M5: Flashcards
Establishes financial accounting and reporting standards for the financial statements of defined benefit pension plans
FASB ASC Topic 960
A voluntary membership organization for firms that perform benefit plan audits
Employee Benefit Plan
Audit Quality Center (EBPAQC)
Establishes financial accounting and reporting standards for Defined Contribution plans
FASB ASC Topic 962
Daily penalty and maximum penalty for deficient/missing information on the required audit report
up to $1,100 per day with a $50,000 per annual 5500 filing
Establishes accounting and financial reporting standards for health & welfare benefit plans
FASB ASC Topic 965
Communication at the end of an engagement, where the auditor engages those charged with governance and who have appropriate responsibilities for the financial statements and knowledge of their related plan matters.
Management Representation Letter
The illegal use of property or funds of an individual for another’s own use or other unauthorized purpose
Misappropriation
When financial statements are compromised in an attempt to deceive plan participants
Financial Statement Fraud
Studies by this organization identified the most common methods for detecting fraud
Association of Certified Fraud Examiners (ACFE)
Departments where fraud is most likely to occur
Accounting, Operations, & Upper
Management
Results of the 2014 DOL Audit Quality Study
4 out of 10 audits (40%) had Unacceptable–Major deficiencies
As part of the DOL, they oversee the quality of benefit plan audits by CPAs
Employee Benefits Security
Administration (EBSA)
Document to a client from an independent qualified public accountant to establish and document an understanding regarding the services to be performed at the beginning of a plan audit
Engagement Letter
Three levels of severity of a deficiency
- Material Weakness
- Significant weakness
- Other weakness
Entity responsible for understanding
the objective of the plan audit
Plan Management
Entity that does not have the right to examine an auditor’s work papers
Plan Administrator
The most effective fraud detection tool available
Whistleblower Hotline
Entity responsible for expressing an opinion on a plan’s financial statements
Plan Auditor
Departments where fraud occurrences are low
Human Resources, Boards of
Directors, & Legal
Which severity of weakness is the most significant and deals with internal controls
Material Weakness
Severity level deals with internal controls but is not the most significant
Significant Weakness
Severity level that is not significant or material
Other Weakness
3 common deficiencies that plan auditors commonly communicate to management
- Internal plan processes
- Regulatory requirements
- Outside service providers
3 common deficiencies with internal plan processes include
- Processing of participant contributions
- Participant loan repayment
- Hardship withdrawals
One of the most common deficiencies required under ERISA, section 408 (b)(2)
Lack of proper monitoring of service provider fees and disclosures
A report on the effectiveness of an organization’s internal controls and safeguards they have in place while providing independent and actionable feedback. Financial statement auditors use them to reduce audit procedures.
SOC 1 Report
Allows plan management to determine whether the plan sponsor has effective controls to ensure 1) the proper and complete transmission of data, 2) proper processing of data and complete receipt of data, and 3) timely reconciliation of data received.
What a SOC 1 Report does
The goal of this is to enhance the quality of audits of ERISA plans by prescribing certain procedures that are required to be performed in the audit. Also looks to add transparency to the nature and scope of audits as presented in the auditor’s report.
SAS 136
Statement on Auditing Standards No. 136
1) Clarity of the respective responsibilities of auditors and plan sponsor’s fiduciaries and administrators
2) Auditor’s responsibilities must now be disclosed on the auditor’s report
3) Management’s responsibility to maintain a plan instruction, administer the plan, and maintain sufficient records for plan transactions and benefits
Changes brought by SAS 136
Limits independent auditors from auditing investment information that a qualified institution prepares and certifies. Only the plan administrator can instruct the auditor to not perform any auditing procedures on the certified investment information
Limited Scope Audit
SAS 136 renamed the limited scope audit to what ERISA Section
ERISA Section 103(a)(3)(c)
3 main risk factors most likely to create fraud
- the presence of incentives or pressures to commit fraud
- opportunities to carry out the fraud
- attitudes and rationalizations to justify the fraud
Internal audit, management review, reconciliations, external audit, surveillance and confessions are all examples of
the most common fraud detection methods identified by the ACFE
Contains 3 statutes that directly address violations involving employee benefit plans:
1) Embezzlement
2) False statements or concealment of facts in relation to documents required by ERISA
3) Offer, acceptance, or solicitation to influence operations
Title 18 of the U.S. Criminal Code
Prosecutions are handled by U.S. Attorney’s offices
Examples of this include:
*Implementing whistleblower hotlines
* Provide employee support programs
*Provide codes of ethics and ethics training
*Ensure all employees understand what constitutes fraud - implement a zero tolerance policy
Ways to deter or minimize fraud
- Magnitude of violation
- Desirability and likelihood of incarceration both as a deterrent and as punishment
- Whether the case involves prior ERISA violator
Examples of decisions to seek criminal action
Who is responsible for ensuring that auditors have access to all plan documents and to continuously monitor the plans for appropriate handling?
Plan Fiduciary
