employee benefit plan audit peer reviewsmedia.straffordpub.com/products/employee-benefit-plan... ·...
Post on 14-Apr-2020
6 Views
Preview:
TRANSCRIPT
WHO TO CONTACT DURING THE LIVE EVENT
For Additional Registrations:
-Call Strafford Customer Service 1-800-926-7926 x1 (or 404-881-1141 x1)
For Assistance During the Live Program:
-On the web, use the chat box at the bottom left of the screen
If you get disconnected during the program, you can simply log in using your original instructions and PIN.
IMPORTANT INFORMATION FOR THE LIVE PROGRAM
This program is approved for 2 CPE credit hours. To earn credit you must:
• Participate in the program on your own computer connection (no sharing) – if you need to register
additional people, please call customer service at 1-800-926-7926 ext.1 (or 404-881-1141 ext. 1).
Strafford accepts American Express, Visa, MasterCard, Discover.
• Listen on-line via your computer speakers.
• Respond to five prompts during the program plus a single verification code.
• To earn full credit, you must remain connected for the entire program.
Employee Benefit Plan Audit Peer Reviews
THURSDAY, DECEMBER 6, 2018, 1:00-2:50 pm Eastern
FOR LIVE PROGRAM ONLY
Tips for Optimal Quality
Sound Quality
When listening via your computer speakers, please note that the quality
of your sound will vary depending on the speed and quality of your internet
connection.
If the sound quality is not satisfactory, please e-mail sound@straffordpub.com
immediately so we can address the problem.
FOR LIVE PROGRAM ONLY
Dec. 6, 2018
Employee Benefit Plan Audit Peer Reviews
Lauren Hayes, Senior Manager
Montgomery Coscia Greilich, Plano, Texas
lauren.hayes@mcggroup.com
Susan J. Peirce, CPA, MTax, Principal
Apple Growth Partners, Akron, Ohio
speirce@applegrowth.com
Notice
ANY TAX ADVICE IN THIS COMMUNICATION IS NOT INTENDED OR WRITTEN BY
THE SPEAKERS’ FIRMS TO BE USED, AND CANNOT BE USED, BY A CLIENT OR ANY
OTHER PERSON OR ENTITY FOR THE PURPOSE OF (i) AVOIDING PENALTIES THAT
MAY BE IMPOSED ON ANY TAXPAYER OR (ii) PROMOTING, MARKETING OR
RECOMMENDING TO ANOTHER PARTY ANY MATTERS ADDRESSED HEREIN.
You (and your employees, representatives, or agents) may disclose to any and all persons,
without limitation, the tax treatment or tax structure, or both, of any transaction
described in the associated materials we provide to you, including, but not limited to,
any tax opinions, memoranda, or other tax analyses contained in those materials.
The information contained herein is of a general nature and based on authorities that are
subject to change. Applicability of the information to specific situations should be
determined through consultation with your tax adviser.
• EBSA Audit Quality Initiatives
• Reporting Compliance Initiatives
• DOL Resources
• AICPA Response and Resources
Peer Review continues to be impacted by DOL initiatives
EBSA’s audit quality findings Firms auditing > 200 plans
45 firms perform 37% of the audits covering 69% of plan assets
Firms auditing between 100 and 200 plans
59 firms perform 10% of audits covering 11% of plan assets
Firms auditing < 100 plans
5,721 firms audit 53% of audits covering 20% of plan assets
From Marcus Aron presentation – AICPA EBP conference May 2018
6
EBSA activities Cycle of inspections for all firms auditing > 100 plans
Engagement reviews of smaller firm practices
From Marcus Aron presentation – AICPA EBP conference May 2018
7
EBSA’s findings Overall error rate of 40% isn’t the complete picture
Large variability – size of EBP practice is a factor
Large firms are not immune from problems
They also dabble
Their size creates different risks and problems
Peer review is not a good indicator of a quality benefit plan auditor
From Marcus Aron presentation – AICPA EBP Conference May 2018
8
Other Meaningful Quality Factors based on the EBSA findings
Peer Review is not a useful identifier of quality work In 4 of 6 strata, audits with 5+ GAAS deficiencies
were performed by firms with clean peer review reports.
9
EBSA’s list of best practices Commitment to EBP work from top down
An EBP audit pedigree as well as audit pedigree within the firm
EBP specific training and affiliation
Educate and empower staff
EBP specialists
Robust internal inspection program
Knowing who you are and when to say “no”
Stress consistency throughout EBP practice
10
AICPA Peer Review Response After the 2014 DOL report was released, AICPA
analyzed results of 109 Enhanced Oversight reviews of EBPs
Determined that the DOL audit quality study was similar to the enhanced oversight findings
Identified common areas of non-conformity
Detected misconceptions driving non-conformity
11
Enhanced oversight of EBPs 2015-2016
50%
31%
19%
Conforming engagements
Non-conforming engagements notidentified by reviewers
Non-conforming engagementsidentified by reviewers
12
AICPA enhanced oversight objectives
Objectives
Focus on must-select engagements
Identify material departures from
professional standards
Evaluate the performance of peer
reviewers
Provide education and feedback to peer
reviewers and firms
13
AICPA EBPAQC Resources
EAlerts
Webinars
Website
Member-to-member ForumResource
Centers
Tools
Primers
Plan Advisories
14
AICPA EBPAQC Planning Tool
15
Shared with
permission of
EBPAQC
16
AICPA response – Competency certificates Early April 2016, the AICPA launched an employee benefit plan
certificate program to allow practitioners to show their competency.
17
18
AICPA response – Competency certificates
AICPA response – Competency framework Creation of competency framework for employee benefit plans will
help practitioners assess whether they have the competency needed for employee benefit plan financial audits and, if not, what curriculum they need to gain competency.
19
Peer Review is Evolving Each Year
21
Enhanced Oversight “ A sound audit does not occur by chance.” Susan S. Coffey,
CPA, AICPA executive vice president
“When the enhanced oversight program first started, the focus was on detecting quality challenges, but the primary focus has evolved to determining the characteristics of the firms we find are performing well, as well as digging deeper to discover why firms with performance issues are not performing well.” Jim
Brackens, CPA AICPA vice president of ethics and practice quality.
22
Specific focus on reforms to enhance quality and accountability
2014 piloted an enhanced oversight program in which subject-matter experts conducted surprise examinations of a sample of engagements after the completion of peer review
2015 program was expanded
2016 pilot program was converted to a permanent part of the Peer Review Program and root cause analysis was introduced
23
Increased focus 2015 and 2016 peer reviews included increased focus
on specialized industries Includes employee benefit plans
Specialized industries
Areas where peer reviewers and expert noted the greatest issues
2017 peer reviews had greater expertise oversight and subject matter expert reviewers performed enhanced assessment of firms’ quality control systems
24
2018 – A Significant Difference
October 2018 Peer Review Alert included clarifications of the September 2018 Peer Alert dealing with Risk Assessment
Critical to read and review your firm’s policies
New Guidance on the Evaluation of Non-compliance with Risk Assessment Standards and its Impact to the Peer Review (PRPM Section 3100, Supplemental Guidance)
25
Use of PPC checklists
Peer Review Board expressed concern with the proper assessment of risk and linking that assessment to audit procedures.
Special Report was issued in September 2018
26
PPC Accounting & Auditing Update Sept 2018:
Quality trends based on the Enhanced Oversight
Analysis indicates the most common cause of material non-conformity in audits is a lack of adequate audit documentation
Inadequate documentation is cause of >50% of non-conformity
2019 peer reviews will have increased emphasis on audit documentation with focus on risk assessment
27
Reporting Requirements
GAAP financial statements are required
Additional regulatory requirements
DOL reporting requirements
IRS reporting requirements
Peer reviews require adherence to ALL of the above requirements
28
Reporting Guidance Related to Peer Review
AICPA Revised Interpretation 63-1Consideration for selection:
A. Reasonable cross-section of the reviewed firm’s accounting and auditing practice
B. Emphasis on higher-risk practice areas
1. Risk of engagements and types of benefit plans as part of the selection criteria
2. Limited vs. full scope
3. Types of plans (DC, DB, H&W and 403(b) plans)
C. Firm’s length of experience and number of audits performed, member’s experience and CPE/specialized training
29
Understanding the Unique Reporting Requirements of Employee Benefit Plans
Users of financial statements
Participants
Plan Sponsor
DOL
IRS
State Insurance Departments
30
Unique risks associated with different types of ERISA plans
Defined contribution – Participant account and allocation testing and timely remittance of participant contributions.
Defined benefit – Actuarial present value of accumulated plan benefits and changes in actuarial present value of accumulated plan benefits.
Health & welfare – Benefit obligations and changes in benefit obligations.
Employee stock ownership plans – Annual appraisal of securities and leveraged ESOPs
Peer reviewer must consider the unique risks and document how these risks were addressed.
31
What is the Peer Review Requirement
Licensed firms are required to have peer review
Report acceptance body is either: State peer review committee
AICPA Peer Review Board’s National Peer Review
SEC registrant’s plans are not subject to peer review
Engagements subject to GAAS, SSARA,SSAE, GAGAS and non-SEC issuers are subject to peer review
32
Impact of not enrolling or omission Firms that are not enrolled in the program as required
by AICPA membership bylaws or their state regulatory authority will be referred to AICPA Professional Ethics Division or the appropriate regulatory or licensing authority.
Firms that omit an EBP audit from the scope of their peer review will be notified that their most recent peer review acceptance letter will be recalled.
The firm will be subjected to a hearing panel
33
Peer Review deadline
Peer review is due every 3rd year, six months after the firm’s fiscal year end
This impacts plans that are reviewed
34
Preparing for a Peer Review
Every audit must meet your firm’s QC standards
Be prepared Track general data on the number, size and type of
employee benefit plan audits Peer reviewers must select engagements that are considered to
have added “risk”
full-scope audits
403(b)
ESOPs
Health and welfare
initial engagements
35
Preparing for a Peer Review (cont.)
Interviews with Firm Personnel
EBP team members need to use EBP “language” Training should start with the 1st plan audit
EBP team members need more than checklist mentality
EBP team needs specialized training
Make certain that you are in compliance with your own firm policies
Review results of prior peer review
Workpaper lockdown
Internal inspection
Use AICPA checklist for inspection36
Preparing for a Peer Review (cont.)Peer Review Checklists AICPA Peer Review Program Manual PRP §20,700
(dated September 2018)
37
Employee Benefit Plan Audit Engagement Checklist:
Preparing for a Peer Review (cont.)
38
2018 Employee Benefit Plans Must-Select FAQs:
Preparing for a Peer Review (cont.)https://www.aicpa.org/content/aicpa/eaq/aicpa-risk-assessment-resources.html
39
Preparing for a Peer Review (cont.)
Preparation for your next peer review starts as soon as the current review is completed
Correct findings immediately; avoid repeat findings
Communicate findings to your team
Consider using outside professionals to perform internal inspections
Specialized ERISA training for your team
If the outcome is poor, hire a consultant to do a more in-depth review of your ERISA practice and engagements
40
Peer Review Overview
41
Revisiting professional
standards
Anticipating peer reviewer expectations
Best practices & avoiding common auditor
documentation pitfalls
Overview of inspection
requirements & considerations
for EBPAQC members
Revisiting the Professional Standards
42
AU-C Section 230, Audit
Documentation
• Audit documentation required to contain evidence of the following:
• Auditor’s basis for conclusions about achievement of overall objectives of the auditor
• Audit was planned and performed in accordance with GAAS, and applicable legal & regulatory requirements
Revisiting the Professional Standards
43
AU-C Section 230, Audit
Documentation
• Several purposes served by audit documentation
• For engagement team:
• Assist in planning & performing the audit
• Demonstrate accountability for work performed, evidence examined & conclusions reached
• Retain record of matters of continuing significance to future audits of same entity
Revisiting the Professional Standards
44
AU-C Section 230, Audit
Documentation
• Necessary for execution of various inspections and reviews
• Quality control reviews & inspections in accordance with QC Section 10, A Firm’s System of Quality Control (SQCS No. 8)
• External inspections or peer reviews in accordance with applicable legal, regulatory or other requirements
• Subsequent year audit team members & predecessor auditor reviews
Revisiting the Professional Standards
45
AU-C Section 230, Audit
Documentation
• Form, Content & Extent
• Experienced auditor, with no prior connection to the audit, should be able to understand:
• Nature, timing & extent of procedures performed
• Results of audit procedures performed & evidence obtained
• Significant findings & issues
• Conclusions reached
• Significant judgments made in reaching those conclusions
Revisiting the Professional Standards
46
AU-C Section 230, Audit
Documentation
• A closer look at supporting nature, timing & extent of procedures performed to identify:
• Characteristics of specific items or matters tested
• Abstracts or copies of significant contracts or agreements inspected
• Who performed the work and date completed
• Who reviewed the work performed, date and extent of such review
Revisiting the Professional Standards
47
AU-C Section 230, Audit
Documentation
• Document justification for any departures from presumptively mandatory requirements
• Support sufficiency of alternative procedures performed
• Document circumstances encountered that led to additional procedures after audit report date
• Procedures, evidence & conclusions
• Resulting changes – by whom & date prepared and reviewed
Revisiting the Professional Standards
48
AU-C Section 230, Audit
Documentation
• Final audit file
• Document audit report release date
• Assemble final documentation & complete administrative process of assembling final audit file on timely basis (“documentation completion date”)
• No later than 60 days following audit report release date
Anticipating Peer Review Audit Documentation ExpectationsWritten Audit Programs and avoiding “One Size Fits All” Mentality
49
• Defined benefit or defined contribution pension
• Health and welfare benefit plansType of Plan
• Full scope
• Special considerations for plans subject to SEC filing
• Limited scope audit exemption
Engagement Scope
Anticipating Peer Review Audit Documentation Expectations
50
• Engagement quality control reviews
• Internal inspection program
• CPE and related compliance
• Independence (AICPA, DOL, SEC/PCAOB, etc.)
• Client acceptance & re-acceptance
Ensure Engagement
Quality Complies with Professional Standards
Firm’s System of Quality Controls in Accordance with Statement on Quality Control Standard No. 8
Anticipating Peer Review Audit Documentation Expectations
51
Firm’s System of Quality Controls in Accordance with Statement on Quality Control Standard No. 8
• Inspection results
• Maintenance of CPE compliance tracking mechanisms
• Policy for & results of review of certain documents by individual outside of engagement team
Measurement of Compliance
with Professional Standards
Presenter’s Bio Susan J. Peirce, CPA, MTax
Sue Peirce is a principal and leads the employee benefits audit and specialty services team at Apple Growth Partners. Sue has led the development of numerous services at the firm including specialty audit services, benefit plan design and administration, and SOC engagements. She has implemented Lean principles in the delivery of audit services to achieve more efficient processes and outcomes in audit engagements. Sue regularly writes articles, hosts webinars, and has presented at numerous events including the AICPA National Employee Benefit Plan Conference, Matrix Financial Solutions Annual Conference, and various state CPA societies.
In addition to her audit work, she provides consulting services to business owners and professionals with a special emphasis on benefit plan services. Her expertise includes a focus on qualified retirement plans and related design, compliance, non-discrimination testing, distribution and reporting issues.
Sue is a former member of the AICPA Employee Benefit Plan Audit Quality Center Executive Committee.
52
© 2018 Montgomery Coscia Greilich LLP 53
Common Plan Audit Deficiencies
EBPAQC Membership
Peer Review Process/Best Practice
© 2018 Montgomery Coscia Greilich LLP 54
COMMON PLAN AUDIT
DEFICIENCIES
© 2018 Montgomery Coscia Greilich LLP 55
ESOPs: Over 50% of plans subject to DOL inspection contained deficiencies• Failure to identify valuation of employer stock in the risk assessment
• Review of the work of the appraiser (full-scope audits)
• Testing releases of shares and purchases of shares
H&W Plans• Can be extremely complicated with various benefits included under the
plan
• Audit of the trust versus the plan
Multi-Employer Plans
High Risk Engagements
© 2018 Montgomery Coscia Greilich LLP 56
Most Common Audit Issues
• SOC analysis deficiencies
• Investment testing deficiencies
• Participant data testing deficiencies
• Documentation issues
• Non attest services
© 2018 Montgomery Coscia Greilich LLP 57
Service Auditor Reports
• Was a type 1 or type 2 SOC 1 report used as audit evidence to support the Firm’s understanding about the design and implementation of controls?
• If a type 2 is reducing procedures, was it properly evaluated?
• EBPAQC has a tool for documenting consideration of SOC reports
© 2018 Montgomery Coscia Greilich LLP 58
Risk Assessment
Recent AICPA Requirements:• Peer reviewers have been instructed to identify an engagement as “not
performed” in accordance with professional standards if the peer reviewer identifies non-compliance with the Risk Assessment Standards covered in AU-C sections 315 and 330
• Risk assessment documentation findings should be included in the oversight report as findings that result in a non-conforming engagement
• Effective for peer reviews commencing on or after October 1, 2018
© 2018 Montgomery Coscia Greilich LLP 59
Failure to gain an understanding of internal control when identifying client’s risks:
Auditors are expected to perform the following steps when gaining an understanding of internal control; an audit omitting one or more of these steps results in non-compliance
• Consider what could go wrong as the client prepares its financial statements
• Identify the controls intended to mitigate those financial reporting risks
• Evaluate the likelihood that the controls are capable of effectively preventing or detecting and correcting material misstatements.
Some auditors may indicate that the requirements of AU-C 315.14 do not apply to their client because their client has no controls. This is a false assumption.
Auditors may default to control risk at the maximum level without gaining an understanding of the client’s internal control. This is not permitted under the current Risk Assessment Standards, even when not intending to rely on tests of controls.
Auditors may reduce control risk to less than high without appropriately testing relevant controls.
Risk Assessment
© 2018 Montgomery Coscia Greilich LLP 60
Insufficient risk assessment:
Regardless of the nature and extent of substantive procedures, performing the audit in accordance with GAAS includes the following requirements for each engagement; omitting one or more of these requirements results in non-compliance
• Identify the client’s risks of material misstatement (RMM) by gaining an understanding of the client and its internal control (Identify RMM)
• Assess the risks (Assess RMM) and
• Design or select procedures that respond to those risks (Respond to RMM)
Failure to identify at least one significant risk almost always represents a failure to comply with AU-C 315.28
Failure to assess risk of material misstatement at both the financial statement level and relevant assertion-level for significant classes of transactions, account balances or disclosures represents non-compliance with AU-C 315.26
Some auditors are documenting RMM at the audit area level for every audit area, citing the risk assessment is the same for all assertions, when not all assertions are relevant
Risk Assessment
© 2018 Montgomery Coscia Greilich LLP 61
Failure to link procedures performed to the risk assessment:
Audit procedures should be responsive to the client’s financial statement-and relevant assertion-level risks for significant classes of transactions, account balances or disclosures. The linkage is at the assertion (not account) level.
Some auditors are performing the risk assessment in accordance with AU-C 315 but designing the audit procedures with little regard for the results of that assessment. If the risks are not properly reduced to an acceptably low level, the auditor hasn’t complied with the standards.
Risk Assessment
© 2018 Montgomery Coscia Greilich LLP 62
Participant Data/Accounts:
Audit Objective
To provide the auditor with a reasonable basis for concluding (a) whether all covered employees have been properly included in employee eligibility records and, if applicable, in contribution reports; and (b) whether accurate participant data for eligible employees were supplied to the plan administrator and, if appropriate, to the plan actuary
© 2018 Montgomery Coscia Greilich LLP 63
• No audit work performed or no audit documentation of testing participant data
• Testing of payroll data insufficient
✓ Risk of plan non-compliance with provisions – definition of eligible compensation (also effects contributions)
• No testing of participant eligibility, termination or forfeitures
✓ Risk of plan non-compliance with provisions – missed or late entry dates, entry date too early
✓ Forfeitures miscalculated, forfeitures not used in accordance with the plan
• No testing of investment income or investment election allocation to participants
• No reconciliation of participant accounts to total plan assets
Participant Data/Accounts:
Audit Objective
© 2018 Montgomery Coscia Greilich LLP 64
Full scope audit – To provide the auditor with a reasonable basis for concluding
a) whether all investments are recorded and exist;
b) whether investments are owned by the plan and are free of liens, pledges, and other security interest or, if not, whether the security interests are identified;
c) whether investment principal and income transactions are recorded and investments are properly valued in conformity with U.S. generally accepted accounting principles as promulgated by the Financial Accounting Standards Board (FASB) (GAAP) or a special purpose framework that is acceptable to the DOL, such as the modified cash basis of accounting;
d) whether information about investments is properly presented and disclosed; and
e) whether investment transactions are initiated in accordance with the established investment policies
Investments:
Audit Objective
© 2018 Montgomery Coscia Greilich LLP 65
Limited scope audit - The auditor’s responsibilities for any assets covered by the limited scope exception are
a) to compare the information certified by the plan’s trustees or custodian to the financial information contained in the plan’s financial statements;
b) to perform the necessary procedures to become satisfied that any received or disbursed amounts reported by the trustee or custodian were determined in accordance with the plan provisions; and
c) whether information about investments is properly presented and disclosed.
Investments:
Audit Objective
© 2018 Montgomery Coscia Greilich LLP 66
Full scope audits:• Failure to test investment transactions and/or income
• Failure to test end-of-year market values
• Failure to confirm existence and ownership of investments through direct confirmation procedures
Limited scope audits:• Failure to obtain proper certification
• Improper use of limited scope exemptions
• Failure to understand testing requirements
Inadequate or missing disclosures related to investments
Investments:
Audit Objective
© 2018 Montgomery Coscia Greilich LLP 67
To provide the auditor with a reasonable basis for concluding (a) whether the amounts received or due the plan have been determined and recorded and disclosed in the financial statements in conformity with plan documents and generally accepted accounting principles; and (b) whether an appropriate allowance has been made for uncollectible plan contributions receivable in conformity with GAAP or a special purpose framework
Contributions:
Audit Objective
© 2018 Montgomery Coscia Greilich LLP 68
• No audit work performed or no audit documentation
• Insufficient testing on contributing employers for multi-employer plans
• Failure to test compliance with compensation provisions
✓ This is the area that most non-compliance is found in a plan - Improper definition of eligible compensation
• Failure to test forfeitures
• Timeliness of participant contributions not tested
Contributions:
Common Deficiencies
© 2018 Montgomery Coscia Greilich LLP 69
Provide the auditor with a reasonable basis for concluding (a) whether the payments are in accordance with plan provisions and related documents; (b) whether the payments are made to or on behalf of persons entitled to them and only to such persons; and (c) whether transactions are recorded in the proper account, amount and period
Benefit Payments:
Audit Objective
© 2018 Montgomery Coscia Greilich LLP 70
• No audit documentation or no audit work performed
• Failure to test participant eligibility to receive benefit payments
• Failure to test approval/validity of benefit payments
• Failure to test vesting
Benefit Payments:
Audit Objective
© 2018 Montgomery Coscia Greilich LLP 71
• Lack of documentation results in a majority of peer reviewer findings
• Firms are required to document:
✓ Nature, timing, and extent of procedures
✓ Results of those procedures
✓ Any significant findings, issues, or professional judgement
• Remember…if you didn’t document the procedure, it’s considered not to have been done
Documentation:
Common Deficiencies
© 2018 Montgomery Coscia Greilich LLP 72
• No audit documentation or no audit work performed for related-party and party-in-interest transactions
• Failure to understand and/or test administrative expenses
• Inadequate planning and supervision
• Non-attest services not documented
• Reporting:
✓ Incomplete description of the plan and its provisions
✓ Failure to properly report on and/or include the required supplemental schedules relating to ERISA and DOL
Other Areas:
Common Deficiencies
© 2018 Montgomery Coscia Greilich LLP 73
Materiality
Plan Financial Statement
Level
Regulatory / Participant
Level
© 2018 Montgomery Coscia Greilich LLP 75
EBPAQCMEMBERSHIP
© 2018 Montgomery Coscia Greilich LLP 76
• Designated audit partner in charge of EBP
• Partners must be members of AICPA
• System of quality control
• Monitoring program with internal inspections
• Peer review report made public
• EBPs must be selected for peer review
• Periodically file information about EBP practice
• Pay dues established by executive committee
EBPAQC Membership Requirements
Considerations for EBPAQC Members
© 2018 Montgomery Coscia Greilich LLP 77
• Review of specific engagements
• Review of CPE records
• Review of training program (if applicable)
• Summarize and evaluate the findings
• Communicate inspection results
• Remediate issues as needed
• See AICPA EBPAQC tool on Web site
Inspection Program Requirements for
Internal and External Peer Reviews
Considerations for EBPAQC Members
© 2018 Montgomery Coscia Greilich LLP 78
PEER REVIEW
PROCESS
© 2018 Montgomery Coscia Greilich LLP 79
Peer reviewers look at the firm as a whole and perform “risk assessment.”• Understand the firm
• Commitment to the employee benefit plan practice
• Understand where the EBP practice fits in the overall firm’s practice
• Approach to maintaining quality to employee benefit plans
Peer Review Process
© 2018 Montgomery Coscia Greilich LLP 80
• Gain an understanding of the firm and assesses risk
• Select engagements
• Review engagements - AICPA EBP audit engagement checklist
✓ Report and related disclosures
✓ General audit procedures
✓Working paper areas
• Engagement team responds and clarifies any “No” answers.
Peer Review Process
© 2018 Montgomery Coscia Greilich LLP 81
Matters
• Most minor issues related to documentation, and no material misstatement
• Communicated on matters for further consideration (“MFC”)
• Still a good audit with “pass” rating
Findings
• One or more matters that suggest quality control issues
• Documented on a findings for further consideration (“FFC”) form
• If conclusion is not a deficiency or significant deficiency, = a “pass” rating
Deficiencies
• One or more findings that were material and/or not in conformity with the applicable professional standards requirements
• Rating “pass with deficiencies” report
Significant deficiencies
• Consistent findings of deficiencies
• Inadequate or insufficient procedures performed
• Material departures from applicable standards
• Rating “fail” report
Types of Observations Types of Findings
Peer Review Process
© 2018 Montgomery Coscia Greilich LLP 82
Finalize and submit the report• Read, review, and respond to MFC and FFC carefully
• Understand the requirements imposed by the standards
• Final product of a peer review is the report sent to governing bodies.
When you disagree with findings prior to issuance• Consult with the AICPA technical review committee
• State society
Peer Review Process
© 2018 Montgomery Coscia Greilich LLP 83
PEER REVIEW
BEST PRACTICES
© 2018 Montgomery Coscia Greilich LLP 84
Best Practices for Preparing
for a Peer Review
Establish organizational structure for employee benefit plans• Firm practice leader/technical resource
• Identify the engagement teams working on employee benefit plan audits
• Continuity in engagement teams
Practice makes perfect - annual internal inspections• Structure the internal reviews using AICPA checklists
• Require engagement teams to respond to findings
• Communicate the findings and remediate
© 2018 Montgomery Coscia Greilich LLP 85
Use your client management system to separately track employee benefit plan audits• Track general data on the number, size, and type of employee benefit
plan audits
Pay extra attention to the riskier types of engagements
Best Practices for Preparing
for a Peer Review
© 2018 Montgomery Coscia Greilich LLP 86
Ensure the documentation is complete and accurate• Compliance with documentation standards; AU-C section 230, Audit
Documentation
• Special emphasis on documentation of consultations and use of specialists
• Include memos to document approach
Maintain CPE records • Ensure EBP specific CPE is being provided
• Monitor EBP CPE requirement
Best Practices for Preparing
for a Peer Review
© 2018 Montgomery Coscia Greilich LLP 87
Coordinate the timing and offices to be visited by the peer review team, and ensure to communicate to your local offices
Identify and prepare those who will be involved in the peer review process• Peer reviewers generally interview members of management, quality
control and staff.
• Educate teams involved in peer review with process and rating scale
Learn from past experience• Address previous peer review comments with engagement teams
• Address quality control issues
• Consider specialized training for your teams
Best Practices for Preparing
for a Peer Review
© 2018 Montgomery Coscia Greilich LLP 88
Lauren Hayes, CPA, CIA
Lauren Hayes is a Senior Audit Manager with Montgomery CosciaGreilich, LLP, the largest locally-owned accounting firm based in theDallas/Fort Worth area. Lauren specializes in audits of employeebenefit plans and investment companies.
Lauren has extensive experience with employee benefit plans includingdefined contribution plans, defined benefit plans, health and welfareplans, cash balance plans, and employee stock ownership plans forboth public and non-public companies. Through this practice, Laurenhas aided clients with complex investment reporting and valuations,plan document compliance reviews, and related plan documentcompliance corrections.
Phone: 972-748-0351
Email: lauren.hayes@mcggroup.com
2500 Dallas Parkway, Suite 300
Plano, Texas 75093
300 Throckmorton Street, Suite 520
Fort Worth, Texas 76102
2901 Via Fortuna, Building 6, Suite 550
Austin, Texas 78746
top related