The plan to end limited scope audits had been in the works for quite some time. The official audit standard, known as SAS 136, was issued in July 2019 and was intended to go in effect for periods ending on or after December 15th, 2020. However, due to the impact of the pandemic, the effective date was delayed until December 15th, 2021. So what do businesses need to know now that the change is finally here?
The reason for the new standard is to strengthen the form and content of the auditor’s report through its changes and clarifications. It is also specifically designed to act as an updated performance requirement for auditing the financial statements of one type of employee benefit plans: those that are subject to the Employee Retirement Income Security Act (ERISA).
Changes for Plan Sponsors and Auditors
While many might find the former limited scope audit and 103(a)(3)(c) audit similar, a closer look reveals that the 103(a)(3)(c) audit clarifies what is expected of both the plan sponsors and the auditors in a more exhaustive manner. Now, the auditor must provide a detailed letter that requires plan sponsors to deliver more information. This means plan sponsors will have to first investigate and confirm they are eligible for this type of audit and then provide a representation in writing, stating that they are eligible for the exception to the full-scope audit.
Changes to the Audit Report
The main changes are updates to the form and the content of the audit report. These amendments are meant to provide transparency about the scope and nature of the audit and describe the procedures performed on the certified investment information.
They are as follows:
- Scope and Nature – These sections are now required to be presented first, with the opinion section following. Prior to SAS 136, the limited scope audit allowed a disclaimer of opinion. Now the auditor must prepare a two-part opinion which will include two key items:
- The amounts and disclosures in the ERISA Plan’s financial statements that are not covered by the certification must be presented fairly and in accordance with the applicable financial reporting framework.
- The investment information in the ERISA plan financial statements related to the certified investment information needs to agree or be derived from the certified information provided by a qualified institution.
- Basis for Opinion – This will now include a statement expressing that the auditor is required to be independent of the entity and that they are to meet their other ethical responsibilities, in accordance with the relevant ethical requirements relating to the audit.
- Expanded description of management’s responsibilities – A more detailed description will outline how management is maintaining a current plan instrument, including all plan amendments, how the plan will be administered, and verifying that the plan’s transactions that are presented and disclosed in the financial statements, are in conformity with the plan’s provisions.
- Expanded description of auditor’s responsibilities – The description must now include the auditor’s professional judgment and professional skepticism, as well as their communications with those charged with governance.
The Bottom Line
Overall, SAS 136 is more of a clarification on the scope and requirements of these audits, rather than a major change to the process itself. Though the limited scope audit will no longer be used, many plan sponsors and auditors will find that the updated requirements in the 103(a)(3)(c) audit are similar to their current best practices. The takeaway is that these requirements are now being formally documented and represented in writing to provide more transparency.
As always, if you have any questions regarding this matter, please contact one of our team members. We will continue to provide updates and clarification on this topic as necessary.
Download a printer friendly version of this article here.