Skip to Main Content

insightsarticles

Prohibited transactions: Rules of the road for benefit plan fiduciaries

02.25.21

Read this if you are an employee benefit plan fiduciary.

This article is the second in a series to help employee benefit plan fiduciaries better understand their responsibilities and manage the risks of non-compliance with Employee Retirement Income Security Act (ERISA) requirements. In our last article, we looked into the background of ERISA, which established important standards for the sound operation of employee benefit plans, as well as who is and isn’t a plan fiduciary, and what their responsibilities are. 

One important ERISA provision, found in Section 406(a), covers the types of transactions a plan fiduciary can and can’t engage in. ERISA terms the latter prohibited transactions, and they’re a lot like traffic lights—when it comes to avoiding conflicts of interest in business dealings, they’re your guide for when to stop and when to go. By knowing and abiding by these rules of the road, plan fiduciaries can steer clear of tickets, fines, and other damaging mishaps. 

Parties-in-interest—keep them out of the passenger seat 

Much like driver’s ed., fiduciary responsibility boils down to knowing the rules—plan fiduciaries need to have a strong working knowledge of what constitutes a prohibited transaction in order to ensure their compliance with ERISA. The full criteria are too detailed for this article, but one sure sign is the presence of a party-in-interest.

ERISA’s definition of a party-in-interest

The definition includes any plan fiduciary, the plan sponsor, its affiliates, employees, and paid and unpaid plan service providers, and 50%-or-more owners of stock in the plan sponsor. If you’d like to take a deeper dive into ERISA’s definition of parties-in-interest, see “ERISA's definition of parties-in-interest" at right.

Prohibited transactions—red lights on fiduciary road 

Now that we know who fiduciaries shouldn’t transact with, let’s look at what they shouldn’t transact on. ERISA’s definition of a prohibited transaction includes: 

  • Sale, exchange, and lease of property 
  • Lending money and extending credit 
  • Furnishing goods, services, and facilities 
  • Transferring plan assets 
  • Acquiring certain securities and real property using plan assets to benefit the plan fiduciary 
  • Transacting on behalf of any party whose interests are adverse to the plan’s or its participants’ 

Transacting in any of the above is akin to running a red light—serious penalties are unlikely, but there are other consequences you want to avoid. Offenders are subject to a 15% IRS-imposed excise tax that applies for as long as the prohibited transaction remains uncorrected. That tax applies regardless of the transaction’s intent and even if found to have benefited the plan. 

The IRS provides a 14-day period for plan fiduciaries to correct prohibited transactions and avoid associated penalties. 

Much like owning a car, regular preventative maintenance can help you avoid the need for costly repairs. Plan fiduciaries should periodically refresh their understanding of ERISA requirements and re-evaluate their current and future business activities on an ongoing basis. Need help navigating the fiduciary road? Reach out to the BerryDunn employee benefit consulting team today. 
 

Related Services

Accounting and Assurance

Consulting

Business Advisory

Related Professionals

Principals

BerryDunn experts and consultants

ERISA’s definition of parties-in-interest

If you’re a plan fiduciary and you’re planning business with any of the following, it’s time to hit the brakes: 

  • Plan fiduciaries, counsel, and employees 
  • Vendors who serve the plan 
  • Employers and employee organizations with employees/members covered by the plan 
  • Half-or-more owners, direct or indirect, of those entities’ voting power or shares, partnership interest on capital/profits, or beneficial interest of a trust or unincorporated enterprise 
  • The corporations, partnerships, trusts, or estates to which those owners belong 
  • Relatives of any individual previously described 
  • Employees, officers, directors, or 10%-or-more shareholders, direct or indirect, of any individual listed above or of the plan 
  • A 10%-or-more partner or joint venturer of any individual listed above, including employees of vendors who serve the plan
Resource
ERISA's definition of parties-in-interest

Read this if you are a plan sponsor of employee benefit plans.

This article is the seventh in a series to help employee benefit plan fiduciaries better understand their responsibilities and manage the risks of non-compliance with Employee Retirement Income Security Act (ERISA) requirements. You can read the previous articles here.

The COVID-19 pandemic has challenged individuals and organizations to continue operating during a time where face-to-face interaction may not be plausible, and access to organizational resources may be restricted. However, life has not stopped, and participants in your employee benefit plan may continue to make important decisions based on their financial needs. 

To help you prepare for a potential IRS examination, we’ve listed some requirements for participants to receive Required Minimum Distributions (RMD), hardship distributions, and coronavirus-related distributions, recommendations of actions you can perform, and documentation to retain as added internal controls. 

Required Minimum Distributions

Recently, the IRS issued a memo regarding missing participants, beneficiaries, and RMDs for 403(b) plans. If an employee benefit plan is subject to the RMD rules of Code Section 401(a)(9), then distributions of a participant’s accrued benefits must commence April 1 of the calendar year following the later of 1) the participant attaining age 70½ or 2) the participant’s severance from employment. Under the Coronavirus Aid, Relief, and Economic Security (CARES) Act of 2020, RMDs was temporarily waived for retirement plans for 2020. This change applied to defined contribution plans, such as 401(k), 403(b), 457(b) plans and IRAs. 

In addition, RMDs were waived for IRA owners who turned 70½ in 2019 and were required to take an RMD by April 1, 2020 and have not yet done so. Do note the waiver will not alter a participant’s required beginning date for purposes of applying the minimum distribution rules in future periods. Although you may be applying this waiver during 2020, it is important you prepare to make RMDs once the waiver period ends by verifying participants eligible to receive RMDs are not “missing.”

There are instances in which plans have been unable to make distributions to a terminated participant due to an inability to locate the participant. In this situation, the responsible plan fiduciary should take the following actions in applying the RMD rules:

  1. Search the plan and any related plan, sponsor and publicly available records and/or directories for alternative contact information;
  2. Use any of the following search methods to locate the participant: a commercial locator service, a credit reporting agency, or a proprietary internet search tool for locating individuals; and
  3. Attempt to initiate contact via certified mail sent to the participant’s last known mailing address, and/or through any other appropriate means for any known address(es) or contact information, including email addresses and telephone numbers.

If the plan is selected for audit by the IRS and the above actions have been taken and documented by the plan, the IRS instructs employee plan examiners not to challenge the plan for violation of the RMD rules. If the plan is unable to demonstrate that the above actions have been taken, the employee plan examiners may challenge the plan for violation of the RMD rules.

We typically recommend management review plan records to determine which participants have attained age 70½. Based on the guidelines outlined above, we recommend plans document the actions they have taken to contact these participants and/or their beneficiaries.

Hardship distribution rules

A common issue we identify during our employee benefit plan audits is that the rules for hardship distributions are not always followed by the plan sponsor. If the plan allows hardship withdrawals, they should only be provided if (1) the withdrawal is due to an immediate and heavy financial need, (2) the withdrawal must be necessary to satisfy the need (you have no other funds or ways to meet the need), and (3) the withdrawal must not exceed the amount needed. You may have noted we did not add the plan participant must have first obtained all distribution or nontaxable loans available under the plan to the list of requirements above. This is due to the recently enacted Bipartisan Budget Act of 2018 (the Act), which removed the requirement to obtain available plan loans prior to requesting a hardship. Thus, the removal of this requirement may increase the number of eligible participants to receive hardship withdrawals, if the three requirements noted are satisfied. The plan sponsor should maintain documentation the requirements for the hardship withdrawal have been met before issuing the hardship withdrawal.

The IRS considers the following as acceptable reasons for a hardship withdrawal:

  1. Un-reimbursed medical expenses for the employee, the employee’s spouse, dependents or beneficiary.
  2. Purchase of an employee's principal residence.
  3. Payment of college tuition and related educational costs such as room and board for the next 12 months for the employee, the employee’s spouse, dependents, beneficiary, or children who are no longer dependents.
  4. Payments necessary to prevent eviction of the employee from his/her home, or foreclosure on the mortgage of the principal residence.
  5. For funeral expenses for the employee, the employee’s spouse, children, dependents or beneficiary.
  6. Certain expenses for the repair of damage to the employee's principal residence.
  7. Expenses and losses incurred by the employee as a result of a disaster declared by the Federal Emergency Management Agency (FEMA), provided that the employee’s principal residence or principal place of employment at the time of the disaster was located in an area designated by FEMA for individual assistance with respect to the disaster.

Prior to the enactment of the Act, once a hardship withdrawal was taken, the plan participant would not be allowed to contribute to the plan for six months following the withdrawal. The Act repealed the six-month suspension of elective deferrals, thus plan participants are allowed to continue making contributions to the plan in the pay period following the hardship withdrawal. Prior to the Act we had seen instances where the plan participant was allowed to continue making contributions after the hardship withdrawal was taken. Now we would expect participants who received a hardship distribution to continue making elective deferrals following receipt of the distribution.

Coronavirus-related distributions

Under section 2202 of the CARES Act, qualified participants who are diagnosed with coronavirus, whose spouse or dependent is diagnosed with coronavirus, or who experience adverse financial consequences due to certain virus-related events including quarantine, furlough, or layoff, having hours reduced, or losing child care, are eligible to receive a coronavirus-related distribution. 

Distributions are considered coronavirus-related distributions if the participant or his/her spouse or dependent has experienced adverse effects noted above due to the coronavirus, the distributions do not exceed $100,000 in the aggregate, and the distributions were taken on or after January 1, 2020 and on or before December 30, 2020.  Such distributions are not subject to the 10% penalty tax under Internal Revenue Code (IRC) § 72(t), and participants have the option of including their distributions in income ratably over a three year period, or the entire amount, starting in the year the distribution was received. Such distributions are exempt from the IRC § 402(f) notice requirement, which explains rollover rules, as well as the effects of rolling a distribution to a qualifying IRA and the effects of not rolling it over. Also, participants can be exempt from owing federal taxes by repaying the coronavirus-related distribution. 

Participants receiving this distribution have a three-year window, starting on the distribution date, to contribute up to the full amount of the distribution to an eligible retirement plan as if the contribution were a timely rollover of an eligible rollover distribution. So, if a participant were to include the distribution amount ratably over the three-year period (2020 – 2022), and the full amount of the distribution was repaid to an eligible retirement plan in 2022, the participant may file amended federal income tax returns for 2020 and 2021 to claim a refund for taxes paid on the income included from the distributions, and the participant will not be required to include any amount in income in 2022. We recommend the plan sponsor maintain documentation supporting the participant was eligible to receive the coronavirus-related distribution. 

There is much uncertainty due to the current status of the COVID-19 pandemic, and this has forced many of our clients to review and alter their control environments to maintain effective operations. With this uncertainty comes changes to guidance and treatment of plan transactions. We have provided our current understanding of the guidance the IRS has provided for the treatment surrounding distributions, specifically RMDs, hardship distributions, and coronavirus-related distributions. If you and your team have any additional questions which may be specific to your organization or plan, an expert from our Employee Benefits Audit team will be gladly willing to assist you. 
 

Article
Defined contribution plan distributions: Considerations and recommendations

Reading through the 133-page exposure draft for the Proposed Statement on Auditing Standards (SAS) Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA, issued back in April 2017, and then comparing it to the final 100+ page standard approved in September 2018, may not sound like a fun way to spend a Sunday morning sipping a coffee (or three), but I disagree.

Lucky for you, I have captured the highlights here. And it really is exciting. Our feedback was incorporated into the final standard both through written comments on the exposure draft and a voice via our firm’s Director of Quality Assurance, who holds a seat on the Auditing Standards Board.

"Limited scope" audits will no longer exist

The debate over the “limited scope” audit has been going on for years. The new standard is designed to help auditors clearly understand their responsibilities in performing an audit, and provide plan sponsors, plan participants, the Department of Labor (DOL), and other interested parties with more information about what auditors do in situations when audits are limited in scope by the plan’s management, which is permitted by DOL reporting and disclosure rules.

Once effective, Audit Committee and Board of Director meetings in which plan financial statements are presented will include more clarity into what an employee benefit plan audit entails, based on revisions to the auditor’s report. I know I would frequently kick off meetings covering the auditor’s report opinion by explaining what a “limited scope” audit was. As a “limited scope” audit will no longer exist, the revised auditor’s report language clearly articulates what the auditor is, and is not, opining on.

When is the new standard effective?

The effective date is “to be determined” as it will be aligned with the new overall auditor’s reporting standard once that is finalized, and the standard does not permit early adoption. So there is still time to educate and prepare all parties involved.

Probably the biggest conversation piece around the water cooler for the new standard is the lingo. The “limited scope” audit language will be going away and now the auditor’s report and all related language will refer to an “ERISA section 103(a)(3)(C)” audit. I know, it’s a mouthful?try and say that one three times fast!

The auditor's report will look much different

The auditor’s report under an ERISA section 103(a)(3)(C) audit will look significantly different from the old “limited scope” auditor’s report, once the standard is effective. There are several illustrative examples of reports included in the standard to refer to. One thing you will immediately notice?the auditor’s report is getting longer and not shorter. Some highlights:

The Opinion section will include two bullets that explicitly state, in basic summarized terms: (1) the certified information agrees to the financial statements, and (2)  the auditor’s opinion on everything else, which the auditor has audited.

Other Matter—Supplemental Schedules Required by ERISA section will include two bullets that explicitly state, in basic summarized terms, (1) the certified information agrees to the financial statements and (2) the auditor’s opinion on everything else, which the auditor has audited in relation to the financial statements. Sound similar to the Opinion section? Well, that’s because it is!).

Other key takeaways

  • Auditors will be required to make inquiries of management to gain assurance they performed procedures to determine the certifying institution is qualified for the ERISA section 103(a)(3)(C) audit, as it is management’s responsibility to make that determination.
  • Fair value disclosures included within the plan’s financial statements are also included under the certification umbrella and subject to the same audit procedures. As an auditor, if anything comes to our attention that does not meet expectations, we would further assess as necessary.
  • The auditor is required to obtain and read a draft Form 5500 prior to issuance of the auditor’s report.

The final standard also removed some highly debated provisions included in the draft proposal as follows:

  • There is no report on findings required, but the auditor is required to follow AU-C 250, AU-C 260 and AU-C 265. Should anything arise that warrants communication to those charged with governance, those findings must be communicated in writing. Be sure to grab another coffee and refresh yourself on AU-C 250, AU-C 260 and AU-C 265!
  • The new required procedures section for an audit was scrapped and replaced with an Appendix A for recommended audit procedures based on risk assessments. There are some great tools there to look at.
  • The required emphasis-of-matter section paragraph section of the auditor’s report was also scrapped.

Questions about the new employee benefit audit standard or employee benefit plan audits

At BerryDunn, we perform over 200 employee benefit plan audits each year. If you have any questions, we would love to help. And we’ll keep the acronyms to a minimum. Please reach out with any questions.

Article
Auditing standards board approves new employee benefit plan auditing standard: What you need to know

Read this if you work for a healthcare organization that serves uninsured or self-pay patients.

The No Surprises Act was passed in 2020 as part of a COVID relief package, with the goal of reducing surprise bills for patients who received medical or surgical services. One part of the act requires healthcare facilities and providers to give Good Faith Estimates (GFEs) to uninsured and self-pay patients starting on January 1, 2022. Read on for frequently asked questions about this topic, an update for 2023, and resources where you can find more information.

Frequently asked questions about good faith estimates for healthcare

What is a good faith estimate?

A Good Faith Estimate (GFE) is a document provided to a patient that details the expected charges for healthcare services provided. It is not a bill.

Who needs to provide GFEs, and to whom?

At this time, GFEs need to be provided to uninsured and self-pay patients. 

The following healthcare facilities must comply:

  • Federally Qualified Health Centers (FQHCs)
  • FQHC Look-Alikes
  • Tribal/Urban Indian Health Centers
  • Rural Health Clinics (RHCs)
  • Hospitals
  • Hospital outpatient departments
  • Critical access hospitals
  • Title X Family Planning Clinics
  • Health care providers who serve uninsured and self-pay patients

How should information about the GFE process be communicated to uninsured and self-pay individuals?

Information about the availability of GFEs for uninsured or self-pay individuals must be:

  • Written in a clear and understandable manner and prominently displayed:
  • On the facility’s website and easily searchable from a public search engine
  • In the office (such as in the patient waiting room), and
  • Onsite where scheduling or questions about the cost of items or services occur, such as at the registration or check-out areas
  • Explained verbally when scheduling an item or service or when questions about the cost of items or services occur
  • Made available in accessible formats, and in the languages spoken by individuals considering or scheduling items or services

How does the US Department of Health and Human Services (HHS) define uninsured and self-pay individuals?

HHS has a two-fold definition:

  • Individuals who have no health insurance coverage
  • Individuals who do have health insurance coverage, but do not want to have a claim submitted to their insurer

Both of these groups of individuals must receive a GFE.

What content is required in a GFE?

A GFE must include the following:

Patient information

  • The patient’s name and date of birth

Services estimated

  • A description of the primary item or service in clear and understandable language and, if applicable, the date the primary item or service is scheduled
  • A list of items or services reasonably expected to be furnished for the primary item or service

Information about services, providers, and estimated charges

  • Applicable diagnosis codes, expected service codes, and expected charges associated with each listed item or service
  • The name, National Provider Identifier, and Tax Identification Number of each provider or facility represented in the GFE, and the State and office of the facility’s location where the items are services are expected to be provided
  • Lists of items or services that the provider or facility anticipates will require separate scheduling and that are expected to occur before or following the expected period of care for the primary item or service. (A disclaimer should state that separate GFEs will be issued upon scheduling or upon request of the listed items or services.)

Disclaimers

  • A disclaimer that there may be additional items or services that the provider or facility recommends as part of the course of care that must be scheduled or requested separately and are not included in the GFE
  • A disclaimer that the information provided in the GFE is only an estimate and that actual items, services, or charges may differ from the GFE
  • A disclaimer that the individual has a right to initiate the patient-provider dispute resolution process if the actual billed charges are substantially in excess of the expected charges included in the GFE.
  • “Substantially in excess” is defined as at least $400 more than the total amount of expected charges.
  • This disclaimer must include instructions about where an uninsured or self-pay individual can find information about how to initiate the patient-provider dispute resolution process and state that the initiation of the patient-provider dispute resolution process will not adversely affect the quality of health care services that are furnished.
  • HHS strongly encourages providers and facilities to include an email address and telephone number for someone within the provider’s or facility’s office that has the authority to represent the provider or facility in a billing dispute.
  • A disclaimer that a GFE is not a contract and does not require the uninsured or self-pay individual to obtain the items or services identified in the GFE.

HHS encourages sliding fee discount providers and facilities to include information about the provider’s or facility’s sliding fee schedule and any other financial protections that it offers. Sliding fee discount providers and facilities have flexibility to determine how best to demonstrate the expected charges associated with each listed item or service, and to determine what additional information to include, if any.

What are the required methods for providing a GFE?

A GFE must be provided in written form either on paper or electronically, based on the individual’s requested method of delivery and within the required time frames. GFEs that are provided electronically must be provided in a manner that the individual can both save and print. A GFE must be written using clear and understandable language that can be understood by the average uninsured or self-pay individual.

If the individual requests a GFE in a method other than on paper or electronically (such as by telephone or verbally in person), the provider or facility may verbally inform the individual of the information contained in the GFE. However, the provider or facility must also issue the GFE in written form.

What is the timeline for providing a GFE?

When providing a GFE to an uninsured or self-pay patient, the following time frames must be followed.

When the service is scheduled: When the GFE must be provided:
If scheduled at least 3 business days prior to the date that the item or service will be furnished Not later than 1 business day after the date of scheduling
If scheduled at least 10 business days prior to the date that the item or service will be furnished Not later than 3 business days after the date of scheduling

Please note, when a GFE is requested by an uninsured or self-pay patient, a GFE must be provided not later than 3 business days after the date of the request.

How long should a provider or facility retain a copy of GFEs?

A GFE is considered part of the patient’s medical record and must be maintained in the same manner. At the request of an uninsured or self-pay individual, the provider or facility must provide a copy of any previously issued GFE within the last six years.

Update for 2023

  • As of the start of 2023, all of the preceding requirements remain in place.
  • As of January 1, 2023, HHS has paused enforcement on the next phase of GFE implementation

The next phase of GFE implementation, which began on January 1, 2023, requires that GFEs for uninsured and self-pay patients include expected charges from co-providers or co-facilities that are part of an episode of care for a patient coordinated by a provider or facility. However, on December 2, 2022, HHS paused its enforcement of this requirement based on comments it received during the rulemaking process indicating that compliance with this provision was likely not possible by January 1, 2023.

HHS is extending enforcement discretion, pending future rulemaking, for situations where GFEs for uninsured or self-pay individuals do not include expected charges from co-providers or co-facilities. We will provide an update when HHS issues any communication about changes to GFE-related enforcement.

Helpful resources for FQHC, RHCs, and other healthcare facilities

If you have questions about the information provided in this article or are interested in an external review of your healthcare facility’s compliance with current GFE requirements, please contact Robyn Hoffmann or Mary Dowes.

Article
Healthcare Good Faith Estimates (GFEs): Updates for 2023

Read this if you are a provider who works with MaineCare and files an annual cost report.

Each year the Department of Health and Human Services (DHHS) Division of Audit releases updated MaineCare cost report templates in Excel format. In the most recent revision of the templates, DHHS has made some significant changes that providers should be aware of when preparing to file their cost reports. We’ve highlighted them here. 

  • Supplemental Payments (Schedule GG)—DHHS has updated the format of Schedule GG to a new simplified form where providers no longer need to report expenses in each individual cost center, but rather will only need to identify the total expense in each component (i.e., direct, fixed, routine, and PCS for Residential Care Facilities (RCF) Appendix C). DHHS has designated specific cost centers for each offset in each component. In addition, there are now multiple Schedule GGs, including a separate schedule for each level of service within each template. Each level of service must complete one schedule for the payments received in the first round (September and October 2021) and a second to reflect the payments received in the second round (August 2022). Each Schedule GG includes a line to report supplemental payments earned in a prior period and a reconciliation of any amounts unearned.
    • For providers who have already filed their 2022 cost reports and wish to adjust their Schedule GG, they can refile just Schedule GG on the simplified form. An entire updated cost report is not necessary or suggested as the Division of Audit will incorporate the updated Schedule GG at the time of audit. This also applies to any providers wishing to amend and refile their 2021 Schedule GG. 
  • RCF High MaineCare Utilization (HMU)—Effective 7/1/2022, HMU is a new component of the RCF rate pursuant to 2022 P.L. Ch. 635. The new HMU payment required DHHS to update the cost report forms to include a settlement of these payments. As such, DHHS has added a new schedule, Schedule HH, to all RCF Appendix C, including multi-level cost reports that report HMU earned. In addition, a table was added to the bottom of Schedule L-R&B to calculate the payments received. The payments received flows to Schedule HH, where a settlement is calculated that flows to the RCF room and board settlement page. 
  • Minimum Occupancy Penalty—Per the Office of MaineCare Services News Release from November 15, 2022, the Office of MaineCare Services is temporarily waiving the minimum occupancy penalty for nursing facilities (NF), found in Chapter III, Section 67, principle 18.9, through the end of the federal Public Health Emergency (PHE). Additionally, DHHS is temporarily waiving the minimum occupancy penalty for RCF, Private Non-Medical Institution (PNMI) Appendix C facilities, found in DHHS Rule Chapter 115, principle 34.3, through the end of the federal PHE. In order to accommodate this within the cost report, the penalty calculation has been removed from Schedule G (NF), Schedule X (multi-level), and Schedule A (RCF free-standing). 
  • Revenue—DHHS also added a new schedule, Schedule D (B-1 on the ICF template), which is a summary of revenue by payor.

There were also some minor changes made last summer including:

  • Schedule F & R (NF), Schedule E (RCF/PNMI), and Schedule B (Intermediate Care Facilities (ICF))—Added a new cost center to the fixed costs section for “COVID Staff Universal & Surveillance Testing.” 
  • Schedule B (NF)—Added a Direct Care add-on column for the AAAA add-on (125% of minimum wage) based on updated rate letters. 
  • Schedule E (NF)—Removed the median question due to LD 684. There is now no need to be under the medians to qualify for ultra-high MaineCare utilization (over 80% utilization). 
  • Schedule J (NF and ICF), Schedule L-PNMI (RCF/PNMI), and Schedule B (Appendix F)—Updated wording from TRI (temporary rate increase) to ECA (extraordinary circumstances allowance) funding.

Cost reports must be submitted in Excel format and DHHS is no longer accepting locked or protected cost report files or files that have hidden tabs. Cost reports and supporting documentation should be filed using MOVEit. If you have not established an account with DHHS yet for MOVEit, please reach out to Lucas Allen, Manager of Data Analytics

Please note the following specifications for online submission to MOVEit:

  • Each filename will need to contain: facility/agency name, four-digit year, what the document relates to, and what the document is (i.e., cost report).
  • Files cannot be a zipped file.
  • Files cannot be password protected or restricted in any way.
  • No folders are to be uploaded.
  • It is recommended that supporting documentation be combined into one PDF document with appropriate bookmarks for each supporting document, but this is not a requirement. If the supporting documentation is not in one PDF file, label all files with the facility/agency name, four-digit year, and what the document is.
  • Files need to be in one of the following formats: Microsoft product or Adobe PDF to ensure it is machine readable.

As a reminder, when submitting your cost report and supporting documentation:

  • Complete all schedules in the cost report. If a specific schedule does not apply to your facility, mark “N/A” on the schedule.  
  • Do not alter the schedules in the cost report.  
  • Submit a completed cost report checklist, and place a checkmark for each section that applies to your facility or “N/A” for any section that does not apply.  
  • Submit all supporting documentation identified on the checklist in an acceptable format (Microsoft product or Adobe PDF).

If you have any questions on these changes or would like to talk about your specific needs, please contact our senior living team. We are here to help.

Article
MaineCare cost report templates: What providers should know about the current year changes

Read this if you are at a financial institution and concerned about fraud.

Financial fraud by the numbers

Back in 2021, BerryDunn’s David Stone wrote about occupational fraud at financial institutions. This article mainly cited information from a 2020 Report to the Nations: Banking and Financial Services Edition (2020 Report) published by the Association of Certified Fraud Examiners (ACFE). Fast forward to 2023, and the ACFE’s 2022 Report to the Nations (2022 Report) displays that occupational fraud continues to be a concern.

Financial institutions account for 22.3% of all occupational fraud worldwide, up from 19% in the 2020 Report. These fraud causes have a median loss of $100,000 per case—which was the same as the 2020 Report. Cases had decreased from the 2020 Report from 368 to 351; however, financial institutions remain the most susceptible industry to occupational fraud.

What does a fraudster look like, and how do they commit their crimes? How do you prevent fraud from happening at your organization? And how can you strengthen an already robust anti-fraud program? These questions, raised in David’s 2021 article, remain relevant today. 

Profile of a fraudster

One of the most difficult tasks any organization faces is identifying and preventing potential cases of fraud. This is especially challenging because most employees who commit fraud are first-time offenders with no record of criminal activity, or even termination at a previous employer.

The 2022 Report reveals a few commonalities between fraudsters. The amounts from the 2020 Report are shown in parentheses for comparison purposes:

  • 6% of fraudsters had a prior criminal background (3%)
  • Men committed 73% of fraud and women committed 27% (71%, 29%)
  • 37% of fraudsters were an employee, 39% worked as a manager, and 23% operated at the executive/owner level (56%, 27%, 14%)
  • The median loss for fraudsters who had been with their organizations for more than five years was $193,500 compared to $75,000 for fraudsters who had been with their organizations for five years or less ($150,000, $86,000)

Employees who committed fraud displayed certain behaviors during their schemes. The ACFE reported these top red flags in its 2022 Report:

  • Living beyond means—39% (42%)
  • Financial difficulties—25% (33%)
  • Unusually close association with vendor/customer—20% (15%)
  • Divorce/family problems—11% (14%)

These figures give us a general sense of who commits fraud and why. But in all cases, the most pressing question remains: how do you prevent the fraud from happening?

Preventing fraud: A two-pronged approach

As a proactive plan for preventing fraud, we recommend focusing time and energy on two distinct facets of your operations: leadership tone and internal controls.

Leadership tone

The Board of Directors and senior management are in a powerful position to prevent fraud. By fostering a top-down culture of zero tolerance for fraud, you can diminish opportunity for employees to consider, and attempt, fraud.

It is crucial to start at the top. Not only does this send a message to the rest of the company, but frauds committed at the executive level had a median loss of $337,000 per case, compared to a median loss of $50,000 when an employee perpetrated the fraud. This is compared to a median loss of $1,265,000 and $77,000 per case, respectively, in the 2020 Report.

Internal controls

Every financial institution uses internal controls in its daily operations. Override of existing internal controls, lack of internal controls, and lack of management review were cited in the 2022 Report as the most common internal control weaknesses that contribute to occupational fraud.

The importance of internal controls cannot be overstated. Every organization should closely examine its internal controls and determine where they can be strengthened—even financial institutions with strong anti-fraud measures in place.

The experts at BerryDunn have created a checklist of the top 10 controls for financial institutions, available in our whitepaper on preventing fraud. This is a list we encourage every financial leader to read. By strengthening your foundation, your company will be in a powerful place to prevent fraud. 

Read more to prevent fraud

Employees are your greatest strength and number one resource. Taking a proactive, positive approach to fraud prevention maintains the value employees bring to a financial institution, while focusing on realistic measures to discourage fraud.

In our free white paper on preventing financial institution fraud, we take a deeper look at how to successfully implement a strong anti-fraud plan. Download the white paper here.

Commit to strengthening fraud prevention and you will instill confidence in your Board of Directors, employees, customers, and the general public. It’s a good investment for any financial institution. If you have questions about your specific situation, please visit our Ask the Advisor page to submit them, or contact a member of the Financial Institutions team. We’re here to help.

Article
Preventing fraud at financial institutions 2023 update: An anti-fraud plan is the best investment you can make

Read this if you are a financial institution.

Whether you think of New Year’s resolutions or goal setting, it’s that time of year where we traditionally take time for reflection (current state, desired state) in order to take action on the change we want to see. Understandably, as many institutions have been so focused on developing and understanding their CECL model and results, evolving the internal control environment may have, well, lagged a little. Which is why, in the spirit of starting the new year on the right foot, now is the perfect time to think about internal CECL controls.

CECL internal controls: Where to start?

Let’s acknowledge this right away: there is no “best” place to start. Some folks like to review what controls they already have in place and then think about how best to evolve or tweak them. Others may prefer to take a clean slate approach—map out the CECL workflows, identify risks, and then determine what controls are needed. One way to bridge these approaches is after you’ve mapped out the process, risks, and controls, then compare that to what you already have and make the necessary adjustments. We’ve seen all of these approaches work, but there are some pros and cons and pitfalls to consider for each. 

Existing controls

If you choose to begin by reviewing and tweaking the controls you already have, one pitfall is that you may not challenge your thinking enough to recognize where new risks have been introduced with your CECL methodology. For example, how does the CECL calculation—and all the new data you are now relying on—impact controls? Is your area responsible for making choices about all those numbers, values, and codes, or are those calculations, choices, and decisions taking place in other areas where controls may need to be developed, or reviewed and enhanced for CECL?

Another good example: if you’ve invested in software, have you recognized the need for new controls over data flow in and out of that system, including the manual calculations you’re doing outside of the system and then keying those results into the system as model inputs? We have found that some people go into this approach thinking it will save them time—like a short-cut—only to realize later they’ve missed the opportunity to identify one or more key risks/controls.

Clean slate mapping

Speaking from experience, this approach can take some time but may be a great way to ensure your thinking is not limited by “what you’ve always” done or had in place. That said, we can appreciate that while staring at a blank page is energizing to some, it can feel overwhelming to others. Moreover, that overwhelmed feeling may be the underlying reason why it is tough to engage in this approach.

Here’s the big tip: put some sort of starting point on paper (maybe even the middle of the paper) understanding that as you think about it, you could be adding to the workflow before, above, under, or past that starting point. It’s okay that you don’t know all the related workflows because you’re identifying that there are related workflows whose risks/controls may be in other areas that need to be further explored. Maybe take this activity, initially, to a conference room with a big dry-erase board (there are online versions of this, too)! 

Now, just like those new year’s resolutions for increased exercise that sometimes are easier to stick to when you have an accountability partner—is there someone in your organization that is particularly adept at creating workflows whose strengths and talents you can tap into to help you create this one? 

Tips for helping ensure CECL internal control success

No matter which approach you end up taking, here are some of our top tips for helping ensure CECL internal control success:

Communicate: Outreach and awareness are foundational to engaging others in this process. It is so understandably easy for people not directly involved in the day-to-day CECL calculation to even realize they have a key role to play when it comes to CECL controls. 

Cooperate: Invite others into the process, especially when it comes to helping you evaluate how changes under CECL relate to work they do day-to-day. Work together to simply understand or clarify how the pieces fit together. 

Collaborate: There are lots of ways to design, test, and monitor internal controls. Lean into the strengths and talents of others to help create efficient and effective controls that can save you and others a lot of time and headache. I recommend this no matter how mature the control practice is—there may be ways to make it better and easier.

Coach, train, and support: I advise against the “control dump and run”—letting someone know they have one or two new controls, and then leaving them to it. Certainly, there is value in having to solve something from the ground up. However, helping others connect the dots between why controls are important, ways to evaluate and structure them, and who in the organization can collaborate with them to make them as easy and effective as possible, goes a long way toward getting the most value out of your control environment.

Seek advice: CECL is new for almost everyone, and controls are not a one-size fits all. Engaging someone experienced in both CECL and controls can help challenge your thinking, open your eyes to pitfalls, prevent over-engineering, provide perspective, and help you transition as you grow. 

No matter your CECL challenge or pain point, our team of experts is here to help you navigate the requirements as efficiently and effectively as possible. For more information, visit the CECL page on our website. If you would like specific answers to questions, please visit our Ask the Advisor page to submit your questions.

For more on CECL, stay tuned for our next article in the series, or enjoy our CECL Radio podcasts. You can also follow Susan Weber on LinkedIn.

Article
Resolve to consider internal CECL controls

Read this if your organization receives charitable donations.

As the holiday season has passed and tax season is now upon us, we have our own list of considerations that we would like to share—so that you don’t end up on the IRS’ naughty list!

Donor acknowledgment letters

It is important for organizations receiving gifts to consider the following guidelines, as doing some work now may save you time (and maybe a fine or two) later.

Charitable (i.e., 501(c)(3)) organizations are required to provide a contemporaneous (i.e., timely) donor acknowledgment letter to all donors who contribute $250 or more to the organization, whether it be cash or non-cash items (e.g., publicly traded securities, real estate, artwork, vehicles, etc.) received. The letter should include the following:

  • Name of the organization
  • Amount of cash contribution
  • Description of non-cash items (but not the value)
  • Statement that no goods and services were provided (assuming this is the case)
  • Description and good faith estimate of the value of goods and services provided by the organization in return for the contribution

Additionally, when a donor makes a payment greater than $75 to a charitable organization partly as a contribution and partly as a payment for goods and services, a disclosure statement is required to notify the donor of the value of the goods and services received in order for the donor to determine the charitable contribution component of their payment.

If a charitable organization receives noncash donations, it may be asked to sign Form 8283. This form is required to be filed by the donor and included with their personal income tax return. If a donor contributes noncash property (excluding publicly traded securities) valued at over $5,000, the organization will need to sign Form 8283, Section B, Part IV acknowledging receipt of the noncash item(s) received.

For noncash items such as cars, boats, and even airplanes that are donated there is a separate Form 1098-C, Contributions of Motor Vehicles, Boats, and Airplanes, which the donee organization must file. A copy of the Form 1098-C is provided to the donor and acts as acknowledgment of the gift. For more information, you can read our article on donor acknowledgments.

Gifts to employees

At the same time, many employers find themselves in a giving spirit, wishing to reward the employees for another year of hard work. While this generosity is well-intended, gifts to employees can be fraught with potential tax consequences organizations should be aware of. Here’s what you need to know about the rules on employee gifts.

First and foremost, the IRS is very clear that cash and cash equivalents (specifically gift cards) are always included as taxable income when provided by the employer, regardless of amount, with no exceptions. This means that if you plan to give your employees cash or a gift card this year, the value must be included in the employees’ wages and is subject to all payroll taxes.

There are, however, a few ways to make nontaxable gifts to employees. IRS Publication 15 offers a variety of examples of de minimis (minimal) benefits, defined as any property or service you provide to an employee that has a minimal value, making the accounting for it unreasonable and administratively impracticable. Examples include holiday or birthday gifts, like flowers, or a fruit basket, or occasional tickets for theater or sporting events.

Additionally, holiday gifts can also be nontaxable if they are in the form of a gift coupon and if given for a specific item (with no redeemable cash value). A common example would be issuing a coupon to your employee for a free ham or turkey redeemable at the local grocery store. For more information, please see our article on employee gifts.

Other year-end filing requirements

As the end of the calendar year approaches, it is also important to start thinking about Form 1099 filing requirements. There are various 1099 forms; 1099-INT to report interest income, 1099-DIV to report dividend income, 1099-NEC to report nonemployee compensation, and 1099-MISC to report other miscellaneous income, to name a few.

Form 1099-NEC reports non-employment income which is not included on a W-2. Organizations must issue 1099-NECs to payees (there are some exclusions) who receive at least $600 in non-employment income during the calendar year. A non-employee may be an independent contractor, or a person hired on a contract basis to complete work, such as a graphic designer. Payments to attorneys or CPAs for services rendered that exceed $600 for the tax year must be reported on a Form 1099-NEC. However, a 1099-MISC would be sent to an Attorney for payments of settlements. For additional questions on which 1099 form to use please contact your tax advisor.

While federal income tax is not always required to be withheld, there are some instances when it is. If a payee does not furnish their Tax Identification Number (TIN) to the organization, then the organization is required to withhold taxes on payments reported in box 1 of Form 1099-NEC. There are other instances, and the rates can differ so if you have questions, please reach out to your tax advisor. 1099 forms are due to the recipient and the IRS by January 31st.

Whether organizations are receiving gifts, giving employee gifts, or thinking about acknowledgments and other reporting we hope that by making our list and checking it twice we can save you some time to spend with your loved ones this holiday season. We wish you all a very happy and healthy holiday season!

Article
Making a year-end list and checking it twice