Audit requirements
ERISA contains a requirement for annual audits of plan financial statements by an independent qualified public accountant. Generally, plans with 100 or more participants are subject to the audit requirement. The Department of Labor's (DOL) regulation (29 CFR 2520.104-46) establishes conditions for small employee benefit plans (generally those with fewer than 100 participants) to be exempt from the general requirement that plans be audited each year. The DOL amended the regulation in October 2000 to impose additional conditions for small pension plans to be exempt from the annual audit requirement. The amendments went into effect beginning in 2001.

Audit responsibilities
The independent auditor's objective and responsibility, under generally accepted auditing standards (GAAS), are to express an opinion on whether the financial statements are fairly presented in conformity with generally accepted accounting principles, and that the related supplemental information is presented fairly, in all material respects, when considered in conjunction with the financial statements taken as a whole. Although the audit requirement in ERISA is an important part of the total process designed to protect plan participants, a GAAS audit is not designed to ensure compliance with ERISA's provisions. Under the law, plan administrators, the IRS and the DOL have responsibility to ensure such compliance.

Generally, the plan's audited financial statements accompany the Form 5500 that is filed by the plan administrator. Form 5500 requires footnote disclosure of any differences between the audited financial statements and the statements included as part of the Form 5500. The DOL may reject a filing that has a deficient financial statement audit or that does not properly reconcile information contained in the financial statements with information contained in the Form 5500.

Limited scope audits
ERISA section 103(a)(3)(c) allows the plan administrator to instruct the auditor not to perform any auditing procedures with respect to investment information prepared and certified by a bank or similar institution or by an insurance carrier that is regulated, supervised, and subject to periodic examination by a state or federal agency who acts as trustee or custodian. The election is available, however, only if the trustee or custodian certifies both the accuracy and completeness of the information submitted.

Certifications that address only accuracy or completeness, but not both, do not comply with the Department of Labor's (DOL) regulation, and therefore are not adequate to allow plan administrators to limit the scope of the audit. This limited-scope audit provision does not apply to information about investments held by a broker/dealer or an investment company. In addition, if a limited-scope audit is to be performed on a plan funded under a master trust arrangement or other similar vehicle, separate individual plan certifications from the trustee or the custodian should be obtained for the allocation of the assets and the related income activity to the specific plan. The exemption applies only to the investment information certified by the qualified trustee or custodian, and does not extend to participant data, contributions, benefit payments or other information whether or not it is certified by the trustee or custodian. Thus, except for the investment related functions performed by the trustee/custodian, an auditor conducting a limited-scope audit would need to include in the scope of the audit functions performed by the plan sponsor or other third-party service organizations, such as third-party welfare plan claims administrators or third-party savings plan administrators, if circumstances necessitate. The nature and scope of testing will depend on a variety of factors including the nature of the functions being performed by the third-party service organization, whether a SAS No. 70 report that addresses areas other than investments is available, if deemed necessary, and, if so, the type of report and the related results.