Why Internal Controls Matter for Your Employee Benefit Plan

Establishing an effective internal control system is part of your fiduciary responsibility. Here's how your plan auditor can help.

DS+B Team April 18, 2018

When it comes to the administration of an employee benefit plan, errors and fraud can and do occur. As a plan sponsor, administrator, or trustee, your fiduciary responsibility requires you to establish safeguards against both. One way to do so is to establish an effective internal control system over your plan’s financial reporting.

An effective internal control system protects your plan by minimizing opportunities for unintentional errors or intentional fraud—both of which could jeopardize your plan. It can also help to uncover small errors before they become major issues. Most important, it gives you reasonable assurance (i.e., peace of mind) that your plan is on par with financial reporting and compliance objectives. Without effective internal control, it’s nearly impossible to have this level of assurance.

Although the responsibility to establish internal control falls squarely on your shoulders, your plan auditor can help guide you through the process. It’s important to note, however, that the U.S. Department of Labor (DOL) and American Institute of Certified Public Accountants (AICPA) have rules that limit the non-audit services auditors can provide for a plan for which they also perform the annual employee benefit plan audit. For example, AICPA rules prohibit your plan auditor from maintaining financial records and making management decisions for your plan. Nevertheless, your plan auditor may provide advice, research materials, and recommendations to help you make decisions about improving your plan’s internal controls.

Here are a few ways in which your plan auditor could assist you:

Identify areas of internal control weakness
If your auditor identifies significant deficiencies in your internal control system, he or she can make recommendations for improvements. Although you must accept responsibility for implementing such improvements, your auditor can guide you through the process.
Advise on the segregation of duties
The segregation of duties is a control that involves putting policies and procedures in place to prevent any one person being able to complete a critical task unchecked; it’s a key component of an effective internal control system. For example, the person in charge of writing a check should not be the person responsible for signing it. Your auditor can evaluate the size of your administrative team to recommend ways to better segregate duties in your organization.
Map out internal control processes
An effective internal control system cannot exist without well-designed processes. Mapping these out, however, requires a great deal of time and effort. Your plan auditor can help, making this critical control more convenient for you.

Always work with a qualified plan auditor

If your plan has more than 100 eligible participants (120 for an initial audit), the Employee Retirement Income Security Act of 1974 (ERISA) requires an employee benefit plan audit. But, as I’ve noted in this article, your plan auditor can do more than audit employee benefit plans. Even if you don’t require an employee benefit plan audit, consider reaching out to your plan auditor for help in fulfilling your fiduciary responsibility.

It’s also important to confirm that your plan auditor is a member of the AICPA’s Employee Benefit Plan Audit Quality Center (EBPAQC), which demonstrates that he or she specializes in employee benefit plan audits.

With a qualified employee benefit plan auditor on your team, you’re doing more to protect your plan—and giving yourself greater peace of mind in the process.