Corporations face many challenges in the management and oversight of employee benefit plans. Because the assets in these tax-qualified plans can be larger than the company, good governance is critical from both the corporate and employee standpoints.
I recently discussed the issue with Jeffrey D. Mamorsky, author of the Employee Benefits Handbook , published by West. Mamorsky is a shareholder at Greenberg Traurig, LLP in New York. He serves as employee benefits counsel to large multinational corporations and a variety of other organizations.
Craig Miller: How have the requirements for good governance in employee benefit plans changed?
Jeffrey Mamorsky: The most important governance issues currently confronting retirement plans involve the implementation of the new internal control operational compliance rules in Statement of Accounting Standards (SAS) 112/115 issued by the American Institute of Certified Public Accountants (AICPA).
As part of the annual financial audit of a retirement plan required by ERISA, auditors are now required to verify that there are internal controls in place that enable the employer plan sponsor to self-monitor it. The self-monitoring must cover financial efficiency of the plan, effective internal controls with regard to administration, and most important, that the plan is being operated in accordance with the plan document and all applicable law.
Craig Miller: Why are these new requirements in place?
Jeffrey Mamorsky: Plan auditors send a letter to the employer sponsoring the plan asking management to represent that the plan is operated in accordance with its terms and all applicable law. They do this because the third-party administrators that run the plans hire a Big 4 accounting firm to render a SAS 70 Report enabling the plan auditor to perform a limited scope audit on the plan's financials.
The problem is the SAS 70 Report only analyzes the financial efficiencies of the third-party administrator. It is replete with caveats and warnings that tell the plan auditor that the report does not relate to operational compliance and that the plan auditor needs to make sure that internal controls are in place between the employer and the plan to assure operational compliance with the plan document and applicable law.
Prior to the issuance of SAS 112/115, the plan auditor was not required to independently determine that the internal controls were in place. Although most employers had counsel review the annual plan auditor representation letter, counsel normally did not question the representation that the employer was making on plan operational compliance. They believed that the auditor had established such controls which, in fact, had not been the case because it was the responsibility of the employer.
This confusion was made worse because this representation by the employer was included as a tax footnote in the plan's financial report. A couple of years after the enactment of Sarbanes-Oxley, the AICPA issued Statement of Accounting Standard 99 (SAS 99), which says that if you have a representation in a financial report and you don't have internal control procedures in existence to test the integrity of that representation, then you're committing a material misstatement that may amount to fraud.
Craig Miller: What else needs to be addressed in a plan audit?
Jeffrey Mamorsky: Corporate counsel also needs to establish organizational and oversight governance procedures. Under ERISA, prudence is process. Counsel needs to make sure the board is protected by delegating down ERISA fiduciary responsibility from the board to either senior officers or plan committees that have the fiduciary responsibility to make sure the plan is being run properly from both a financial and administrative perspective. The committee becomes the named fiduciary of the plan. It can then outsource the liability to an independent managing fiduciary or other service provider. Once a board or a committee does that, they are insulated from ERISA fiduciary responsibility. Their only residual fiduciary liability is to demonstrate prudence in selecting and monitoring the people they have chosen to perform plan services.
It's all about achieving best practice governance. If the procedures and accounting rules we've discussed above are in place and are followed every year, counsel goes a long way in preventing liability for the company, board of directors and senior officers who may become personally liable for breach of fiduciary duty under ERISA.
Jeffrey D. Mamorsky's Employee Benefits Handbook is available on the West Web site at www.west.thomson.com. Craig Miller is vice president of the Corporate Sales & Marketing division for West, part of Thomson Reuters.
For additional insight on employee benefits, the following Westlaw databases and publications also are available:
Employee Benefits Handbook (EMBEHB)
Employee Benefits Law: ERISA and Beyond (EBLERISA)
Corporate Counsels Guide to ERISA (CCGERISA)
Employee Benefits (EMPBEN)
Corporate Compliance Series: Designing An Effective ERISA Compliance Program (CORPC-ERISA)
Andrews Pension Fund Litigation Reporter (ANPFLR)