Audits in a PEP Environment: Scope, Savings, and Sponsor Impact
For many employers, the retirement plan audit is one of the most resource-intensive aspects of sponsoring a 401(k). The emergence of the Pooled Employer Plan (PEP) under the SECURE Act has reframed this landscape by consolidating functions traditionally handled by individual plan sponsors. Understanding the audit implications in a PEP—how the scope changes, where savings emerge, and how sponsor responsibilities shift—is essential for organizations evaluating whether to join a PEP or remain in a standalone 401(k) or Multiple Employer Plan (MEP).
The audit trigger in a traditional single-employer 401(k) plan hinges largely on participant count and the Department of Labor’s “large plan” threshold. Once a plan meets that threshold, an annual independent audit is typically required, bringing with it costs, document requests, and staff time. In contrast, a PEP—administered by a registered Pooled Plan Provider (PPP)—centralizes plan governance, fiduciary oversight, and consolidated plan administration, which can alter the audit burden for adopting employers.
What a PEP Changes—and What It Doesn’t
- Centralized audit approach: In a PEP, the plan is a single plan with many adopting employers. The PPP coordinates a plan-level audit covering the consolidated plan administration, operations, and financial statements. This central audit replaces hundreds of separate audits that would have occurred across many standalone plans. Consistent controls and processes: A well-run PEP employs standardized payroll remittance processes, eligibility tracking, and investment menus across adopting employers. This uniformity can reduce audit exceptions and streamline the auditor’s work, which often translates to a more efficient audit process overall. No elimination of employer responsibilities: Joining a PEP does not absolve employers of all duties. Employers still must provide accurate and timely payroll data, monitor service providers, and ensure ERISA compliance at the employer interface points. Auditors and the PPP rely on employers to maintain clean data and timely contributions.
Scope of the Audit in a PEP
- Plan-level financial statements: The auditor opines on the PEP’s consolidated financial statements, including investments, contributions, benefits paid, and administrative expenses. Internal controls over transactions: While not always a separate opinion, auditors assess the control environment around contribution remittances, participant loans, and distributions. In a PEP, these controls are typically standardized by the PPP. Adopting employer activity: Auditors may sample transactions tied to specific adopting employers (for example, payroll remittances or eligibility determinations). Employers should expect periodic data requests and support inquiries, even though the audit is centralized. Investment operations and valuation: The audit covers the PEP’s investment platform, unit values, and fair value measurements. The PPP’s documentation of fund selection and monitoring supports fiduciary oversight considerations, though the audit itself focuses on financial reporting and compliance with plan terms.
Where Savings Can Materialize
- Fewer separate audits: Instead of each adopting employer commissioning its own audit, the PEP undergoes a single plan-level audit. This change alone can significantly reduce aggregate audit fees. Reduced internal time: HR, payroll, and finance teams frequently spend less time coordinating with auditors, pulling reports, and answering repetitive questions across multiple plan audits. The PPP and recordkeeper absorb much of that workload. Standardized evidence and controls: Auditors benefit from standardized process narratives, SOC 1 reports, and consistent documentation. This efficiency often leads to predictable timelines and fewer follow-up cycles. Negotiated economies of scale: A PPP can often negotiate competitive audit pricing and service-level expectations based on the plan’s size, which can then be reflected in lower per-employer costs.
Sponsor Impact: What Adopting Employers Still Own
- Payroll data accuracy and timeliness: The most common audit and operational findings trace back to payroll remittances. Employers must validate census data, pay codes, eligibility rules, and deduction changes. The PPP can provide tools and file formats, but data integrity rests with the employer. Local compliance touchpoints: While the PEP manages overall ERISA compliance and retirement plan administration, employers must still manage company-level actions (such as determining employee status, applying rehire rules, or documenting leave scenarios) consistent with plan terms. Vendor oversight at the employer edge: Even in a PEP, employers should conduct reasonable diligence on the PPP and participating recordkeeper. This includes reviewing service agreements, fee disclosures, and periodic performance reports as part of prudent plan governance. Communications and employee experience: Employers continue to play a role in distributing notices, facilitating enrollment, and escalating participant issues. The PPP may provide templates and fulfillment, but the employer is the on-the-ground contact.
Comparing PEP vs. MEP and Standalone 401(k) Structures
- Standalone 401(k) plan structure: Each employer maintains its own plan document, audit (if required), ERISA filings, and fiduciary committee. Flexibility is high, but so are administrative and audit responsibilities. Multiple Employer Plan (MEP): A MEP predates the SECURE Act structure and traditionally required a “commonality” among employers, though recent rule changes have evolved this. MEPs consolidate some functions but may have more variability in governance than modern PEPs. Pooled Employer Plan (PEP): Created by the SECURE Act, a PEP is overseen by a PPP that assumes key fiduciary duties and centralizes many functions, including the plan-level audit and consolidated plan administration. This structure aims to reduce redundancy and cost while tightening fiduciary oversight.
Best Practices to Prepare for a PEP Audit Cycle
- Align payroll systems early: Map pay codes, hours, compensation definitions, and eligibility markers to the PEP’s data schema. Test contribution files end-to-end before go-live and after each payroll system update. Validate SOC reports: Obtain and review SOC 1 Type II reports for the recordkeeper, custodian, and any payroll integration vendors. The PPP should coordinate this, but employers benefit from understanding control reliance. Maintain clean participant data: Annual census reconciliation, terminated participant sweeps, and address/beneficiary updates help minimize audit exceptions and improve operational accuracy. Document employer-level procedures: Keep a concise procedures guide covering how your organization handles enrollments, contribution changes, hardship requests, and payroll timing. Auditors often ask how employer processes align with plan terms. Leverage the PPP: A capable PPP will provide calendars, request lists, and standardized artifacts for the audit. Use their templates for certifications, remittance confirmations, and year-end attestations to simplify your workload.
Risk and Compliance Considerations
- ERISA compliance remains paramount: While the PPP shoulders major fiduciary functions, employers still have a duty to prudently select and monitor the PPP and other service providers. Fee transparency: Centralization should not obscure fees. Review annual fee disclosures and benchmark costs. A PEP should be able to demonstrate fee fairness across adopting employers. Operational errors: Even in centralized environments, errors occur—late deposits, loan mistakes, or eligibility misapplications. A robust correction protocol (EPCRS-aligned) and documentation with the PPP help keep issues contained.
The Bottom Line
For many employers, a PEP can reduce audit complexity and cost by shifting to a single, plan-level audit coordinated by the PPP, supported by standardized controls and consolidated plan administration. Yet success depends on employer data quality, clear procedures, and active oversight of the PPP relationship. When executed well, the PEP model can deliver measurable savings, tighter https://targetretirementsolutions.com/our-brokerdealer/ fiduciary oversight, and a more consistent participant experience than a standalone 401(k) or some MEP structures.
Questions and Answers
Q1: If I join a PEP, will my company still be audited? A1: Your company generally won’t have a standalone plan audit. The PEP undergoes a single plan-level audit. However, auditors may sample transactions tied to your company, and you will need to provide supporting data when requested.
Q2: What creates the biggest savings in a PEP audit model? A2: Replacing many individual audits with one centralized plan-level audit typically delivers the largest savings. Standardized controls and documentation coordinated by the PPP further reduce time and cost.
Q3: What responsibilities does my company keep after joining a PEP? A3: You retain responsibility for accurate, timely payroll data, local eligibility determinations, participant communications at the worksite level, and prudent oversight of the PPP and other providers.
Q4: How does a PEP differ from a MEP regarding audits? A4: Both consolidate aspects of plan governance, but a PEP—created by the SECURE Act and run by a Pooled Plan Provider—explicitly centralizes the audit and fiduciary framework, often with more standardized controls and documentation.
Q5: What should I do now to prepare for a PEP transition? A5: Coordinate with the PPP to map payroll data, review SOC reports, establish employer-level procedures, and complete trial contribution files. Early alignment minimizes audit exceptions and accelerates steady-state operations.