With the Patient Protection and Affordable Care Act (PPACA) going full steam ahead this year, employers are faced with a dizzying array of new reporting and disclosure requirements. Federal agencies have also been beefing up their efforts to monitor compliance with those requirements. The Department of Labor’s Employee Benefits Services Administration (EBSA) regularly conducts audits of group health benefit plans to investigate or audit the plan’s compliance.
One of the targets in the crosshairs of investigators is ERISA violations.
Although the Employee Retirement Income Security Act (ERISA) has been around since 1974, recent changes under the PPACA have added new requirements and changed reporting deadlines. According to DOL estimates, three out of four plans they audit have an ERISA violation, and about 70 percent of audits with violations result in monetary fines to the employer.
With more audits being done than ever before, you should know ahead of time what to expect.
Here’s a brief primer on the steps involved in the audit process:
1. If your company is selected for a DOL audit, an Appointment Letter or Audit Letter will be sent to the plan sponsor with a list of documents the DOL wants to review.
2. Some of the documents you’ll be asked to provide might include:
- Summary Plan Descriptions (SPD)
- ERISA benefit notices
- Summary of benefits and a coverage explanation (SBC)
- Form 5500
- Records of contributions and benefit payments
3. An auditor will conduct an onsite review based on the documents they received. What they find in those documents determines the level of review/audit:
- Limited Review – no violations found in the documents received
- Investigative Review – violations discovered in documentation
- Criminal Investigation
4. If violations are found, a Voluntary Compliance Letter will be sent explaining the violations and giving you time to correct them.
5. Closing Letter. This letter officially closes the audit, so it’s not over until you receive this.
What triggers an audit?
Every situation is different, but according to the DOL, some typical areas of concern include:
- Summary Plan Descriptions
- HIPAA compliance
- PPACA Grandfathered Plan notices and documentation of coverage for adult children
- PPACA lifetime and annual limit requirements
- Inadvertent exclusion of people who may be eligible to participate in the plan
Employers are solely responsible for ERISA compliance, and failure to comply can bring on penalties, DOL enforcement actions, and even employee lawsuits. Some infractions can cost you up to $100/day for every employee affected by a violation until the violation is corrected. The penalty for late delivery of SPD can be as high as $110/day per plan. And late filing of Form 5500 can cost you $1,100/day.
Best advice: be prepared
You need to establish written procedures for your plan administration, document everything, conduct regular internal audits, respond to employee’s questions, and get all required notices sent out in a timely manner. And don’t forget to protect yourself with insurance (fidelity bonds as required under ERISA, fiduciary liability insurance, employee benefit plan administration liability insurance, etc.).
Helpful link for more information:
- Compliance Assistance – http://www.dol.gov/ebsa/compliance_assistance.html
DOL Self Compliance Tools: