Statement on Auditing Standard (SAS 136) Issued for Employee Benefit Plans

In July 2019, the AICPA Auditing Standards Board (ASB) issued a standard, Statement on Auditing Standards, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA (SAS 136). It will serve as the foundation for the auditor’s responsibility to form an opinion on the ERISA plan financial statements. SAS 136 is effective for Employee Benefit Plan (EBP) audits for periods ending on or after December 15, 2020. Early adoption of the standard is not permitted.

SAS 136 applies only to audits of financial statements subject to the Employee Retirement Income Security Act of 1974 (ERISA) and should not be adopted by non-ERISA plans. It aims to enhance the quality of an ERISA plan financial statement audit (EBP audit) and covers new requirements for all audit phases

No More “Limited Scope” Audits

SAS 136 clarifies what is expected of the auditor and specifies that these audits can no longer be referred to as “limited scope” audits. Going forward, they will be deemed “ERISA section 103(a)(3)(C) audits.” The standard establishes a new form of auditor’s report that provides greater transparency about the scope and nature of the audit and describes the procedures performed on certified investment information.

The auditor will no longer issue a modified opinion (typically, a disclaimer of opinion) due to only performing limited procedures on information that is certified by a qualified institution. Instead, the report offers a two-pronged opinion that is based on the audit and on the procedures performed relating to the certified investment information. It provides opinions on whether the information not covered by certification is presented fairly and whether the certified investment information in the financial statements agrees with or is derived from the certification. However, if the auditor identifies a material misstatement of the financial statements or if there is a limitation on the scope of the audit, then the auditor would modify the opinion in accordance with SAS 136 and AU-C section 705.

New Communication Requirements for Auditors

Discussions with management should be held on matters that arise when an ERISA section 103(a)(3)(C) audit is performed. The auditor will be required to make certain communications with management and/or those in charge of governance over the plan. Reportable findings should be communicated in writing and in a timely manner.

SAS 136 also requires the auditor to make appropriate arrangements with management to obtain a substantially complete draft of Form 5500 (including the forms and schedules that could have a material effect, both quantitatively and qualitatively) and to identify material inconsistencies and material misstatements of fact, if any, with the audited ERISA plan financial statements. If a material inconsistency is identified, the auditor must determine whether the audited ERISA plan financial statements or the draft Form 5500 should be revised.

Management Responsibilities

SAS 136 also clarifies management’s responsibilities in EBP audits. In addition to those required by AU-C section 580, the auditor must obtain certain written management representations regarding its responsibilities for maintaining a current plan instrument, administering the plan, and providing the auditor with a substantially completed draft of Form 5500 prior to the dating of the auditor’s report. Management also must acknowledge its responsibilities for the investment certification when it elects to have an EBP audit.

Questions about this blog? Please contact Juliana Shepetiak at 216.242.0824 or [email protected] for more information.