As we had previously reported, the Office of the Chief Accountant (OCA), Employee Benefits Security Administration (EBSA), U.S. Department of Labor (DOL), has recently completed an assessment of the quality of audit work performed by independent qualified public accountants (IQPAs) with respect to financial statement audits of employee benefit plans covered under the Employee Retirement Income Security Act of 1974 (ERISA) for the 2011 filing year (plan year beginning in 2011).
On May 28, 2015, the DOL officially released its report. The Executive Summary of the report follows, but in short the quality of employee benefit plan audits has not improved since EBSA’s previous studies given an overall deficiency rate for plan audits of 39%.
As a result. the DOL has several recommendations in the areas of:
- Enforcement – including fines directly against CPAs;
- Regulatory and Legislative initiatives – including allowing the Secretary of Labor to determine which CPAs are a “qualified public accountant;” removing the limited-scope exemption; and giving the Secretary of Labor authority to establish accounting and auditing standards for benefit plans; and
- Outreach – Directly with plan sponsors, CPA firms, NASBA, States Boards of Accountancy and state societies of CPAs to stress the importance of performing quality plan audits.
Objectives and Scope
The primary objective of EBSA’s review was to assess the level and quality of IQPAs’ audits of
ERISA-covered employee benefit plans.
EBSA’s assessments involved a review of the Form 5500 Annual Return/Report filings and related audit reports for the 2011 filing year (plan years beginning in 2011). The Agency selected a statistically valid sample of 400 plan audits from a target population of 81,162 Form 5500 filings for 2011 in which an accountant’s report/audit opinion was attached.
In the 2011 Form 5500 database there were 81,162 filings that contained CPA audit reports.
Those 81,162 audits were performed by 7,330 different CPA firms. Because the population of plan auditors is so diverse and heavily skewed to those CPA firms that audit a small number of plans, the sample was designed to look at the relationship between auditor characteristics and audit quality. Historically, EBSA has found that CPAs with smaller employee benefit plan audit practices tended to have the most audit deficiencies. Therefore, the Agency divided the population of CPAs into six strata based on the number of plan audits that the CPA firm performed with the desire to more definitively determine where in the population deficient audit work predominated.
Overall, EBSA’s review found that 61% of the audits fully complied with professional auditingstandards or had only minor deficiencies under professional standards. However, 39% of the audits (nearly 4 out of 10) contained major deficiencies with respect to one or more relevant GAAS requirements which would lead to rejection of a Form 5500 filing, putting $653 billion and 22.5 million plan participants and beneficiaries at risk. These figures reflect increases in the amount of plan assets and number of plan participants at risk compared with prior EBSA studies.
Additionally, the audit review supports the following findings:
- There is a clear link between the number of employee benefit plan audits performed by a CPA and the quality of the audit work performed. Analysis of the data indicates a wide disparity between those CPAs who perform the fewest plan audits and those firms that perform the largest number of plan audits. CPAs who performed the fewest number of employee benefit plan audits annually had a 76% deficiency rate. In contrast, the firms performing the most plan audits had a deficiency rate of only 12%.
- The accounting profession’s peer review and practice monitoring efforts have not resulted in improved audit quality or improved identification of deficient audit engagements. In 4 of the 6 audit strata, a substantial number of CPA firms received an acceptable peer review report, yet had deficiencies in the audit work that EBSA reviewed.
- CPA firms that were members of the American Institute of Certified Public Accountants’ (AICPA) Employee Benefit Plan Audit Quality Center tended to produce audits that have fewer audit deficiencies. Overwhelmingly, most CPAs in the two smallest audit strata are not Employee Benefit Plan Audit Quality Center members.
- Training specifically targeted at audits of employee benefit plans (EBPs) may contribute to better audit work. As the level of EBP-specific training increased, the percentage of deficient audits decreased.
- Of the 400 plan audit reports reviewed, 67 (17%) of the audit reports failed to comply with one or more of ERISA’s reporting and disclosure requirements.
It appears that the quality of employee benefit plan audits has not improved since EBSA’s previous studies given an overall deficiency rate for plan audits of 39%.
Additionally, EBSA concludes that:
- Once again, the smaller the firm’s employee benefit plan audit practice, the greater the incidence of audit deficiencies.
- Audit areas that are unique to employee benefit plans such as contributions, benefit payments, participant data and party-in-interest/prohibited transactions, continue to lead the list of audit deficiencies. As EBSA found in its two previous studies, CPAs often failed to consider these unique audit areas and, therefore, performed inadequate audit work.
- CPAs failed to comply with professional standards either because they were not adequately informed about employee benefit plan audits, or failed to properly utilize the technical materials that were in their possession. Audit partners in firms performing a greater number of plan audits tended to have a greater amount of employee benefit plan specific training. In a number of instances, however, even having the proper technical guidance did not ensure that a quality audit was performed.
- The Practice Monitoring Peer Review process established by the AICPA and administered by sponsoring state CPA societies does not appear to be an effective tool in identifying deficient plan audit work and ensuring compliance with professional standards. While selecting an employee benefit plan audit is a required part of the peer review process (where applicable), CPAs who performed deficient audits often received acceptable peer review reports.
- Members of the AICPA’s Employee Benefit Plan Audit Quality Center (EBPAQC) tend to have fewer audits containing multiple GAAS deficiencies. Additionally, non EBPAQC member firms tend to have a larger number of GAAS deficiencies, per audit engagement, than EBPAQC members.
Based upon the findings of this report, EBSA makes the following eleven recommendations.
- Revise case targeting to focus on:
- CPA firms with smaller employee benefit plan audit practices that audit plans with large amounts of plan assets, and
- CPA firms in the 25-99 plan audit strata given their high deficiency rates and the amount of plan assets ($317.1 billion) and plan participants (9.3 million) at risk from deficient audits.
- Work with the National Association of State Boards of Accountancy (NASBA) and the AICPA to improve the investigation and sanctioning process for those CPAs who perform significantly deficient audit work. Work with NASBA to get state boards of accountancy to accept the results of investigations performed by EBSA or the AICPA’s Professional Ethics Division, in order to use those results in disciplining CPAs (at the state licensing board level).
- Amend ERISA to make sure the annual reporting civil penalties focus on the responsible party. Under this proposal, the Secretary of Labor would be authorized to assess all or part of the current annual reporting civil penalty of up to $1,100 per day against the accountant engaged to do an ERISA plan audit if the plan’s annual report is rejected due to a deficient audit or because the accountant failed to meet the standards for qualification to perform an ERISA plan audit.
- Work with the AICPA’s Peer Review staff:
- to streamline the peer review process and make it more responsive in helping to improve employee benefit plan audit quality.
- to ensure that CPAs who are required to undergo a peer review have in fact had an acceptable peer review.
- to identify those CPAs who have not received an acceptable peer review and refer those practitioners to the applicable state licensing boards of accountancy.
- Amend the ERISA definition of “qualified public accountant” to include additional requirements and qualifications necessary to ensure the quality of plan audits. The Secretary of Labor would be authorized to issue regulations concerning the qualification requirements.
- Amend ERISA to repeal the limited-scope audit exemption. This exemption prevents accountants from rendering an opinion on the plans’ financial statements for assets held in regulated entities such as financial institutions. When auditors have to issue a formal and unqualified opinion, they have a powerful incentive to rigorously adhere to professional standards ensuring that their opinion can withstand scrutiny. The limitedscope audit exemption undermines this incentive by removing auditors’ obligations to stand behind the plans’ financial statements.
- Amend ERISA to give the Secretary of Labor authority to establish accounting principles and audit standards that would protect the integrity of employee benefit plans and the benefit security of participants and beneficiaries. Under this approach, the Secretary of Labor would be authorized to establish standards that address financial reporting issues that are either unique to or have substantial impact upon employee benefit plans.
- Work with the NASBA to encourage state boards of accountancy to require specific licensing requirements for CPAs who perform employee benefit plan audits. This would include specific training and experience in the audits of employee benefit plans.
- Continue and expand EBSA’s outreach activities:
- Continue the Agency’s work with plan administrator organizations (e.g. ASPPA), to explain the importance of hiring competent CPAs to plan administrators and other plan fiduciaries with hiring authority.
- Use information contained in the EFAST2 database to target correspondence to:
- plan administrators in the 1-2 and 3-5 plan strata, highlighting the high deficiency rate among plan auditors and providing information about how to select a qualified plan auditor; and
- CPA firms in the 25-99 stratum, discussing the audit deficiencies found in the audit study and working with the firms to ensure that plan audits comply with professional standards.
- Communicate with each of the state boards of accountancy (licensing boards) regarding the results of the study and the need to ensure that only competent CPAs are performing employee benefit plan audits.
- Expand EBSA’s outreach with individual state societies of CPAs who have a large number of plan audits performed by CPA firms in the 1-5 plan audit stratum. For those states that do not already do so, encourage them to create employee benefit plan audit training programs.