Employee Benefit Plans









What is ERISA?

The Employee Retirement Income Security Act (ERISA) of 1974 governs the operation, administration, and annual reporting for retirement and welfare plans. ERISA is a federal law that sets minimum standards for most voluntarily established pension and health plans in private industry (including non-profit organizations) to provide protection for individuals in these plans. In general, ERISA does not cover retirement plans established or maintained by governmental entities or churches. It also does not cover plans which are maintained solely to comply with workers’ compensation, unemployment, or disability laws. ERISA also does not cover plans maintained outside the United States primarily for the benefit of nonresident aliens or unfunded excess benefit plans.

ERISA is comprised of four parts:

  • Title I establishes rules for reporting and disclosure, vesting, participation, funding, fiduciary conduct, and civil enforcement and is administered by the Department of Labor (DOL), specifically the Employee Benefit Security Administration (EBSA).
  • Title II amended the internal revenue code to parallel many of the Title I rules and is administered by the Internal Revenue Service (IRS).
  • Title III is concerned with jurisdictional matters and coordination of enforcement and regulatory activities by the DOL and the IRS.
  • Title IV covers the insurance of defined benefit pension plans and is administered by the Pension Benefit Guarantee Corporation (PBGC).

What is a Defined Contribution Plan?

A Defined Contribution Plan is
a plan that provides an individual account for each participant and provides
benefits that are based on (a) amounts contributed to the participant’s account
by the employer and/or employee, (b) investment gains/losses, (c) any
forfeitures allocated to the account, and (d) any administrative expenses
charged to the plan. The total of the individual participant accounts is equal
to the net assets available for benefits. The two most common types of Defined
Contribution Plans established by non-profit organizations are 403(b) (also
known as a tax-sheltered annuity or TSA plan) and 401(k) plans.

What are the Similarities Between 401(k) and 403(b) Plans?

  • Employees may elect to have their employer withhold and contribute a portion of their wages (elective deferral) to an individual account under the plan.
  • Generally, elective deferrals are not subject to federal income tax withholding at the time of deferral, and they are not reported as taxable income on the employee’s individual income tax return.
  • Both types of plans are permitted to allow employees to designate some or all of their elective deferrals as “Roth elective deferrals” which are included in the employee’s taxable income in the year of the deferral.
  • Employers may match the amount employees decide to contribute (called a matching contribution), contribute a percentage of each employee’s compensation to the employee’s account (called a nonelective contribution), or do both.
  • Annual contribution limits exist for elective deferrals, as well as for combined employer and employee contributions. Contribution limits for 2019 can be found here.
  • Distributions, including earnings, are includible in taxable income at retirement (except for qualified distributions of designated Roth accounts).
  • Both types of plans may allow for loans or hardship distributions.

What are the Differences Between 401(k) and 403(b) Plans?

Any type or size of entity can sponsor a 401(k) plan. Only public schools (including colleges and universities), churches, and entities tax-exempt under Section 501(c)(3) of the Internal Revenue Code are eligible to sponsor a 403(b) plan.


Some types of 403(b) plans are exempt from ERISA:

  • Governmental plans (e.g., plans sponsored by a state, county, or municipality or one of their agencies, schools, or instrumentalities).
  • Church plans, unless the plan sponsor has voluntarily elected to have the plan covered by ERISA.
  • The DOL “safe harbor” rules in 29 C.F.R. § 2510.3-2(f) provide that a plan is not “established or maintained” by an employer, and, therefore, is not an employee pension benefit plan subject to Title I, if:
    is a program for the purchase of annuity contracts or custodial accounts in
    accordance with provisions of 403(b) of the Code.
    is funded solely through salary reduction agreements or agreements to
    forego an increase in salary.-Participation
    of employees is completely voluntary.-All
    rights under the annuity contract or custodial account are enforceable solely
    by the employee or beneficiary of such employee.

    employer receives no direct or indirect consideration or compensation other
    than reasonable reimbursement to cover expenses incurred in performing the
    employer’s duties pursuant to the salary reduction agreements.

-The involvement of the employer is
limited to certain optional specified activities. Generally, the employer
cannot make employer contributions, authorize plan-to-plan transfers, process
distributions, establish hardship withdrawals, make qualified domestic
relations order (QDRO) determinations, determine loan eligibility, enforce
loans, or negotiate with the plan vendor as it relates to terms of their

  • Under a 403(b) plan, investments can only be made in an
    annuity contract provided through an insurance company or a custodial account
    invested in mutual funds. This is not
    the case for 401(k) plans.
  • 401(k) plans tend to be administered by mutual fund
    companies, while 403(b) plans are more often administered by insurance


What are your Fiduciary Responsibilities in Administering your Plan?

The employer entity sponsoring the plan (plan sponsor), is responsible for keeping the plan in compliance. Many actions needed to operate a plan involve fiduciary decisions.It is important that you identify the fiduciaries of your plan. Fiduciaries are persons or entities who exercise discretionary control or authority over plan management or plan assets, anyone with discretionary authority or responsibility for the administration of a plan, or anyone who provides investment advice to a plan for compensation or has any authority or responsibility to do so. Examples of plan fiduciaries include plan trustees, plan administrators, and members of a plan’s investment committee.

What are the responsibilities of fiduciaries?

  • Act solely in the interest of the participants and their beneficiaries.
  • Act for the exclusive purpose of providing benefits to workers participating in the plan and their beneficiaries and defraying reasonable expenses of the plan.
  • Carry out duties with the care, skill, prudence, and diligence of a prudent person familiar with such matters.
  • Follow the plan documents.
  • Diversify plan investments and consider risk of loss.
  • Ensure the plan does not participate in prohibited transactions.

What are some measures a plan sponsor can take to avoid a potential breach of fiduciary duty?

  • Document the decision process for all decisions made.
  • Hire service providers with appropriate expertise.
  • Ensure that persons handling plan funds are bonded.
  • Develop strong internal controls.

What are Party in Interest (PII)/Prohibited Transactions?

Under ERISA, a PII includes:

  • A fiduciary or employee of the plan
  • Any person who provides services to the plan
  • An employer whose employees are covered by the plan
  • An employee association whose members are covered by the plan
  • Relatives of such persons

A prohibited transaction is a transaction between a plan
and a PII that is prohibited under Section 406(a) of ERISA. These transactions
generally include:

  • Sale, exchange or leasing of property
  • Loan or other extension of credit (including late deposits of participant contributions)
  • Furnishing of goods, services, or facilities
  • Transfer of plan assets to a PII for their use or benefit

What Tasks should be Performed to Ensure Compliance with ERISA?

As the plan sponsor, you are responsible for:

  • Reviewing the plan documentation for law changes and updating it as necessary.
  • Enforcing the plan’s terms for participation, contributions, distributions, loans, and hardship withdrawals.
  • Giving the required plan notices to the participants.
  • Maintaining records for participant accounts.
  • Investing the plan funds and monitoring any associated fees.
  • Following up regarding uncashed benefit checks.
  • Tracking “missing participants”.
  • Filing all required forms and documents with the IRS or DOL.
  • Determining that any required testing is performed.

Many of these duties may be outsourced to a third party service provider. The plan sponsor is responsible for monitoring any such service providers. This can be achieved by:

  • Reading any reports they provide.
  • Reviewing the service provider’s performance.
  • Asking about policies and practices that are in place at the service provider.
  • Following up on participant complaints.
  • Obtaining and reviewing a SOC report.

What is a Service Organization Controls Report (SOC)?

There are several types of SOC reports. SOC I, Type 2 reports report on the operating effectiveness of the controls in place at the service organization and are specifically intended to meet the needs of entities that use the service organization (user entities) and the CPAs that audit the user entities’ financial statements (user auditors), in evaluating the effect of the controls at the service organization on the user entities’ financial statements. A SOC report includes information regarding:

  • Types of services provided and transactions processed.
  • Procedures used to provide services and process transactions.
  • Related accounting records and supporting information.
  • Processes used to prepare reports and other information.
  • Control objectives and controls designed to achieve them.

What Internal Controls Should a Non-Profit Establish in the Management of their Employee Benefit Plan?

Controls should be established to cover each of the
following areas: (note the example controls listed in parentheses)

  • Plan investments (Ensure total plan investments equal total participant investments.)
  • Contributions received and related receivables (Ensure total contributions per plan reports equal contributions made to the plan.)
  • Benefit payments (Review of hardship withdrawals for compliance with restrictions.)
  • Participant data and plan obligations (Employee lists and data sent to third party administrators are reviewed for accuracy.)
  • Administrative expenses (Invoices are appropriately reviewed and approved.)
  • Investment return (Compare the plan’s total return to published sources.)
  • Distributions (Review the listing for unusual items).
  • Measurement and review of the plan’s financial performance (Monitor performance of plan assets or performance of investment options)

A lack of proper controls and/or oversight could result in misallocation of contributions to participant accounts, benefit payments to ineligible/incorrect individuals, and existence of ineligible or fictitious participants.

What are the Annual Reporting and Audit Requirements for Plans subject to ERISA?

IRS Form 5500, Annual Return/Report of Employee Benefit Plan, is the form used to file an employee benefit plan’s annual information return with the IRS and Department of Labor (DOL).It discloses information about the plan and its operations to the IRS, DOL, plan participants, and the public. The form is filed electronically by the last day of the seventh month after the end of the plan year. A two and one-half month automatic extension may be obtained by completing Form 5558.

IRS Form 8955-SSA, Annual Registration Statement Identifying Separated Participants with Deferred Vested Benefits, is an IRS form that ERISA plans must use to report participants who have separated from service and have deferred vested plan benefits remaining in the plan following separation. The IRS will report this information to the Social Security Administration (SSA). SSA uses the information to notify applicants, or applicants’ beneficiaries, of Social Security benefits that they may be entitled to. These benefits are deferred vested benefits payable from a prior retirement plan in which the applicant participated. The due date for Form 8955-SSA will generally be the same as the due date for Form 5500, unless an extension is obtained. A two and one-half month automatic extension may be obtained by completing Form 5558.

Does the Plan Require an Audit?

Generally, if a plan has 100 participants at the beginning of the plan year, it will require an audit. Some plans frequently fluctuate between slightly more or less than 100 participants. The DOL provides relief for such plans and states that plans with between 80 and 120 participants at the beginning of the plan year may elect the same status that was used in the previous year. For example:

  • A plan with 121 participants at the beginning of the plan year that did not have an audit in the prior year would be required to have an audit performed for the current year.
  • A plan with 100 participants at the beginning of the plan year that did have an audit in the prior year would be required to have an audit performed for the current year. Alternatively, if the plan did not have an audit in the prior year, then the plan would not be required to have an audit in the current year.
  • A plan with 79 participants at the beginning of the plan year that did have an audit in the prior year would not be required to have an audit performed for the current year.

The participant count is based on:

  • Active employees eligible to participate in the plan regardless of whether they have elected to participate in the plan
  • Retired participants with account balances
  • Ex-employees with account balances

Two types of employee benefit plan audits are available:

  • A full scope audit is an audit of the financial statements of the plan in accordance with Generally Accepted Auditing Standards.
  • A limited scope audit is an audit in which ERISA allows the plan administrator to instruct the auditor not to perform any auditing procedures with respect to information prepared and certified by a bank or similar institution or by an insurance carrier that is regulated, supervised, and subject to periodic examination by a state or federal agency.

What are the Most Common Issues Identified During Plan Audits?

  • Participants’ investment options or salary deferral amounts are not in accordance with their stated elections.
  • A lack of reconciliations or improperly prepared reconciliations by management resulting in missing contributions or improper allocations.
  • Employees are not allowed to participate because they are “part-time.”Many part-time employees have enough hours to satisfy the hour requirement.
  • Break-in-service – The organization didn’t allow participants back in the plan upon rehire in accordance with the plan document.
  • Employee and employer contributions are incorrect due to the use of a definition of compensation that is different than what is specified in the plan’s provisions. For example, if compensation as defined by the plan includes bonuses, but employee deferrals were calculated excluding bonuses.
  • Participant deferral percentages entered into payroll are inaccurate.
  • A pay period of deferrals never received by the plan. Failure to timely remit such amounts constitutes a prohibited transaction.
  • Payroll service was erroneously calculating the match by failing to treat Roth deferrals as a deferral eligible for match.
  • Late remittances of employee deferral contributions.
  • Not following hardship rules.

In Summary

The high level of scrutiny from the DOL combined with the complexity of the regulations that govern ERISA employee benefit plans creates quite a compliance challenge for organizations that sponsor such plans.

Plan sponsors should ensure that:

  • Those involved with the operation and administration activities of the plan have read the plan document and are familiar with the plan’s key provisions.
  • All plan fiduciaries have been identified and are clear about their responsibilities
  • Procedures are in place to monitor the plan’s service providers

The preceding article is an abstract from a seminar held in July by Maher Duessel.