Most business owners don’t think about a 401(k) audit until they have to, and by then, it can feel overwhelming.
At first glance, the rule seems simple: once your plan reaches 100 participants, an audit is required. But it’s not that straightforward.
In this episode of Ask a DHJJ CPA, Assurance Principal Colin Shaw breaks down what actually triggers a 401(k) audit, what to expect, and how to prepare so it doesn’t become a last-minute scramble. More importantly, he explains how the right approach can turn an audit into an opportunity to strengthen processes and reduce risk.
What This Episode Answers
If you sponsor a 401(k) plan you’ve probably asked yourself:
- Do I need a 401(k) audit yet?
- What actually counts as a “participant”?
- Can I delay an audit if I’m close to the threshold?
- What happens during a 401(k) audit?
- How do I prepare (without scrambling at the last minute)?
- What should I look for when choosing an audit firm?
Episode Summary
401(k) audits are one of those requirements many business owners don’t think about, until they suddenly have to.
The general rule sounds simple: once your plan reaches 100 participants, an audit is required. But as Colin explains, it’s not quite that straightforward. New rules now define participants based on account balances, meaning former employees can still count toward your total.
That nuance alone can push companies into audit territory sooner than expected.
Colin also walks through the 80/120 rule, which allows some flexibility for companies hovering near the threshold, and explains why your first audit often feels more complex than expected, especially if you’re not fully prepared.
Beyond the technical requirements, this episode highlights something just as important: A 401(k) audit isn’t just about compliance, it’s an opportunity to improve processes, tighten documentation, and reduce risk moving forward.
Key Takeaways
1. The 100-participant rule isn’t as simple as it sounds: Participants now include anyone with an account balance, even former employees who haven’t rolled over their funds.
2. The 80/120 rule can buy you time: If your plan fluctuates between 80–120 participants, you may be able to delay the audit requirement, but only up to a point. Once you exceed 120, the audit becomes mandatory.
3. Your first audit is the most involved. Auditors will review:
- Plan documents
- Compensation definitions
- Employee deferrals and employer matches
- Distributions and loans
- Form 5500 tie-outs
It’s a deep dive into how your plan actually operates, not just what’s on paper.
4. Timeliness of contributions is a major risk area: There’s no one-size-fits-all deadline, but contributions should be remitted as soon as reasonably possible, often aligned with payroll tax timing.
5. Documentation matters more than you think
Missing or incomplete:
- Enrollment forms
- Signed documentation
- Payroll records
…are some of the most common issues uncovered during audits.
6. Not all audits are created equal: Choosing the lowest-cost provider can create risk. A quality audit firm should have:
- Strong peer review results
- Experience with employee benefit plans
- A proactive, advisory approach
What Happens During a 401(k) Audit?
A 401(k) audit typically starts with a detailed review of your plan document, which governs how your plan should operate.
From there, auditors will:
- Test a sample of participant activity
- Verify contribution accuracy and timing
- Review eligibility and distributions
- Evaluate loan activity and repayment compliance
- Reconcile financials with your Form 5500
The goal isn’t just to check a box, it’s to ensure your plan is being administered correctly and in compliance with IRS and DOL requirements.
How to Prepare Before Your First Audit
A little preparation goes a long way. Before your audit:
- Review payroll processes to confirm correct compensation definitions
- Ensure timely contribution remittance
- Gather signed employee documentation
- Double-check loan administration procedures
- Perform a “self-audit” to identify gaps early
This upfront work can significantly reduce stress, cost, and disruption during the audit process.
Common Mistakes to Avoid
- Counting only active employees (and missing former participants)
- Using the wrong definition of compensation
- Delaying contribution deposits
- Overlooking loan repayment requirements
- Choosing an audit firm based on cost alone
Choosing the Right Audit Firm
As a plan sponsor, you have a fiduciary responsibility to select a qualified auditor.
When evaluating firms:
- Ask about their peer review results
- Look for employee benefit plan experience
- Consider team continuity (you want consistency year to year)
- Prioritize firms that act as partners, not just compliance providers
You can also search peer review results directly through the American Institute of Certified Public Accountants database.
Final Thoughts
A 401(k) audit might feel like a compliance burden, but done right, it’s much more than that.
It’s a chance to:
- Strengthen internal processes
- Improve documentation
- Reduce regulatory risk
- Gain confidence in your plan operations
Or as Colin puts it, the right audit team doesn’t just show up once a year, they become part of your team, helping you stay ahead and out of trouble.
Transcript
Emma:
Welcome to Ask at DHJJ CPA, the podcast where real CPAs answer real questions from business owners.
I’m your host, Emma Yurchik.
Today, we’re answering the question we hear all the time, do I need a 401k audit?
And what happens if I do?
We’re joined by Colin Shaw, an assurance principal here at DHJJ to help break it down.
So, before we jump in, Colin, can you tell me a little bit about yourself and your role at DHJJ?
Colin:
Yeah, thanks for having me, Emma.
I have been at DHJJ for about 18 years now.
I’ve been in the audit industry for a little over 20 years now.
So, I’ve been doing this for quite a while. It’s amazing how fast the years are starting to tick off.
My role at DHJJ is I’m the audit practice lead, you know, so lead all of our auditors and yeah, I’m just the audit practice lead, lead group lead.
Emma:
Thank you again for joining us and we can jump right in.
So, let’s start simple. What triggers a 401k audit?
Colin:
Generally speaking, when you have 100 participants in your 401k plan, that’s what triggers the audit requirement.
Maybe the follow-up question is, well, what’s a participant, right?
So, a participant is, these rules have changed over the last year. The new rules are any participant is any participant in the plan that has an account balance.
So, you want to count those participants that have balances in the plan.
The old rules were eligible, eligible employees, but you can throw those old rules out the window because we have got new rules that we have to adhere to.
Emma:
Okay.
Are there any common misconceptions employers have about this requirement?
Colin:
Yeah, that’s a good question.
One thing that comes to mind is former employees, right?
So, if you have a former employee that still has money in the plan, they’ve separated from employment, they’re no longer with the company, but they haven’t taken their 401k plans and rolled over into their new employer’s 401k plan.
Because they still have money in the plan, they still count. They still count towards your 100 participants.
Emma:
So even if you have 10 employees that have left the company are no longer there, they can still count towards that total.
Colin:
Correct.
Fortunately, there are some plan provisions that allow you to, and I say this in the nicest way possible, that allow you to kick out former employees from the plan.
So, if they have balances under a certain threshold, and those balances have changed.
The new balance, I believe, is $7,000.
So, if you have an employee that has balances under $7,000, you can force them out of the plan.
So, if you’re having a hard time finding them, tracking them down, you can actually set up an IRA account for them and force them out to keep your participant headcount down.
Emma:
So, what actually happens during a 401k audit?
What can people expect?
Colin:
Yeah, so for a first-year audit is usually, I guess, maybe a little bit more eye-opening for the employer.
It all starts with the plan document. We read through the plan document.
One of the key items that we look for in the plan document is definition of compensation in terms of 401k deferrals by the employee.
For example, some plans have deferrals based on bonuses.
Some plans have deferrals based on fringe benefits, which is somewhat awkward.
So, it all starts with the plan document, reading the plan document, understanding the plan, understanding the terms of the plan, when are distributions allowed, how do distributions occur, definition of compensation in terms of 401k deferrals, understanding the definition of compensation for the employee match as well.
So, it starts with reading the plan document, having a full understanding of the plan, and then from there, we typically select a number of participants.
And the key items:
- We test our deferrals.
- We test eligibility.
- We test distributions.
- We test loans.
- We review the 5500 to make sure the plan documents, the plan financial statements tie out to the 5500.
Emma:
It sounds like there’s a lot that goes into this.
Is there anything that people can be doing ahead of time to prepare for this audit?
Any documents they can gather in advance to kind of make this process go smoother?
Colin:
Yeah, I would review your payroll.
I think that would be the first thing to do. Review your payroll.
One, make sure you are using that correct definition of compensation for the deferrals and for the match purposes.
But 2, make sure you’re contributing employee deferrals to the plan on a timely basis.
Generally speaking, there is no hard-set rule on what timely means.
Generally, though, the IRS and the DOL kind of follow when you can reasonably segregate your payroll taxes, remitting your payroll taxes from the employee’s paychecks, that’s when you should also be remitting your 401k deferrals.
So, if generally you do that within one or two days and you’ve set that pattern, that is that one or two days, then that’s timely for you.
There’s a misconception that there’s a safe harbor timeliness, which is a seven-day time period, but that’s really for small plans, not for large plans, that we’re concerned about with these 401K audits.
So, make sure you’re remitting 401K contributions on a timely basis.
Reviewing documentation is another key, maybe pre-audit check for you.
Making sure you have enrollment forms, making sure they’re signed enrollment forms, not just enrollment forms.
If you’re having a hard time tracking them down, track down the employees and just get the documentation all squared away.
Emma:
Got it.
Okay.
Any mistakes or red flags that you see most often that people can try to avoid?
Colin:
Well, I’ve talked about the definition of compensation, talked about timeliness.
So maybe some other obscure errors that we see sometimes in terms of administration of participant loans.
Oftentimes the plan documents state you must have a reasonable interest rate and oftentimes it ties that interest rate to say prime rate.
And prime rate historically has been bouncing around quite a bit.
So, making sure that you keep up to date with that prime rate and maintaining that interest rate in accordance with the plan document can be a little bit burdensome, but double check that.
And while we’re talking about loans, making sure employees that do have loans, they start to remit loan repayments to the plan.
So, the way that process works, similar to 401k deferrals, the money is withheld from your paychecks and remitted to the plan.
Same thing with the loans.
So, if you have an employee that has a loan, you will withhold loan repayments from the employee’s paycheck and remit them to the plan as a loan repayment.
So, make sure those start on a timely basis.
Emma:
Okay.
Now, when it comes to eligibility for a 401k audit, I frequently hear kind of the general rule of thumb of 100 participants.
But I’ve also heard of another rule, which is the 80/120 rule. Can you explain that a little bit?
Colin:
Yeah, the 80/120 rule gives flexibility to those employers that bounce between 80 and 120 participants from year to year.
So yes, the general rule is once you’ve hit 100 participants, you’re required to do an audit.
Not true with that 80/120 rule.
So, if you have 101 participants, but last year you filed what’s called a small form and you did not have an audit, you can elect to file the same 5,500 small form, small plan, and you can choose not to do the audit.
So that provides a little bit of flexibility for employees that balance between 80 and 120.
So, the first year that you’ll need the audit is when you’re over 120.
Because when you’re at 110, 115 or so, you’ve historically filed the small plan, have not had an audit.
So, you can look back to what you filed last year and file that same filing and continue to defer the audit.
But for that first-year audit, once you’ve hit 120, once you’ve exceeded 120 participants, then you can no longer defer the audit.
You’re required to have that audit.
Emma:
Okay, so let’s say I deferred the audit one year, I had 101 participants and the next year I have 115 participants.
Can I still defer it another year?
Colin:
Correct, because the year before you still filed as a small plan.
But once you’ve exceeded 120, you’re out of luck.
You need that audit.
Emma:
All right, good to know.
Well, that’s perfect.
I mean, I imagine people would love to defer that one more year, maybe save a little on the cost of an audit or give them more time to prepare for their audit.
So now if someone is out there and they are ready for a 401k audit, whether it’s their first one or, you know, their second, third, 4th, 5th, 10th, what do you recommend people do to
choose who is doing this audit?
What sets a high-quality audit apart from kind of the bare minimum one?
Colin:
Well, as a plan administrator, you do have a fiduciary responsibility to make sure you select service providers that have the utmost reputation.
So the first thing that I generally tell employers that are going through this process is just don’t go for the cheapest audit.
There’s a lot of firms out there that will, do an audit for, a fraction of the price of what a reputable firm such as DHJJ will do.
To that response, I always say, we’ll check their peer review.
Have they gone through a peer review?
What have those peer review results been?
And for those unfamiliar with the peer review, basically it’s another CPA firm comes in and audits our work papers every three years to make sure we’re following the proper audit guidelines and following GAAP and making sure that our audits are of the utmost quality.
Emma:
Where can people find these peer reviews?
Is there a website they can go to or do they need to ask their CPA directly?
Colin:
Yeah, good question.
They could ask the CPA directly.
We post ours on our dhjj.com website for everybody to see.
But you can also go to the AICPA website.
They post all the peer review results at peerreview.aicpa.org.
And you can do a firm search.
You can do a search by city, search by state, search by firm, and everything will be posted up there.
Emma
That’s great.
Sounds like that could be a good way to find a CPA firm.
Colin:
Yeah, that would be an excellent way.
You know, you can search by your city or you can search by your state, just so that way you get a nice local CPA firm right in your backyard.
Emma
Awesome.
Well, that’s great.
If someone’s never been audited before, what should they do first?
Colin
Well, I think they should always get two or three different quotes from two or three different CPA firms, not just go for the first one that they talk to.
But in terms of actually preparing for the audit, we’ve touched on it before, make sure your documentation, your employee documentations are in order, you have the enrollment forms.
Double checking the compensation, making sure there’s timely contributions, kind of doing a self-audit, so to speak, like a little pre-audit check.
Emma:
Yeah, definitely.
Well, thank you, Colin, so much for taking the time to meet with me today and chat a little bit about 401k audits.
Before we wrap up, are there any final thoughts that you have or anything that you want to leave our listeners with?
Colin:
Yeah, as you’re going through the process of selecting your auditor, keep in mind, you know, the client relationship.
I think that’s very important at DHJJ.
You know, we’re not just just the auditors coming in once a year to kind of cross cross the T’s dot the I’s.
We want to be a part of your team.
Really, our goal is to help improve your internal processes, help improve your documentation, because ultimately, we’re part of your team and we just want to keep you out of trouble with the IRS and the DOL.
Another item that I always like to bring up too is consider team continuity.
Here at DHJJ, we have an excellent retention percentage.
It feels like once folks learn about DHJJ and get hired at DHJJ, we stick around for quite a while. Which means that you have excellent team continuity with your audit.
You’ll see familiar faces year in and year out.
So, I think that’s very important.
Emma:
Absolutely.
I absolutely agree.
So, if you’re out there and you’re thinking that your company might be close to that threshold or want to make sure that you’re in good shape for future audit, Colin and his team are happy to walk you through it and can be a great help.
So, you can reach out to DHJJ anytime or check out the link in our bio.
Thanks, and we’ll see you next time.
