New Auditing Standard Promises Big Changes in Retirement Plan Audits

By Colin M. Hannifin, CPA, Business Assurance & Advisory Services Senior Manager

New Auditing Standard Promises Big Changes in Retirement Plan Audits

By Colin Hannifin, CPA, Business Assurance & Advisory Services Manager

New audit standard aims to provide clarity in the content of Employee Benefit Plan audit reports

In July 2019, the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) issued the Statement on Auditing Standards (SAS) No. 136, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA (SAS 136 or ERISA SAS).  The new standard will have a significant effect on the content of the auditor’s reports that accompany the audited financial statements of employee benefit plans. The intent is to increase the transparency and understandability of the report for end users of the statements.

SAS 136 | Employee Benefit Plan Audits | Keiter CPAs

Removal of Limited Scope Audits

One of the most visible changes under SAS 136 is the removal of “limited scope” audits.  Limited scope audits referred to ERISA audits in which the auditors could perform limited procedures, relying on the certification of the plan’s custodian or trustee.  Under the new standard, these are now referred to as “ERISA Section 103(a)(3)(C) audits.”  The ERISA SAS includes some new required audit procedures in those areas previously covered by the certification; as a result, the audits will no longer be considered to have a scope limitation.

Enhanced Communications

Additionally, the ERISA SAS seeks to enhance communications between the auditors and management and those charged with governance.  Under the new standard, the auditor should communicate any reportable findings to those charged with governance in writing in a timely manner. Further, the auditor should also communicate to those charged with governance its responsibility with respect to the Form 5500, procedures performed, and the results of those procedures. The auditor also has a responsibility to discuss with management any prohibited transactions with a party-in-interest that has not been properly reported.

Management’s ERISA Audit Responsibilities

The ERISA SAS also clarifies management’s responsibilities in an ERISA audit, and will require management to assume these responsibilities in written representations at the conclusion of the audit.  These responsibilities include:

  • Maintaining and providing to the auditors a current plan document, including all amendments;
  • Administering the plan and determining that the plan’s transactions presented and disclosed in the financial statements are in conformity with the plan’s provisions;
  • Providing to the auditors a completed draft of the Form 5500 prior to the auditor’s report; and
  • When electing to have an ERISA Section 103(a)(3)(C) audit, determining whether:
    • An ERISA Section 103(a)(3)(C) audit is permissible;
    • The investment information is prepared and certified by a qualified institution as described in 29 CFR 2520.103-8;
    • The certification meets the requirements in 29 CFR 2520.103-5; and
    • The certified investment information is appropriately measured, presented, and disclosed in accordance with the applicable financial reporting framework.

Change in Format for Employee Benefit Plan Audit Report

Finally, the ERISA SAS will have a significant impact on the form of the auditor’s report that accompanies the financial statements.  Under the new standard, the audit opinion will be at the beginning of the auditor’s report. Furthermore, under the new ERISA Section 103(a)(3)(C) audits, the standard opinion won’t be a disclaimer, as there is not a scope limitation.  Instead, in a clean audit, an unmodified opinion will be issued.

Following the opinion will be a paragraph describing the basis of the opinion.  When applicable, paragraphs regarding going concern and key audit matters (when engaged to communicate these matters) will follow.  The final paragraphs of the report will be a discussion of management’s responsibilities for the financial statements, auditor’s responsibilities for the audit of the financial statements, and other matters describing the nature and intent of the supplemental schedules.  Most of these components are already included in the current audit report, when applicable; however, the form and content will be updated slightly.

Effective Date

The ERISA SAS is effective for periods ending on or after December 15, 2021, and early adoption is not permitted. Organizations who sponsor plans with calendar year-ends will see the effect of this standard during their December 31, 2021, audits.


Questions on the new employee benefit plan audit standard? Contact your Keiter representative or Email | Call: 804.747.0000. Our ERISA team can help you navigate the changes.

Additional ERISA Resources

Share this Insight:

About the Author

Colin M. Hannifin

Colin M. Hannifin, CPA, Business Assurance & Advisory Services Senior Manager

Colin is a Business Assurance & Advisory Services Senior Manager at Keiter. He has significant experience in public accounting for both the not-for-profit and private sectors. Colin’s clients rely on him for sound advice and insights on accounting regulations and changes that may impact their business.

More Insights from Colin M. Hannifin

The information contained within this article is provided for informational purposes only and is current as of the date published. Online readers are advised not to act upon this information without seeking the service of a professional accountant, as this article is not a substitute for obtaining accounting, tax, or financial advice from a professional accountant.


Contact Us