As we have discussed in previous blog posts, Plan Sponsors, Plan Administrators, and Plan Trustees of 401(k) Plans are named fiduciaries to the related Plans. They must always act in the best interest of participants and oversee the transactions undertaken by the Plan and ensure compliance with all laws and regulations. Failure to do so can expose the Plan Sponsor (a company offering the Plan) and/or named individual fiduciaries to civil and potentially criminal penalties.
So, what actions can you take as a fiduciary to reduce this risk?
- Review the internal controls for the plan. Do a review of higher-risk transactions such as distributions and loans. Ensure that there are reconciliations in place to verify all contributions are received by the Plan custodian and deposited into participant accounts.
- Periodically review the fees charged to plan participants. Ensure they are reasonable when compared to the services offered for those fees. Have a benchmark comparison completed to ensure the fees are not higher than other similar plan offerings.
- Establish a committee to oversee the plan. This committee should review the plan financial statements, fees charged, service levels provided by relevant service providers, and review investment performance. Document the actions recommended by the committee and ensure all recommendations are acted upon. Hire a qualified investment professional to help with this evaluation if you do not have the expertise needed in this area.
- Review the IT controls for the Plan. Ensure that information that should remain private is not provided without verifying the identity of the requestor. Change site passwords often and do not share passwords. Review those that have administrative access to the plan on a regular basis and ensure access is removed whenever there is a change in personnel involved with the Plan. Cyber Liability Insurance is available to help out in this area if there is a breach.
- Review your Fidelity Bond on an annual basis. You are required to carry coverage for 10% of beginning plan assets up to $500,000 or $1,000,000 if employer securities are held. Make sure you increase the coverage as the plan assets increase. Verify the coverage doesn’t lapse if it requires regular renewal. Also, consider fiduciary liability insurance to help protect you in the case there is a problem.
- Review the contribution timeliness of submissions. Contribution submissions need to be made consistently. Establish a timeline that needs to be followed by all payroll personnel. Ensure you have a backup in place to handle the payroll processing and submission of 401k deferrals in the event the regular processor is on vacation or otherwise unavailable. This will ensure all submissions are made timely.
- Establish a compliance calendar with the help of your service provider. This will help you to keep track of all requirements such as preparation of the Census and discrimination testing questionnaires, dissemination of required disclosures, needed updates to Plan Documents, Form 5500 filings, and the annual audit deadlines (if applicable). Make sure all Plan tasks are assigned to specific individuals and follow-up to ensure all tasks are completed by the deadline even if they are to be completed by a service provider.
Although the above listing is not meant to cover all aspects related to a 401(k) Plan, we recommend Plan fiduciaries review this listing on a regular basis to ensure they are appropriately handling all the needed actions for their Plan. This will go a long way to not storing up problems that can be costly and difficult to deal with in the future.
If you would like to discuss Summit CPA Group’s audit process in more detail or need an audit for the first time, contact our office at (866) 497-9761. We’re here to help you navigate the world of the 401(k) audit as proficiently as possible. We also offer flat-fee pricing so there are no surprises on your bill when the job is complete.