WRITTEN TESTIMONY OF AICPA EMPLOYEE BENEFIT PLAN AUDIT QUALITY CENTER EXECUTIVE COMMITTEE



Similar documents
Effective Monitoring of Outsourced Plan Recordkeeping and Reporting Functions

Effective Monitoring of Outsourced Plan Recordkeeping and Reporting Functions

Employee Benefit Plans Financial Statement Audits

Valuing and Reporting Plan Investments

P L A N A D V I S O R Y. The Importance of Internal Controls in Financial Reporting and Safeguarding Plan Assets

Considerations for Employee Benefit Plan Compliance with FASB Accounting Standards Codification (ASC 820), Fair Value Measurement

Assessing the Adequacy and Effectiveness of a Fund s Compliance Policies and Procedures. December 2005

Melissa M. Wolf, CPA (570) Employee Benefit Plan Auditing and Regulatory Update 2012

Obtaining Quality Employee Benefit Plan Audit Services: The Request for Proposal and Auditor Evaluation Process

New Regulations Under ERISA Refine and Develop Fiduciary Duties Regarding the Investment of Plan Assets

The Department of Labor ( DOL ) recently issued proposed regulations

Limited Scope Audits Of Employee Benefit Plans

Getting The Most Out Of Your 401K/Corporate Retirement Plan-

Legal Obligations of Employers for 401(k) Plans

A Multiple Employer Plan Sponsored by: CMAA ClubSolutions SM

Fiduciary toolkit for financial professionals

Sample Performance Standards

Meeting Your Fiduciary Responsibilities

Plan Administrator Guide

Service Provider Fee Disclosure Rules Now Final: Next Steps for Retirement Plan Fiduciaries. March 2012

Understanding Plan Fees and Expenses

RETIREMENT PLAN FIDUCIARY GUIDE

RETIREMENT INSIGHTS. Understanding your fiduciary role. A plan sponsor fiduciary guide

Retirement Plan Consulting Proposal

Understanding Your Fiduciary Role

Plans may cover active employees, terminated employees, dependents, retirees, or beneficiaries.

SAI. DEFINED BENEFIT - 401(k) COMBO PLANS INSTALLATION KIT. Security Administrators, Inc.

Meeting Your Fiduciary Responsibilities

Fee disclosure Q&A: Answering plan sponsor questions about Department of Labor regulations

Discretionary Trustee Services

The Basics of Fiduciary Responsibility under ERISA

Audit and Permitted Non-Audit Services Pre-Approval Policy (Pertaining to the Company s Independent Auditor)

Documentation of Use of a Type 2 Service Auditor s Report In an Audit of an Employee Benefit Plan s Financial Statements

DOUGLAS COUNTY SCHOOL DISTRICT Human Resources Insurance Benefits Coordinator

Studies (by Equifax and others) have determined that over 90% of hospital bills contain errors most of which are overcharges.

Working Together to Meet Your Investment Goals

Managing Your Future

Our mission is to help our clients. maintain 401(k) compliance and avoid unnecessary risk. COLLABORATION. COMPLIANCE. CONVENIENCE.

SAI NON-QUALIFIED PLAN INSTALLATION KIT. Security Administrators, Inc.

2013 Preparing for Your First 401(k) Plan Audit

Understanding Vendor Risk And Analyzing the SSAE No. 16

Understanding Retirement Plan Fees and Expenses

Public Company Accounting Oversight Board ( PCAOB )

Service Provider Disclosure

Authorised Persons Regulations

Internal Controls Best Practices By Jennifer Downs, CPA Benefit Audit Group, LLC

The Benefits of Mandatory Distributions

02 DEPARTMENT OF PROFESSIONAL AND FINANCIAL REGULATION

Sponsors Focus on Better Designing Plans to Meet Retirement Income Needs

BERMUDA MONETARY AUTHORITY

IMPLEMENTING GASB STATEMENT NO. 68 ACCOUNTING AND FINANCIAL REPORTING FOR PENSIONS A CCMA WHITE PAPER FOR CALIFORNIA LOCAL GOVERNMENTS

CHAPTER ANNUITY TRANSACTION PRACTICES

Communicating Internal Control Related Matters Identified in an Audit

FIDUCIARY INSIGHTS & UPDATES

Auditing Derivative Instruments, Hedging Activities, and Investments in Securities 1

Private Fund Advisers: Compliance Oversight of Third-Party Administrators

65% Effective 68% Effective 79% Effective

Management Employees Pension Board

Case 5:12-cv R-DTB Document Filed 06/02/14 Page 13 of 24 Page ID #:3461

Understanding fiduciary responsibilities

plantemoran.com Audit Requirements? January 19, 2010

SUITABILITY IN ANNUITY TRANSACTIONS MODEL REGULATION

IMPORTANT INFORMATION REGARDING YOUR FORM 5500 AND FORM 8955-SSA

2. Auditing Objective and Structure What Is Auditing?

Guidance Statement GS 007 Audit Implications of the Use of Service Organisations for Investment Management Services

California ISO Audit of the Financial Statements for the Year Ending December 31, 2015 December 18, 2015

401k Regulation and the New Fiduciary Responsibility of Sponsors

Prüfung von Outsourcing mit SAS70

AUDIT COMMITTEE CHARTER THE BOARD OF DIRECTORS OF ALLIANCE SEMICONDUCTOR CORPORATION

Understanding SAS 70 Reports on Internal Control

STANDING ADVISORY GROUP MEETING

The American Academy of Actuaries' mission is to serve the public and the United States actuarial profession. To accomplish this:

Chapter 5 SUPERVISORY COMMITTEE TABLE OF CONTENTS

Internal Control Systems

Topics Covered. Two Ways To Be A Fiduciary 5/6/2015

Ethics, Fraud, and Internal Control

Working With Your Auditor

When the IRS and DOL come knocking... (You can t pretend you re not home.)

Request for Information. Northern York County Regional Police Pension Fund. Pension Fund Investment Consulting Services

The Dubie Group at Morgan Stanley Smith Barney. The Services Available for Your Retirement Plan

February 2, Definition of the term Fiduciary under the Employee Retirement Income Security Act of 1974, as amended, Proposed Rule

MINNESOTA MUTUAL COMPANIES, INC. Guidelines of the Audit Committee of the Board of Directors

Audit survival tips for retirement plans

State of Rhode Island and Providence Plantations DEPARTMENT OF BUSINESS REGULATION Division of Insurance 1511 Pontiac Avenue Cranston, RI 02920

CHAPTER 64 REGULATION GOVERNING SUITABILITY IN ANNUITY TRANSACTIONS

RETIREMENT PLAN SERVICES

11 U.S.C. 704(a)(11) ERISA 3(16)(A) CHAPTER 7 PANEL TRUSTEE TRAINING. Timothy J. Snyder, Esquire

Sample Financial institution Risk Management Policy 2011

Paying Employee Benefit Plan Expenses

Models of Advisor Fiduciary Responsibility: What Advisors Need to Know

What is an ESOP? ESOPs are defined contribution pension plans that invest primarily in the stock of the plan sponsor

Why Advisors Will Benefit and Add Value Using a 3(38) Investment Fiduciary

REPRESENTATIVE TOPIC TYPES OF RETIREMENT SAVINGS ARRANGEMENTS RETIREMENT PLAN REGULATORY & INDUSTRY UPDATES. Audience

5901A Peachtree Dunwoody Rd., Suite 140, Atlanta, Ga., toll free: , local

Managing fiduciary responsibility for plan sponsors

ERISA Compliance for Investment Advisers: A Q&A Guide To DOL s 408(b)(2) Disclosure Regulation

CREATE YOUR OWN INVESTMENT FUND

Public Safety Vehicle Repair Audit

EXHIBIT A PERFORMANCE GUARANTEES

Employee Benefit Plan Auditing

Transcription:

WRITTEN TESTIMONY OF AICPA EMPLOYEE BENEFIT PLAN AUDIT QUALITY CENTER EXECUTIVE COMMITTEE BEFORE THE ERISA ADVISORY COUNCIL REGARDING OUTSOURCING EMPLOYEE BENEFIT PLAN SERVICES AUGUST 19, 2014 The Employee Benefit Plan Audit Quality Center (EBPAQC) Executive Committee is pleased to submit testimony to the ERISA Advisory Council on behalf of the American Institute of Certified Public Accountants (AICPA). The EBPAQC is a firm-based voluntary membership center with over 2,300 CPA member firms that audit employee benefit plans. We applaud the Council s focus on outsourced services, including selecting and monitoring service providers. Effective selection and monitoring programs help ensure the plan sponsor is meeting its fiduciary responsibilities. Effective monitoring also helps the plan sponsor gauge the quality of services performed by the service provider and provides valuable information regarding the service organization s controls and their effectiveness, and can be helpful in identifying potential cost savings, areas for improved efficiencies, and opportunities to improve participant satisfaction. While independent auditors of plan financial statements are not directly involved in the plan s decision to outsource plan activities or monitor outside service providers, independent auditors do assess the risks of material misstatement in the plan s financial statements through understanding the plan and its environment, including the plan's internal control and outsourced activity relating to plan recordkeeping and reporting functions. As such, our remarks will focus on trends auditors are seeing with respect to outsourcing activities and best practices for selecting and monitoring service providers that perform services that affect the plan s financial reporting. Trends in Outsourcing In general, some plan auditors have seen an increase in plan sponsors that are considering outsourcing functions related to both defined benefit (DB) and defined contribution (DC) plans. As a result, some service providers are offering more services the demand from sponsors creates more supply in terms of a greater variety of outsourcing options being offered by service providers. A sponsor already outsourcing certain plan functions seems more likely to increase its use of other outsourced activities by bundling additional services together. The decision to outsource may be based on many factors, including but not limited to the company s philosophy, the number of internal staff and their skill and proficiency level, the cost of outsourcing versus performing the functions internally, and the desire to free up internal staff to focus on tasks unrelated to the benefits programs such as corporate duties and strategic initiatives.

Generally sponsors appear to be maintaining control over strategy (e.g., roles/responsibilities, investment strategy, asset allocation), but many seem to be moving to outsource investment management as well as administration and implementation. Following are several observations on the most commonly outsourced services and trends in outsourcing: Investment management functions in both large and small DB plans. o An increase in investment complexity (including the use of derivatives) to obtain a specific investment objective. o An increase in the use of separately managed accounts, mainly in larger defined benefit plans, the management of which is 100% outsourced. In general, for plans audited by larger audit firms, the organizations managing these assets are large and reputable fixed income managers. Recordkeeping functions for both large and small plans both DB and DC including administration of deferred vested and retirees for DB plans are outsourced by most plans of all types. Most of the recordkeepers for the plans audited by larger audit firms are the very large and reputable organizations where type 2 SOC 1 reports are available (see a discussion of SOC 1 reports in the Best Practices section of this testimony). Outsourcing trustee/custodial functions for both large and small plans also is a common practice among most plans of all types. Most of the trustees/custodians providing services for the plans audited by larger firms are the very large and reputable organizations where type 2 SOC 1 reports are available. Actuarial valuation services for both large and small DB and health and welfare (H&W) plans. This includes financial statement disclosures preparation as well as benefit payment calculation services. Most of the actuarial firms used by the plans audited by larger audit firms are the very large and reputable actuarial firms. Claims processing for H&W plans, including the processing of medical, dental, and disability claims. Most of the claims providers used by the plans audited by larger audit firms are the very large and reputable organizations where type 2 SOC 1 reports are available. Form 5500 preparation, particularly for the larger plans that have more complex filings, and plans that are part of a larger master trust. Financial statement compilation (on a more on a limited basis) where companies have minimal internal resources available and an overall lack of available individuals with a financial accounting background (smaller plans for the most part). Based on our experience, standards are lacking with respect to monitoring outsourced service providers, including identification of performance standards, benchmarking of costs and mitigating conflicts of interest. We see many situations in which monitoring is not done regularly and in a systematic, prudent manner. 2

Best Practices in Selecting Outsourced Employee Benefit Plan Service Providers The DOL s publication, Meeting Your Fiduciary Responsibilities, identifies a number of best practices for selecting service providers. Following are other important best practices we believe plan sponsors should consider when hiring a service provider: The ability of the plan sponsor/administrator to access data maintained by the service provider on both a daily and annual basis; The service provider obtaining a Service Organization Control (SOC 1 SM ) report, (discussed in further detail later in this testimony); Whether the service organization hired to prepare the plan s financial statements will provide the plan sponsor with the support they need to understand those financial statements. Whether the service agreement between the plan sponsor and the service provider is complete and provides adequate protections for the plan. The service agreement should include predetermined communication and follow-up procedures between the service provider and the plan sponsor in the event of operational issues or other problems identified by the service provider. Including certain financial and control measures in the third-party service provider contract. Plan sponsors should perform a periodic review of follow-up procedures as well as financial and control measures in the contract to ensure they are in place and functioning properly. This can be achieved by requesting that the service provider s periodic reporting cover financial and control measures such as the accuracy and timeliness of recording participant transactions, and other measures identified in the contract. Best Practices in Monitoring Outsourced Employee Benefit Plan Service Providers When a plan sponsor hires one or more service providers to handle plan administration functions, the agreement typically establishes that the service provider(s) assumes liability for its performance of those functions. However, because a part of a plan sponsor s fiduciary responsibilities require that he or she periodically monitor the service provider to ensure they are properly performing the agreed-upon services it also is important that the plan sponsor document its monitoring processes. If the plan sponsor uses one or more service providers to handle the various plan administration functions, the activities of each service provider should be monitored. When monitoring the service organizations, the plan sponsor should: Read any reports they provide, including SOC 1 reports Put user controls in place and monitor them on a regular basis Review the service provider s performance, Ask about policies and practices, Check actual fees charged, and Follow up on participant complaints. Depending on the size and complexity of the plan(s) involved, it may be appropriate to contact the service provider as often as daily, weekly, monthly, or quarterly, but no less frequently than 3

annually. Face-to-face meetings can take place either at the plan sponsor s place of business or the service provider s. Understanding and Monitoring the Service Provider s Processes and Controls An effective approach to help the plan sponsor understand and monitor the quality and effectiveness of the service provider s processes and controls is to request a report on controls at the service organization that affect the data and other information provided to the plan and included in the plan s financial statements. Such reports are commonly referred to as SOC 1 reports and are provided by a CPA who performs an examination of controls at the service organization under AICPA Professional Standards (these reports were previously referred to as SAS 70 reports). Concern over the quality of accounting information, increased reliance on outsourcing, and increased use of technology in plan administration services has resulted in greater demand for these reports. Additional information about SOC 1 reports can be found in the attached EBPAQC Plan Advisory, Effective Monitoring of Outsourced Plan Recordkeeping and Reporting Functions. SOC 1 reports can be extremely important to plan sponsors in fulfilling their fiduciary duty to monitor their service organization; as such, they should obtain and read a copy each year. However, service organizations are not required to furnish SOC 1 reports. Because these reports are so important to the plan sponsor, as noted previously it is in the plan sponsor s best interest to make certain when hiring or retaining the service organization that the service organization agrees to obtain a SOC 1 report. Onsite Visits to Service Providers Onsite visits by the plan sponsor at the service organization are an effective way to review its operations and controls. Such visits may be performed by an individual or a team from Corporate Finance or Human Resources. If this is not practical, phone calls and email contact may be an acceptable alternative. The plan sponsor may decide that spot-checks of certain transactions are necessary to determine the quality and accuracy of the service provider s work. This may be especially true when an appropriate SOC 1 report is not available from the service provider. We recommend that plan sponsors that perform on-site reviews prepare an agenda that addresses all pertinent issues and areas. While on-site, the plan sponsor should tour the facility to get a feel for the operation and atmosphere of the service provider, meet with the employees who perform the work on the account, and walk through some of the more critical processes. The meeting or phone call itself should include not only the customer service representative, but the account supervisors and manager as well. Effective Monitoring of Outsourced Plan Recordkeeping and Reporting Functions, includes a list of discussion items to consider when performing an on-site visit to a service provider that performs recordkeeping and reporting functions for the plan. Reviewing Information and Documents Provided by Service Providers It is important to note that the plan administrator (which may be the plan sponsor) remains primarily responsible for filing complete and accurate plan financial statements 4

and Form 5500 information with the DOL. Inaccurate or incomplete filings can result in the Form 5500 being rejected by the DOL with significant penalties assessed on the plan administrator. Therefore, it is important that the plan sponsor ensure that the plan administrator is receiving reliable and accurate information from the service organization. The plan sponsor should periodically review the plan reports prepared by the service organization for consistency, completeness, and reasonableness. A key component of this review is the consistency of the information in the reports pertaining to the plan and its operations. We also recommend a review of account reconciliations performed and a comparison of specific amounts in the reports with the client data used in the reconciliations (e.g., the amount of contributions made by the plan sponsor and/or plan participants). In addition, the plan sponsor should check to ensure that reconciling items are specifically identified, and that they clear in a timely manner. Analytical review procedures performed on account balances and activity is an effective way for plan sponsors to determine that the information being reported by the service provider is reasonable. Many plans monitor and track investment management performance and compared it to a prescribed benchmark on a regular basis. Investment distribution/rebalancing also may be monitored on a regular basis so that the plan sponsor is aware of the specific investment mix at all times, including any swings outside of management s prescribed tolerance levels. In addition, many companies routinely monitor the inputs that go into the actuarial valuation analysis, including the raw census data. Before the financial statement valuation reports are finalized, a review is performed to ensure that the outputs contained within the respective reports make sense. Effective Monitoring of Outsourced Plan Recordkeeping and Reporting Functions includes specific recommendations for procedures plan sponsors should perform with regard to periodic review of plan reports, account reconciliations, and analytical procedures. Other Monitoring The plan sponsor should evaluate the reasonableness of fees charged for the services, the quality of the services provided, the quality of the service provider s operations, and the availability of a SOC 1 report. Many companies perform periodic fee benchmarking analyses for all of their service providers to ensure that the fees appear reasonable and in line with the perceived value that they are receiving. Participants should have a formalized process to submit questions or file complaints. Plan sponsors should maintain a complaint log and ensure that all questions/complaints are followed up on and resolved in a timely manner. In addition, the DOL states in Meeting Your Fiduciary Responsibilities that an employer should establish and follow a formal review process at reasonable intervals to decide if it wants to continue using the current service providers or look for replacements. 5

Conclusion Thank you for your interest in this important matter and the opportunity to submit testimony to the ERISA Advisory Council. 6

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information