If your business is on the rise, you’ve probably already hit a few growth milestones. Maybe you made your first hire in another state, dealt with tax nexus issues, or upgraded to a new financial system. But there’s one milestone many growing companies don’t see coming: your first 401(k) plan audit.
The Department of Labor (DOL) requires a retirement plan audit once your plan reaches 100 or more eligible participants at the start of the plan year. This requirement typically accompanies your Form 5500 filing, and while it sounds technical, it’s really about ensuring your plan is operating fairly and in compliance with federal regulations.
If this is new territory for you, you’re not alone. Many first-time audits come as a surprise, particularly when former employees are still counted in the plan. This article will walk you through what a 401(k) plan audit involves, why it matters, and how you can stay ahead of it with minimal stress and maximum clarity.
What Is a 401(k) Plan Audit and Who Needs One?
A 401(k) audit is an independent review of your company’s retirement plan by a qualified auditor to ensure it complies with regulations and operates according to its stated terms. It protects employees by verifying that contributions are handled correctly and that retirement funds are managed responsibly.
You’re generally required to undergo a 401(k) audit if your plan has 100 or more participants with account balances on the first day of the plan year, and you filed as a “large plan” the previous year. This count includes not only active employees, but also former employees who still have balances and those who were eligible to participate, even if they chose not to.
Many companies are surprised to learn they meet the audit threshold due to lingering balances from past employees. If you’re approaching the 100-participant mark, it’s a good idea to request a detailed report from your plan administrator or recordkeeper at the start of the year. DHJJ or your provider can also help determine whether your plan allows you to remove certain former employees to stay below the limit.
Missing the audit requirement can result in costly penalties and a higher risk of investigation. However, there are a few exceptions that may allow you to avoid or delay a first-time audit:
- The 80-120 Rule: If your plan has between 80 and 120 participants and was filed as a “small plan” the prior year, you may continue to file as a small plan and avoid the audit until you exceed 120 participants.
- Short Plan Year: If your plan year is seven months or less (e.g., due to a plan year-end change), you may be able to defer the audit for that short period.
Understanding these requirements, and exceptions, can help you stay compliant while avoiding surprises as your plan grows.
Why This Audit Matters
The word “audit” tends to make people nervous, but this isn’t about catching you doing something wrong. It’s a regulatory requirement designed to verify that your retirement plan is functioning as it should. It provides reasonable assurance that employee contributions are being processed on time, that participant eligibility is being applied properly, and that distributions, loans, and other transactions are handled correctly.
The audit helps safeguard your company too. If issues are identified during the process, you have the opportunity to correct them before they become bigger problems. Think of the audit as a health check for one of your most important employee benefits.
What to Expect During the Audit Process
The 401(k) plan audit process typically includes three key phases. Understanding these stages can help you plan your time and resources more effectively.
1. Initial Planning and Document Collection
The auditor will begin with a kickoff meeting to learn about how your plan is set up and administered. During this phase, you’ll be asked to provide various documents, such as:
- Plan adoption agreements and any amendments
- Summary plan descriptions (SPD)
- Payroll records
- Participant deferral elections
- Investment statements
- Form 5500 drafts
- Details about your internal processes and information systems
This phase is all about understanding how the plan is designed and how it’s being run day-to-day. You could also be requested to provide the auditor with access to the plan’s website, as well as your payroll provider’s website. This could save you a significant amount of time as the auditor would obtain certain records directly from these websites without you having to get involved.
2. Testing and Internal Review
Once the initial information is gathered, the auditor will perform detailed testing to ensure compliance with plan provisions and accuracy of the related information. Some of the tests performed during this phase include:
- Tracing contributions from payroll through to deposit in participant accounts
- Verifying that the employer match (if applicable) is calculated and deposited accurately and timely.
- Reviewing participant eligibility, loans, and distributions
- Confirming that actual plan operations match what is documented in the plan
For example, if your plan says employees are eligible after six months of service, the auditor will check to see if that rule is being applied consistently.
This phase is normally the most time-consuming but, as explained above, your involvement could be significantly reduced if you have given your auditor online access to plan documents and payroll records.
3. Final Audit Report and Filing
At the conclusion of the review, the auditor will issue financial statements that are submitted along with your Form 5500 filing. If issues are found, such as late deposits or eligibility mistakes, you’ll have the opportunity to correct them. You’ll also receive guidance on how to avoid those issues in the future.
The audit itself doesn’t impose penalties, but failing to complete the audit when required will result in fines imposed by the DOL, and delays in filing.
Common Mistakes First-Time Filers Make
Even experienced finance teams can run into trouble during their first 401(k) plan audit. Being aware of these common pitfalls can help you avoid them.
Miscounting Participants
This is by far the most common error. Many businesses only count their active employees, but the DOL’s definition includes former employees who still have a balance in the plan and employees who were eligible to participate but didn’t.
What to do: Make a habit of checking your plan’s eligible participant count every January. Many payroll providers can help you generate this list.
Assuming a Custodian’s Report Is Enough
Some retirement plan providers issue a certified trust statement or summary of plan activity. While helpful, this is not a substitute for an independent audit. The DOL requires deeper testing that only a licensed CPA firm or practitioner can perform.
What to do: Check with your provider, but confirm whether you still need an independent audit based on your participant count.
Waiting Too Long to Start
Because audits can take up to six weeks after all documents are submitted, starting the process too late in the year can lead to tight filing deadlines, higher costs, and last-minute unnecessary stress.
What to do: Ideally, begin gathering materials and confirming your audit requirement in the spring or early summer. This gives you time to resolve any unexpected issues well before the October 15 extended filing deadline.
Making the Audit Work for You
It’s easy to think of a 401(k) plan audit as just another compliance task, but it can also be a valuable opportunity. A well-executed audit helps you:
- Validate that your plan is being managed according to plan provisions.
- Identify areas for process improvement
- Helps plan sponsors and fiduciaries ensure that they are meeting their legal obligations to act in the best interests of plan participants. Gain insights that can strengthen your internal controls
The audit is not just about checking a box. It’s a way to bring transparency, trust, and clarity to an important benefit that supports your team’s financial future.
Final Takeaway
If your company is approaching or surpassing the 100-participant mark in its retirement plan, now is the time to start preparing for a potential audit. Knowing what to expect, taking stock of your participants, and gathering documentation early can make the entire process smoother.
Rather than viewing the audit as a hurdle, think of it as a proactive step that protects your business and supports your employees. With the right preparation and support, your first 401(k) plan audit can be just another step in building a stronger, more compliant organization.
DHJJ has extensive experience guiding businesses through 401(k) plan audits and can help ensure you’re well-prepared every step of the way.
