Top Plan Failures:

• Failure to follow the terms of the plan document.
• Failure to update the plan document to reflect recent law changes.
• Failure to satisfy ADP/ACP testing requirements (exclude employees that should have been included, incorrectly thought the plan qualified as a safe-harbor plan, excess funds not returned in a timely manner).
• Failure to use correct plan definition of compensation (may be different for profit sharing contribution, nondiscrimination testing, employee deferral, improperly excluding bonuses).
• Failure to follow matching contribution provisions (exclude eligible employees, wrong definition of compensation).
• Failure to include all eligible employees (member of controlled group so all employees of all members of the controlled group must be considered).
• Failure to limit salary deferral to the 402(g) limits.
• Allowing ineligible employees to participate in the Plan (under age, length of service, not employed on the last day of year).
• Failure to follow loan provisions per the plan document and IRC Section 72(p).
• Failure to follow hardship withdrawal terms (not confirming person’s eligibility, not stopping salary deferral).
• Failure to start making Required Minimum Distributions to participants that are age 70½.
• Failure to deposit participants’ salary deferrals in a timely manner.
• Unsigned documents or amendments, missing minutes confirming adoption of plan or amendment.
• Failure to obtain a plan audit when required.
• Limited scope audit when full scope audit is required.
• Failure to file the Form 5500 on time.
• Failure to properly value plan assets at their current fair market value, or to hold plan assets in trust.
• Using plan assets to benefit certain related parties to the plan, including the plan administrator, the plan sponsor, and parties related to these individuals.
• Failure to properly select and monitor service providers.

Internal Control Procedures:

Internal control is often overlooked by plan sponsors and they may not understand the importance of sound internal control procedures.  The plan might be on autopilot with many functions outsourced to a third party. Responsibility in these circumstances may be misplaced and misunderstood.

Internal controls are the documents, practices and procedures that prevent errors from occurring or that quickly flag errors before the errors have large financial consequences.  Good internal control can affect an employee benefit plan’s audit by helping the examiner determine whether the plan is well run or has serious compliance risks that would give rise to expanding the scope of the audit.

Many errors are caused by the failure to understand plan provisions or the plan document not properly reflecting current plan operations.  This may be caused by not reading and/or understanding the plan document, inefficient or no internal controls, or turnover at the plan sponsor and/or service provider.  The following are recommendations for improving internal control, which will minimize opportunities for unintentional errors or intentional fraud:

(1) Payroll

• Ensure that eligible compensation, as defined in the plan document, is properly input in the payroll system
• Plan in advance for any changes to the plan, plan service providers or payroll provider. When changing payroll providers, ensure correct deferral amount and limits are transferred to the new system. When changing recordkeepers be aware of potential mapping errors.
• Remit participant contributions and loan repayments to the plan as soon as administratively possible to segregate from general assets. Put procedures into place to ensure deposits are made by that date and that the amount received by the trust is accurate.
• Ensure that hardship participants are properly suspended from making contributions based on the terms of the plan document.
• Put sufficient controls in place for manual processes (for example, deferral rates manually entered into payroll system, participant loan repayments, and employer matching/true-up contributions).

(2) Administrative

• Ensure that the correct census data is prepared for compliance testing and employer match.
• Appoint an employee benefit plan committee and investment committee who hold regular meetings to discuss the plan, annual match, changes to investments, and any recent changes in IRS & DOL regulations. Properly document all committee meeting minutes.
• When an eligible employee elects not to participate in the plan, have him or her sign a form documenting the decision not to defer.
• Establish a routine to recalculate forfeitures and matching contributions, track when contributions are received by the Plan, periodically make sure deferral rates are correct and 402(g) limits are not exceeded.
• Provide sufficient training for employees in the accounting, payroll and finance departments who are involved with the plan.
• Be aware of the various roles and responsibilities of the service provider and the fiduciary.
• Document processes for monitoring the plan and decision-making.
• Have procedures to ensure that loans are properly set up, repayments are correct and timely applied to the participant’s account, interest rate and term are correct, and that once the loan is paid off repayments stop.  Have proof of proper documentation for loans that are taken for the purchase of a primary residence.
• Establish procedures to ensure that distributions are made properly (including calculation of amount vested). The IRS advises that plan sponsors be aware of required minimum distributions for participants over age 70½.
• Ensure there is proof that all appropriate notices and disclosures are given to participants.
• Segregate duties to diminish the opportunity for fraud to occur.
• Monitor the activities of third-party administrators or custodians.  Understand what services they are providing.

(3) Compliance

• Employ an audit firm with expertise in auditing employee benefit plans (firm should be a member of the AICPA Employee Benefit Plan Audit Quality Center).
• Understand the provisions of the plan document and amend the plan document to reflect any law changes. All updated plan terms should be correctly communicated to all providers and fiduciaries (human resources, payroll, recordkeeper).
• Confirm that the employer matching contribution and vesting schedule agree to the provisions of the plan document.
• Correct any audit findings or other operational errors on a timely basis.
• Obtain a full-scope audit if the Plan does not meet the criteria for a limited scope audit.
• Review documents and policies on a regular basis to ensure they are in compliance with IRS & DOL laws and regulations.
• Ensure applications and forms (e.g. distribution request) have the required approval/authorizations. Make sure they are maintained for future reference.
• Review plan fees and expenses for appropriateness and adherence to contracts.
• Meet all deadlines for filing the Form 5500.
• Maintain an ERISA bond for everyone who has control over plan assets.  Ensure that there is adequate coverage.

Before implementing a recommendation, the plan sponsor should consider the cost of establishing and maintaining it versus the benefit it provides and the consequences if it is not implemented.

A plan sponsor does not have the ability to fortify their internal controls if they are unaware of oversights in administering the plan. The IRS recommends reviewing internal controls at least once a year.  This is important because processes and procedures may need to be changed or created if internal controls are not working as designed or errors are not identified and resolved timely.