the audit timeline been established?
    • Are recordkeeper reports available?
    • Are SOC 1 reports reviewed annually?
    • Are required disclosures complete?
    • Are prior-year findings resolved?
    • Are financial statement and Schedule H items aligned?
    Form 5500 Filing & Audit Requirements Guide

    Internal controls and service provider coordination

    Plan sponsors are responsible for overseeing a process that often depends on several parties, including payroll providers, recordkeepers, TPAs, custodians, advisors, and internal HR or finance teams. Weak coordination between those groups can create audit delays and documentation gaps.

    A strong 401(k) compliance review should consider whether controls are documented, reports are reviewed, access is appropriate, and responsibilities are clear.

    • Who owns payroll-to-recordkeeper reconciliation?
    • Who reviews census data before it is submitted?
    • Who reviews SOC 1 reports and user control considerations?
    • Who tracks missing documentation requests?
    • Who confirms plan amendments are implemented operationally?
    • Who monitors correction items through completion?

    If everyone is responsible, no one owns the audit-readiness process.

    When to use this 401(k) compliance checklist

    This checklist is useful throughout the year, but it is especially valuable when your plan is approaching audit requirements, preparing Form 5500, changing recordkeepers, growing quickly, updating eligibility rules, or responding to prior audit findings.

    Use the checklist if your organization is:

    • Approaching or exceeding the 100-participant threshold
    • Preparing for a first required audit
    • Reviewing Form 5500 filing readiness
    • Seeing recurring payroll or contribution issues
    • Changing TPAs, recordkeepers, or payroll systems
    • Preparing for fiduciary committee review
    • Trying to reduce audit disruption
    Download the Full 401(k) Compliance Checklist

    Why plan sponsors work with LBMC

    LBMC works with plan sponsors to strengthen employee benefit plan audit readiness, improve documentation, coordinate audit timelines, reduce disruption for HR and accounting teams, and identify compliance risks before they become filing-season problems.

    LBMC’s employee benefit plan audit experience includes defined contribution plans, 401(k) plans, SEC Form 11-K filings, 403(b) plans, profit sharing plans, defined benefit plans, pension plans, money purchase pension plans, health and welfare plans, ESOPs, and Form 5500 preparation.

    If your plan is approaching audit requirements, has recurring documentation issues, or needs a more structured compliance review, LBMC can help clarify next steps.

    Talk with an LBMC Employee Benefit Plan Audit Specialist

    Download the full 401(k) Compliance Checklist

    This page provides a high-level preview of the areas plan sponsors should review when evaluating 401(k) compliance and audit readiness. For the complete worksheet, download LBMC’s full 401(k) Compliance Checklist for Plan Sponsors.

    The full checklist can help your team review governance, participant counts, plan documentation, contribution timing, Form 5500 readiness, service provider coordination, and internal controls.

    Download the Full Checklist

    Get the full checklist to help your organization review 401(k) compliance, audit readiness, Form 5500 preparation, and plan governance before audit season.

    What is a 401(k) compliance checklist?

    A 401(k) compliance checklist is a structured tool plan sponsors can use to review plan governance, participant counts, plan documents, contribution timing, Form 5500 readiness, internal controls, and service provider coordination.

    Reviewing 401(k) compliance before audit season helps identify documentation gaps, contribution timing issues, participant count concerns, plan document inconsistencies, and internal control weaknesses before they delay the audit or Form 5500 filing.

    A strong 401(k) compliance checklist should include plan governance, participant counting, eligibility, compensation definitions, contribution timing, participant loans, distributions, Form 5500 readiness, SOC 1 report review, recordkeeper coordination, and internal controls.

    No. Not every 401(k) plan requires an audit. Audit requirements generally depend on large-plan filing status and participant counts. Plans near the audit threshold should confirm participant counts and prior-year filing status before assuming an audit is or is not required.

    Yes. LBMC can help plan sponsors confirm filing status, review audit readiness, identify compliance risks, coordinate audit timelines, and strengthen documentation and internal controls before Form 5500 deadlines.

    Employee Benefit Plan Audit Resources, Guides, and Checklists

    Explore Employee Benefit Plan Audit Resources

    Access LBMC’s guides, whitepapers, and checklists for plan sponsors preparing for employee benefit plan audits, Form 5500 filing, 401(k) compliance, auditor selection, and audit readiness.

    View EBPA Resources
    Scroll to Top