With regulators focused more than ever on a plan's controls, it is imperative that plan sponsors have the proper procedures and controls in place. This third in a series of articles on the importance of internal controls for employee benefit plans looks at the operational compliance controls.
It is not sufficient that a retirement plan be covered by a plan document that meets all the terms and conditions of the applicable law. It is also necessary that the day-to-day operations of the plan be consistent with that plan document and with the law. While this may seem redundant, the law or regulations may change before a sponsor is required to amend the plan. In these cases, the plan's operations could be required to vary from the written terms of the plan in order to satisfy the law. Additionally, facts may change so that even if the plan sponsor follows the terms of the plan, the result does not comply with the law. For example, it is permissible for a defined contribution plan to require that an individual be an active employee at the end of the plan year to receive a contribution; however, any employee who worked more than 1,000 hours before they were terminated counts in determining whether or not the plan satisfies certain compliance tests. For a company that experienced fairly high turnover during the year; following the plan's terms on eligibility may not be enough to satisfy the qualification requirements regarding coverage.
If a plan fails to follow its terms or the applicable law, the plan faces the potential loss of qualified status. A loss of qualified status could mean taxation of plan participants, taxation of plan earnings to the trust and loss or limitation on the employer deduction for plan contributions. Since the formation of the Employee Plan's Compliance Resolution System, it is unlikely that a plan will be disqualified. Nonetheless, the plan sponsor may be exposed to significant costs to correct any errors and for penalties payable to the IRS in the event errors are discovered upon audit. It is always best to have controls in place to guard the plan's operations and its tax-advantaged status.
This gives rise to the second critical set of controls over a plan's operations—compliance controls. These controls apply in two broad areas:
- Are the plan's operations in compliance with the written terms of the plan (i.e. - controls over the "accuracy" of the plan's operations relative to its governing instruments)?
- Is plan management or their delegate applying all the required tests to the plan's operations to demonstrate compliance with the law (i.e. - controls over the "testing" of the plan's operations with applicable law and regulations)?
These are distinct, but interrelated areas. A plan may follow its terms, yet fail an applicable test under the Code. Likewise, tests may appear to have been passed, but be based on inaccurate data where the plan's operations failed to follow its terms.
The easiest way to evaluate the controls over the plan's operation is to follow the life cycle of an employee as they enter the plan, accumulate benefits, make investment elections (if applicable), vest and eventually receive a distribution. The following discussion is primarily focused on participation in a defined contribution plan1. The following questions are intended to illustrate the types of controls that relate to IRS or DOL compliance with respect to the plan's operations and are not intended to be an exhaustive list of considerations. These questions are merely intended to prompt the reader to consider the types of controls that may be appropriate to their plan.
- Are there controls in place to verify the accuracy of the data required for entry? Depending upon plan terms this would include items such as the date of birth, date of hire, hours worked, status as an eligible participant (i.e., union versus non-union).
- Do controls over plan entry properly consider special circumstances such as rehires, employees returning from approved leaves of absence (e.g., returning from military duty), employees changing classification from ineligible employment to eligible, business acquisitions or other status changes?
- Are there controls in place to enroll eligible participants on a timely basis? Do those procedures specify what constitutes "timely" enrollment for plans that involve employee contributions?
- Where specific notices are required regarding safe harbor contributions or automatic enrollment, are there controls in place to make sure such notices are delivered and on time? Is a record retained to document the delivery of such notices?
- Is there someone charged with reviewing eligibility determinations for accuracy on a periodic basis? In today's world of very short waiting periods for entry into employee savings plans, an annual review of eligibility determinations would generally not be considered to operate frequently enough to be a sufficient control. Reviews should correlate to the waiting period for entry (e.g., monthly entry dates should include monthly reviews for eligibility determinations.)
- If workers are from employee leasing or temporary employment agencies, are controls in place to properly recognize whether leased employees must be considered as eligible participants in the plan or if excluded, participants eligible but not participating for the applicable compliance tests? If the plan has a waiting period, are procedures in place to give appropriate prior service credit to leased or temporary workers who are subsequently hired by the plan sponsor?
- Are there controls to make sure that any compliance tests applicable to plan eligibility are recognized and performed on a timely basis? Does someone periodically verify which compliance tests apply and whether such tests are performed on time? If such tests are to be performed by a vendor, does the contract with that vendor specify that they are responsible for performing these tests and when they do such tests? Is there someone at the plan sponsor responsible for verifying that the data provided for such tests is accurate, that such tests have been performed and what action must be taken, if any?
- Are controls in place to make sure that the testing on plan coverage includes all members of the controlled group as defined in the IRC? Are controls in place to advise the party performing such testing of any changes in that group? Is there someone at the plan sponsor with sufficient familiarity with these rules to recognize when such a change might have happened? If not, are there procedures in place to contact the appropriate service provider for assistance in the event of any significant change in the workforce or the controlled group structure?
- Where the results of a compliance test require action by the plan sponsor, are there controls in place to make sure such action takes place within the required timeframe? Is someone from plan management charged with verifying that the action taken was sufficient and timely?
- Are there controls in place to make sure that any employee salary deferrals are calculated properly? These calculations would include the following considerations:
- Is someone charged with reviewing employee salary deferrals on a periodic basis to make sure that the correct compensation definition is used and the deferral percentages are consistent with the participant's elections? Is this review done periodically throughout the year so any errors can be identified and corrected timely?
- Is there a control system over the timeliness of deposit of any employee contributions or loan payments?
- In the event of any changes in employment practices, in compensation practices or in the associated systems, is there a control structure in place to verify that such changes have been properly integrated into the plan's operations or that the plan is amended, as appropriate, to coordinate plan operations with these workplace changes
- Are there controls in place to make sure that any employer matching or other employer contribution is calculated and allocated properly? Is the proper definition of compensation used for this calculation? If there are limitations on eligibility for such contributions (i.e., age, years of service, eligible employment category or end of year employment requirement), are such limitations functioning properly? Does someone at the plan sponsor review this calculation periodically?
- Are there controls in place to make sure that the applicable tax code limitations on employee salary deferrals, catch up contributions, compensation or total benefit allocations are satisfied? Are such limitations updated annually when the IRS issues the limits for the following plan year? Where the plan sponsor offers more than one defined contribution or defined benefit plan, are controls in place to coordinate these limits between the plans in accordance with the plan terms
- Where the participant is permitted to direct investments, do controls over the authorization and execution of such activity exist with the investment vendor or TPA through whom the trading platform is established? In such cases, the plan sponsor needs to verify that all controls required by the vendor to exist at the sponsor level do, in fact, exist and are functioning. Typically, the vendor will have a report on their control system highlighting user controls. In addition to having such user controls implemented and functioning, plan management should review the report on the effectiveness of the vendor's controls to obtain an appropriate level of comfort that their vendor selection remains appropriate.
a. The deferral election is consistent with the participant's most recent election.
b. The covered compensation is properly determined.
c. Changes made in deferral elections are executed promptly.
d. If an employee returns from leave, a new election is solicited or the prior election is implemented, as authorized by the plan document.