Skip to page content
Employee Benefits Security Administration

Assessment of the Quality of Employee Benefit Plan Audits

March 1997

Table of Contents

Executive Summary

Objectives and Scope

Background

Previous OIG Study of Employee Benefit Plan Audits

Actions Taken By PWBA Since Issuance of OIG Report

Additional Improvements are Needed to Ensure Quality Employee Benefit Plan Audits

Why Did Some Audits Comply, and Others Not Comply, With Established Professional Standards?

Additional Improvements are Needed to Ensure Compliance With Regulatory Reporting and Disclosure Requirements

Why Did Some Audits Comply, and Others Not, With ERISA's Reporting and Disclosure Requirements?

Conclusions and Recommendations

Appendix I: Compliance With Generally Accepted Auditing Standards

General Standards

Standards of Field Work

Standards of Reporting

Appendix II: Compliance With ERISA's Reporting and Disclosure Requirements

Non-compliance With ERISA's Reporting and Disclosure Requirements

Appendix III: Voluntary Feedback By IQPAs

U.S. Department of Labor Representative

Sufficiency of Professional Guidance and Training

Form 5500 and Related Instructions

Appendix IV: Sample Selection Methodology

Appendix V: Strengthening the Quality of Plan Audits:AICPA Comments

Acknowledgments

Numerous people have contributed to PWBA's effort to reassess the quality of employee benefit plan audits and prepare this report. Alan Lebowitz has provided leadership and support throughout this project. The Office of the Chief Accountant, most notably, Michael Auerbach, Bing Lam, Marcus Aron, Judith DeJonge, and Albert Eunson, conducted the fieldwork and drafted this report.

Many thoughtful and constructive comments were received during the drafting of this report, most notably from Meredith Miller, Terry Hoopes, Kevin Maroney, Charles Lerner, William Taylor, Susan Ugelow, and the American Institute of Certified Public Accountants.

Finally, plan administrators and independent qualified public accountants provided a level of cooperation without which this entire effort would not have been possible.

IAN DINGWALL
Chief Accountant

Executive Summary

The Office of the Chief Accountant (OCA), Pension and Welfare Benefits Administration (PWBA), U.S. Department of Labor (DOL), has completed an assessment of the level and quality of audit work performed by independent qualified public accountants (IQPAs) with respect to financial statement audits (hereafter referred to as "audits") of employee benefit plans covered under the Employee Retirement Income Security Act of 1974 (ERISA) for the 1992 filing year (plan year beginning in 1992). This assessment was performed as a follow-up to a 1989 report issued by the Office of Inspector General (OIG) in which the OIG concluded that 23% of audits of employee benefit plans failed to comply with one or more established professional standards. In addition, the OIG found that 65% of IQPA reports on employee benefit plans did not meet the reporting and disclosure requirements of ERISA and the regulations thereunder.

Objectives and Scope

The primary objective of our review was to assess whether the level and quality of audit work being performed by IQPAs with respect to audits of employee benefit plans covered under ERISA has improved as a result of actions taken by PWBA and the accounting and auditing profession since the issuance of the OIG's report.

Another major objective of our review was to develop information to be used in implementing the Government Performance and Results Act of 1993 (GPRA). The Act requires the development of measurable program outcomes and the creation of strategic plans to achieve the identified program outcomes. This review establishes an additional baseline for measuring future success in achieving the overall program outcome of improving the quality of employee benefit plan audits and pinpointing how PWBA can best use its limited resources in this area.

Background

Since the issuance of the OIG's report, PWBA and the American Institute of Certified Public Accountants (AICPA) have taken numerous steps designed to improve the quality of employee benefit plan audits. Some of these actions include:

creation of the Office of the Chief Accountant (OCA). OCA is responsible for establishing and maintaining liaison with private sector professional organizations and regulatory bodies on accounting and auditing issues for employee benefit plans. One of OCA's main goals is to improve the quality of employee benefit plan audits to ensure that participants and beneficiaries are receiving the protections which these audits are intended to provide;

targeting and reviewing of IQPA reports by OCA which do not meet professional auditing standards as part of its reporting compliance program;

performance by OCA of approximately 140 on-site workpaper reviews at IQPA firm offices for the purpose of evaluating the quality of audit work underlying the IQPA's audit report. In addition, OCA has referred over 310 practitioners to the AICPA's Professional Ethics Division and/or the respective State Board of Accountancy for potential disciplinary action due to deficient audit work; and

development of a series of "Outreach Programs" aimed at heightening awareness and providing guidance to practitioners and auditors regarding the preparation of the Form 5500 Series Annual Report, current and emerging information regarding accounting and auditing issues impacting employee benefit plans, and general information regarding DOL's ongoing enforcement effort.

Additionally, the AICPA has made a concerted effort to improve the guidance and training available to auditors of employee benefit plans. Some of these actions include:

consulting with OCA on annual revisions to the AICPA's Audit and Accounting Guide, Audits of Employee Benefit Plans. Since 1991, this guide has been updated five times;

issuing a number of Audit Risk Alerts which are intended to emphasize unique aspects of work performed by auditors of employee benefit plans;

conducting six Annual Employee Benefit Plan Update Conferences. These national conferences have been quite successful with attendance by practitioners averaging 450-650 per conference;

developing and offering a self-study continuing professional education course entitled Audits of Employee Benefit Plans, as well as other self-study programs for employee benefit plans;

incorporating, as part of one of its practice monitoring programs, the requirement that engagements selected for review include high risk engagements such as audits of employee benefit plans or a justification as to why such audits were not selected;

issuing numerous accounting and auditing pronouncements (e.g., Statements of Position, Statements on Auditing Standards and Practice Bulletins) aimed at providing guidance to practitioners on issues affecting audits of employee benefit plans;

developing "Checklists" for auditors to use in performing employee benefit plan audits;

in conjunction with PWBA, creating a video for use by plan auditors on the unique nature of employee benefit plan audits; and

developing a brochure for use by plan administrators on how to select a competent independent plan auditor.

The AICPA has taken investigatory and disciplinary action against practitioners referred to its Professional Ethics Division by OCA, including suspension and expulsion from AICPA membership. The specific actions taken by the AICPA are detailed further in this report.

Findings

Based upon our review, we found that 19% of the audits conducted by IQPAs pertaining to the 1992 filing year failed to comply with one or more of the established professional standards (Appendix I).

We cannot conclude from a statistical standpoint that the quality of employee benefit plan audit work has improved since the OIG's assessment.

Additionally, we found that 33% of IQPA reports reviewed failed to comply with one or more of ERISA's reporting and disclosure requirements (Appendix II). While this error rate has substantially decreased (by approximately 50%) since the OIG's study, we believe that this error rate remains at an unacceptably high level.

During our review we have identified certain factors which we believe contributed to whether or not employee benefit plan audits complied with established professional standards. These factors included:

the size of the CPA firm performing the engagement;

the adequacy of technical training and knowledge on the part of IQPAs conducting employee benefit plan audits;

the awareness of IQPAs of the uniqueness of employee benefit plan audits;

whether IQPAs have established quality review and internal process controls;

the perception by plan administrators and/or IQPAs of the importance of employee benefit plan audits beyond fulfilling a governmental regulatory requirement;

the amount of audit work in the IQPAs overall practice;

the failure of IQPAs to perform necessary audit work;

the failure of IQPAs to understand the limited scope audit exception; and

the period of time available to adapt to new technical guidance.

Conclusions and Recommendations

In spite of the actions taken by both PWBA and the AICPA to enhance the quality of employee benefit plan audits, we have reached an overall conclusion that there has been no statistical change in the overall quality of plan audits. In fact, we believe that the overall error rate of 19% continues to be unacceptably high. We also believe that the overall error rate of 33% pertaining to IQPA reports failing to meet the reporting and disclosure requirements remains unacceptably high.

Accordingly, we recommend that PWBA take the following actions to improve the quality of employee benefit plan audits:

Legislative Initiatives

In response to an OIG recommendation, DOL has worked over the past seven years toward enactment of legislation aimed at strengthening the quality of plan audits. Legislation to strengthen the quality of plan audits was submitted to the 104th Congress and was introduced as the "Pension Audit Improvement Act of 1995" (S. 1490, December 20, 1995). The AICPA expressed its support of this legislation. In order to ensure the adequate safeguarding of pension funds, this bill would have:

repealed the limited-scope audit exception;

required speedy reporting of serious ERISA violations and imposed substantial civil penalties on plan administrators and plan accountants failing to comply with the notification provisions; and

enhanced ERISA's auditor qualifications by requiring that IQPA firms undergo periodic external quality control reviews and that IQPAs complete continuing professional educational training relating to employee benefit plan matters; and

provided the Secretary with the authority to define by regulation who is considered to be an independent qualified public accountant.

The Senate passed a significantly weakened audit bill during the 104th Congress. However, the House of Representatives took no action prior to adjournment. Accordingly, PWBA should continue to support the enactment of legislation to improve the quality of employee benefit plan audits.

The OIG recommended in their report that PWBA obtain additional legislative authority to enforce ERISA's requirements directly with IQPAs. At this time, we do not recommend that PWBA pursue legislation to directly sanction IQPAs. PWBA should continue to monitor IQPA compliance with professional standards to determine whether additional legislative authority over IQPAs or other reforms may be appropriate.

Administrative Initiatives

PWBA should continue its outreach efforts aimed at plan administrators and IQPAs to heighten awareness regarding the reporting and disclosure requirements and accounting and auditing issues impacting employee benefit plans, respectively. As a part of this effort, PWBA should develop materials directed at plan administrators as to what they should know about hiring an auditor for their employee benefit plans. Plan administrators are ultimately responsible for the accuracy and completeness of the annual report filing.

Overall, while we believe that sufficient guidance and training is available to practitioners conducting audits of employee benefit plans, practitioners have recommended that DOL continue to work in conjunction with the accounting and auditing profession in addressing audit areas where more specific guidance may be needed (i.e., multiemployer plans)(Appendix III). PWBA should also continue to work with the accounting and auditing profession regarding training and educational programs aimed at practitioners conducting audits of employee benefit plans. As a part of this process, PWBA should work with the AICPA to develop educational materials for peer reviewers to use when conducting practice reviews of IQPAs conducting employee benefit plan audits. This will help to ensure that these reviewers are educated regarding the uniqueness of these types of audit engagements when conducting practice reviews of fellow practitioners.

Enforcement Activities

OCA should revise the criteria it currently uses for targeting reviews of employee benefit plans in an effort to identify filings that may reflect deficient audit work. Specifically, OCA's targeting criteria should include audits of plans performed by small to medium size IQPAs. To enable such targeting, PWBA should consider including on the Form 5500 the name and employer identification number of the IQPA conducting the audit, whether or not such IQPA is compensated by the plan.

OCA should broaden the scope of its "desk review" process which currently focuses only on compliance with GAAS reporting violations with little to no focus on the quality of the underlying audit work. Finally, where OCA has identified deficient audit work, OCA should consider a program to review subsequent work products to ensure continued compliance with professional auditing standards.

OCA should continue to identify and reject those plan filings wherein the report of the IQPA fails to comply with ERISA's reporting and disclosure requirements.

PWBA should consider establishing a "help desk" as part of its redesign of the Form 5500 processing system. This "help desk," staffed with trained OCA personnel, would be available to answer questions from filers regarding initial rounds of correspondence generated by PWBA's automated processing system. In addition, PWBA should reassess the resources devoted to enforcing ERISA's reporting and disclosure requirements. Based on this assessment, approximately 12,000 plan audits contain one or more GAAS deficiencies. Current OCA staffing levels do not provide the necessary resources to adequately target and review deficient plan audits. OCA's staffing level will be further eroded by its commitment to conduct educational outreach and other filer technical assistance efforts.

OCA should continue to work with the accounting and auditing profession to incorporate ERISA's reporting and disclosure requirements in the issuance of professional guidance. The need to do this is further amplified by the feedback received from practitioners regarding the complexity of ERISA's reporting and disclosure requirements (Appendix III).

We believe that the above recommendations will help to further improve the quality of employee benefit plan audits in the future. Additionally, these recommendations will enable PWBA to use its resources more effectively in targeting potentially deficient audit work and audit reports. Finally, we believe that the results of this review can serve as a baseline for PWBA in implementing GPRA which, as previously stated, requires the federal government to establish measurable outcomes and objectives to improve its performance and increase its results.

In an effort to ensure a valid sample selection methodology, PWBA engaged the firm of Mathematica Policy Research, Inc. (MPR) to develop the sample selection. This methodology is discussed further in Appendix IV.

The AICPA has taken the opportunity to comment on this report. Their comments, entitled "Strengthening the Quality of Plan Audits," may be found in Appendix V.

Objectives and Scope

The primary objective of our review was to assess whether the level and quality of audit work being performed by IQPAs with respect to audits of employee benefit plans covered under ERISA has improved as a result of actions taken by PWBA and the accounting and auditing profession since the issuance of the OIG's report in 1989.

Specific objectives of our review were to:

assess whether the quality of employee benefit plan audits has improved since the OIG's study;

assess whether plan audits were conducted in accordance with professional auditing standards;

determine if the audit reports were presented in compliance with ERISA's reporting and disclosure requirements; and

identify areas where changes would help improve PWBA's ability to protect participants and beneficiaries.

Another major objective of our review was to develop information to be used in implementing GPRA. The Act requires the development of measurable program outcomes and the creation of strategic plans to achieve the identified program outcomes. This review establishes an additional baseline from which we will be able to measure future success in achieving the overall program outcome of improving the quality of employee benefit plan audits and pinpoint how PWBA can best use its limited resources in this area.

In order to make our assessments, we reviewed audit reports attached to Form 5500 filings for the 1992 filing year (for plan years beginning in 1992). We selected a representative sample of 276 plan audits from a universe of 51,352 plan audits (Appendix IV). Our assessment included:

a review of the 1992 Form 5500 and the attached IQPA report;

a detailed review of the audit workpapers for the 1992 plan year;

discussions with the IQPA regarding the audit engagement; and

a compilation of voluntary demographic questionnaires given to each of the IQPAs in our sample.

Our on-site workpaper reviews, performed at the IQPAs' offices, were conducted during the period August 1994 through April 1995.

Background

ERISA was enacted by Congress to remedy abuses in the nation's private pension and welfare benefit plan system. This law covers pension and welfare benefits and is administered by three separate federal agencies: the Department of Labor (DOL), the Internal Revenue Service (IRS) and the Pension Benefit Guaranty Corporation (PBGC).

ERISA contains a number of provisions which were enacted in recognition of the need to establish an effective mechanism to protect the interests of plan participants and beneficiaries, and to establish an effective mechanism to detect and deter abusive practices. These provisions include the annual reporting of financial information and activities of employee benefit plans. The Secretary of Labor is principally responsible for enforcing ERISA's fiduciary and reporting and disclosure provisions which are contained in Title I of the Act.

An integral component of ERISA's annual reporting and disclosure provisions is the requirement for plans with more than 100 participants, and which hold assets in trust, to obtain an annual financial audit by an IQPA.

Audited financial statements and the IQPA's report on the fairness and consistency of their presentation must be filed with the Form 5500 Annual Report within 210 days after the close of the plan year. The audit requirement is intended to ensure the integrity of financial information which is incorporated in the annual reports. Section 103 of ERISA specifically requires that these audits be conducted pursuant to the standards established by the accounting and auditing profession in the pronouncements which define generally accepted accounting principles (GAAP) and generally accepted auditing standards (GAAS). While ERISA's auditing provisions have worked to provide DOL and plan participants and beneficiaries with information about plan operations, experience has shown that IQPA audits do not consistently meet professional standards.

Previous OIG Study of Employee Benefit Plan Audits

During 1989, the OIG conducted a review of the quality of audit work being performed by IQPAs on private pension and welfare benefit plans. The OIG issued its report on November 9, 1989.

Legislative and Regulatory Changes

Presently under ERISA, a plan administrator may elect to exclude from an audit the plan assets that are held and certified to by a bank, or similar institution, or an insurance company (i.e., limited-scope audits). The OIG concluded that this provision no longer serves the purpose for which it was intended and increases the risk to plan participants and beneficiaries because:

assets held by banks and insurance companies are equally subject to abuse and mismanagement as those held by other investment entities and, therefore, need to be subjected to ERISA audits;

limited-scope audits do not contain any assurance by the IQPA on the financial information presented in the plan's financial statements (i.e., the IQPA disclaims an opinion on the plan's financial statements); and

a very significant amount of plan assets are not subjected to audit.

To address these findings, the OIG recommended that PWBA:

propose changes to ERISA to eliminate the limited-scope audit provision;

work with the AICPA on its revision to the industry audit guide to require ERISA compliance;

require plans to establish parties separate from plan management (e.g., audit committees) to oversee IQPA audits on behalf of plan participants and beneficiaries; and

require direct reporting of ERISA violations by IQPAs to the plans' senior management and to PWBA for enforcement action.

IQPA Compliance with GAAS

In its report, the OIG found that IQPA audits of employee benefit plans do not consistently meet GAAS despite the ERISA requirement to do so. The OIG found that, in 64 (23%) of the 279 plans reviewed, the IQPA failed to meet one or more elements of GAAS. Additionally, the OIG found that there was a lack of monitoring by PWBA and feedback from PWBA to IQPAs regarding audit quality. As a result, the OIG found that IQPA audits do not provide the intended protection of participant rights and benefits and cannot be relied upon to provide adequate testing of financial and compliance control systems.

To address these findings, the OIG recommended that PWBA:

work with the AICPA to obtain specific monitoring coverage of ERISA audits in peer reviews;

expand its quality review procedures to include evaluations of IQPA audit work to determine compliance with GAAS; and

use its existing enforcement authority against plan administrators to obtain corrective action on deficient IQPA audit work.

IQPA Compliance with ERISA's Reporting and Disclosure Requirements

In its report, the OIG found that IQPA audits were not providing the required disclosures nor were IQPAs rendering the required audit opinions on information accompanying a plan's financial statements (i.e., supplemental schedules) as required by ERISA's reporting and disclosure requirements. The OIG found that 181 (65%) of the reports failed to meet these requirements. Additionally, the OIG found that there was a lack of enforcement by PWBA when incorrect information was submitted. As a result, the OIG found that participants were not receiving the information or protections of full disclosure as ERISA intended.

To address these findings, the OIG recommended that PWBA:

reject deficient statements or reports and allow plan administrators 45 days to file a satisfactory report;

where necessary, retain IQPAs to perform audits and charge plans for the audit costs; and

bring civil action against plan administrators to enforce ERISA.

Finally, the OIG recommended that PWBA refer deficient audit reports to appropriate professional organizations and state regulatory agencies for review and possible action.

Actions Taken By PWBA Since Issuance of OIG Report

Generally, PWBA agreed with the findings and recommendations made by the OIG. Accordingly, since the issuance of the OIG's report, PWBA has taken various actions to address those findings.

Creation of the Office of the Chief Accountant

In 1988, PWBA created the Office of the Chief Accountant (OCA). A main function of OCA is to enforce the reporting and disclosure provisions of Title I of ERISA.

In addition, OCA is responsible for establishing and maintaining liaison with private sector professional organizations and regulatory bodies regarding accounting and auditing issues for employee benefit plans. One of OCA's main goals is to improve the quality of employee benefit plan audits to ensure that participants and beneficiaries are receiving the protections which these audits are intended to provide.

Reporting Compliance Activities

Since the issuance of the OIG's report, OCA has been involved in an aggressive enforcement program to ensure that employee benefit plan audits comply with professional and regulatory standards. OCA has taken the following enforcement actions to ensure compliance with these provisions:

During 1990 and 1991, OCA conducted a special project which resulted in the rejection of 5,208 Form 5500 Annual Report filings for plan year 1988 wherein the plan administrator failed to attach the report of an IQPA;

During 1991 and 1992, OCA conducted a special project, similar to the one mentioned above, which resulted in the rejection of 1,400 Form 5500 Annual Report filings for plan year 1989 wherein the plan administrator failed to attach the report of an IQPA;

As of December 31, 1996, OCA has issued 5,100 letters rejecting deficient/incomplete Form 5500 Annual Report filings and assessed penalties of $64 million against plan administrators who failed to meet the reporting and disclosure provisions of ERISA;

As of December 31, 1996, OCA has performed approximately 467 on-site workpaper reviews at IQPA offices to evaluate the quality of the audit work underlying the IQPA report;

As of December 31, 1996, OCA has referred over 350 practitioners to the AICPA's Professional Ethics Division and/or the respective State Board of Accountancy for potential disciplinary action due to deficient audit work. The AICPA has taken investigatory and disciplinary action against practitioners including suspension and expulsion from AICPA membership;

OCA has improved compliance with the reporting and disclosure requirements through the issuance of "Notices" to plan administrators when incorrect or incomplete information was filed; and

OCA has worked with PWBA's Office of Enforcement (OE) to establish a system of inter-office referrals. OE refers to OCA potential ERISA reporting and disclosure violations discovered during fiduciary investigations of employee benefit plans. Likewise, OCA refers potential fiduciary violations to OE.

Activities to Encourage Filer Compliance

Since the issuance of the OIG's report, OCA has also initiated the following programs to encourage filer compliance:

a national "Outreach Program" aimed at heightening awareness and providing guidance to practitioners regarding the preparation of the Form 5500 Series Annual Report, current and emerging information regarding accounting and auditing issues impacting employee benefit plans, and general information regarding DOL's ongoing enforcement efforts;

another "Outreach Program" aimed at the various State Societies of Certified Public Accountants to provide guidance and heightened awareness to independent auditors who conduct audits of employee benefit plans; and

a "Delinquent Filer Voluntary Compliance Program," effective April 27, 1995, to encourage, through the assessment of reduced civil penalties, delinquent plan administrators to comply with their annual reporting obligations under Title I of ERISA. This is a successor to a similar "Non-Filer/Late-Filer Program" which resulted in the filing of approximately 40,000 annual reports.

Work With Professional Organizations

In addition, DOL has worked closely with the AICPA and the Financial Accounting Standards Board (FASB) to update the guidance available to practitioners in this area. The following is a list of actions taken in an effort to address the findings and recommendations made by the OIG:

OCA continuously works with the FASB on issuing revised accounting guidance for employee benefit plans;

OCA has actively participated in the meetings of the AICPA Employee Benefit Plans Committee since 1990;

OCA continuously works with the AICPA on revisions to the AICPA's Audit and Accounting Guide, Audits of Employee Benefits Plans. Since 1991, the guide has been updated five times;

On August 3, 1992 and September 23, 1994, respectively, the AICPA issued Statement of Position 92-6, Accounting and Reporting by Health and Welfare Benefit Plans and Statement of Position 94-4, Reporting of Investment Contracts Held by Health and Welfare Benefit Plans and Defined-Contribution Pension Plans. These statements serve to amend certain chapters of the AICPA's Audit and Accounting Guide, Audits of Employee Benefit Plans;

During 1992, the AICPA issued Statement on Auditing Standards No. 70, Reports on the Processing of Transactions by Service Organizations. This statement provides guidance to practitioners when auditing an entity that utilizes an outside service organization to process certain transactions and is effective for service auditors' reports dated after March 31, 1993;

During 1994, the AICPA issued Statement on Auditing Standards No. 73, Using the Work of a Specialist. This statement provides guidance to practitioners who use the work of a specialist in performing an audit in accordance with GAAS. Specialists used by practitioners when conducting an audit of an employee benefit plan may include, but are not limited to, actuaries and appraisers;

In September 1994, the AICPA issued Practice Bulletin 12, Reporting Separate Investment Fund Option Information of Defined-Contribution Pension Plans which serves to provide guidance to practitioners through the interpretation of certain sections of its audit and accounting guide, Audits of Employee Benefit Plans;

The AICPA issued two financial accounting and reporting practice aids entitled, "Checklist for Defined Benefit Pension Plans and Illustrative Financial Statements" and "Checklist for Health and Welfare Benefit Plans and Illustrative Financial Statements;"

The AICPA issued a number of Audit Risk Alerts and Current Industry Developments which are intended to provide information that may affect the annual audits performed on employee benefit plans;

Beginning in 1990, the AICPA and PWBA have conducted six annual Employee Benefit Plan Update Conferences. These conferences have been quite successful as attendance by practitioners has averaged 450-650 per conference;

The AICPA developed and offered a self-study continuing professional education course entitled, Audits of Employee Benefit Plans, as well as other self-study programs for employee benefit plan professionals;

The AICPA has incorporated, as part of one of its practice monitoring programs (peer review), the requirement that engagements selected for review include an audit of an employee benefit plan; and

The AICPA, in conjunction with PWBA, is creating a video for use by plan auditors on the unique nature of employee benefit plan audits.

Additionally, since 1989, PWBA has worked with the accounting and auditing profession in making the following changes to relevant audit guidance in an effort to address substandard audit work:

In December 1990, the FASB issued new accounting and financial reporting requirements through the issuance of Statement of Financial Accounting Standards No. 110, Reporting by Defined Benefit Pension Plans of Investment Contracts ;

Professional guidance now incorporates ERISA's reporting and disclosure requirements;

Professional guidance provides illustrations of financial statements and auditor's reports which adhere to ERISA's reporting and disclosure requirements;

Professional guidance now incorporates audit procedures which requires auditors to read the information in the Form 5500 to determine whether such information is materially consistent with the financial statements and auditor's report;

Guidance has been issued to assist auditors of employee benefit plans in determining whether the appropriate type of audit has been issued (full-scope vs. limited-scope); and

Professional guidance now incorporates audit and reporting considerations related to party-in-interest and prohibited party-in- interest transactions that are more stringent than normal GAAS requirements.

Legislative Proposals

PWBA agreed with the OIG recommendation that changes are needed to the legislative and regulatory requirements for employee benefit plans to provide stronger protections for plan participants and their beneficiaries and to provide more useful information to the users of plan financial statements. Accordingly, since 1990, a number of bills have been introduced before Congress based upon DOL proposals in an effort to seek legislative changes to ERISA.

The Department transmitted an ERISA audit reform proposal to Congress in June 1995. This proposal, introduced on December 20, 1995 as the "Pension Audit Improvement Act of 1995" (S. 1490), called for the following changes to ERISA to strengthen plan audits.

Repeal of the Limited-Scope Audit Exception

ERISA Section 103(a)(3)(C) currently permits plan assets held in certain regulated financial institutions to be excluded from the scope of the audit of an employee benefit plan. Where plan administrators exclude such assets from the scope of the audit, auditors disclaim an opinion on the plan's financial statements. Accordingly, repeal of the limited-scope audit exception would result in plan auditors assuming responsibility for the audit of all plan assets. PWBA believes that this would result in greater protections for plan participants and beneficiaries and would provide more useful information regarding a plan's ability to pay benefits when due.

Direct Reporting of Certain Events

Under current law, there is no specific duty for a plan administrator or the plan's auditor to communicate directly to DOL as to whether certain serious events called "irregularities" and/or other specified events (e.g., termination of the plan's auditor) have occurred . The plan administrator currently is required to report certain of these events to DOL through the filing of the plan's Form 5500 Annual Report as long as 21 months after the event has occurred.

The legislative proposal required the plan administrator notify DOL within five business days after the plan administrator first has reason to believe or after notification by the plan's auditor that an "irregularity" may have occurred with respect to the plan. Additionally, the legislative proposal would require plan auditors to make such notification to DOL in the event that the plan administrator fails to do so ("backup reporting").

Direct reporting of certain events would provide DOL with a mechanism for more timely detection of serious violations of ERISA as well as terminations of plan auditors. This would expand DOL's ability to take prompt corrective action, when necessary. Finally, direct reporting of these events should help to deter and to protect plan assets from abusive practices which could significantly affect the plan's ability to pay benefits to plan participants and beneficiaries.

Imposition of a Peer Review Requirement and Continuing Professional Education

Under current law, there is no external quality review requirement for IQPAs. Accordingly, auditors of employee benefit plans need not participate in continuing practice-monitoring and/or educational programs to ensure that the quality of their audit work remains sufficient or that they are qualified to conduct audits of employee benefit plans. The audit reform proposal would require that all practitioners conducting audits of employee benefit plans participate in an external quality review of their practice. The legislative proposal would require that an appropriate number of audits of employee benefit plans in relation to the scale of the practitioner's practice be subjected to the external quality review. In addition, this legislative proposal would require that IQPAs complete a minimum number of hours of continuing professional education or training directly related to employee benefit plan matters. PWBA believes that these new requirements would help to ensure uniform high quality among all employee benefit plan audits.

Current Status of Legislation

On May 23, 1996, the President proposed broader pension reform legislation, which was introduced in the House and Senate on May 23, 1996. The audit reform portion of that legislation accomplished the same objectives as S. 1490. A significantly weakened audit bill was passed by the Senate during the 104th Congress. However, no action was taken by the House of Representatives prior to adjournment.

On January 16, 1997, the Comprehensive Pension and Retirement Security Act of 1997 (H.R. 83) was introduced in the House of Representatives by Congressman Schumer (D-NY). This bill is similar to the S.1490.

On January 22, 1997, the Retirement Security Act of 1997 (S. 14) was introduced in the Senate by Senator Daschle (D-SD). This bill contains over 30 provisions and is significantly different from S.1490 and H.R. 83 in that it would not require the direct reporting of serious ERISA violations to the Department of Labor and would repeal the limited-scope audit exception for audits of pension plans only.

Follow-up Evaluation

Finally, in response to the OIG's report, PWBA committed to reassess the level and quality of audit work being performed by IQPAs with respect to audits of employee benefit plans covered under ERISA. This report details the findings of PWBA's reassessment effort.

Additional Improvements Are

Needed to Ensure

Quality Employee Benefit Plan Audits

GAAS represents the framework under which auditors exercise their professional responsibilities. The professional auditing standards are typically viewed as the minimum guidelines or requirements for the performance of an audit engagement. Auditing standards are created by the AICPA and adopted by the AICPA membership. Departure from these professional auditing standards, whether by circumstance or client imposed, is to be explicitly stated in the report issued by the auditor.

ERISA Section 103(a)(3)(A) requires that employee benefit plans with more than 100 participants retain an IQPA to perform an audit of the plan's financial statements. This section requires that the audit be performed in accordance with GAAS.

As previously stated, our total sample consisted of 276 plans. We assessed 262 audit engagements against their compliance with professional accounting and auditing standards. Fourteen of the 276 plans were excluded from assessment: five audits were excluded because the IQPA audited the wrong entity (e.g., trust, insurance company); nine others were excluded for other reasons as discussed in Appendix IV. We analyzed the work performed by plan auditors using the requirements contained in the AICPA's Audit and Accounting Guide, Audits of Employee Benefit Plans (with conforming changes as of May 1, 1992), issued by the AICPA. This guide represents the application of generally accepted auditing standards and accounting principles to the special circumstances that are unique to audits of employee benefit plans.

Our review found that 81% of the 1992 plan audits complied with professional auditing standards. However, 19% of the 1992 plan audits contained deficiencies with respect to one or more relevant GAAS requirements (Appendix I).

Based on the margin of error for this sample, an overall error rate of 14.8% or less was required to enable PWBA to conclude that the quality of employee benefit plan audits had improved when compared to the OIG's study. Therefore, with an overall error rate of 19%, we cannot conclude from a statistical standpoint that the quality of employee benefit plan audit work has improved.

Finally, because of the sampling methodology used in performing this study, these relative percentages can only be applied to the entire population of 1992 employee benefit plan audits and the extent to which they are likely to comply or fail to comply with one or more of the 10 generally accepted auditing standards. However, these percentages cannot be applied to any one specific generally accepted auditing standard.

Why Did Some Audits Comply, and Others Not Comply, With Established Professional Standards?

Of the 262 audit engagements selected for on-site workpaper reviews, 212 (81%) were considered to comply with GAAS. For these audits, we concluded that the audit was conducted within the framework of GAAS, meaning that:

the audit work was adequately planned and supervised;

the audit field work was properly performed; and

the results of the audit were properly communicated in compliance with existing professional standards.

For 50 of the audits in our sample, we concluded they were not conducted within the framework created by GAAS. In most cases, the GAAS deficiency related to a failure to perform any audit work whatsoever in a relevant audit area.

We analyzed these 262 audits to determine which attributes and factors contributed to the engagements that were performed in accordance with professional auditing standards, and those that were not. The common attributes and factors affecting audit quality included:

the size of the IQPA firm performing the audit engagement;

adequate technical training and knowledge to perform the engagement;

awareness of the unique nature of auditing an employee benefit plan;

implementation of an internal structure of process controls which helped ensure a quality work product;

plan audits viewed as being ancillary;

performance of a reasonable number of audits as part of the firms' professional practice;

performance of no audit work;

failure to understand the limited scope audit exception; and

the period of time available to adapt to new technical guidance.

Size of the IQPA Firm Contributed to the Quality of Audit Engagement

Our review provided some valuable insights into the correlation between the size of an IQPA and the likelihood of one of their audits containing audit deficiencies. Most notably, in our sample, firms with 20 or less employees:

were responsible for 64% of the deficient audits;

accounted for more deficient audits than larger firms when taken as a percentage of the total number of audits. Specifically, firms with 1-5 employees represented 9% of our sample but comprised approximately 27% of the audits with deficiencies. Likewise, firms with 6-20 employees represented 18% of our sample but comprised approximately 38% of the audits with deficiencies; and

performed deficient audits at a far greater rate than other size firms: 54% of the audits performed by firms with 1-5 employees were deficient. Similarly, 41% of the audits performed by firms with 6-20 employees contained audit deficiencies.

Adequate Technical Training and Knowledge

One of the basic tenets of GAAS requires that IQPAs possess adequate technical competence to complete the engagement. We found that auditors performing adequate work were able to apply their accounting and auditing expertise to employee benefit plans. Such expertise included availing themselves of the technical guidance and training available for employee benefit plans.

As was mentioned in the previous section of this report, the AICPA has taken an aggressive role in providing technical guidance for employee benefit plan auditors. In March 1991, the AICPA issued its first update to the audit guide for employee benefit plans since 1983, with yearly updates being issued thereafter. Since that time, the guide has been updated five times.

Additionally, the AICPA also published Audit Risk Alerts and Financial Accounting and Reporting Checklists for employee benefit plans and other guidance dealing with pension and welfare benefit plans. Starting in December 1990, the AICPA (in conjunction with DOL) has held an annual Employee Benefit Plans Update Conference. The conference has consistently been one of the AICPA's best attended conferences, attracting 450 to 650 participants each year. The AICPA also developed a self-study course for employee benefit plan audits. Additionally, other professional organizations have developed conferences and self-study materials dealing with employee benefit plans.

We believe that where practitioners availed themselves of professional guidance and training, the resultant audit work conformed with professional standards. It was common for these IQPAs to have a copy of the AICPA's Audit and Accounting Guide, Audits of Employee Benefit Plans (with conforming changes as of May 1, 1992). Additionally, we noted that these practitioners had available to them current guidance on professional accounting and auditing standards. Based on discussions with these practitioners, we found that they had either taken advantage of the AICPA guidance and educational programs (or other related conferences) or had completed other relevant self-study courses.

For audits which did not comply with professional standards, we believe that most practitioners did not possess an adequate level of technical knowledge for the audit engagement. The reasons for the lack of compliance included not being aware of the applicable professional guidance (e.g., the industry audit guide), having the guidance but not using it, and/or applying the guidance in an inappropriate manner.

Indicative of the failure to possess adequate technical training and knowledge were four audit engagements where we concluded that the auditor had failed almost every element of the general and fieldwork standards. Additionally, where IQPAs did not possess the level of technical knowledge required to conduct these types of audits, we believe these practitioners failed to exercise due professional care with respect to the conduct of the audit engagement.

In some cases, the IQPAs we visited did not have any copies of the industry audit guide or other guidance published by professional organizations. In these cases, the IQPA had not developed an audit program or erroneously used an audit program not designed for an employee benefit plan (e.g., audit programs for non-profit entities). Unfortunately, in other cases the IQPA thought they did possess adequate technical knowledge but a review of their work demonstrated otherwise. The resulting audits generally exhibited gross failures of multiple professional standards.

In one instance, the IQPA knew he had little or no technical knowledge and performed a substandard audit. Subsequent to our review of his work product, he obtained the necessary guidance materials, educated himself, and re-performed the audit work. Review of this new work indicated that it conformed with professional standards. This demonstrates that, where an IQPA commits to education on standards related to employee benefit plan audits, an acceptable work product emerges.

Overall, while we believe that sufficient guidance and training is available to practitioners conducting audits of employee benefit plans, feedback from practitioners indicated that present guidance could be improved in certain areas where more specific guidance may be lacking (e.g., audits of multiemployer plans) (Appendix III).

Awareness of Uniqueness of Employee Benefit Plan Audits

Employee benefit plan audits present different and unique challenges for auditors. This is because the scope of the audit transcends the money held in trust and the financial activity of the plan. Employee benefit plans exist and operate in a regulated environment and, accordingly, involve the examination of the plan's operation within that legal framework. For example, functional areas such as benefit payments, participant data, plan obligations and prohibited transactions are areas which auditors would typically not encounter during a corporate financial statement audit.

Benefit payments, participant data and plan obligations are all related areas in that the auditing of one of these areas often overlaps that of the other two. For example, eligibility testing affects all three areas: a benefit can be paid only to eligible participants and beneficiaries, a benefit payment must be properly applied to individual participant accounts, and the total plan benefit affects the plan's overall financial obligation. Audit procedures often include the review of the same underlying documentation in each of these three areas, such as personnel records, payroll records, and participant account records. In addition, the plan instrument and related documents set forth requirements and parameters that must be adhered to for each of these areas.

Accordingly, it is easy to see that audits of employee benefit plans, in certain respects, are quite different from audits of other entities. Auditing of the above three distinct areas can be of great importance in that these areas can have a significant impact on the plan's financial statements and tax qualification status and, consequently, can significantly impact the opinion rendered by an IQPA on such financial statements.

We found that acceptable plan audits recognized and took into account the regulatory framework and its relationship with, and possible impact on, the financial activity of the plan. In the 212 audits that were considered to be acceptable, the IQPA performed the necessary level of audit field work in these unique areas to support the opinion expressed on the plan's financial statements.

Most of the deficient audits identified in our sample failed two or more of these unique audit areas. Discussions with these practitioners indicated that they did not recognize or understand the impact these audit areas had on the overall audit engagement. In most of these cases, the auditor focused merely on auditing the financial activity of the plan.

Quality Review and Internal Process Controls

GAAS relates to the conduct of individual audit engagements; quality control standards relate to the conduct of a firm's audit practice as a whole. Thus, GAAS and quality control standards are related, and the quality control policies and procedures that a firm adopts may affect both the conduct of individual audit engagements and the conduct of a firm's audit practice as a whole. These quality control review processes are established to ensure that a minimum standard of audit quality is achieved in all audit engagements.

Our review disclosed that firms that performed acceptable audits had implemented a system of quality control review processes. The nature and extent of these processes varied depending on many factors, such as the firm's size, its personnel, the nature of its practice, and appropriate cost-benefit considerations. Conversely, the firms that performed grossly deficient work had not implemented an adequate system of internal quality controls.

In our sample, large firms tended to have very formal processes for internally reviewing audit work. These processes included:

standardized checklists and audit programs;

multiple levels of engagement oversight;

independent quality reviewers; and

staff with specialized skills in unique areas, such as employee benefit plan audits.

Smaller firms generally employed less formal processes but, nonetheless, were able to reach the same level of quality.

The AICPA has instituted a practice monitoring program (peer review) in order for firms to maintain their AICPA membership. Among other things, this program is designed to ensure quality in the performance of accounting and auditing engagements. This program is based on the principle that a systematic monitoring and educational process is the most effective way to attain high-quality performance throughout the profession. Those conducting the reviews are held to the same applicable professional standards as the firms they are reviewing. In one instance, however, we reviewed a set of audit workpapers which we found to be grossly deficient. Upon discussion with the practitioner, this same set of audit workpapers was reviewed during the firm's most recent peer review and found to be acceptable.

Plan Audits are Perceived as Necessary Only

to Fulfill Governmental Requirements

In discussions with IQPAs, we learned that many of their employee benefit plan clients believe that the only benefit to having an audit is to satisfy a government regulatory requirement. They do not view the audit as providing any value or protection to plan participants and beneficiaries, nor do they view it as a means of fulfilling their fiduciary obligations to the plan.

One practitioner we visited had performed little or no audit work. When questioned about the lack of work, the practitioner stated that his audit fee was $750 and, therefore, he performed up to $750 worth of audit work. Clearly, the IQPA's opinion was not supported by the audit work performed. As a result, plan participants and beneficiaries are being misled by the level of assurance implied in the audit report. Unfortunately, this audit does not serve the purpose for which it was intended; to protect the benefits of plan participants and beneficiaries. We believe that the attitude of this auditor of this auditor is indicative of the fact that this plan's audit was viewed as unimportant.

IQPAs told us they have a difficult time justifying to their clients the level of work necessary to perform an audit in accordance with professional standards. This has resulted in significant cost pressures in the performance of the audit. We were told that practitioners were losing their clients to other IQPAs who would perform the audits for lower cost because they would not adhere to established professional standards. This situation occurs because some firms view this work as low risk with limited exposure to lawsuits.

Reasonable Portion of Practice Includes Audit Work

For the 212 acceptable audits, we generally found that they were performed by IQPAs for which audit engagements comprised a reasonable amount of the firm's overall professional practice. Most of these firms devote the resources necessary to train and educate their staff with respect to professional audit standards. In many cases, they have also received specific training relating to employee benefit plan audits. Accordingly, these firms and the staff they assign to audit employee benefit plans are generally more aware of the intricacies of these engagements.

During our review, we found that certain firms, recognizing the importance of employee benefit plan audits, have begun to dedicate specific staff to perform all of the audit work for these engagements for the firm. These firms have adopted a philosophy that specialization in specific areas will improve the overall quality of audits in those areas.

Alternatively, for the audits we reviewed which contained significant deficiencies, the audit of the employee benefit plan frequently represented the only ERISA audit the firm performed. In some cases it also represented the firm's only audit engagement.

Failure to Perform Necessary Audit Work

Of the substandard audits in our sample, the most common reason for an IQPA to have failed a given audit area was that IQPA did no work or substantially no work in that area. Such lack of audit work, in this group of audits, was not limited to those audit areas particular to employee benefit plans, such as prohibited transactions and participant data. Many of these IQPAs also did no audit work in areas such as management representations, internal controls, commitments and contingencies, and subsequent events. These areas must be included in the audit of any entity, not just employee benefit plans. In short, these IQPAs concentrated only on tying down account balances instead of auditing non-account balance areas too. Therefore, a sufficient audit was not performed.

Audit areas related to participant data, plan obligations, benefit payments, and party-in- interest/prohibited transactions are unique to employee benefit plans. We found that these four areas resulted in the most number of audit failures and, therefore, an auditor with limited employee benefit plan experience might not be aware of the significance involved with these areas.

Failure to Understand Limited-Scope Audit Exception

As previously discussed, under current law a plan administrator may elect to exclude from an audit the plan assets that are held by and certified to by certain regulated financial institutions. When performed in accordance with professional standards, these audits typically result in a "disclaimer of opinion."

A disclaimer of opinion does not provide any assurance by the IQPA on the financial information presented on the plan's financial statements taken as a whole.

Our review identified instances where auditors performed almost no audit work, believing that the limited-scope audit exemption only required that the auditor obtain a certification from the financial institution. Where an IQPA performs a limited-scope audit and fails to perform sufficient audit work in other areas not covered by the certification, the user of the plan's financial statements has virtually no assurance with respect to the financial operation of the plan.

Period of Time Available to Adapt to New Technical Guidance

As stated previously, one of the reasons that IQPAs failed to meet the minimum established professional standards when conducting audits of employee benefit plans was their lack of the requisite level of technical knowledge and training.

Our review encompassed audits that were performed for the 1992 plan year. During the period from the issuance of the OIG's report in 1989 to the audits conducted by IQPAs for the 1992 filing year, the guidance available to practitioners was rather limited. During this time period, updated technical guidance and training were just becoming available.

Subsequent to the OIG's report, the AICPA's Audit and Accounting Guide, Audits of Employee Benefit Plans, was revised in 1991 and again in 1992. It had not been updated for approximately eight years prior to 1991. Additionally, the AICPA had conducted only three employee benefit plan conferences (December 1990, 1991 and 1992). Given the relatively short period of time between the revisions of the audit guide and available training and the 1992 audit year which was the subject of our study, we believe that practitioners may not have had adequate time to adapt to the new technical guidance for the 1992 audit year.

We were also informed by several IQPAs that they had obtained the necessary technical materials and training for audit engagements performed for the 1993 (and future) plan years, but had not used such guidance for the audits performed in 1992. This has led us to believe that it may have been unreasonable to expect a major change in the quality of plan audits within a three year period of time. It is expected that, with time, the increased awareness by practitioners and the extensive technical guidance and expanded self-study educational courses available to practitioners today will serve to improve the quality of employee benefit plan audits in the future.

Additional Improvements Are Needed

to Ensure Compliance With Regulatory Reporting and Disclosure Requirements

In addition to adhering to GAAS, the report of the IQPA must also meet certain ERISA reporting and disclosure requirements. ERISA section 103(a)(3)(A) and regulations thereunder at 29 CFR 2520.103-1(b) set forth these requirements. These additional reporting and disclosure requirements were enacted to ensure that the federal government and plan participants and beneficiaries were being provided with information that may alert them to instances which could adversely impact the operation of the plan (e.g., fiduciary breaches) and/or its ability to pay plan benefits when due (e.g., losses from imprudent investments).

As previously stated, our total sample consisted of 276 plans. We assessed 267 IQPA reports against their compliance with ERISA's reporting and disclosure requirements. The 267 IQPA reports assessed include those five audits that were excluded from our assessment against compliance with professional accounting and auditing standards because the audit was of the wrong entity (Appendix IV) . Of the 267 audits reviewed, 88 (33%) IQPA reports failed to comply with one or more of ERISA's reporting and disclosure requirements.

While actions taken by PWBA and the profession over the past years have achieved a reduction of approximately 50% in the overall error rate (65% to 33%), the current error rate of 33% calls for continuing efforts in this area. The filing public, as well as IQPAs, need to be better informed about ERISA's reporting and disclosure requirements, and PWBA should continue to take necessary enforcement actions against plan administrators who fail to meet these requirements.

Why Did Some Audits Comply, and Others Not, With ERISA's Reporting and Disclosure Requirements?

Based on our study, IQPAs performed substandard work most frequently when they were unaware of ERISA's reporting and disclosure requirements and when they inappropriately applied ERISA's regulations. These failures rested not only with the IQPA but also with the plan administrators who engaged them.

The audit of the wrong entity (e.g., an audit of the trust instead of the plan), the inappropriate use and misapplication of the limited-scope audit exception are examples that demonstrate a lack of ERISA knowledge. In providing an audit of the trust or the financial entity holding plan assets, plan administrators did not understand that the plan was the entity required to be audited. Likewise, IQPAs did not understand the limited-scope audit exception and, therefore, misapplied it. Finally, the IQPA's failure to extend their opinion to the supplemental schedules indicated a lack of awareness of the unique requirements of ERISA.

Conclusions and Recommendations

Conclusions

In spite of the actions taken by both PWBA and the AICPA to enhance the quality of employee benefit plan audits, we have reached an overall conclusion that there has been no statistical change in the overall quality of plan audits from 1989 to 1992. The overall error rate of audits that failed to comply with one or more of the established professional standards continues to be unacceptably high at 19%. In addition, the error rate pertaining to IQPA reports failing to meet ERISA's reporting and disclosure requirements also remains unacceptably high at 33%.

By examining the results of our review, we have further concluded that:

the IQPAs that seem to have the most problems with performing audits of employee benefit plans are those with less than 50 employees. In fact, our review disclosed that the smaller the firm, the greater the incidence that there will be audit deficiencies;

the areas most often inadequately audited are those areas that are unique to employee benefit plans. Where an audit area was inadequately audited, the reason was more often than not that the IQPA did not consider these unique areas at all and, therefore, performed no audit work in these areas;

generally, IQPAs that fared the worst appeared to be those that were the least informed about employee benefit plan audits. Usually, these firms had done very little, if anything, to inform themselves of the complexities of employee benefit plan audits, including the auditing and reporting requirements of ERISA. In some cases, these firms performed very little audit work at all, let alone in the area of employee benefit plans which requires specialized knowledge and experience; and

generally, larger IQPAs performed better audit work than the smaller firms. Judging by the respective failure rates by size of firm, we believe that larger firms do not fail as frequently because they have more resources at their disposal. In addition, the larger the firm in our sample, the more likely the firm was to employ audit specialists who were available to answer complex questions and to render any other assistance that was needed.

Recommendations

Based upon our results and conclusions, we believe that improvements are still needed to improve the quality of employee benefit plan audits. Accordingly, we believe the following actions will further improve the quality of these audits.

Legislative Initiatives

In response to an OIG recommendation, DOL has over the past seven years worked toward enactment of legislation aimed at strengthening the quality of plan audits. Since 1990, a number of bill have been introduced to Congress based on DOL proposals in this area. Legislation to strengthen the quality of plan audits was submitted to the 104th Congress and was introduced as the "Pension Audit Improvement Act of 1995" (S.1490, December 20, 1995). The AICPA has expressed its support of this legislation. On January 16, 1997, the Comprehensive Pension and Retirement Security Act of 1997 (H.R. 83) was introduced in the House of Representatives by Congressman Schumer (D- NY). This bill is similar to the S.1490. On January 22, 1997, the Retirement Security Act of 1997 (S. 14) was introduced in the Senate by Senator Daschle (D-SD). This bill contains over 30 provisions and is significantly different from S.1490 and H.R. 83 in that it would not require the direct reporting of serious ERISA violations to the Department of Labor and would repeal the limited-scope audit exception for audits of pension plan plans only. In order to ensure that pension funds are adequately safeguarded:

PWBA should continue to support the enactment of legislation to improve the quality of employee benefit plan audits by correcting the factors contributing to the poor quality of such audits.

PWBA should continue to monitor IQPA compliance with professional standards to determine whether additional legislative authority over IQPAs or other reforms may be appropriate.

Education, Technical Training and Guidance

PWBA should continue outreach efforts with state CPA societies, the AICPA and other professional organizations to provide technical training to IQPAs and other plan professionals;

PWBA should consider developing materials designed to educate plan administrators about hiring a competent plan auditor. Such materials could be in the form of a question and answer pamphlet. Educating plan administrators is important because they need to understand the importance of the audit requirement and that they have the ultimate responsibility for the accuracy and completeness of the plan's annual report filing;

The AICPA should assess the effectiveness of peer review programs in highlighting weaknesses in the quality of employee benefit plan audits. The fact that some practitioners who received an "unqualified" peer review but were deemed to have performed deficient audit work is indicative that the peer review process may not be highlighting all audit deficiencies. The AICPA should explore changes to its peer review program so that practitioners receiving "unqualified" opinions are in fact meeting the minimum professional standards regarding employee benefit plan audits. PWBA should encourage and assist the AICPA with this effort;

PWBA should work with the AICPA to develop educational materials for peer reviewers to use when they are conducting peer and quality reviews of employee benefit plan audits. Ultimately, the peer review is only as good as the individual(s) performing the review. Equipped with relevant knowledge regarding the uniqueness of employee benefit plan audits, peer reviewers will better be able to identify deficient audit work; and

The AICPA should encourage the development of a series of smaller, regional employee benefit plan accounting and auditing training conferences designed to attract the small to medium size IQPA firms. While the AICPA has developed a very successful annual employee benefit plans update conference, it may not be convenient or cost effective for many smaller practitioners to attend. A regionally based conference may attract more of the necessary target audience - small to medium size IQPA firms performing a limited number of employee benefit plan audits.

Reporting Compliance Activities

OCA should revise the criteria for targeting cases to identify a greater number of plan filings with audits performed by small to medium size IQPA firms. Currently, targeting is based on factors which do not relate to the size of the IQPA firm;

For targeted filings which exhibit GAAS reporting deficiencies, OCA should consider requesting copies of the audit workpapers as a means of verifying the adequacy of work performed by the plan's IQPA. Our review noted that, in some cases, the IQPAs were correcting reporting deficiencies identified in our desk reviews but were not going back and correcting their underlying audit field work. Obtaining copies of IQPA workpapers will help to broaden the scope of the desk review process which currently focuses only on compliance with GAAS reporting violations;

OCA should consider the feasibility of a program to review subsequent audit work products performed by IQPAs whose work has been judged to be deficient. To date, PWBA's on-site workpaper reviews have focused on obtaining compliance in the current period without determining whether subsequent audits also contain deficiencies. This would be similar to the disciplinary action taken by the AICPA's Professional Ethics Division which also requires a review of subsequent work products to ensure continued compliance with professional auditing standards;

OCA should modify its current program of on-site workpaper reviews at IQPA offices. Using information developed as part of this review, PWBA should revise the criteria used to identify those plans targeted for review focusing its efforts primarily on small to medium size firms;

PWBA should consider including the name and employer identification number (EIN) of the plan's IQPA on the Form 5500, regardless of whether or not the IQPA is compensated by the plan. This will enhance PWBA's ability to identify and target IQPAs who are performing deficient professional work by targeting specific IQPAs in instances where PWBA believes deficient work has been performed;

To improve compliance with ERISA's reporting and disclosure requirements, OCA should continue to identify and reject those plan filings which do not meet ERISA's reporting and disclosure requirements with respect to supplemental schedules;

PWBA should consider establishing a "help desk" as part of its redesign of the Form 5500 processing system. This "help desk," staffed with trained OCA personnel, would be available to answer questions from filers regarding initial rounds of correspondence generated by PWBA's automated processing system;

PWBA should reassess the resources devoted to enforcing ERISA's reporting and disclosure requirements as part of the formulation of the agency's annual budget. Consideration should be given to any new requirements and programmatic issues related to the new processing system for Form 5500 reports. Based on this assessment, approximately 12,000 plan audits contain one or more GAAS deficiencies. Current OCA staffing levels do not provide the necessary resources to adequately target and review deficient plan audits. OCA's staffing level will be further eroded by its commitment to conduct educational outreach and other filer technical assistance efforts; and

OCA should consider performing another statistical study in a few years to once again assess whether the quality of employee benefit plan audits has improved as a result of the increased technical guidance, self-study educational courses, training conferences and PWBA outreach programs that are available to practitioners today. Additionally, a future statistical study would enable PWBA to assess whether it has met its outcomes and objectives, improved its performance, and increased its results as required under GPRA.

Appendix I

Compliance With

Generally Accepted Auditing Standards

The framework of GAAS is contained in 10 professional standards consisting of three categories: three general standards; three field work standards; and four reporting standards.

In our assessment of 262 audit engagements, we found that 212 (81%) audits complied with established professional standards. These audits were well planned, the audit workpapers contained specific audit programs for employee benefit plan audits and the practitioners had obtained the necessary technical materials and knowledge to adequately plan and perform the audit engagement. These audits also contained an adequate review of the plan's internal control structure and sufficient evidential matter to support the opinion rendered on the plan's financial statements.

However, our review disclosed that in 50 (19%) audits, the IQPA's performance failed to meet one or more of the 10 professional standards. This appendix discusses in detail the deficiencies identified in each of the 10 professional standards for the 50 failed audits.

General Standards

Generally accepted auditing standards contain three general standards. These general standards are intended to describe desirable traits and characteristics of individuals performing the audit engagement.

Technical Knowledge

The first general standard states that:

the examination is to be performed by a person or persons having adequate technical training and proficiency as an auditor.

This standard is designed to ensure that the auditor has adequate knowledge of the technical area being audited (i.e., employee benefit plans) and the ability or proficiency to apply such knowledge to the audit engagement.

Of the 50 audits, we determined that 18 (36%) audits contained enough GAAS deficiencies for us to conclude that the auditor did not possess adequate technical training or proficiency to perform the engagement. We concluded that practitioners making a significant number of errors ultimately did not possess the necessary technical competence contemplated under GAAS to perform the audit engagement.

Independence

The second general standard states that:

in all matters relating to the assignment, an independence in mental attitude is to be maintained by the auditor or auditors.

The auditor has a unique responsibility to users of financial statements, because the users are relying on the work of the auditor to verify the information presented in the financial statements. Implicit in this responsibility is that the auditor be independent of the entity being audited.

Our review disclosed no cases where the auditor's independence was violated with respect to the audit of the employee benefit plan.

Due Professional Care

The third general standard states that:

due professional care is to be exercised in the performance of the examination and the preparation of the report.

The purpose of this standard is to recognize that auditors need to be diligent and conscientious in performing their duties.

Of the 50 audits, we believe that 22 (44%) audits contained deficiencies significant enough for us to conclude that the auditors had not exercised due professional care in conducting the audit engagement. We came to this conclusion because the auditor is ultimately responsible for observing the other nine standards contained in GAAS. In these cases, the auditors usually demonstrated significant violations of several other field work or reporting standards. Similar to our conclusions regarding technical knowledge, practitioners exhibiting significant numbers of GAAS deficiencies were deemed not to have exercised due professional care with respect to the conduct of the audit engagement. Indicative of this were four audit engagements where we concluded that the auditor had failed almost every GAAS requirement relating to audit planning, internal control evaluation and obtaining competent evidential matter to support their opinion on the financial statements.

Standards of Field Work

Under GAAS there are three standards of field work. These standards are designed to provide plan auditors with a basis for judging the fairness and quality of the plan's financial statements. In relation to the entire audit engagement, the field work standards could be viewed as the core of the audit process. Our review disclosed that in 44 of the 50 cases it was noted that the IQPA failed to perform work in one or more relevant audit areas relating to the field work standards.

Planning and Supervision

The first standard of field work states that:

the work is to be adequately planned and assistants, if any, are to be properly supervised.

The purpose of this standard is to recognize the difficult nature of an audit and to highlight that the successful completion of the audit engagement is dependent on proper planning. The standard also requires that all personnel working on the audit engagement be properly supervised.

This is amplified in the AICPA's Audit and Accounting Guide, Audits of Employee Benefit Plans. Chapter 5, Planning, paragraph 5.06 states:

...the planning process involves the development of an overall strategy for the expected conduct of an audit.....

Of the 50 plan audits with GAAS deficiencies, 11 (22%) of the audits demonstrated deficient work with respect to the planning and supervision of the engagement. Three audits contained no evidence that any audit planning was done by the IQPA. Additionally, eight audits contained planning work which was deemed to be insufficient or inadequate. Inadequacies in the planning work performed by IQPAs included:

lack of a specific audit program tailored to the audit of the employee benefit plan;

failure to determine the operations of the plan or current developments affecting the plan; and

failure to obtain and review such relevant documents as: plan agreements, Summary Plan Descriptions, annual reports, investment advisor agreements, etc.

Most of the deficient audits were performed by IQPAs with approximately 30 or less employees. Of these, five firms had less than five employees. We also noted that in the 11 engagements where inadequate planning occurred, there were other significant GAAS deficiencies as well. We believe this demonstrates that the failure to adequately plan and supervise the audit engagement directly affects the quality of work in other important areas of the audit process.

Internal Control Structure

The second standard of field work states that:

a sufficient understanding of the internal control structure is to be obtained to plan the audit and to determine the nature, timing, and extent of tests to be performed.

Internal controls assist plan management in recording, summarizing and reporting relevant information contained in the financial statements of the plan. By understanding the plan's internal control structure, the auditor is able to determine the nature, timing and extent of relevant audit procedures that need to be applied in the audit of the plan's financial statements.

Further guidance is contained in the AICPA's Audit and Accounting Guide, Audits of Employee Benefit Plans. Chapter 6, Internal Control Structure, paragraph 6.09, states, in part, that:

the auditor should document the understanding of the plan's internal control structure elements obtained to plan the audit.

Of the 50 audits, 11 (22%) audits evidenced either no work or significantly inadequate work with respect to obtaining a sufficient understanding of the plan's internal control structure.

Eight audits contained no evidence in the audit workpapers regarding a review of, or reliance on the plan's internal control structure;

Three audits contained inadequate workpaper documentation with respect to review/reliance on the plan's internal control structure. In these cases, discussions with the IQPA indicated some internal control work had been performed as part of the audit engagement, but the results of the work had not been documented; and

Six audits exhibited an inadequate review and understanding of the plan's internal control environment. In these cases, the IQPA failed to perform adequate audit work in six or more relevant audit areas. These six audits were also performed by small to medium size IQPAs and five of these firms had five or less employees.

We believe that an adequate internal control environment helps ensure that the plan is operated in accordance with established provisions, plan assets are protected, and participants receive the benefits due to them. The IQPA's failure to study and document the plan's internal control structure impacts not only the audit engagement, but also potentially the plan's ability to protect assets and ensure the payment of benefits.

Sufficient Competent Evidential Matter

The third standard of field work states that:

sufficient competent evidential matter is to be obtained through inspection, observation, inquiries, and confirmations to afford a reasonable basis for an opinion regarding the financial statements under examination.

This standard requires that the auditor obtain sufficient credible information during the course of the audit in order to reach a conclusion as to the reliability of the plan's financial statements. This standard can be viewed as the core of the audit engagement. The knowledge obtained and information gathered during this phase of the audit provides the basis for the IQPA's opinion on the plan's financial statements. Inadequate work in this area may result in the IQPA reaching the wrong conclusion as to the fairness of the plan's financial statements.

To assess whether the audits in our sample contained sufficient competent evidential matter, we analyzed work performed in the following 11 areas (i.e., relevant audit areas):

Investments;

Contributions;

Benefit Payments;

Participant Data;

Plan Obligations;

Prohibited Transactions;

Tax Status;

Commitments/Contingencies;

Administrative Expenses;

Subsequent Events; and

Plan Representations.

The AICPA's Audit and Accounting Guide, Audits of Employee Benefit Plans , Chapters 7 through 12, contains specific audit objectives and recommended audit procedures for these relevant audit areas.

Of the 50 audits which contained GAAS deficiencies, 42 (84%) had deficiencies with respect to obtaining sufficient competent evidential matter. Except for administrative expenses, all of the other areas we analyzed had an overall failure rate of at least 22%.

Of the 42 audits which had deficiencies with respect to sufficient competent evidential matter, 22 (52%) audits contained deficiencies in four or more of the relevant audit areas noted above.

One practitioner we visited had performed little or no work in many of the areas listed above. When questioned about the lack of work, the practitioner said his audit fee was $750 and, therefore, he performed only $750 worth of audit work. In another case, an auditor performed almost no audit work believing that the limited scope audit exemption only required that the auditor obtain a certification from the bank. In this case the IQPA essentially performed no additional audit work.

Participant Data, Plan Obligations, Benefit Payments and Prohibited Transactions

These four areas resulted in the most number of audit failures, primarily because information relating to participant data, plan obligations and benefit payments are somewhat inter-dependent. Additionally, these areas of audit are unique to employee benefit plans and, therefore, an auditor with limited employee benefit plan experience may not be aware of the significance involved with these areas.

Of the 50 audits, 39 (78%) were deemed to have failed one or more of these unique audit areas. Once again, this was due to the fact that the practitioner performed little or no work in these areas. With respect to prohibited transactions, typically the audit program used by the auditor did not address the area of prohibited transactions. Taken individually, these areas were failed at a greater rate than any of the other audit areas.

Specifically, of these 39 audits, we noted that 14 audits failed three or more of these unique audit areas. Three of these unique areas are interrelated (i.e., participant data, plan obligations and benefit payments). We noted 23 instances wherein the IQPA failed to perform sufficient work related to participant data. Furthermore, we noted that in 17 of these 23 instances the IQPA also failed to perform sufficient work in the area(s) of benefit payments and/or plan obligations.

Tax Status

Of the 50 audits, 15 (30%) audits failed to address the tax status of the plan. Once again, the failure in this area resulted because the auditor failed to perform any work in this area. We noted that in most cases, the audit program contained no specific audit procedures relating to the tax status of the plan.

Investments

Of the 50 audits, 10 (20%) contained failures with respect to audit work performed in the area of investments.

The insufficient audit work in this area consisted of:

four full scope audits in which the auditor did not test fair market valuations, investment transactions or authorizations for investment transactions; and

six limited scope audits pursuant to DOL regulations in which the auditor did not obtain the proper certification from the bank or insurance company or the certification did not cover all of the plan's assets.

Contributions

Of the 50 audits, 11 (22%) audits contained failures with respect to audit work relating to contributions.

The insufficient audit work in this area consisted of:

seven audits of multiemployer plans where the auditor failed to perform adequate work related to the contributions received from contributing employers; and

three audits of participant directed plans where the auditor did not trace the allocations of employee contributions to the investment options selected by participants.

Plan Representations

Of the 50 audits, 11 (22%) audits involved practitioners who failed to obtain client representations. Statement on Auditing Standards (SAS) No. 19, Client Representations, establishes a requirement that the independent auditor obtain written representations from management as part of an audit performed in accordance with generally accepted auditing standards.

We find the failure rate in this area especially egregious because GAAS specifically requires the plan auditor to obtain client representations in order to issue an unqualified opinion on the financial statements. Reasons for the failure to obtain client representations included: an auditor not believing these were needed and, in two cases, auditors claiming they had obtained, but subsequently lost, representation letters.

Standards of Reporting

Under GAAS there are four standards of reporting. The objective of an audit of financial statements of an employee benefit plan is the expression of an opinion by an auditor on the fairness with which the plan's financial statements present, in all material respects, the financial position of the plan and its operations in conformity with GAAP. The standards of reporting require the auditor to state whether, in the auditor's opinion, the financial statements are presented in conformity with GAAP and to identify those circumstances in which GAAP has not been consistently observed.

Of the 50 audits, our review disclosed 11 (22%) instances wherein the IQPA failed to adhere to one or more of the four established standards of reporting.

First Standard of Reporting

The first standard of reporting states that:

the report shall state whether the financial statements are prepared in accordance with GAAP.

The phrase "generally accepted accounting principles" is a technical accounting term that encompasses the conventions, rules, and procedures necessary to define accepted accounting practice at a particular time. It includes not only broad guidelines of general application, but also detailed practices and procedures. These conventions, rules, and procedures provide a standard by which to measure financial presentations. The AICPA's Audit and Accounting Guide, Audits of Employee Benefit Plans, Chapters 2 through 4, establishes GAAP for employee benefit plans and prescribes the general form and content of the financial statements of these plans.

In five instances, it was noted that the plan's financial statements were not presented in accordance with GAAP. However, the IQPA failed to reflect the departure from GAAP in their report. The five exceptions included:

one instance in which the financial statements of the plan were materially misstated due to the failure of the IQPA to determine whether the plan recorded an adjusting journal entry. The financial statements of the plan presented cash (the only plan asset) in the amount of $33,114. However, the amount of cash reported on the plan's financial statements should have been $21,834 thereby resulting in an overstatement in the plan's financial statements in the amount of $11,280;

one instance in which the financial statements of a defined benefit pension plan failed to include information regarding the actuarial present value of accumulated plan benefits and changes in accumulated plan benefits as required by the Financial Accounting Standards Board Statement of Financial Accounting Standards No. 35, Accounting and Reporting by Defined Benefit Pension Plans; and

three instances where the IQPA failed to disclose in the auditor's report that the plan's financial statements were prepared on a comprehensive basis of accounting other than GAAP and failed to express an opinion on whether the plan's financial statements were presented in conformity with the other comprehensive basis of accounting used.

Second Standard of Reporting

The second standard of reporting states that:

the report shall identify those circumstances in which GAAP has not been consistently observed in the current period in relation to the preceding period.

The objective of the consistency standard is to ensure that auditors appropriately reflect in their audit report when the comparability of financial statements between periods has been materially affected due to changes in accounting principles.

During our review, we did not note any instances where plan auditor's failed to comply with this reporting standard.

Third Standard of Reporting

The third standard of reporting states that:

informative disclosures in the financial statements are to be regarded as reasonably adequate unless otherwise stated in the report.

The AICPA's Audit and Accounting Guide, Audits of Employee Benefit Plans , Chapters 2 through 4, sets forth certain footnote disclosures that should accompany the financial statements for employee benefit plans.

Of the 50 audits, we noted five instances where the IQPA failed to comply with the third standard of reporting by failing to appropriately modify their audit report to reflect the lack of adequate footnote disclosures. Missing footnote disclosures included:

the identification of investments that represent five percent or more of the plan's net assets available for plan benefits;

information as to whether or not the plan has received a favorable tax determination ruling from the IRS;

the priorities upon termination of the plan;

the basis for determining contributions to the plan;

the funding policy of the plan; and

information regarding the method and significant assumptions used to determine the actuarial present value of the plan's accumulated plan benefits as required by the Financial Accounting Standards Board Statement of Financial Accounting Standards No. 35, Accounting and Reporting by Defined Benefit Pension Plans.

Additionally, in one instance, we noted that the financial statements of a defined contribution plan lacked all footnote disclosures.

Fourth Standard of Reporting

The fourth standard of reporting states that:

the report shall either contain an expression of opinion regarding the financial statements, taken as a whole, or an assertion to the effect that an opinion cannot be expressed. When an overall opinion cannot be expressed, the reasons therefor should be stated. In all cases where an auditor's name is associated with financial statements, the report should contain a clear-cut indication of the character of the auditor's work, if any, and the degree of responsibility the auditor is taking.

The objective of the fourth standard of reporting is to prevent misinterpretation of the degree of responsibility the auditor is assuming when his name is associated with financial statements. Reference in the fourth standard to "taken as a whole" applies to financial statements that are presented for one or more periods.

Of the 50 audits, we identified five instances where an IQPA failed to comply with the fourth standard of reporting. In these instances, it was noted that while the plan's financial statements were presented on a comparative basis, the IQPA failed to report on all years presented as required by the fourth standard of reporting.

Appendix II

Compliance With ERISA's

Reporting and Disclosure Requirements

In addition to conforming with and adhering to GAAP and GAAS, respectively, the report of the IQPA must also meet certain ERISA reporting and disclosure requirements. ERISA section 103(a)(3)(A) and DOL regulation 29 CFR 2520.103-1(b) set forth these reporting and disclosure requirements. These reporting and disclosure requirements were enacted to ensure that users (the federal government and plan participants and beneficiaries) were being provided with necessary information that may alert them to instances which could adversely impact the operation of the plan (e.g., fiduciary breaches) and/or its ability to pay plan benefits when due (e.g., losses from imprudent investments).

Non-compliance With ERISA's Reporting and Disclosure Requirements

Our review disclosed that, in the 267 audits reviewed, 88 (33%) IQPA reports failed to comply with one or more of ERISA's reporting and disclosure requirements.

Of the 88 reports identified, the area(s) of non-compliance were as follows:

Five (6%) IQPA reports did not pertain to the plan. Four of these reports pertained to the trust and one report pertained to the investment entity (i.e., insurance company). Accordingly, the subject plans had not had an audit as required pursuant to ERISA;

Forty-nine (56%) IQPA reports failed to extend to one or more of the required supplemental schedule(s). These supplemental schedules are to be attached to the plan's Form 5500 Annual Report. ERISA's reporting and disclosure requirements specifically require that, where these schedules are to be attached to the Form 5500 Annual Report, the report of the IQPA must also extend to such schedules;

In 19 (22%) instances, the required supplemental schedules failed to include all the necessary information pursuant to ERISA's reporting and disclosure requirements. The area of greatest non-compliance was due to the failure to include "participant loans" and/or "cost" information on the schedule of assets held for investment;

In four (5%) instances, it was noted that the IQPA's audit was inappropriately limited. In these instances, the IQPA stated in their report that the scope of their audit was limited pursuant to DOL regulation 29 CFR 2520.103-8. However, the financial institution holding the plan's assets did not qualify for such treatment as it was not a bank, or similar institution, or an insurance company;

In six (7%) instances, it was noted that the scope limitation provided for in DOL regulation 29 CFR 2520.103-8 was inappropriately applied. The scope limitation pertains only to investments held and investment related transactions (e.g., buys, sells, gains, losses). However, in the instance noted, the limitation was inappropriately applied to other financial areas such as benefit payments and contributions;

In 20 (23%) instances, it was noted that the statement of net assets available for plan benefits was not presented in comparative format as required by ERISA's reporting and disclosure requirements;

In seven (8%) instances, it was noted that the footnotes to the plan's financial statements failed to include a "reconciling footnote." ERISA's reporting and disclosure requirements require that an explanation of the differences, if any, between the financial information contained in the separate financial statements and reported on the Form 5500, be reconciled in the footnotes to the plan's financial statements. In the instances noted, such a reconciliation was not included in the footnotes to the plan's financial statements; and

In two (2%) instances, it was noted that while the statement of net assets was presented in comparative format, such statement was not presented as of the beginning and end of the plan year as required by ERISA's reporting and disclosure requirements. In one instance the plan was merged with another plan effective 1/01/92. However, the financial statements for plan year ended 12/31/91 were restated to combine both plans. The plan year 1991 financial statements should not have been combined. In the other case, plan year 1992 financial statements were presented as of 1992 and 1993, instead of as 1991 and 1992.

While actions taken by PWBA and the profession over the past years have achieved a reduction of approximately 50% in the overall error rate (65% to 33%), the current error rate of 33% calls for continuing efforts in this area. The filing public, as well as IQPAs, must be well informed about ERISA's reporting and disclosure requirements and PWBA must continue to take necessary enforcement actions against plan administrators who fail to meet these requirements.

Appendix III

Voluntary Feedback By IQPAs

In this era of reinvention and in an effort to provide better customer service, OCA provided a feedback questionnaire to practitioners selected for review. The questionnaire provided for practitioners to assess/rate DOL on a scale of one (strongly disagree) to five (strongly agree) in the following areas:

the conduct of the DOL representative performing the on-site workpaper review;

the sufficiency of professional guidance and training; and

the understandability of the Form 5500 and its related Instructions.

In addition, the questionnaire allowed the practitioners to provide any other additional comments or concerns they may have directly to the Chief Accountant of the PWBA.

A total of 114 responses were received from practitioners. The individual scores were compiled to arrive at an overall score for each feedback question.

U.S. Department of Labor Representative

To assess the level of customer service being provided by the DOL representative and to identify areas where improvement is needed, IQPA firms were asked to rate the following:

The DOL representative thoroughly explained the purpose and scope of the review of the firm's audit workpapers.

The overall score for this element was 4.63.

The DOL representative conducted an exit conference wherein the results of the review of the firm's workpapers were adequately discussed.

The overall score for this element was 4.62.

Where deficiencies were identified, the DOL representative adequately discussed corrective actions to be taken to bring the plan's filing into compliance.

The overall score for this element was 4.63.

Overall, we believe these scores demonstrate an excellent level of customer service.

Sufficiency of Professional Guidance and Training

In order to assess the sufficiency of professional guidance and training for IQPAs conducting audits of employee benefit plans and to identify areas where such may be lacking, IQPA firms were asked to rate the following:

Sufficient professional guidance (e.g., audit and accounting guides) exists with respect to accounting and reporting for employee benefit plans.

The overall score for this element was 3.86.

Sufficient training programs (e.g., continuing professional education courses) exist with respect to accounting and reporting for employee benefit plans.

The overall score for this element was 3.58.

Sufficient guidance exists with respect to reporting and disclosure requirements pursuant to ERISA's reporting and disclosure requirements.

The overall score for this element was 3.42.

In addition, practitioners took the opportunity to provide OCA with the following additional comments and concerns:

Most of the guides followed are prepared internally as outside literature is not as clear. Accordingly, as a member of a smaller firm, finding resources which provide clear and understandable guidance may be more difficult;

More specific guidance and training is needed in the multiemployer plan area;

Improved guidance on assessing audit requirements for health and welfare plans is needed given the various manners in which these plans are accounted for;

More continuing professional education courses on employee benefit plan are needed; and

DOL should consider developing a question and answer guide addressing certain areas of audit that are confusing. This would serve the auditors and users greatly in lessening confusion and bringing down costs to employers.

Overall, while the present guidance could be improved and expanded in certain areas, we believe that the above scores demonstrate that sufficient guidance and training is available to practitioners conducting audits of employee benefit plans. However, it is recommended that the DOL continue to work in conjunction with the profession in addressing areas where more specific guidance may be lacking (i.e., multiemployer plan area).

Form 5500 and Related Instructions

To enable DOL to determine whether the failure rate to comply with ERISA's reporting and disclosure requirements may be attributable to the complexity in completing the Form 5500, OCA asked IQPAs to assess whether the Form 5500 and related Instructions are clear and understandable. The overall score for this element was 2.90.

In addition, IQPAs provided OCA with the following additional comments and concerns:

Some IQPAs expressed difficulty in sorting through the Form 5500 and supplemental schedule requirements due to the wide divergence of application and interpretation in this area. In addition, some IQPAs indicated that, while the Form 5500 and related instructions are getting better as time goes by, the instructions still need improvement. Finally, simplification of the reporting requirements would probably improve compliance. At present, completing the Form 5500 is a very time consuming and confusing process due to the various specialized rules and reporting requirements for each of the three agencies using the Form 5500 (i.e., DOL, IRS and PBGC);

The plan's financial statements and the Form 5500 should be prepared on the same basis of accounting (i.e., GAAP basis). This would greatly assist the ease of preparation involved without losing any important information;

Because the financial community and investment accounting requirements place little value on historical cost information, it is suggested that the requirement to report historical cost information in the schedule of assets held for investment purposes be eliminated;

IQPAs need more communication regarding common reporting deficiencies so proactive corrections can take place. A report of the most common errors discovered by DOL resulting in rejection of the Form 5500 would be helpful. In addition, more time should be given to practitioners when corrective actions are to be taken;

While the AICPA audit guide is a good source for audit guidance, ERISA's reporting and disclosure requirements in the guide are not as clear as they could be; and

DOL should give IQPAs guidance on the "independence" question as it relates to performing certified audits and plan administration of the same client.

Based upon the above, we believe that the Form 5500 and related Instructions could be improved. At present, DOL is considering simplifying the Form 5500 for ERISA reporting and disclosure purposes and, as such, some of the comments and concerns expressed by IQPAs would be resolved.

Appendix IV

Sample Selection Methodology

In an effort to ensure a valid sample selection methodology, PWBA engaged the firm of Mathematica Policy Research, Inc. (MPR) to develop the sample selection. Our goal was to develop a sample that could be extrapolated to the population as a whole in determining whether or not the quality of employee plan benefit audits had improved since the OIG's assessment.

The sample design for this effort was a stratified cluster sample. The primary sampling units were zip code aggregates of all eligible plans. The sample was drawn from a universe of 51,352 plans wherein an IQPA report was filed along with the 1992 Form 5500 Annual Report filing. However, the following groups of plans were excluded from the sample universe:

Plans not covered by ERISA and plans sponsored by one-person firms;

Plans with fewer than 100 participants;

Plans with no assets and plans holding all of their assets in the form of cash which represent most unfunded welfare benefit plans. However, funded welfare benefit plans were included in the sample universe; and

Plans that were required by ERISA to file an IQPA report with their Form 5500 Annual Report filing but failed to do so. Although such plans are not in compliance with the reporting and disclosure requirements of ERISA, such plans were excluded because there would be no audit or audit workpapers to review.

The plans were then aggregated into primary sampling units. The primary sampling units were geographically clustered plans consisting of three individual plans. When a cluster was selected for the sample, all three plans were reviewed.

To ensure that the sample allowed for late filers, the sample was augmented. This was done because the exclusion of late filers could be problematic as error rates may be correlated with filing promptness. Accordingly, two cut-off dates were used to select the sample. The first cut- off date was used to select the bulk of the sample since this is when the majority of plan filings were expected to have been processed. The second cut-off date was made at a time when essentially all plan filings would have been received.

The sampling methodology resulted in a total of 276 plans initially selected for review. The first cut-off date yielded a total of 221 plans with the remaining 55 plans being selected from the second cut-off date.

Of the 276 plans selected for review, nine plans were subsequently excluded due to the following reasons:

Six plans were under active investigation by PWBA and/or involved in litigation with PWBA;

In two cases, OCA was unable to locate the plan (e.g., the request for access to the IQPA's workpapers was returned undeliverable); and

In one case, an audit of the plan was not required. Prior to OCA's review, the plan administrator amended the initial filing by submitting a Form 5500C/R because the plan had less than 100 participants as of the beginning of the plan year. Accordingly, an audit of the plan was not required under ERISA.

Additionally, while not excluded from the sample universe, OCA subsequently noted that five plans had attached the report of an IQPA. However, the IQPA's audit report did not pertain to the plan (e.g., the wrong entity was audited). Accordingly, while not in compliance with the reporting and disclosure requirements of ERISA, OCA was unable to formulate any judgements with respect to the quality and level of audit work performed for these five audits.

Since our result is based on a sample of plans, the 19% error rate is an estimate of the true percentage in the population of 51,352 plans filing an auditor's report. Based on our sample we can be 95% certain that the true rate lies between 10.9% and 27.1%. Combining this confidence region with an approximate confidence region around the OIG's estimate of 23%, we are unable to reject the null hypothesis that the true rate has remained unchanged since the time of the OIG's study. Thus, the fact that the point estimate in 1992 is lower than the point estimate in 1989 is suggestive that the true rate has declined in recent years. However, we cannot definitively rule out the possibility that the apparent decline is an artifact of sampling variation. Accordingly, we cannot conclude from a statistical standpoint that the quality of employee benefit plan audit work pertaining to the 1992 filing year has improved since the OIG's study.

Appendix V

Strengthening the Quality of Plan Audits

AICPA Comments

March 28, 1996

Mr. Ian Dingwall

Chief Accountant

Pension and Welfare Benefits Administration

U.S. Department of Labor

200 Constitution Avenue, N.W.

Washington, D.C. 20210

Dear Mr. Dingwall:

The American Institute of Certified Public Accountants (AICPA) appreciates the opportunity to comment on the Pension and Welfare Benefits Administration (PWBA), Office of Chief Accountant's (OCA) report, "Assessment of the Quality of Employee Benefit Plan Audits." With the PWBA, we will bring additional improvements in this area and strengthen the quality of employee benefit plan audits.

We are pleased to have joined with the PWBA in crafting legislation, the Pension Audit Improvement Act of 1995 (S. 1490), which was introduced in the United States Senate at the request of the Department of Labor. The AICPA has been on record since 1978 supporting repeal of the limited scope audit exemption which currently allows the plan administrator to exclude plan assets held in a common or collective trust or separate trust maintained by a bank or similar institution from the scope of the independent audit. When this occurs, in virtually all cases, the auditor will conclude that this is a significant limitation on the scope of his or her audit and will not express an opinion on the overall fairness of the financial statement presentation. This disclaimer of an opinion gives no assurance to plan participants on whether the financial statements are presented fairly in conformity with generally accepted accounting principles.. We also believe that the legislation will provide the Department with more timely notification of serious ERISA violations that may adversely affect plan assets available to pay benefits to workers and retirees.

As noted in the PWBA report, the AICPA, working with the PWBA, has made a concerted effort to improve the guidance and training available to auditors of employee benefit plans. They include revising the AICPA Audit and Accounting Guide for Audits of Employee Benefit Planssk alerts, conducting annual national conferences on employee benefit plans, developing continuing professional educational courses and technical checklists, and issuing accounting and auditing pronouncements aimed at improving plan financial reporting and providing guidance for plan auditors.

The PWBA's findings of any substandard audit quality with respect to employee benefit plan audits are a matter that the AICPA takes very seriously. We continue to encourage the PWBA to refer all cases of alleged substandard audits to the AICPA's Professional Ethics Division for investigatory and disciplinary action.

Proposed Actions to Strengthen the Quality of ERISA Audits

We have consulted with the PWBA on additional actions the AICPA and PWBA can take to strengthen the quality of ERISA audits. These actions include the following:

Communicating to AICPA members the findings noted in the PWBA's report and the importance of ERISA audits.

Developing additional audit programs, manuals, checklists, or other technical practice aids.

Strengthening additional technical support for auditors through the AICPA technical hotline.

Offering additional training programs on employee benefit plan audits.

Identifying ways the AICPA can work with state CPA societies to enhance training opportunities in employee benefit plan audits.

Improving the AICPA's peer review process relative to ERISA audits.

Developing a guide for plan administrators to use in selecting independent auditors.

Exploring the possibility of instituting an ERISA specialization for independent auditors.

The AICPA is committed to strengthening the quality of employee benefit plan audits, and looks forward to continued collaboration with the PWBA on this important matter.

Sincerely,

Original was signed by Ronald S. Cohen

Chair

AICPA Board of Directors