SAS 136: Changes to the auditor's report
ARTICLE | March 31, 2022
by RSM US LLP
As previously communicated, Statement on Auditing Standards (SAS) 136, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA, will bring significant changes for employee benefit plans and their auditors effective for audits of periods ending on or after December 15, 2021.
For employee benefit plans subject to the Employee Retirement Income Security Act of 1974 (ERISA), SAS 136 changes the look of the auditor’s report. The form and content of the auditor’s report will depend upon the type of audit.
There are generally two types of ERISA plan audits -— (a) an ERISA plan audit performed pursuant to Section 103(a)(3)(C) and (b) an ERISA plan audit other than an ERISA Section 103(a)(3)(C) audit (which may be referred to as a non-section 103(a)(3)(C) audit). Under ERISA Section 103(a)(3)(C), the audit need not extend to information prepared and certified by a bank or similar institution or by an insurance carrier that is regulated, supervised and subject to periodic examination by a state or federal agency. The conditions for this election are outlined under 29 CFR 2520.103-5 and 8. In addition, there is a similar election that applies to plan assets invested in “103-12 entities,” which is found under the ERISA regulations at 29 CFR 2520.103-12.
If plan management cannot or does not make the election for the audit to be performed under ERISA Section 103(a)(3)(C), the form and content of the auditor’s report (formerly referred to as a “full-scope” auditor’s report) will be similar to that issued for most organizations. The reporting requirements of SAS 136 generally align with the requirements of recently effective SAS 134, Auditor Reporting and Amendments, Including Amendments Addressing Disclosures in Financial Statements, which, among other enhancements, expanded the descriptions of the responsibilities of management and the auditor in the auditor’s report. However, instead of the SAS 134 requirements, the specific auditor reporting form and content requirements of SAS 136 will apply, and those requirements include some differences, such as expanded descriptions of the responsibilities of management and the auditor. For example, the description of management responsibilities will encompass maintaining the current plan instrument, including all plan amendments; administering the plan; and determining that the plan’s transactions presented and disclosed in the financial statements are in conformity with the plan’s provisions, including maintaining sufficient records with respect to each of the participants to determine the benefit due or which may become due to such participants.
If the plan is eligible for and plan management makes the election for the audit to be performed under ERISA Section 103(a)(3)(C), this no longer will result in a scope limitation in the auditor’s report. As a result, the auditor’s report for an ERISA section 103(a)(3)(C) audit will include a two-part opinion addressing (a) whether the amounts and disclosures in the ERISA plan financial statements that are not covered by the certification are presented fairly in accordance with the applicable financial reporting framework, and (b) whether the investment information in the ERISA plan financial statements related to the certified investment information agrees to or is derived from the certified investment information provided by a qualified institution.
Unique to this type of audit will be a section describing the scope and nature of an ERISA Section 103(a)(3)(C) audit, including a statement that management has elected this type of audit after having determined it is permissible in the circumstances, and has obtained an appropriate certification from a qualified institution. The auditor’s report also will include expanded descriptions of the responsibilities of management and the auditor, as well as additional descriptions of responsibilities regarding the certification and qualifications of the certifying entity. Management’s election does not affect their responsibility for the fair presentation of the ERISA plan financial statements. The report will state that the audit did not extend to the certified investment information, except for obtaining and reading the certification, comparing the certified investment information with the related information presented and disclosed in the financial statements, and reading the disclosures relating to the certified investment information to assess whether they are in accordance with the presentation and disclosure requirements of the applicable financial reporting framework.
In either type of audit, and depending on the results of the audit, the auditor may express an unmodified, qualified or adverse opinion or a disclaimer of opinion.
The auditor’s report cannot be dated any earlier than the date on which sufficient appropriate audit evidence on which to base the opinion has been obtained, including evidence that (a) all the statements and disclosures that comprise the ERISA plan financial statements have been prepared, (b) management has asserted that it has taken responsibility for those ERISA plan financial statements, and (c) the procedures relating to the draft Form 5500 have been performed, as required under SAS 136.
Regardless of whether plan management makes the election under ERISA Section 103(a)(3)(C), the auditor’s report also will include additional language in a separate paragraph regarding the ERISA-required supplemental schedules. This paragraph will clarify that the supplemental schedules are required by the U.S. Department of Labor (DOL) and that the auditor evaluated whether they are presented in conformity with the DOL’s Rules and Regulations for Reporting and Disclosure under ERISA.
Appendix A of the 2021 American Institute of Certified Public Accountants Audit & Accounting Guide, Employee Benefit Plans, includes a helpful comparison of the elements of the auditor’s report for the two types of ERISA plan audits.
Call us at +1 213.873.1700, email us at firstname.lastname@example.org or fill out the form below and we'll contact you to discuss your specific situation.
This article was written by RSM US LLP and originally appeared on 2022-03-31.
2022 RSM US LLP. All rights reserved.
RSM US Alliance provides its members with access to resources of RSM US LLP. RSM US Alliance member firms are separate and independent businesses and legal entities that are responsible for their own acts and omissions, and each is separate and independent from RSM US LLP. RSM US LLP is the U.S. member firm of RSM International, a global network of independent audit, tax, and consulting firms. Members of RSM US Alliance have access to RSM International resources through RSM US LLP but are not member firms of RSM International. Visit rsmus.com/about us for more information regarding RSM US LLP and RSM International. The RSM logo is used under license by RSM US LLP. RSM US Alliance products and services are proprietary to RSM US LLP.
Vasquez & Company LLP is a proud member of the RSM US Alliance, a premier affiliation of independent accounting and consulting firms in the United States. RSM US Alliance provides our firm with access to resources of RSM US LLP, the leading provider of audit, tax and consulting services focused on the middle market. RSM US LLP is a licensed CPA firm and the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with more than 43,000 people in over 120 countries.
Our membership in RSM US Alliance has elevated our capabilities in the marketplace, helping to differentiate our firm from the competition while allowing us to maintain our independence and entrepreneurial culture. We have access to a valuable peer network of like-sized firms as well as a broad range of tools, expertise and technical resources.
For more information on how Vasquez & Company LLP can assist you, please call +1 213.873.1700.
Subscribe to receive important updates from our Insights and Resources.