Plan audits are an important way the Department of Labor ensures compliance with ERISA standards. Sometimes DOL plan audits are random, but errors, including mistakes with the submission of Form 5500, can trigger audits too. Here’s an overview of the DOL audit process for plans, and tips to help plan sponsors gear up.
Always Be Prepared
Given the tremendous responsibility inherent with sponsoring a company retirement plan, and the high standards of ERISA, it’s indeed wise for sponsors to adapt the motto of scouts when it comes to fiduciary duties. Clean data, careful review, and an up to date ERISA Bond are musts for the annual submission of Form 5500. The ongoing swirl of “me too” lawsuits against plan sponsors, involving fees, services and investment performance, underscores the importance of consistently using and carefully documenting prudent processes related to all plan decisions. When inquiries and audit notices come from the DOL’s Employee Benefits and Security Administration (EBSA), fast access to documents and proof that fiduciary duties are being fulfilled is essential. Adhering to these best practices is a great way for sponsors to always be prepared in the event of an audit:
- Maintain Accurate Records: Ensure all plan documents, financial records, and participant information are accurate, complete, and readily accessible.
- Regular Compliance Reviews: Conduct periodic reviews of the plan’s compliance with ERISA regulations to identify and address potential issues proactively.
- Training and Education: Educate plan administrators and fiduciaries about their responsibilities and the importance of compliance.
- Engage Professionals: Consider hiring ERISA attorneys, auditors, or consultants to assist with compliance and audit preparedness.
Noting that “The audit process typically involves reviewing plan documents, financial records, and administrative procedures to ensure the plan operates in participants’ best interests,” Christopher Roche, of CMR & Associates explains that in addition to random checks, EBSA plan audits may occur in response to these five concerns:
- Participant Complaints: Complaints filed by plan participants or beneficiaries can trigger an audit.
- Form 5500 Red Flags: Inaccuracies or inconsistencies in Form 5500, the annual return/report of Employee Benefit Plan, can raise red flags.
- Late Deposits: Delays in depositing employee contributions can attract scrutiny.
- Non-Discrimination Testing Failures: Failures in annual compliance testing may trigger an audit.
- Prior Audit Findings: Previous audit findings or corrective actions may prompt follow-up audits.
Audit Notification Letter
When a plan is targeted for an audit, the sponsor receives an official DOL notification letter. Be mindful that since releasing cybersecurity guidance in 2021, the DOL has been requesting security protocols along with audit requests. Experts predict cybersecurity will become a routine part of all retirement plan audits.
Following notification, retirement plan audits typically progress through these steps:
- Document Request: The letter includes a request for specific documents, such as plan documents, Form 5500 filings, financial statements, and participant records.
- On-Site Visit: In some cases, DOL investigators may conduct an on-site visit to review documents and interview plan administrators.
- Review and Analysis: The DOL reviews the submitted documents and analyzes the plan’s compliance with ERISA requirements.
- Findings and Resolution: The DOL communicates its findings to the plan sponsor, outlining any issues or violations. The sponsor is given an opportunity to address and rectify the findings.
Depending on the nature and severity of compliance issues or breaches discovered during a DOL audit of the plan, sponsors may expect the following post-audit consequences:
- Financial Penalties: Non-compliance can result in substantial financial penalties. For example, late deposits of employee contributions can lead to excise taxes and penalties.
- Fiduciary Liability: Plan sponsors and fiduciaries can be held personally liable for breaches of their fiduciary duties.
- Corrective Actions: Sponsors may need to implement corrective actions, such as making restitution to the plan or participants, to address compliance issues.
Diligence and Protection
As decision makers for the company retirement plan, sponsors can be held personally liable for damages to the plan. Consider for example, that even a relatively small cybersecurity incident can result in a fiduciary breach allegation that puts personal assets at risk.
Colonial Surety Company offers plan sponsors one, efficient and affordable solution to mitigate their inherent risks. For a few dollars a day, our Fiduciary+Cyber Liability Insurance Combo:
- Addresses Department of Labor cybersecurity recommendations;
- Explicitly covers the business and the plan in the event of a cyber breach;
- Provides expert response and notification services following a cyber breach; and,
- Reduces the personal risks of plan sponsors, by providing defense costs and penalty limits up to $1,000,000, in the event of alleged or actual breaches of duty in connection with the employee retirement plan.
Get Covered Today: Fiduciary+Cyber Liability Insurance Combo
Serving customers since 1930, Colonial Surety is the trusted source for the pension industry to secure legally required ERISA bonds, fiduciary liability insurance and cyber-liability insurance. We help safeguard plan sponsors, pension professionals and financial advisors — and keep their businesses compliant — with pain-free, efficient, and friendly service every time. Colonial Surety Company is rated “A Excellent” by A.M. Best Company, US Treasury listed and in business all across the country.