The American Institute of Certified Public Accountants, the national professional organization of Certified Public Accountants, released a new Statement on Auditing Standards (SAS) regarding the auditing and reporting on financial statements of ERISA plans. Specifically, SAS 136 changes the “limited scope audit.” The new standards are in response to concerns raised by the Department of Labor regarding the quality of financial statement audits, after the Department estimated that nearly 40% of audits had major deficiencies.
When a plan instructs an auditor to perform a limited scope audit, the auditor will not perform any auditing procedures regarding investment information prepared by a bank or similar institution acting as a trustee or custodian. SAS 136 does not prohibit the limited scope audit (renamed the “ERISA Section 103(a)(3)(C) audit” by the statement) but does implement some changes. First, plan sponsors will have additional responsibilities, such as assessing whether the entity providing the certification is a qualified institution, confirming the certification meets ERISA requirements, and affirming in writing that all requirements are met. This means there will likely be new procedures regarding the evaluation of the investment information provided by the plan’s asset custodian or trustee. Additionally, the audit report will have a new format, which emphasizes the scope of the audit and the different responsibilities of the plan sponsor and the auditor.
Because of the COVID-19 pandemic, the implementation of the new standards have been postponed from their initial effective date. The new standards are now effective for audits ending on or after December 15, 2021.