As the sponsor of a qualified retirement plan, you’re subject to certain fiduciary responsibilities. These include administration functions like maintaining the plan’s financial records and filing an annual report.
It’s critical to set up safeguards that help ensure you’re meeting these fiduciary responsibilities because errors and fraud can and do occur in these and other areas. One way to do this is to establish effective internal controls in financial reporting and in safeguarding plan assets. These controls reduce the risk of asset loss, while helping ensure that financial statements are reliable and plan information is accurate and complete.
Preventive controls can minimize opportunities for both unintentional errors and intentional fraud. Meanwhile, detection controls can help you identify errors and fraud after they’ve occurred, and hopefully before they cause major harm to your plan.
As a plan sponsor, you should focus on specific responsibilities to establish and fulfill internal controls, such as:
- Remitting employee deferral contributions in a timely manner. Each pay period, deferral contributions withheld from employees’ paychecks must be remitted “as soon as amounts can be reasonably segregated from the company’s general assets, but no later than the 15th business day of the month following the pay date.” To maintain consistency, determine the number of business days it takes to process the remittance and stick with this each pay period.
- Reconcile deferral contributions remitted with W-2 forms. Total remitted contributions should equal total deferrals on the W-2 summary (Form W-3) at the end of the year. If there are discrepancies, these should be investigated and reconciled, while any late or missed contributions should be reported to the plan and remitted as soon as possible (along with lost earnings).
- Calculate eligible compensation correctly. Your plan document and adoption agreement will define eligible compensation that your payroll department should use. Educate employees on the importance of adhering to this definition. Also make sure they understand how bonuses, commissions, severance, and other types of non-standard wages should be treated.
- Deduct accurate deferral amounts from employees’ pay. As the plan sponsor, you’re responsible for making sure that employees’ deferral elections are properly withheld from their pay. Election forms or feedback information from the plan’s record-keeper should go to one employee who is responsible for updating payroll data, with a second employee reviewing election changes for accuracy.
- Compile census data in an accurate and timely manner. This data—which includes employees’ birth, hire, and termination dates; gross compensation; hours worked; and contributions by employees and employers—is used to complete annual nondiscrimination testing. It must be compiled and remitted to the plan record-keeper by mid-February each year.
- Monitor third-party service providers. Carefully review SOC 1 internal control reports and activity reports from your plan’s record-keeper, custodian, and third-party administrator (TPA). Make sure fees paid to third-party service providers are reasonable for the services provided and that providers are meeting the terms of their contracts.
- Monitor plan investment options. Plan fund performance should be monitored against key benchmarks and performance criteria. In addition, the diversity of fund options and appropriateness of share classes relative to the size of the plan should also be reviewed. You might consider hiring an independent advisor for help if there’s not a “prudent expert” on your plan’s investment committee.
- Monitor plan due dates and notice requirements. Make sure all tax forms related to the plan (e.g., Form 5500, Form 8955-SSA) are filed accurately and timely, and that an independent audit is completed if required. Also make sure all required participant notices are distributed in a timely manner.
Document Fiduciary Activities
Finally, be sure to carefully document all your fiduciary activities. For example, you should keep thorough documentation of all governance meetings and records of any significant decisions the plan committee makes. Prepare and file any monitoring or compliance reports providing evidence that you’ve carried out your fiduciary duties.
Taking the time to clarify your internal control responsibilities can save you both time and money in the long run.
Please contact your Mueller Prost specialist if you have questions about your internal control responsibilities.