It is the responsibility of both the Department of Labor (DOL) and the Internal Revenue Service (IRS) to make sure a participant’s account balance within their employee benefit plan is protected so that they have assets available at retirement. As a plan sponsor or a member of an organization’s leadership team, it’s your role to ensure that you have properly selected your investment advisors, auditors, custodian and monitor fees paid by the plan. By completing this, you are fulfilling a portion of your fiduciary responsibility. However, is this all you should be doing, or are you just meeting the bare minimum?
Plan sponsors, plan administrators and trustees are considered fiduciaries under ERISA, even if you aren’t specifically told, ”You are a fiduciary of the company’s plan.” This means that, as a fiduciary, you may be personally liable if the basic standards of conduct are not followed. This is an important job and a big responsibility. So, what can you do to not just protect the participants, but also yourself?
Fiduciary responsibilities cover many different aspects of plan management, depending on your role within the organization. Arguably the most important job of a fiduciary, regardless of your specific role, involves implementing internal controls over plan operations. Because errors and fraud can and do occur, establishing internal controls reduces the risk of asset loss. It also helps ensure plan information is complete and accurate, financial statements are reliable and the plans operations are conducted in accordance with the provisions of applicable laws and regulations. Below, we list internal controls that are most important for your plan:
1. Know what the definition of compensation is and check it regularly.
Do you know what your plan defines as eligible compensation for employee deferrals and for employer match/contribution? Did you know these definitions could be different? Annually review pay codes to ensure compensation in operation matches the plan document. You should also review new pay codes added during the year to determine if they are considered eligible compensation and set up properly in the payroll system.
2. Know who has access to payroll and recordkeeping systems.
Access to the payroll and recordkeeping systems is restricted to appropriate personnel. This should be periodically reviewed to ensure changes in access are processed correctly. NO ONE should share login information. A review of the systems to which an employee has access should be part of the termination process, too, so that access can be removed efficiently for all departing employees.
3. Know what the process is for entering changes to the payroll system (i.e., changes to payrates, deferrals, entering new employees).
Authorized pay rates should be communicated and entered into the payroll system in a timely fashion and reviewed at initial entry. Hours worked should be documented and approved. And most importantly when considering employee benefit plans, payroll deductions – specifically deferral elections – must be accurately and timely entered into the payroll system and reviewed upon entry. If all changes are implemented electronically by participants with the custodian, be sure that two or more people at the plan sponsor are notified of the participant deferral changes.
Maintaining and managing an employee benefit plan is a significant responsibility. But just because it is a big responsibility doesn’t mean that it needs to place a large burden on you or your employees. Having competent service providers in addition to adequate internal controls that are reviewed annually can help protect you, as the plan’s fiduciary. Contact Sikich’s dedicated employee benefit plan team and get to know our service offerings.