The new standard prescribes certain new performance requirements for ERISA plan financial statement audits, and changes the form and content of the related auditor's report. SAS No. 136 is codified in AU-C section 703, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA, in the AICPA Professional Standards.
SAS 136, as amended, includes new requirements in all phases of an audit of ERISA plan financial statements including engagement acceptance, risk assessment and response, communication with those charged with governance, performance procedures, and reporting.
The standard establishes new performance and reporting requirements specific to ERISA Section 103(a)(3)(C) audits. The ERISA Section 103(a)(3)(C) audit is unique to employee benefit plans and is not considered a scope limitation. Accordingly, an audit performed pursuant to ERISA Section 103(a)(3)(C) will no longer be referred to as a "limited scope audit" but rather going forward will be referred to as an "ERISA Section 103(a)(3)(C) audit".
The main objective of SAS 136 is to provide readers with a better understanding of the scope of the audit and to clarify the responsibilities of the plan sponsor and the auditor. The new standard applies to all single employer, multiple employer, and multiemployer ERISA employee benefit plan audits.
What plan sponsors need to know
Changes to Audit Reports, Engagement Letters and Other Communications
SAS 136, as amended, clarifies the responsibilities of plan management and auditors. Certain of these responsibilities are now included in the auditor’s report, engagement letters and required communications, as follows:
- auditor’s responsibilities are now disclosed in the auditor’s report which include professional judgements, professional skepticism and the auditor’s communication with those charged with governance.
- the plan management must understand and acknowledge, in writing, its responsibility to maintain a plan instrument, administer the plan, maintain sufficient records for plan transactions and benefits, and their responsibility for the financial statements, which are now included in the engagement letter with their plan auditor.
- management’s responsibility for the assessment of going concern and the auditor’s responsibility over management’s assessment is also included in the auditor’s report, when applicable.
Changes to Audit Procedures and Documentation
SAS 136, as amended, implements changes that affect multiple aspects of an ERISA plan audit, including engagement acceptance, risk assessment and response, communication with those charged with governance, and performance procedures and reporting.
Some of the most notable changes include:
- if a plan sponsor elects an ERISA Section 103(a)(3)(C), formerly known as a limited scope audit, management must represent that this is permissible and that the qualified institution can certify the investment information.
- management must provide to the auditor a substantially complete Form 5500 draft before issuance of the auditor’s report.
- the auditor must communicate in writing reportable findings to those charged with governance.
SAS No. 136, as amended, is effective for audits of ERISA plan financial statements for periods ending on or after December 15, 2021, although earlier implementation is permitted.
AICPA Employee Benefit Plan Audit Quality Center
2020 AICPA Audit and Accounting Guide, Employee Benefit Plans, provides additional information about AU-C section 703.
Statement on Auditing Standards No. 136, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA, as amended, issued by the Auditing Standards Board
We are committed to keeping you up to date of all developments that may affect the way you do business in Puerto Rico. Please contact us for further assistance in relation to this or any other matter.