Skip to Main Content

insightsarticles

GASB releases guidance for organizations receiving relief from the CARES Act

07.21.20

Read this if you are a CFO or controller.

The Governmental Accounting Standards Board (GASB) recently provided much needed guidance for governmental organizations struggling to account for relief provided in the Coronavirus Aid, Relief, and Economic Security Act (CARES Act). In their Technical Bulletin No. 2020-1, Accounting and Financial Reporting Issues Related to the CARES Act and Coronavirus Diseases, GASB addressed a number of pressing recognition and presentation questions that you should be aware of when preparing financial statements. The following is a summary of the guidance:

  • Resources received under the Coronavirus Relief Fund (CRF) subject to restrictions should be recognized as voluntary nonexchange transactions, subject to eligibility rather than purpose restrictions. As such, the entity should recognize resources received from the CRF as liabilities until the applicable eligibility requirements are met, including the incurrence of eligible expenditures. When the eligibility requirements have been met, revenue should be recognized for CRF resources received.
  • Provisions of the CARES Act that address the entity’s loss of revenue should be considered an eligibility requirement for purposes of revenue recognition. 
  • Any possible amendments to the CARES Act issued subsequent to the statement of net position date but before the issuance of financial statements, even when enacted with retroactive provisions, do not represent conditions that existed as of the period-end being reported and should only be reported as a nonrecognized subsequent event.
  • With the exception of CARES Act funds provided through the Provider Relief Fund's Uninsured Program (operating revenues), funds received under the CARES Act are subsidies and should be reported as nonoperating revenues and presented as noncapital finance activities in the statement of cash flows.
  • Outflows of resources incurred in response to the coronavirus disease due to actions taken to slow the spread of the virus or the implementation of "stay-at-home" orders should not be reported as extraordinary items or special items.
  • In addition to the guidance provided with the Technical Bulletin, the GASB also provides a number of additional stakeholder resources that may be useful during this period on its website, including an Emergency Toolbox that provides guidance on donated assets, management’s discussion and analysis (MD&A), asset impairment, and many more. 

Please contact Robert Smalley if you have questions on the latest GASB updates.
 

Related Industries

Related Professionals

Principals

Recently the Governmental Accounting Standards Board (GASB) finished its Governmental Accounting Research System (GARS), a full codification of governmental accounting standards. The completion of the project allows preparers easy access to accounting guidance from GASB. The overall project, starting from the codification of older pre-1989 Financial Accounting Standards Board (FASB) pronouncements in 2010, was focused on pulling together all authoritative guidance, similar to what FASB had done in 2009.

Here’s what we found interesting.

Poking around the GARS (Basic View is free) I was struck by a paragraph surrounded by a thick-lined box that read “The provisions of this Codification need not be applied to immaterial items.” If you have ever read a GASB or FASB pronouncement, you have seen a similar box. But probably, like me, you didn’t fully consider its potential benefits. Understanding this, GASB published an article on its website aimed at (in my opinion) prompting financial statement preparers to consider reducing disclosure for the many clearly insignificant items often included within governmental financial statements.

After issuing more than 80 pronouncements since its inception in 1984, including 19 in the last five years, GASB accounting requirements continue to grow. Many expect the pace to continue, with issues like leases accounting, potential revision of the financial reporting model, and comprehensive review of revenue and expense recognition accounting currently in process. With these additional accounting standards come more disclosure requirements.

With many still reeling from implementation of the disclosure heavy pension guidance, GASB is already under pressure from stakeholders with respect to information overload. Users of financial statements can be easily overwhelmed by the amount of detailed disclosure, often finding it difficult to identify and focus on the most significant issues for the entity. Balancing the perceived need to meet disclosure requirements with the need to highlight significant information can be a difficult task for preparers. Often preparers lean towards providing too much information in an effort to “make sure everything is in there that should be”. So, what can you do to ease the pain?

While the concept of materiality is not addressed specifically in the GASB standards, by working with your auditors there are a number of ways to reduce the overall length and complexity of the statements. We recommend reviewing your financial statements periodically with your auditor, focusing on the following types of questions:

  • On the face of the financial statements, are we breaking out items that are clearly inconsequential in nature and the amount?
  • Are there opportunities to combine items where appropriate?
  • In the notes to the financial statements are we providing excessive details about insignificant items?
  • Do we have an excess amount of historical disclosure from years past?
  • In the management’s discussion & analysis, is the analysis completed to an appropriate level? Is there discussion on items that are insignificant?

The spirit behind the box is that GASB was specifically thinking about material amounts and disclosures. It was not their intention to clutter the financials with what their article referred to as “nickel and dime” items. With more disclosure requirements on the way, now might be the time to think INSIDE the box.  

For more guidance on this and other GASB information, please contact Rob Smalley.

Article
Extra information for GASB organizations: How to lessen information overload

Recently, federal banking regulators released an interagency financial institution letter on CECL, in the form of a Q&A. Read it here. While there weren’t a lot of new insights into expectations examiners may have upon adoption, here is what we gleaned, and what you need to know, from the letter.

ALLL Documentation: More is better

Your management will be required to develop reasonable and supportable forecasts to determine an appropriate estimate for their allowance for loan and lease losses (ALLL). Institutions have always worked under the rule that accounting estimates need to be supported by evidence. Everyone knows both examiners and auditors LOVE documentation, but how much is necessary to prove whether the new CECL estimate is reasonable and supportable? The best answer I can give you is “more”.

And regardless of the exact model institutions develop, there will be significantly more decision points required with CECL than with the incurred loss model. At each point, both your management and your auditors will need to ask, “Why this path vs. another?” Defining those decision points and developing a process for documenting the path taken while also exploring alternatives is essential to build a model that estimates losses under both the letter and the spirit of the new rules. This is especially true when developing forecasts. We know you are not fortune tellers. Neither are we.

The challenge will be to document the sources used for forecasts, making the connections between that information and its effect on your loss data as clear as possible, so the model bases the loss estimate on your institution’s historical experience under conditions similar to those you’re forecasting, to the extent possible.

Software may make this easier… or harder.               

The leading allowance software applications allow for virtually instantaneous switching between different models, permitting users to test various assumptions in a painless environment. These applications feature collection points that enable users to document the basis for their decisions that become part of the final ALLL package. Take care to try and ensure that the support collected matches the decisions made and assumptions used.

Whether you use software or not there is a common set of essential controls to help ensure your ALLL calculation is supported. They are:

  • Documented review and recalculation of the ALLL estimate by a qualified individual(s) independent of the preparation of the calculation
  • Control over reports and spreadsheets that include data that feed into the overall calculation
  • Documentation supporting qualitative factors, including reasonableness of the resulting reserve amounts
  • Controls over loan ratings if they are a factor in your model
  • Controls over the timeliness of charge-offs

In the process of implementing the new CECL guidance it can be easy to focus all of your effort on the details of creating models, collecting data and getting to a reasonable number. Based on the regulators’ new Q&A document, you’ll also want to spend some time making sure the ALLL number is supportable.  

Next time, we’ll look at a lesser known section of the CECL guidance that could have a significantly negative impact on the size of the ALLL and capital as a result: off-balance-sheet credit exposures.

Article
CECL: Reasonable and supportable? Be ready to be ALLL in

By now you have heard that the Financial Accounting Standards Board’s (FASB) answer to the criticism the incurred-loss model for accounting for the allowance for loan and lease losses faced during the financial crisis has been released in its final form. The Current Expected Credit Loss model (CECL), which was developed through an arduous (and sometimes contentious) process following the crisis, will bring substantial changes to the way community banks account for expected losses in their loan portfolios. 

Working closely with community banks in the years building up to final issuance, we recognized an uncomfortable level of uncertainty created by the ever-changing proposals and lack of concrete examples. Now that the guidance is final, we feel a strong sense of responsibility to provide our interpretations, thoughts and insights where we can. As the FASB has shown recently with its new revenue pronouncement, there is a good chance that updates to the guidance will occur as we move closer to the implementation dates. The banking regulators who have thus far been mostly silent on the guidance will also have their interpretations.

We find that with substantial new guidance breaking it down into bite size pieces can be the best approach to understanding and implementation. With that said, this is the first of a number of planned articles from BerryDunn to do just that.

Building your team

One of the first things your institution should do is create an implementation team. Building it now with staff from diverse backgrounds and experience including finance, lending and collections will bring significant rewards in the long run. This is also a good time to consider opportunities to include your auditor in the process. Ultimately, you will need them to perform audit procedures on your CECL allowance as part of your financial statement audit. That also means your model and the resulting estimate must be auditable. Including auditors in the early stages should also help your team think about implications the audit requirements may have for expectations related to retaining documentation and supporting assumptions. In addition, your auditor may be able to share observations based on how other institutions are implementing CECL that may be helpful for your team.  Auditors can do all this while maintaining independence if their services are structured properly.

When your team is assembled and is up-to-speed on the basics of what CECL is and isn’t, defining the team’s goals and creating a roadmap to get there will be your keys to success. And asking the right questions while creating the roadmap is a great place to start. 

Questions to consider:


What available method (under CECL) is the best fit for the institution?
We expect that largely most community institutions will start with a top-down approach using an adaption from their current loss-rate approach to reflect the change from the old incurred loss method to the “life of the loan” current expected credit loss method. We believe the following step-by-step model will be one practical approach that should fit most community banks and credit unions:

  1. Determine which loans for specific reserves are appropriate, much in the same manner as you’re likely doing now. The notion of “impaired” loans goes away with CECL; a loan should be evaluated specifically if the institution becomes aware of loan-specific information indicating it has an exposure to loss that differs from other loans it’s been pooled with. In practice, we think that’ll be largely the same loans that are currently being identified as impaired.
  2. Secondly, for the rest of the portfolio:
    1. Group loans by common characteristics – same as you are likely doing now. These groups can match your portfolio or class groupings used now in financial reporting, but can also be broken down further.
    2. For each group, create subgroups for each origination year. One of the disclosure requirements in the guidance suggests the current year and previous four years are the critical ones to focus on; anything older than five years could be combined together.
    3. For each subgroup:
      1. Establish economic and other relevant conditions for the average remaining term of loans in the subgroup. This will be a combination of forecasted conditions for the near future, probably based on the Fed’s three-year forecast, and long-term historical conditions for the remaining average loan term.
      2. Select an historical loss period that best approximates the conditions established in 2c(i).
      3. Determine average remaining lifetime losses for the historical loss period established in 2c(ii) for that loan type.
      4. Adjust the average determined in 2c(iii) for any current or expected conditions that you believe are different from this historical data. The regulators have indicated their expectation that these will likely be the types of items for which qualitative factors have been developed under the incurred loss model, or a subset thereof.

These adjustments should themselves be based on historical data, or peer historical data if institution-specific data isn’t available (for example, a new loan product); for example, a 25 basis point upward adjustment for actual and expected declines in real estate values beyond the average in the historical period in 2c(ii) should be supported by data that shows a 25 basis point increase in losses for this type of loan in previous periods in which real estate values had shown a similar decline.

What data do we need to start collecting?
The clock has started! The CECL model requires analysis of loss rates and environmental factors. Detailed loss-rate calculations for as far back as you can get is your goal. The next step after collecting the historical data on your losses is to document other factors that were in play during each period. You will also need to consider the factors that affected charge-off rates for different periods. Changes in overall economic conditions, underwriting (both risk and quality), the legal environment and other factors need to be documented and correlated to trends in charge-offs. Remember one of the first steps in preparing a CECL model is to decide which time period of losses best matches the current environment. Without considering the full picture, including the external forces in play, it will be impossible to select an appropriate time period.

How do we retain and access that data?
Many core providers restrict access to older loan level data, and in some cases historical information is readily available only for very short time periods. Knowing the restrictions on your older data will be key in planning for CECL. The model suggests that a starting point for considering historical data needs is to consider what time periods matter. This may vary for different types of loans.

Some core providers have started reaching out to their institutions to discuss CECL and options for collection of data through webinars and one-on-one meetings. Consider reaching out directly to your provider to see what options in terms of data collection, retention and reporting will be available to your team.

What is the next step?
Build a simple model so that your team can better grasp and discuss the fundamentals of CECL. This can serve to solidify the concept of “life of loan losses” vs. the incurred loss method, as well as get your task force focused on what is important in collecting data.

Now that you’ve got your team assembled and have begun to tackle these questions, it’s time to look at other factors to consider. In our next installment, we’ll take you through how to implement CECL for loans obtained in a merger or acquisition. In the meantime, please call us if you have any questions.

Article
CECL: Where to start

Read this if you are responsible for cybersecurity at your organization. 

During the financial audit process auditors are required to develop and confirm their understanding of Information Technology (IT) and cybersecurity practices as it relates to financial reporting to better understand risks and because of auditors’ heavy reliance on data pulled from accounting information systems. As auditors, we have seen a significant increase in the amount of impactful incidents affecting not-for-profit organizations and our IT security experts often share valuable advisory comments in annual audit communications with our clients. With recent incidents and a very rapidly changing business environment, here are the three most important from the last six months that impact all not-for-profits. 

Board oversight of cybersecurity 

Cybersecurity gaps within an organization’s systems may lead to risk exposure and have material impacts on all aspects of operations. Responsibility for cybersecurity controls and for establishing a culture of awareness and security should come from the Board and senior leadership. Board members and senior leaders should stay apprised of cybersecurity efforts on a regular basis and incidents should be summarized and reported on a quarterly basis. 

The Board should also consider adding a member who is a professional with IT and cybersecurity experience to help manage and understand the specific risks to the organization and help drive and support cybersecurity efforts.

Ransomware threats and preventive controls

The use of ransomware as a profitable attack on organizations by hackers continues to rapidly increase. Within the last year there have been multiple high-profile incidents that illustrate the impact of a successful attack. These impacts fall into two main areas. One impact may be financial, as millions of dollars are paid to the bad actors as ransom in hopes of being able to regain control of systems. The second impact is operational, resulting in a loss of control of systems and data during the event. Potentially, an unsuccessful data restoration could result in the total loss of information and data maintained on your networks. 

Though no organization may be able to prevent a ransomware attack from occurring entirely, there are basic cybersecurity controls that help reduce the likelihood and impact of an attack. Preventive controls may include: 

  • Security awareness training on phishing emails and overall IT security practices for all organization users
  • Multi-factor authentication 
  • Access controls that prevent users from installing unapproved software onto organization-owned workstations and networks
  • Anti-malware software installed on devices that connect to organization systems 
  • Use of Zero Trust data management tools for backups
  • Disabling macros in emails (prevents back-end processes from automatically running) 

In addition to including these preventive controls to your cybersecurity program, your organization should assess current corrective controls already in place to react to a ransomware event if one is detected or reported. Corrective controls may include:

  • Disaster recovery plans/business continuity plans 
  • Incident response plans
  • Backup controls and restoration tests 

As the risk of ransomware continues to increase and the types of attacks continue to increase in sophistication, your organization should consider regular assessments of IT controls and cybersecurity practices on a regular basis. Such assessments may be performed in conjunction with annual financial statement audits as an expanded scope and/or as a separate annual IT assessment. 

COVID-19 IT considerations 

The global COVID-19 pandemic significantly impacted nearly every aspect of modern life, including the way we work. As personnel were sent home and literally became a remote workforce overnight, changes to IT systems and controls rapidly adjusted to accommodate this new way of business. 

Where controls and procedures were adjusted, if not suspended, your organization should review those changes and determine if controls should revert back to the pre-pandemic process—or be formally changed and documented as policy. 

Guidance from the American Institute of Certified Public Accountants (AICPA) dictates that a gap in controls associated with the pandemic is not a legitimate reason for not completing a control and that any changes must be documented and properly managed.  

Well over a year into the pandemic, the concept of a hybrid workforce has emerged as the predominant way employees and businesses want to work. Your organization should review current policies and procedures that may pre-date the pandemic to ensure that the updates both document and consider the current business environment. 

Additionally, with personnel working remotely or in a hybrid model, or a combination of both, you should assess practices for managing remote access and a hybrid workforce and, where needed, implement industry best-practice tools and procedures to accommodate a remote workforce while maintaining security controls. If you have questions regarding you cybersecurity procedures or want to learn more, please contact our team. We’re here to help. 
 

Article
Cybersecurity update for organizations: Considerations for boards and senior management

Read this if you are a plan sponsor of employee benefit plans.

This article is the eleventh in a series to help employee benefit plan fiduciaries better understand their responsibilities and manage the risks of non-compliance with Employee Retirement Income Security Act (ERISA) requirements. You can read the previous articles here.

Most employee benefit plans have outsourced a significant portion of the internal controls to a service organization, such as a third-party administrator. The plan administrator has a fiduciary responsibility to monitor the internal controls of the service organization and to determine if the outsourced controls are suitably designed and effective.

SOC 1 reports: Internal controls and financial reporting

Generally, the most efficient way to obtain an understanding of the outsourced controls is to obtain a report on controls issued by the service organization’s auditor. Commonly referred to as a System and Organization Controls (SOC) report, the SOC report should be based on the American Institute of Certified Public Accountants’ (AICPA) attestation standards and should cover internal controls relevant to financial reporting, also known as a SOC 1 report (the “1” indicating it covers internal controls over financial reporting).

Plan sponsors should perform a documented review of the SOC 1 report for each of the plan’s significant service organizations. The documented review should include the plan sponsor’s assessment of the complementary user entity controls outlined in the SOC 1 report. The complementary user entity controls are internal control activities that should be in place at the plan sponsor to provide reasonable assurance that the controls tested at the service organization are operating effectively at your plan. If a service organization’s internal controls are operating effectively, but complementary user entity controls are not in place at your organization, the effectiveness of the service organization’s internal controls may not transfer to your plan’s operations.

Creditability and CPA firms: Considerations

Creditability of the CPA firm completing the SOC 1 report examination may impact the reliability of the CPA firm’s opinion and thus your reliability on the service organization’s internal controls. Unfamiliarity with the service auditor’s qualifications may be mitigated through additional research. Items to consider are: 

  • The firm’s expertise in SOC 1 reporting
    • Are they familiar with the service organization’s industry?
    • How many professionals do they have that perform SOC 1 examination services?
  • The evaluation of AICPA peer reviews 
    Audit firms are required to have a periodic peer review conducted. The results of the peer review are public knowledge and can be found on the AICPA’s website.
    • Did the service auditor receive a “pass” rating during their most recent peer review?
    • Did the peer review cover SOC 1 examination services?
  • Evaluation of the service organization’s due diligence procedures surrounding the selection of an auditor

Some of this information may be readily available via the service auditor’s website, while other information may need to be gathered through direct communication with the service organization. A qualified service auditor should be able to provide a SOC 1 report that contains sufficient detail, relevant transactional activity, relevant control objectives, and a timely reporting period.

SOC 1 reports may contain an unqualified, qualified, adverse, or disclaimer of opinion. The report determines if the controls in place are adequate for complete and accurate financial reporting. Report qualifications may affect the risk of relying on the service organization and may result in the need for additional procedures or safeguards to help ensure the plan’s financial statements are presented fairly. Even if the SOC 1 report received an unqualified opinion, you should review the controls tested by the service auditor and the results of such testing for any exceptions. Exceptions, even if they don’t result in a qualified opinion, may have an impact on the plan’s control environment. 

You should also review the scope of the audit to check that all significant transaction cycles, processes, and IT applications were properly assessed for their impact on the plan’s financial statements. Areas outside the scope of the SOC 1 report may require additional consideration, including the possibility of obtaining more than one SOC 1 report for subservice organizations whose functions were carved out from the service organization’s SOC 1 report.

Subservice organizations

Subservice organizations are frequently utilized to process certain transactions or perform certain functions at the service organization. Management of the service organization may identify certain transaction cycles and processes that are performed by a subservice organization and choose to exclude relevant control objectives and related controls from the SOC 1 report description and the scope of the auditor’s engagement. In such cases, multiple SOC 1 reports may need to be acquired to gain adequate coverage of all controls and objectives relevant to your plan. 

Furthermore, you need to consider the time period the SOC 1 report covers. Coverage should be obtained for your plan’s full fiscal year. For SOC 1 reports that lack coverage of your plan’s full fiscal year, a bridge letter should be obtained to help ensure that no significant changes in controls occurred between the SOC 1 report examination period and the end of your plan’s fiscal year.

Although plans commonly outsource a significant portion of their day-to-day operations to service organizations, plan fiduciaries cannot outsource their responsibilities surrounding the maintenance of a sound control environment. SOC 1 reports are a great resource to assess the control environments of service organizations. However, such reports can be lengthy and daunting to review. We hope this article provides some best practices in reviewing SOC 1 reports. If you have any questions, or would like to receive a copy of our SOC 1 report review template, please don’t hesitate to reach out to our Employee Benefits Audit team.

Article
Service organizations and review of SOC 1 reports: Considerations and recommendations

Read this if you use QuickBooks online.

The money you spend to run your business must be recorded conscientiously for your taxes and reports. Here’s how to do it.

You undoubtedly keep a very close watch on the money coming into your business. You record payments as soon as they come in and deposit them in your company’s bank account. But are you as careful about your purchases?

It’s easy to go out to lunch with a client and forget to save the receipt. You figure it’s not that much money, anyway. Or you pick up a ream of printing paper and a cartridge at the office supply store and neglect to record the purchase. When you disregard even small expenses, you can have two problems. One, your books won’t be accurate. And two, you never know how an extra $42.21 under Meals and Entertainment might affect your income taxes.

QuickBooks Online provides two ways to enter expenses. You can create a record on the site itself. Or you can snap a photo with your phone using the QuickBooks Online mobile app to document the money spent. Here’s how these two methods work.

Documenting at your desk

Let’s say you just had lunch with a vendor to discuss some products you’re planning to buy for a project you’re doing for a customer. You charged it to your company credit card, which you track in QuickBooks Online. You still have to enter it as an expense on the site so that when your credit card statement comes, you can match the credit card transaction to the expense you recorded.

Hover over Expenses in the navigation toolbar and click on Expenses. Click the down arrow in the New transaction button and select Expense. Fill in the fields at the top of the screen with details like Payee, Payment date, and any Tags you want to specify. Under Category details, select the correct category from the drop-down list and enter a Description and Amount

QuickBooks Online allows you to thoroughly document expenses. You can attach a picture of a receipt if you’d like.

Since you’re going to bill this to the customer as a part of your project fee, click in the Billable box to create a checkmark. Select the Customer/Project. Add a Memo to remind yourself of the reason for the lunch (very important!) and attach a photo of the receipt if you take one. Click Save. Your record of the lunch will now appear on the Expense Transactions screen. It will also show up in the Expenses by Vendor Summary and Unbilled Charges reports, among others.

Recording with QuickBooks Online on the road

In the example we just went through, attaching a photo of the receipt was the last thing we did to record an expense in QuickBooks Online. There’s another way to document a purchase that starts with a photo of a receipt and should save you a bit of data entry: using the QuickBooks Online mobile app. The app uses Optical Character Recognition (OCR) to “read” the receipt and transfer some of its data to fields on an expense record. (If you haven’t installed the QBO app on your smartphone, you should. You can do a lot of your accounting work that synchronizes automatically with QBO. It’s free, too.)

Open the app and log in. On the opening screen, you’ll see an icon labeled Snap Receipt. Click on it, and your phone’s camera will open (you’ll be asked for permission to use it). Position your phone over the receipt and move it around until you see the blue box covering the content of the receipt.  Take the picture. You’ll see it displayed on the phone with a message saying, “Use this photo.” If it seems OK, click the link. 

A message on the screen will tell you that the upload is complete and that the app is extracting the information from it. Click “Got it!” It should only take about a minute for your receipt to appear in the list on the Receipt snap screen. You’ll see the details that the app has pulled from your receipt. Tap the matching expense and click Done on the next screen.

You can snap a photo of the receipt in the QuickBooks Online mobile app, and some fields will be automatically entered on a receipt form in QBO.

When you’re back at your computer, open QuickBooks Online and go to Transactions | Receipts. At the end of the row that contains your receipt, click the down arrow next to Delete and select Review. QBO will display the partially-completed receipt form next to the photo you took of the receipt. Fill in any missing fields and save the transaction. Click Create expense on the screen that opens. Then open the Expenses menu and select Expenses, and there should be an entry for the receipt you just added.

This tool isn’t perfect, of course. Every receipt has different fields in different places, and sometimes they’re just not very readable. But in our tests, the app picked up an average of four fields.

Documenting your expenses using one of these two methods is so important. It will help you remember why you stored the receipt and make your reports more accurate. As long as you’re categorizing each transaction correctly, it will also make your tax preparation easier and faster and ensure that you’re charging customers for billable expenses. And if you’re ever audited, your careful work will come in handy.

QuickBooks Online does expense management well, but there are enough moving parts in these recording tools that you may have some questions. Please contact our Outsourced Accounting team. We're here to help. 

Article
Record expenses in QuickBooks Online and on your phone

Read this if you are a plan sponsor of employee benefit plans.

This article is the tenth in a series to help employee benefit plan fiduciaries better understand their responsibilities and manage the risks of non-compliance with Employee Retirement Income Security Act (ERISA) requirements. You can read the previous articles here

ERISA bonding requirements

Generally, every fiduciary of a plan and every person who handles funds or other property of the plan must be bonded. ERISA's bonding requirements are intended to protect employee benefit plans from risk of loss due to fraud or dishonesty on the part of persons who handle plan funds or other property. ERISA refers to persons who handle funds or other property of an employee benefit plan as plan officials. A plan official must be bonded for at least 10% of the amount of funds he or she handles, subject to a minimum bond amount of $1,000 per plan with respect to which the plan official has handling functions. In most instances, the maximum bond amount that can be required under ERISA with respect to any one plan official is $500,000 per plan. If the plan holds employer securities, the maximum required bond amount increases to $1,000,000. The bond must be fixed or estimated at the beginning of the plan's reporting year; that is, as soon after the date when such year begins as the necessary information from the preceding reporting year can practicably be ascertained. The amount of the bond must be based on the highest amount of funds handled by the person in the preceding plan year. Bonds must be placed with a surety or reinsurer that is named on the Department of the Treasury's Listing of Approved Sureties, Department Circular 570.

The US Department of Labor Field Assistance Bulletin No. 2008-04 provides answers to a number of questions that have been raised concerning the bonding rules.

Compliance testing

The Internal Revenue Code requires retirement plans to undergo certain non-discrimination and compliance testing on an annual basis to ensure contributions or benefits do not discriminate in favor of highly compensated employees and contributions are not in excess of amounts prescribed by the Internal Revenue Service (IRS).

The tests the plan should perform varies based on the plan’s provisions. However, some of the more common tests for defined contribution plans are:

Actual Deferral Percentage (ADP) Test: This test ensures employee salary deferrals made to the plan do not disproportionately benefit highly compensated employees (HCEs). If this test is failed, the most common correction method is distributing excess contributions to HCEs in the amount necessary to make the test pass. Corrections should be made no later than two-and-a-half months following the close of the plan year to avoid a 10% excise tax. The final deadline is 12 months following the close of the plan year.

Actual Contribution Percentage (ACP) Test: This test ensures the matching and voluntary employer contributions made to the plan do not disproportionately benefit HCEs. If this test is failed, the most common correction method is removing excess contributions from HCE’s accounts in the amount necessary to make the test pass. These excess contributions do not leave the plan. Rather, they are transferred into the forfeiture account of the plan, typically to be used to pay plan expenses or fund future employer contributions. Corrections should be made no later than two-and-a-half months following the close of the plan year to avoid a 10% excise tax. The final deadline is 12 months following the close of the plan year.

416 Top Heavy Test: This test ensures key employees do not represent a disproportionate percentage of plan assets. If this test is failed, the most common correction method is to allocate a 3% top heavy minimum contribution to non-key participants (any participant that is not a key employee). Other employer contributions can be used to offset the 3% contribution. Corrections should be made no later than 12 months following the close of the plan year in which the plan is top heavy.

The ADP, ACP, and Top Heavy Tests can be forgone if the plan qualifies for safe harbor status. Also, 403(b) plans are not required to perform the ADP nor the top-heavy test.

410(b) Minimum Coverage Test: This test ensures each contribution made to the plan benefits a sufficient percentage of non-HCEs. This test is performed for each different contribution type offered within the plan. If this test is failed, the most common correction method is to retroactively amend the plan to benefit more non-HCEs until the test passes. Corrections should be made no later than nine-and-a-half months following the close of the plan year in which the failure occurred.

402(g) Elective Deferral Limit: Participants are limited in the amount of elective deferrals they may contribute to qualified plans and thus exclude from taxable income each calendar year. If a participant contributes in excess of this limit, the most common correction method is to distribute the excess contribution amount. In 2021, the 402(g) Elective Deferral Limit is $19,500. Corrections should be made no later than April 15th following the close of the calendar year during which the excess deferral was made.

415(c) Annual Addition Limit: Participants are also limited in the amount of total contributions that can be credited to their account each limitation year (usually the plan year). If a participant receives total contributions in excess of this limit, the most common correction method is to first distribute elective contributions in excess of the limit. If an excess still remains, employer contributions should then be transferred to the plan’s forfeiture account. In 2021, the 415(c) Annual Addition Limit is $58,000. Corrections should be made no later than nine-and-a-half months following the close of the limitation year in which the failure occurred.

ERISA bonding requirements and compliance testing, although not necessarily related, are two of the compliance matters we, as auditors, commonly look at during our audits. For ERISA bonding requirements, we review to make sure the plan had adequate coverage and the bond is with an approved surety. For compliance testing, we look to make sure the testing has been performed and failed tests, if any, have been appropriately and timely resolved. Plan fiduciaries are not alone in addressing these matters—insurance carriers can help guide plan management in finding a fidelity bond appropriate for their plan and third-party administrators will typically perform compliance testing on behalf of the plan and guide plan management through any necessary corrections. However, it is still important for plan fiduciaries to be aware of the overall purpose of the bonding requirements and the compliance tests and be familiar with the correction methods and deadlines.

If you would like more information, or have specific questions about your specific situation, please contact our Employee Benefits Audit team.

Article
Other ERISA compliance matters: ERISA bonding requirements and compliance testing

Read this if you use QuickBooks online.

There are always more things to learn about the applications we use every day. Here are some tips for expanding your use of QuickBooks Online. 

We tend to fall into the same old patterns once we’ve learned how to make a computer application work for us. We learn the features we need and rarely venture beyond those unless we find we need the software or website to do more. 

QuickBooks Online is no exception. It makes its capabilities known through an understandable system of menus and icons, labeled columns and fields, and links. But do we really see what else it can do? Expanding your knowledge about what QuickBooks Online can do may help you shave some time off your accounting tasks and better manage the forms, transactions, and reports that you work with every day. Here are some tips.

Edit lines in transactions. Have you ever been almost done with a transaction and realize you need to make some changes farther up in the list of line items? Don’t delete the transaction and start over. QuickBooks Online comes with simple editing tools, including:

  • Delete a line. Click the trash can icon to the right of the line. 
  • Reorder lines. Click the icon to the left of the line, hold it, and guide it to the new position. This is tricky. You may have to work with it a bit.
  • Clear all lines and Add lines. Click the buttons below your line items, to the left.


Click the More link at the bottom of a saved transaction to see what your options are.

Explore the More menu. Saved transactions in QuickBooks Online have a link at the bottom of the screen labeled More, as pictured above. Click it, and you can Copy the transaction or Void or Delete it. You can also view the Transaction journal, which displays the behind-the-scenes accounting work, and see an Audit history, which lists any actions taken on the transaction. 

Create new tabs. Do you ever wish you could display more than one screen simultaneously so you can flip back and forth between them? You can. Right click on any link in QuickBooks Online, like Sales | Customers, and select Open link in new tab

Use keyboard shortcuts. Not everyone is a fan of these, mostly because they can’t remember them. Hold down these three keys together to see a list: Ctrl+Alt+?. Some common ones include those for invoices (Ctrl+Alt+i) and for expenses (Ctrl+Alt+x).

Modify your sales forms. Do you need more flexibility than what’s offered in your sales forms? It may be there. Click the gear icon in the upper right and select Account and settings under Your Company. Click the Sales tab. In the section labeled Sales form content, notice that you can add fields for Shipping, Discounts, and Deposits by clicking on their on/off switches. You can also add Custom fields and Custom transaction numbers.

Add attachments. Sometimes it’s helpful to have a copy of a source document when you enter a transaction. To attach a receipt to an expense, for example, look in the lower left corner of the transaction. Click Attachments and browse your system folders to find the file, then double click on it.


Record expenses made with credit cards. Who doesn’t use credit cards for expenses sometimes? You can track these purchases in QuickBooks Online, as pictured above. Click the gear icon in the upper right and select Chart of Accounts under Your Company, then click New in the upper right. Select Credit Card from the drop-down list under Account Type. Enter Owner Purchase in the Name field and then Save and Close. When you create an expense, select Owner Purchase as the Payment account

Previous Transaction Button. Are you trying to find a transaction that you entered recently but don’t want to do a full-on search? With a transaction of the same type open, click the clock icon in the top left corner. A list of Recent Expenses will drop down. Click on the one you want.

Whether you’re new to QuickBooks Online or you’ve been using it for years, there’s always more to explore. We’d be happy to help you expand your use of QuickBooks Online by introducing you to new features, building on what you’re already doing on the site to improve your overall financial management. Contact our Outsourced Accounting team to schedule some time.

Article
Eight QuickBooks online tips