November, 2005

Employee Benefit Plans Advisor

Audit Quality Enforcement Initiative by the Department of Labor

In April 2005, the DOL's Employee Benefits Security Administration (EBSA) began a new nationwide enforcement initiative to monitor, and ultimately improve, the quality of ERISA audits. This will be a very important and ongoing EBSA initiative, beginning with the initial selection of over 500 plan audits to review. The purpose of this Client Advisory is to proactively inform you of this enforcement initiative.

In April 2004, we advised our clients and friends that, in February 2003, the EBSA had initiated its second nationwide review to assess the quality of employee benefit plan audits. Results from that review were never publicly released. However, independent sources have told us that the review, which covered 300 plans and included 15 areas of examination, revealed a high incidence of audit deficiencies and failures.

The stakes in this field are high. In the DOL fiscal 2003 annual report, the Office of Inspector General identified security of pension assets, including cash-balance pension plans, as one of the DOL’s most serious management and performance challenges. In accordance with the provisions of Title I of the Employee Retirement Income Security Act of 1974 (ERISA), the EBSA oversees approximately 730,000 private pension plans holding more than $4 trillion in assets on behalf of more than 45 million workers. Additionally, news headlines this year have focused on pension plans at risk due to major corporate bankruptcies (for example, the airline industry) and the financial woes that is creating to the Pension Benefit Guaranty Corporation.

Bober, Markey, Fedorovich & Company has always placed a very high level of emphasis on ensuring that our clients receive high quality services. We have gone to great lengths to ensure our staff is well trained in this highly complex field, including sending key personnel to specialized training and conducting in-house training for all of our audit and tax personnel involved in this field. This training, combined with close supervision of staff on audit engagements and hands-on participation of our Partners and Managers in the audit process, provides assurance to our clients that we take the quality of audit services in this area very seriously.

To further demonstrate our commitment to quality, Bober, Markey, Fedorovich & Company was amongst the first CPA firms in the country to join the AICPA’s Employee Benefit Plan Audit Quality Center (EBPAQC), which requires member firms to maintain and demonstrate high quality audit services in this field, obtain minimum amounts of continuing professional education in audits of plans, include plan audits in their triennial peer reviews, etc. Joining this Center was an easy decision for us, since we were already doing everything that they require of members.

We additionally registered with the Public Companies Accounting Oversight Board (PCAOB) for those benefit plans we audit that are public registrants. This past summer our public company plan audit files were inspected by the PCAOB and we are pleased to report that, while the PCAOB has not released their report in final form, they have provided us with a draft report which reflects that our Firm received a clean "unqualified" report from the PCAOB.

James E. Merklin, CPA, CFE, M.Acc. is our Director of Employee Benefit Plan Audit Services and, in addition to being heavily involved in our plan audits, he has also been active in a leadership role in the establishment of a national discussion forum amongst our affiliates in the PKF North American Network. This discussion forum has provided Bober, Markey, Fedorovich & Company the opportunity to share best practices ideas amongst the nearly 100 independent CPA firms nationwide that are affiliated with PKF.

Bober, Markey, Fedorovich & Company will be monitoring continuing developments in this field very closely and will advise you of any potential implications to your benefit plans.

See below for portions of an alert recently issued by the EBPAQC, identifying in Question & Answer format some of the issues that the EBSA has had in their review of benefit plan audits nationwide. We thought you would be interested in seeing this information. BMF&C

Source: AICPA Employee Benefit Plans Audit Quality Center

Will this new initiative supplement or replace EBSA's prior enforcement program?

Each year more than 70,000 annual Form 5500 filings are required to contain audit reports. Historically, EBSA's Office of Chief Accountant (OCA) has conducted desk reviews of selected Form 5500 filings, which included review of the audited financial statements and related auditor's reports, but did not include a review of the auditor's workpapers.

Approximately 2,000 to 3,000 such desk reviews were performed annually. In cases where errors were noted in the accountant's report and/or the financial statements contained obvious errors, the EBSA forwarded its findings to the AICPA's Professional Ethics Division or the appropriate state board of accountancy. In addition, the OCA performed approximately 50 to 75 randomly selected on-site workpaper reviews each year. Negative findings from those reviews also were passed on to the AICPA's Professional Ethics Division or state licensing boards.

The EBSA has eliminated both of those reviews, and adopted a new approach.

Why is EBSA adopting a new approach?

Since the DOL Office of Inspector General (OIG) first conducted its study of ERISA audit quality in the late 1980s, it has been documented that ERISA audit deficiencies occur at an unacceptably high rate. Subsequent studies performed by the EBSA have shown no improvement, despite both public and private sector efforts to affect change. Because no measurable improvement has been noted as a result of its existing enforcement strategy, EBSA recognizes the need to re-focus its efforts with respect to plan audits.

Who will be performing the reviews?

The EBSA's Office of the Chief Accountant (OCA) will administer the review program.

How will EBSA select firms for review?

A substantial portion of the OCA staff's time will be devoted to examining audit quality issues in the work of CPA firms that perform large numbers of plan audits or that audit plans with significant amounts of assets. This new enforcement approach is facilitated by the revised Form 5500, which allows the EBSA to more readily identify plan auditors.

The 2001 Form 5500 database indicates that almost 10,000 CPA firms performed approximately 73,000 plan audits. Further analysis shows that only 37 CPA firms performed 32,300 plan audits, which covers 80% of the plan assets under audit. Conversely, there are 4,807 CPA firms that audit only one plan, or 1.5% of plan assets under audit. Therefore, the EBSA is focused on ensuring that those 37 CPA firms have the necessary policies and procedures in place to assure their audit work complies with applicable professional standards. Several audits performed by various offices of each of those firms will be selected for review. Additionally, the OCA will select a number of audits performed by smaller firms for review as part of its targeting strategy.

What approach will be taken for the reviews?

The OCA has adopted a two-pronged approach to its review of ERISA audits.

For the firms that perform a significant number of ERISA audits, the approach will be similar to that used by the Public Company Accounting Oversight Board in its reviews of CPA firms auditing publicly traded companies. Those reviews will include a review of the firm' ERISA audit practice, as well as a review of individual ERISA audit engagements performed by that firm.

The OCA will perform a detailed, top-down review of each firm selected, to determine the quality of the firm's policies and procedures related to its ERISA audit practice, which will include an analysis of each of the following:

• Management of the firm' ERISA audit practice
• The firm's staff training and development program for its ERISA audit practice
• Supervision and review of ERISA engagements
• Firm independence with respect to ERISA engagements

In addition, the OCA will perform detailed reviews of selected ERISA audit engagements to determine compliance both with the firm's internal policies and procedures and with professional standards. Those reviews will include on-site reviews of ERISA audit workpapers, as well as interviews with ERISA audit engagement teams.

For firms that perform a limited number of employee benefit plan audits, the EBSA is targeting those plans with over $10 million in assets. The OCA will send letters to the plan administrator requesting copies of the audit workpapers. The OCA will perform an in-house review of the Form 5500, the independent auditor's report, and selected workpapers for each of those engagements. Those reviews will be expanded to include additional workpaper reviews, discussions with firm representatives, and any additional procedures deemed necessary based on the findings of the initial reviews.

When will the reviews be performed?

EBSA began performing reviews of CPA firms in April 2005. Using a rotating schedule, they will review the work of all the national level CPA firms over the next several years. The reviews will be scheduled and performed throughout the calendar year. Reviews of individually targeted plan audit workpapers will be conducted on an ongoing basis.

How will a firm know if it has been selected for review?

CPA firms performing a significant number of ERISA audits will be contacted by OCA representatives to inform them they have been selected for a detailed inspection of their ERISA audit operations. Typically, the initial contact is made via telephone call to the firm's managing partner.

Firms that perform a limited number of ERISA audits may still have specific audit engagements selected for review. In those cases, OCA will send correspondence to the plan administrator requesting access to the audit workpapers. Once the plan administrator has informed the plan auditor of this request, the CPA firm then usually contacts OCA directly to arrange for access to the requested audit workpapers.

How much notice will a firm selected for review be given before the review commences?

Whenever possible, OCA will work with the CPA firm to arrange a mutually agreeable time for the review to begin and to schedule onsite meetings and reviews.

In the case of individual audit engagements targeted for review, we expect that the selected audit workpapers be sent to us within 10 days of our request. When that is not possible, we work with the individual CPA firm to determine a mutually agreeable date.

What is the process of communicating with the firms throughout the process, including notification of EBSA's findings?

Communication will be based on the type of review performed. However, no matter which type of review is being performed, the intention of the OCA is to clearly and openly communicate to the CPA firms the results of any reviews performed.

For firm wide reviews, the OCA will work with the CPA firm representatives to determine the most effective method of communicating review results. This includes both the review of the firm's policies and procedures as well as detailed reviews of individual audit engagements. The communication methods chosen will be intended to avoid unintentional misunderstandings of information developed by the OCA.

In the case of individual audit engagements targeted for review, the OCA initially will contact the plan administrator requesting access to the audit workpapers. After the OCA reviews the audit workpapers, a Statement of Preliminary Findings will be sent to the CPA firm, highlighting potential deficiencies noted in the audit work performed.  The CPA will have an opportunity to provide additional information or explanations to resolve the identified deficiencies. The OCA will review the CPA firm's response and make a final conclusion as to the adequacy of the audit work. OCA will consider whether the CPA has conducted audit work subsequent to the audit engagement in order to resolve any noted deficiencies when making that conclusion. The final conclusions concerning the adequacy of the audit will be sent to both the plan administrator and the CPA firm. If deficiencies remain, the plan filing may be subject to further EBSA enforcement action.

Will a firm be notified if there are no findings?

Yes. In all cases OCA will notify the CPA firm of the results of our review. As discussed above, during a firm wide review, we will communicate interim results of the review on an ongoing basis. With respect to individually targeted audit engagements, we will notify both the CPA firm and plan administrator of the results of our review.

What will EBSA do with any findings?

The EBSA will reject the Form 5500 filing where it has been determined, in accordance with the procedures noted above, that an audit failure has occurred. In addition, the EBSA will refer the substandard work to the AICPA's Professional Ethics Division or the appropriate State Board(s) of Accountancy. To date, the EBSA has made over 100 referrals to various State Boards, and over 470 referrals to the AICPA's Professional Ethics Division as a result of its enforcement initiatives.

What can a firm do if it disagrees with the EBSA's findings?

We are hopeful that the process has been designed to effectively eliminate such situations. In the event that they do occur, CPA firms are always welcome to discuss unresolved findings with management officials within the OCA. This includes the Chief, Division of Accounting Services and the Chief Accountant.

Common ERISA Audit Deficiencies

Following is a summary of common audit deficiencies as noted in previous quality reviews performed by the U.S. Department of Labor and in their recent reviews of targeted audit workpapers.

1. Planning
   1. Inadequate – audit planning
   2. Failure to assess the risk of material misstatement due to fraud
2. Internal Controls
   1. Failure to document an understanding of internal controls – most often when a substantive audit is going to be performed.
   2. Inadequate use of SAS 70 reports
      1. Lack of testing when SAS 70 report is obtained
3. Contributions
   1. No audit performed
   2. Particularly multi-employer plans, failure to obtain adequate audit evidence for contributions back to contributing employers (multi-employer plans). Reliance on contribution reports is not enough.
   3. Insufficient payroll audit procedures
   4. Failure to test elective deferrals
4. Investments
   1. No work performed
   2. Failure to test end of year values
   3. Failure to properly value hard-to-value-assets
   4. Improper use of limited scope certifications
      1. Improper certifying entities
      2. Information other than investment information is improperly excluded from the audit scope
5. Benefit payments
   1. No audit work performed
   2. Inadequate auditing regarding eligibility of claims to be covered by the plan
6. Participant data
   1. Insufficient testing of payroll data
   2. Failure to test eligibility, forfeitures and allocations
   3. In defined contribution plans with limited scope audits, failure of auditors to test the allocation earnings and gains/losses to participant accounts.
7. Sample sizes too low
   1. Some firms have reduced their sample sizes selected for compliance and substantive testing to unacceptably low levels.
8. Workpaper documentation
   1. Adequacy of audit documentation continues to be an issue
   2. Only evidence of audit work having been performed is a sign off on an audit step without any supporting documentation

James E. Merklin, CPA, CFE, M.Acc. is our Director of Employee Benefit Plan Audit Services and, in addition to being heavily involved in our plan audits, he has also been active in a leadership role in the establishment of a national discussion forum amongst our affiliates in the PKF North American Network. This discussion forum has provided Bober, Markey, Fedorovich & Company the opportunity to share best practices ideas amongst the more than 80 CPA firms nationwide that are affiliated with PKF.

If you have any questions with regards to these developments, please feel free to call Jim at 330-762-9785 or email him at jimm@bobermarkey.com, or your Partner/Manager contact.

This Web Site is designed to present accurate and authoritative general information on a broad range of tax and accounting issues. For personalized advice on matters effecting your rights under the law and/or the drafting of legal documents, you should consult a licensed attorney.

IRS Circular 230 Disclosure: To ensure compliance with U.S. Treasury rules, unless expressly stated otherwise, any U.S. tax advice contained in this Web Site is not intended or written to be used, and cannot be used, by the recipient for the purpose of avoiding penalties that may be imposed under the Internal Revenue Code.

Home   About Us   Services   Industries Served   Client Advisories   Resources