Publications banner
Cpajournallogo

Operational Compliance in a Highly Regulated Environment

Avoiding Fiduciary Breaches, Regulatory Review, Corrective Contributions, and Monetary Sanctions


By: Sheldon M. Geller, JD, CPA

 

Plan administrators named in the plan document, or acting as administration fiduciaries by filing Form 5500, must administer their 401(k) plan in accordance with plan terms and management’s expressed intentions. Many plan administrators mistakenly believe that recordkeepers monitor and plan auditors verify operational compliance.

 

Because neither recordkeepers nor plan auditors are plan fiduciaries, they do not assume responsibility for compliant plan operation. Plan administrators who fail to operate their 401(k) plan in accordance with their terms, and are unable to retroactively amend their plan to reflect the plan’s actual operation, will find themselves in a fiduciary breach that may result in unanticipated and significant corrective employer contributions and monetary sanctions.

 

Accordingly, the plan administrator’s role has become increasingly important as plan sponsors face new regulatory initiatives, robust enforcement activities, and additional audit representations. Plan administrators must implement strong internal controls and effective plan governance practices to continuously assess operational and fiduciary compliance.

 

User-added image

 

IRS Pre-Audit Compliance Program

The IRS recently announced in its “Employee Plans” newsletter (June 3, 2022), a new pre-audit compliance program for selected retirement plans, requiring employers to identify and voluntarily correct operational failures. The IRS will not assess a monetary penalty against a plan administrator who responds to the pre-audit letter within 90 days of receipt and identifies deficiencies and corrections eligible for self-correction.

 

A plan administrator’s failure to respond by the 90-day deadline will result in an IRS examination. Accordingly, it is advisable for plan administrators to immediately forward IRS correspondence received in connection with their plan to legal counsel, the third-party administrator, or their investment advisor to identify operational failures or plan document errors, take corrective action, and respond to the IRS.

 

The IRS customarily requests a signed copy of the plan document, amendments thereto, participant allocation schedules, census reports, account statements, and Forms W-2 for the years under examination; administration documentation relating to the inquiry (e.g., compliance with the limit on annual additions); and other documents or explanations the plan administrator believes relevant to the inquiry or that would assist the IRS in its review.

 

The IRS will determine whether to favorably close the examination and issue a “no-action letter” with respect to the pre-audit or, alternatively, to conduct a limited-scope examination or conduct a full-scope examination. A plan administrator’s good-faith attempt at compliance will likely limit the scope of any audit if the IRS determines that the plan administrator did not appropriately correct the operational mistakes or that the operational mistakes are not eligible for self-correction (e.g., by retroactive plan amendment).

 

The IRS has indicated that it will assess monetary sanctions for compliance failures corrected under the pre-audit compliance program, except for failures eligible for self-correction. Reduced monetary sanctions are not available for plan administrators once they receive written or verbal notification of a pending IRS audit examination.

 

It is not clear whether the IRS will accommodate noncompliance and self-correction with no monetary sanction or, instead, impose a voluntary compliance program-level monetary sanction in connection with items discovered and disclosed by the plan administrator during the 90-day period.

 

Retroactive Plan Amendment

Plan administrators may, under certain conditions, retroactively amend their plan when they fail to operate their 401(k) plan in accordance with its terms under recently issued IRS guidance to cure an operational defect. (See Revenue Procedure 2021-30.)

 

Effective July 15, 2021, the IRS permits a plan administrator to voluntarily correct operational failures by retroactive amendment under either the IRS Self-Correction Program, which does not require a filing with the IRS, or under the Voluntary Correction Program, which does.

 

More specifically, a plan administrator may increase a benefit, right, or feature by retroactive amendment under the Self-Correction Program, which does not need to apply to all participants, provided the amendment meets other IRC requirements (e.g., the amendment is nondiscriminatory in actual plan operation).

 

When plan administrators and their advisors discover operational mistakes upon self-audit, they can correct using prescribed IRS self-correction procedures, if they are eligible.

 

Plan administrators who are not permitted to retroactively amend their plan to cure an operational defect under the expanded IRS relief provided by Revenue Procedure 2021-30 will need to submit the proposed, retroactive plan amendment in an application under the Voluntary Correction Program and remit an IRS filing fee (and likely incur a legal fee for representation before the IRS in connection with the application).

 

Accordingly, plan administrators need to ensure operational compliance to avoid corrective employer contributions, monetary sanctions, IRS filing fees and legal fees in connection with self-correction necessary to preserve the tax qualified status of their plan and the tax-exempt status of the trust established as a part thereof.

 

Self-Audit and Operational Review

Accordingly, it is advisable, if not imperative, for plan administrators to conduct an operational review to determine that plan operation is consistent with plan terms—at least annually, as well as upon plan amendment, plan restatement, and the inception of a new recordkeeper relationship—rather than waiting for an IRS audit letter.

 

When plan administrators and their advisors discover operational mistakes upon self-audit, they can correct using prescribed IRS self-correction procedures, if they are eligible. If not, then plan administrators can correct by applying under the IRS Employee Plans Compliance Resolution Program.

 

Time is of the essence for plan administrators to conduct a self-audit to be eligible for reduced monetary sanctions, which are not available for plan administrators once they receive written or verbal notification of a pending IRS audit examination.

 

Common Operational Mistakes

Plan administrators are required to operate their plan in accordance with plan terms, without regard to their delegation of recordkeeping and third-party administration responsibility to a non-fiduciary service provider [ERISA Sections 402(a)(1), 404(a)(1)(D)].

 

The following are examples of how plan administrators and their record-keepers have failed to follow plan terms in actual plan operation:

  • Failure to include part-time, seasonal, and temporary employees
  • Failure to remit employer contributions for includable employees
  • Failure to timely deposit participant contributions with the trustee
  • Failure to timely deposit participant loan repayments with the trustee
  • Failure to exclude reimbursements and other expense allowances
  • Failure to include cash and non-cash fringe benefits in compensation
  • Failure to use forfeitures or assets maintained in a revenue credit account
  • Failure to include bonuses and commissions in compensation for plan purposes
  • Failure to match catch-up contributions, bonus deferrals or Roth 401(k) contributions
  • Failure to apply regular employee deferral elections to bonuses and other compensation components
  • Failure to timely implement employee deferral elections, automatic enrollment, or annual escalations
  • Failure to fully vest affected participants due to a workforce reduction deemed a partial plan termination
  • Failure to obtain adequate documentation for hardship resulting in an impermissible in-service withdrawal
  • Failure to provide notice to participants for automatic enrollment, safe harbor, and defaulted investments
  • Failure to amend or restate the plan document for required legislative changes or desired employer changes
  • Failure to file Form 5500 because an audit report was not included with the original filing.

 

Plan sponsors are payroll fiduciaries and thus responsible for correctly applying the terms (e.g., eligibility, entry date, compensation, employer matching contribution provisions) of their governing plan document.

 

Although it is not common, if the plan administrator and the IRS cannot agree on a reasonable and appropriate correction, the IRS will not issue a compliance statement and will condition the issuance of a closing agreement upon the completion of an IRS-sanctioned correction and payment of a monetary sanction negotiated with the IRS for open years, based upon the nature, extent, and severity of the operational failure.

 

Plan administrators can either self-correct without an IRS application or with an application to the IRS Employee Plan Compliance Resolution System (EPCRS). Under the EPCRS Voluntary Correction Program, the plan administrator can correct the operational defect to obtain an IRS-issued compliance statement to enable them to make required representations with respect to tax qualification.

 

Plan administrators cannot assert a scrivener’s error and retroactively amend their plan to cure an operational defect if not in compliance with IRS guidance, because the burden of compliance is against the draftsperson, which is deemed to be the plan administrator who adopted the plan document.

 

Plan administrators can prevent operational mistakes by conducting periodic self-audits, confirming the application of plan terms, adopting participant contribution deposit procedures, applying investment policy, and educating payroll staff to make them aware of IRS rules and inculcate a culture of compliance.

 

New Plan Administrator Representations

Plan administrators who elect a method of compliance based on certified investments are required to make additional representations to the plan auditor for plan years ending after December 15, 2021, under the new ERISA section 103(a)(3)(C) audit of an employee benefit plan (formerly known as a limited scope audit) guidelines.

 

An ERISA section 103(a)(3)(C) audit permits the plan administrator to elect to exclude from the plan audit certain plan asset investment information held by a qualified institution that issues an asset certification, provided the plan administrator makes the following additional representations:

  • The ERISA section 103(a)(3)(C) audit is permissible under the circumstances.
  • The investment information is prepared and certified by a qualified institution.
  • The certification meets the requirements under ERISA for annual reporting purposes.
  • The certified investment information is presented and disclosed in accordance with GAAP.

 

Most plan administrators prefer a limited scope audit due to its reduced auditing procedures and fees. But others prefer a full scope audit to gain comfort, often at no increased fee notwithstanding additional representations and increased responsibility.

 

IRS Opinion Letters

Plan administrators routinely adopt pre-approved plan documents sponsored by their recordkeepers, who receive IRS opinion letters. These letters inform recordkeeper sponsors of pre-approved plan documents that their plan document is designed in accordance with applicable Internal Revenue Code (IRC) provisions, and speak to the form of plan document, not to the actual operation of the plan.

 

Thus, opinion letters offer no protection from operational mistakes and impose upon the plan administrator the requirement to make certain actual plan operation is consistent with plan terms.

 

Plan Administrator Opinion

Plan administrators routinely make a representation in management letters to plan auditors and in financial statement footnotes that their plan is designed and currently operated in accordance with plan terms and in compliance with applicable IRC provisions—and, therefore, entitled to tax-favored treatment.

 

Most plan administrators are not uniquely qualified to conduct a self-audit, determine operational compliance, and effect self-correction, nor do many retain or employ Employment Retirement Income Security Act (ERISA) legal counsel. Nevertheless, plan administrators need to ensure ongoing operational compliance and make annual representations to plan auditors and third parties.

 

Delinquent Participant Contributions and Form 5500 Filings

Plan administrators are charged with the duty to timely deposit participant contributions and timely file Form 5500, including an audit report if applicable. The Department of Labor (DOL) has joint jurisdiction with the IRS over different aspects regarding the timely remittance of participant contributions and filing of Form 5500.

 

Plan administrators must respond timely to a DOL notice of a delinquent filing or a failure to file because they did not include an audit report with the original Form 5500 filing. The DOL gives plan administrators the opportunity to self-correct by submitting an application under the Delinquent Filer Voluntary Compliance Program, which can favorably close a DOL investigation and secure a no-action letter.

 

Plan Administrator and SOC Reports

The plan administrator, a party charged with governance, needs to review Service Organization Controls (SOC) reports of their plan’s service providers (e.g., recordkeepers, third-party administrators, directed trustees, payroll companies) to make representations to the plan auditor and continue to retain service providers. SOC reports are independent examinations of the operating effectiveness of internal controls and risk assessments of service organizations that provide financial reports, process transactions, and hold plan assets.

 

Plan auditors routinely ask plan administrators to represent that they have reviewed service provider SOC reports and implemented relevant user controls to ensure that their complementary controls are operational. Plan administrators must review annual SOC reports to provide a basis for their continued retention of the recordkeeper and directed trustee, as well as to demonstrate that continued service provider retention is prudent.

 

Independent Administration Fiduciary

The DOL encourages plan administrators to retain subject matter experts if they do not possess the expertise in-house. Accordingly, it is advisable for plan administrators to retain an advisor who serves as an administration fiduciary to which they would delegate responsibility to oversee recordkeeper activities and ensure compliance.

 

A named fiduciary advisor would assess plan sponsor risk, recommend action to correct plan document and operational defects, and oversee the self-correction process on an ongoing basis and in advance of an IRS audit. An advisor must have strong capabilities in serving retirement plan sponsors and accept fiduciary responsibility for recordkeeper oversight and a delegation of plan administration responsibility in writing. A capable named fiduciary advisor would perform operational reviews on an annual basis and report to a retirement plan committee serving as the plan’s governing body.

 

Accordingly, it is advisable for plan sponsor boards to appoint a retirement plan committee, for this committee to meet at least annually, and for this committee to maintain meeting minutes to decentralize plan-administrator responsibility and memorialize fiduciary decisions.

 

Effective Plan Governance

A plan administrator’s best insurance policy is the retention of an independent administration fiduciary, because fiduciary liability policies do not cover the cost of IRS-mandated benefit corrections or monetary sanctions. Moreover, fiduciary liability policy premium and retention amounts have increased dramatically as a result of the current legal landscape and public availability of filed Forms 5500.

 

Plan administrators have an extra level of due diligence that is required in order to ensure that they operate their plan in accordance with the plan terms, ERISA, and applicable case law, and free from conflicts of interest.

 

Recent regulatory initiatives and increased litigation demonstrate that many plans are not operationally compliant and that conflicts are not well understood by plan administrators, who often mistakenly rely upon their limited scope advisors and nonfiduciary recordkeepers.

 

A retirement plan advisor must possess the requisite expertise, express fiduciary status in writing without disclaimer, maintain no conflicts of interest, oversee actual plan operation, conduct operational reviews, and effectively manage plan governance in order to protect plan administrators from fiduciary liability and plan sponsors from unnecessary expense.

 

The best-performing plan administrators retain independent fiduciaries to provide investment advice, review operational compliance, recommend corrective action, and manage plan governance to reduce organizational risk.

 

Sheldon M. Geller, JD, CPA, is the managing member of Stone Hill Fiduciary Management, LLC, Great Neck, N.Y. He is a member of The CPA Journal Editorial Advisory Board.

Company The CPA Journal
Category FREE CONTENT;ARTICLE / WHITEPAPER
Intended Audience CPA - small firm
CPA - medium firm
CPA - large firm
Published Date 09/27/2022

User-added image


Cpajournallogo

The CPA Journal
www.cpajournal.com

The CPA Journal is known as the “Voice of the Profession,” and is The New York State Society of CPA’s monthly flagship publication and top member resource. An award-winning magazine and finalist for excellence in journalism (2018, 2017 FOLIO magazine awards), The Journal has over 95% nationally focused content written by thought leaders in the accounting and finance industry.

For more than 85 years, The CPA Journal has been earning its reputation as an objective, critical source of information on issues of interest to CPAs. The Journal provides analysis, perspective, and debate on the issues that affect the CPA profession. Major topics include accounting and auditing, taxation, personal financial planning, finance, technology, and professional ethics. The CPA Journal is issued monthly in print, and offers daily insight and analysis digitally here on cpajournal.com. Published by the New York State Society of CPAs, The Journal’s active editorial and review process ensures thorough technical quality and material relevant to CPAs in public practice, industry, government and education.