Latest Features | Features A - Z | Chief Executive Officer Features | Contributors
 

The Pensions Minefield


1 September 2006 Jeffrey D. Mamorsky

Today's pension plan environment is a great source of concern to management, workers and regulators alike. By examining best practice globally and keeping abreast of legal developments, we can avoid disasters, writes Jeffrey D Mamorsky, senior partner at Greenberg Traurig, LLP in New York.

There has been a cultural change of monumental proportions with regard to pensions all over the world.

At the core of this change has been the regulatory imposition of heightened fiduciary responsibilities of employers and trustees in both US and non-US pension jurisdictions and the recognition of the importance of comprehensive and effective fiduciary control procedures for plans.

These heightened responsibilities have been particularly noticeable in the US and UK, and may be a harbinger of things to come in other pension jurisdictions, which may similarly conclude that the private sector (trustees and employer plan sponsors) needs to self-police the pension system in order for it to survive.

HIGH-PROFILE SCANDALS

Recently we have been confronted with transparency issues such as hidden and bundled service provider expenses and self-dealing conflicts of interest that sometimes exist with plan vendors.

This occurred in the US, despite the fact that federal pension law – the 1974 Employee Retirement Income Security Act (ERISA) – contains rules that require plan sponsors to establish internal control procedures to monitor compliance with their fiduciary responsibilities.

These rules were in some cases not followed since there were few real teeth in the law. It took SOX, with its draconian certification penalties and ERISA 'white collar' criminal penalty provisions, to make plan sponsors take pension governance more seriously. The same thing has happened in the UK with new pension legislation and the introduction of a Pension Regulator and the EU Directive on Pension Governance.

US REQUIREMENTS

Companies sometimes overlook the fact that the SOX Section 404 (Management Assessment of the Adequacy of Internal Control Procedures) requirement applies to pension and benefit expenses. This is an issue that cannot be overlooked since draconian penalties are in place for those who fall foul of this provision.

SOX also applies to private companies since it adds new ERISA white collar criminal penalty provisions, which impose sanctions and up to ten years' imprisonment on employer plan sponsors and plan fiduciaries for wilful violations of ERISA's financial statement and other reporting and disclosure requirements.

"Employers, trustees and their counsel need to self-police the pension system."

This could occur in the case of a certified financial statement of a pension, 401(k) or other retirement plan where the auditor now requires employer plan sponsors to represent that the plan is operated pursuant to its terms and applicable law.

This representation, which appears as a footnote in every plan's financial statement, is likely to be inaccurate in the absence of internal control procedures that enable the employer plan sponsor to identify inconsistencies between administration, plan provisions and IRS qualification requirements.

The importance of this issue has recently been addressed by the AICPA with the issuing of SAS No. 99: 'Consideration of Fraud in a Financial Statement Audit', which concludes that the lack of internal control procedures for establishing and monitoring an employer's financial statement representations may result in a material misrepresentation and possibly fraud. In this regard, the AICPA recommends the engagement of a specialist to perform an independent review to ascertain the adequacy of internal control procedures.

IRS STIPULATIONS

Under the IRS Employee Plans Closing Agreement program, the IRS may impose monetary sanctions on employers for failure to operate retirement plans in accordance with IRS qualification requirements and for failure to follow the terms of the plan documents, even if plan operation is in compliance with IRS qualification requirements.

The IRS EPCRS program requires employers to establish self-audit internal control procedures to qualify for self-correction and mitigate the amount of IRS monetary sanctions.

Sanctions may be imposed by the IRS on audit, even if failures are unintentional discrepancies between plan operation and plan documents and result in no harm to plan participants.

"Draconian penalties are in place for those who fall foul of the SOX 404 requirements."

The level of sanctions can be draconian since the maximum payment amount is the total amount of tax that would apply if the plan were disqualified. For example, the starting point for negotiations with the IRS on the amount of the sanction is often 20 per cent of plan assets.

There is also a new IRS audit initiative targeting 'large' retirement plans with 2,500 or more participants. This large retirement plan audit typically lasts for 200–300 staff days and is conducted by six to eight professionals (including an IRS revenue agent, benefits and computer audit specialists, a benefits attorney and an actuary).

Finally, under the new IRS Employee Plan's focused audit programme, the IRS has modified its auditing procedures to focus on whether the employer, trustees or plan administrator have established internal controls to ensure that the plan is operationally compliant with the plan document and Code requirements. If the IRS auditor is satisfied that such internal controls are in place, the plan examination may be limited and/or curtailed.

UK REGULATOR ESTABLISHED

There has also been a growing interest in pension governance in the UK. The Pensions Act of 2004 focuses on the future governance and administration of pension schemes and includes provisions for a new Pensions Regulator to concentrate its efforts on schemes that possess a high risk of fraud, bad governance or poor administration.

In this regard, the Act provides that the Pensions Regulator may issue codes of practice containing practical guidance in relation to the exercise of functions under the pensions legislation, and regarding the standards of conduct and practice expected from those who exercise such functions.

"Willingly lying to regulators could result in fines of up to $5m and 20 years' imprisonment."

The Pensions Regulator issued a Code of Practice on Internal Controls in September 2005.

The Code of Practice is a must-read, not only for UK pension trustees, sponsoring employers and plan administrators, but also for anyone interested in pension scheme control and governance.

The following points contained in the Code of Practice are illustrative of what needs to be done to monitor fiduciary governance and controls:

  • Trustees or managers of an occupational pension scheme must establish and operate internal controls that are adequate for the scheme to be administered and managed in accordance with the scheme rules and in accordance with pensions legislation and any other relevant legislation
  • Trustees or managers should develop a risk management framework when assessing the existence or adequacy of key internal controls
  • Trustees or managers are expected to set up adequate internal controls that enable them to react to significant funding, operational, financial, regulatory and compliance risk
  • Not only will the establishment of adequate internal controls ensure the effective and efficient running of a scheme, they will also play a key role in reducing the likelihood of fraud (this incorporates concepts contained in SOX and SAS 99 issued by the AICPA)
  • Persistent failure to put in place adequate internal controls may be a contributory cause of an administrative breach or, in more extreme cases, result in the reduction or loss of scheme assets. Where in doubt over the effective stewardship of a scheme, the Pensions Regulator expects to receive a whistle-blowing report

This Code should primarily be read and acted upon by trustees, both individual and corporate, and managers of occupational pension schemes. The Pensions Regulator also recommends the Code to a wider readership, including scheme advisers (in particular scheme auditors because of their involvement in the assessment of key financial controls during the audit cycle), participating employers, service providers – such as fund managers, custodians and administrators – and others involved with the management and administration of occupational pension schemes.

WHAT CAN BE DONE?

"Sanctions may be imposed by the IRS, even if failures are unintentional discrepancies."

Employers, trustees and other responsible fiduciaries must recognise that they have individual accountability for decisions affecting the financial and operational conduct of the plan and scheme.

In this regard, it is important to seek the advice of independent counsel who can render a clear and unfettered analysis and examination of critical fiduciary governance and operational issues, the private and privileged correction of operational shortcomings, and assist with the installation of special protective insurance coverage to protect against large personal liabilities.

Put another way, employers, trustees and their counsel need to self-police the pension system in order for it to survive.

 






Contact us
Advertise with us
Terms and conditions
Privacy
Links
Newsletter sign up
Magazine sign up

www.the-chiefexecutive.com is a product of Global Trade Media. Copyright 2018 Global Trade Media, a trading division of Compelo Ltd.