Hot Topics for Employee Benefit Plan A&A

Review recent legislative and regulatory development affecting the management and auditing of employee benefit plans.  

The issuance and adoption of accounting and auditing pronouncements related to credit losses and risk assessment are in the rear-view mirror. Now, legislative and regulatory developments are the hot topics for plan auditors, sponsors, and service providers.

SECURE Documentation

Signed into law in December 2022, the Setting Every Community Up for Retirement Enhancement Act (SECURE) 2.0 continues to have an impact on employee benefit plans in 2026. Since enactment, plans were able to adopt the provisions in SECURE 2.0 without formally amending existing plan documents, but that window is closing. Plan amendments for both SECURE 2.0 and the original SECURE Act are required to be made by Dec. 31, 2026 (with later deadlines for governmental and collectively bargained plans). With both mandatory and optional provisions in the SECURE 2.0 and original SECURE Act, plan sponsors should ensure that plan documents properly reflect what has been adopted and that the plan is operating in accordance with such provisions. A nonauthoritative resource, SECURE 2.0 Act of 2022 Considerations for Auditors, has been developed by the AICPA’s Employee Benefit Plan Audit Quality Center to assist in understanding the provisions of SECURE 2.0 and how they affect employee benefit plans.

Forfeitures

Numerous lawsuits allege that the use of forfeitures by defined contribution plans to offset employer contributions violates the Employee Retirement Income Security Act of 1974 (ERISA). In 2023, the IRS proposed regulations requiring forfeitures to be used within 12 months after the end of the plan year following the year of forfeiture. As of the date this column went to press, these regulations are pending approval. Due to the fact that in most cases the Department of Labor (DOL) and the courts have sided with defendants, plan sponsors should ensure that the use of forfeitures is in accordance with the plan document. They should also ensure that such use contemplates plan provisions that require the reinstatement of forfeitures when an employee is rehired within a certain period of time.

Alternative Investments

Plan sponsors are increasingly considering the inclusion of alternative investments (such as private equity, venture capital, real estate, and cryptocurrency) in 401(k) plans. This follows Executive Order 14330, Democratizing Access to Alternative Assets for 401(k) Investors, which allows 401(k) plans to hold alternative investments. In response, the DOL rescinded a 2022 Compliance Assistance Release that discouraged fiduciaries from including cryptocurrency in 401(k) plans. Release No. 2025-01 restores the DOL’s historically neutral approach to particular investment types and strategies, encouraging plan fiduciaries to consider all relevant facts and circumstances when evaluating investment types for inclusion. Plan auditors are reporting that they are seeing the inclusion of cryptocurrency and other alternative investments in 401(k) plans. Alternative investments are often associated with challenging valuation issues, so plan management may utilize a valuation specialist to determine fair value for alternative investments held by the plan. For cryptoassets, the Financial Accounting Standards Board (FASB) issued FASB Accounting Standards Update (ASU)

No. 2023-08, Accounting for and Disclosure of Crypto Assets, which requires entities to measure defined cryptoassets at fair value with changes recognized in net income. ASU 2023-08 also contains the presentation and disclosure requirements for certain cryptoassets. Chapter 11, Investments, of the AICPA Accounting and Auditing Guide, Employee Benefit Plans, contains guidance for the accounting and auditing of alternative investments in employee benefit plans.

DOL Self-Correction Program

Effective March 17, 2025, the DOL added a self-correction component to its Voluntary Fiduciary Correction Program (VFCP). The self-correction component expands the types of ERISA violations covered and allows plan sponsors to correct certain violations without a full VFCP application. The self-correction can be used to correct delinquent participant contributions to defined contribution plans if, in addition to several other key criteria, lost earnings on those delinquent contributions total $1,000 or less. Other ERISA violations eligible for self-correction include inadvertent participant loan failures involving loans from a plan to participant. Plan sponsors and plan auditors are encouraged to familiarize themselves with the changes made to the VFCP.¹ Often, ERISA violations are discovered during annual audits and may be considered reportable findings, which should be communicated with plan management and those charged with governance in accordance with U.S. Generally Accepted Auditing Standards.

It is important for plan auditors, sponsors, and service providers to stay abreast of changing legislative and regulatory requirements to remain compliant and to diagnose any changes that might be necessary down the road.

¹ www.federalregister.gov/documents/2025/01/15/2025-00327/voluntary-fiduciary-correction-program

Julie Verrekia, CPA, is director of quality control with Torrillo & Associates LLC and a member of the Pennsylvania CPA Journal Editorial Board. She can be reached at jverrekia@live.com.