DOL Moves to Take EBP Audit Standards Setting from AICPA

By:
Chris Gaetano and Colleen Lutolf
Published Date:
Jul 28, 2015
Ian Dingwall (small)

Ian Dingwall. Photo courtesy of NASBA

 

The U.S. Department of Labor (DOL) is calling for federal legislation that would allow the U.S. Secretary of Labor to establish standards for employee benefit plan (EBP) audits, as well as require additional education for the CPAs who perform them. The call comes after a recent agency study found that 39 percent of EBP audits contained major deficiencies.

The study, issued in May, examined 400 of the 81,162 EBP audits filed by approximately 7,300 firms in 2011. Audits were categorized by the size of a firm’s employee benefit plan audit practice, which the DOL pointed out was not necessarily reflective of the size of the firm overall.

The DOL found that the smaller the EBP audit practice, the greater the incidence of audit deficiencies. For example, the audits filed by firms that performed only one or two plans annually showed a 75 percent deficiency rate, while those that performed 750 or more such audits a year did much better, with a deficiency rate of only 12 percent. Firms that belonged to the AICPA’s Employee Benefit Plan Audit Quality Center (EBPAQC) were found to have a lower percentage of deficient audits than those that did not.

“It’s really the dabblers who don’t pay attention to what the rules are,” said Ian Dingwall, the chief accountant of the DOL’s Employee Benefits Security Administration (EBSA), during the NYSSCPA’s May 4 Employee Benefits Conference prior to the report’s release. “These guys go out, audit one to two plans a year, get lots and lots of tax CPE [continuing professional education]—they don’t necessarily get [continuing] education unique to auditing employee benefit plans.”

The DOL wants to change that. It recommended 11 enforcement, legislative and outreach changes that it believes would reduce EBP audit deficiencies, including penalizing the CPA for up to $1,100 a day until the audit meets professional standards—not the plan sponsor, which is currently the responsible party—if the plan’s annual report is rejected due to a deficient audit or if the accountant didn’t meet qualification standards for performing an EBP audit; as well as empowering the Secretary of Labor to issue regulations that would require additional educational training for those CPAs who conduct EBP audits.

The DOL also wants the authority to establish accounting principles and auditing standards that are “either unique to or have substantial impact upon [EBPs].” Currently, these standards are promulgated by the AICPA—and the institute wants to keep it that way.

“DOL authority to set auditing standards would create confusion in the marketplace and unnecessary complexity in practice,” the AICPA said in a statement. “Plus it adds politics into the mix, which is undesirable. We believe a more effective and meaningful approach is for the DOL to participate in the standard-setting process, by observing and providing advice or by serving on the Auditing Standards Board.”

David Evangelista, a trustee of the NYSSCPA’s Foundation for Accounting Education and the former issue vice chair of the DOL’s ERISA (Employee Retirement Security Act) Advisory Council 2010 report, “Employee Benefit Plan Auditing and Financial Reporting Models.” He agreed with the AICPA’s statement, saying that adding another standards setter to the already overly complex regulatory structure that CPAs have to follow would lead to “standards overload for the people who do it right. If DOL promulgated the standards, the people who do it wrong will still do it wrong.”

But the safeguard that the profession has in place to self-police audit firms—a peer review every three years—hasn’t been catching the firms who “do it wrong.” Of the 72 firms that performed one or two employee benefit plan audits per year that were found to be deficient by the DOL, 60 firms were peer reviewed and, of those peer-reviewed firms, over 80 percent had clean peer reviews, according to the DOL.

“That’s a much bigger issue that the profession needs to focus on,” Evangelista said. “These are GAAS [generally accepted auditing standards] failures. If you fail to properly plan the [EBP] audit, then you’re probably not properly planning other audits too.”

Although the majority of the firms that had major deficiencies in their audits received clean peer reviews, the AICPA said it has not seen instances where the assets that are reported in a plan’s financial statements were materially misstated, and noted that the DOL is not taking issue with the auditing standards themselves.

The AICPA has also been making a concerted effort to improve the quality of employee benefit plan audits through the EBPAQC, launched nearly a decade ago around the time of the prior DOL audit quality study of EBP audits. The Center makes available to firms that pay for membership a number of EBP audit tools, resources and webinars, including offerings carrying CPE credit. In anticipating the results of the DOL’s latest report (which showed that the number of deficient audits increased by 6 percent over the 2004 study), the AICPA said it is addressing the issue on multiple fronts, leveraging technology to overhaul its peer review program and developing a credential for employee benefit audit specialists. This is part of a broader “six-point plan” to improve audit quality that the AICPA launched in 2014. 

 

A different animal

Adam S. Lilling, the chair of the Society’s Employee Benefits Committee, said he was not particularly surprised by the report’s findings, as performing an employee benefit plan audit is a specialized skill that is really quite a different animal from a typical commercial audit. Two primary elements make EBP audits distinct from commercial audits, he said. One is the presence of EBP-specific items, such as employee contributions, timeliness of remittances and benefit payments, which are really the main focus of a plan audit. The other is the limited scope of a plan audit, where the auditor obtains a certification and performs limited audit procedures on a plan’s investments based on that certification, but still needs to perform many of the aforementioned plan-specific procedures.

The problem, Lilling explained, is that inexperienced auditors treat an EBP audit as a standard commercial audit, which just doesn’t work—the auditor needs to test those EBP-specific items that aren’t in a standard audit.

Firms with smaller EBP audit practices “many times do not have the right background or experience in this specialized field,” he said. “The inexperienced EBP auditor ... tests the balance sheet and income statement, but does not properly audit the EBP-specific items.” 

In addition, accountants see the term “limited scope” and may think they’re not even doing an audit, Lilling said.

“Often, inexperienced EBP auditors think the audit is actually a compilation,” he added, whose firm also provides peer review services. “We often hear people say, ‘Oh, we don’t do audits, just a few limited scopes.’”

To address the issue, the DOL is recommending that ERISA, which set standards for pension and health plans in private industry in 1974, be amended to remove the limited-scope audit exemption. The AICPA not only agrees, but has been actively petitioning the DOL to make this change for nearly 40 years. The limited-scope audit exemption is unique to ERISA employee benefit plans and exists in no other industry, the AICPA told the DOL’s Advisory Council in a 2010 hearing on EBP auditing and financial reporting models.

“The profession has been asking for that for years for a reason,” said Evangelista, who, in addition to representing the accounting profession on the ERISA Advisory Council, had a seat on the initial executive committee when the AICPA formed its EBPAQC. “It’s a bad product. It doesn’t yield a lot of protection on plan assets for plan participants,” but politics has played a large role in Congress’s reluctance to amend the law to eliminate the exemption.

Evangelista also agrees with the DOL’s recommendation of requiring additional continuing education for auditors who perform EBP audits.

“It has to be good quality CPE, not just volume CPE. CPAs performing plan audits need to hear real-life scenarios, and be able to pose questions to knowledgeable people—standard setters, regulators and experienced auditors,” he said. He also is not opposed to the DOL obtaining disciplinary powers, “as long as there is due process to it. I’m leery as a practitioner of supporting that without knowing what the due process is going to be. Within our profession—the AICPA, the state societies and the state licensing boards—we already have mechanisms for disciplining deficient practitioners when necessary, so a DOL process would have to add something of value to the existing processes.”

The NYSSCPA, in a statement released on May 28, said it is committed to working with the DOL, the AICPA, the New York State Board for Public Accountancy and the National Association of State Boards of Accountancy to develop educational and practice-monitoring solutions that result in significant improvement to EBP audits. 

“The high rate of audit deficiencies documented in this study is unacceptable and does not reflect the core tenets that the CPA profession holds dear: accuracy, transparency and accountability,” the statement said.

The Society developed a resource page aimed at educating CPAs on the finer points of EBP audits and their importance. It contains videos of the entire Employee Benefits Conference, including Dingwall’s complete session on the DOL, and is meant to serve as a resource for CPAs interested in learning more about auditing EBPs to help reduce the number of deficient audits. CPAs can earn CPE for watching the videos by purchasing them as self-study courses through the Society’s MyCPE catalogue.


cgaetano@nysscpa.org
clutolf@nysscpa.org

Click here to see more of the latest news from the NYSSCPA.