An ERISA audit is an independent examination of an employee benefit plan governed by the Employee Retirement Income Security Act of 1974. It verifies that the plan's financial statements are accurate and that the plan complies with ERISA's fiduciary, reporting, and disclosure requirements. ERISA covers retirement plans (401(k), pension, profit-sharing), welfare plans (health, dental, life insurance), and other employee benefit arrangements with 100 or more participants.
ERISA is the federal law that sets minimum standards for employee benefit plans. If your company offers a retirement plan, health plan, or other employee benefit, ERISA likely governs it. The audit requirement kicks in when the plan crosses the 100-participant threshold and is designed to protect participants by ensuring plan assets are handled properly and financial reporting is accurate.
ERISA audits cover a broader range of plans than just 401(k) audits. Health and welfare plans with 100+ participants also require audits. For 401(k)-specific audit requirements, see 401(k) audit requirements. For the broader EBP category, see what is an employee benefit plan audit.
Retirement plans: 401(k) plans, defined benefit pension plans, profit-sharing plans, money purchase pension plans, ESOPs, and 403(b) plans (to the extent they hold plan assets in a trust).
Welfare plans: Group health insurance (medical, dental, vision), life insurance, disability insurance, and other employee welfare benefit arrangements. Self-funded health plans are subject to ERISA; fully insured plans have some exemptions from the audit requirement.
Exempt from ERISA: Government employee plans, church plans (unless they elect ERISA coverage), workers' compensation plans, and plans maintained outside the United States for nonresident aliens.
Who must be audited: Any ERISA-covered plan with 100 or more eligible participants at the beginning of the plan year files as a "large plan" and must include audited financial statements with the annual Form 5500.
Who performs the audit: An independent qualified public accountant (IQPA) who meets AICPA independence standards. The auditor cannot be the plan's trustee, administrator, or an employee of the plan sponsor.
Audit standards: ERISA audits follow AICPA Audit and Accounting Guide for Employee Benefit Plans, which specifies procedures for testing contributions, benefit payments, investments, participant data, and plan compliance.
Limited-scope audit: If the plan's investment information is certified by a qualified financial institution (bank, insurance company, registered broker-dealer), the auditor can perform a "limited-scope" audit that doesn't independently verify investment data. Most 401(k) audits are limited-scope because the custodian certifies the investment information.
Fiduciary compliance: Are plan fiduciaries acting in the best interest of participants? Are plan expenses reasonable? Are prohibited transactions avoided?
Contribution and benefit accuracy: Are employer and employee contributions calculated correctly per the plan document? Are benefit payments accurate?
Timely remittances: Are employee contributions deposited within the DOL's required timeframe?
Investment management: Are plan investments managed according to the investment policy statement? Are investment fees disclosed to participants?
Form 5500 accuracy: Does the Form 5500 and its schedules accurately report plan financial data, participant counts, and compliance information?
For the tools CPA firms use to process ERISA audit evidence, see best audit software for CPA firms and best financial document automation software. For extraction specifically, see how to extract audit evidence from source documents.
An ERISA audit is an independent examination of an employee benefit plan governed by the Employee Retirement Income Security Act. It verifies that the plan's financial statements are accurate and that the plan complies with ERISA's fiduciary, reporting, and disclosure requirements. Required for plans with 100+ eligible participants.
A 401(k) audit is one type of ERISA audit. ERISA audits cover all employee benefit plans governed by ERISA, including 401(k) plans, pension plans, profit-sharing plans, and welfare plans (health, dental, life insurance). A 401(k) audit specifically examines a 401(k) retirement plan. The audit procedures overlap significantly.
A limited-scope audit allows the auditor to skip independent verification of investment data if a qualified financial institution (bank, broker-dealer, insurance company) certifies the investment information. The auditor still tests contributions, distributions, participant data, and plan compliance. Most 401(k) audits are limited-scope because custodians like Fidelity and Schwab certify investment data.
Any ERISA-covered employee benefit plan with 100 or more eligible participants at the beginning of the plan year. This includes retirement plans (401(k), pension, profit-sharing) and welfare plans (health, dental, life insurance). Government plans, church plans, and fully insured welfare plans have exemptions.
ERISA audit fees range from $5,000 to $30,000+ depending on plan type and complexity. Straightforward 401(k) audits run $8,000-20,000. Health and welfare plan audits can be more complex. Defined benefit pension audits cost more due to actuarial involvement. First-year audits carry a 20-40% premium.
%20(1).svg)
