Key Take-Aways from 2022 AICPA & CIMA Employee Benefit Plans Conference

employee benefit plans

By Jennifer Haddad, CPA

Audit Partner, ERISA Plan Audits

Audit Director


Every year, Wright Ford Young & Co. attends the annual AICPA & CIMA Employee Benefit Plans Conference. The multi-day conference includes a comprehensive lineup of sessions, delivered by top regulators and expert practitioners.  Sessions at the conference include topics such as the new Employee Benefit Plan audit standard (AU-C Section 703), common operational errors, a DOL and IRS regulatory update, and prohibited transactions.

The information gathered from the conference does not just benefit us, as the auditors, but is also informative for the Plan Sponsors we work with. The following are key take-aways from this year’s conference that should be of interest of Plan Sponsors:

  • Cybersecurity – In April 2021, the Employee Benefits Security Administration issued cybersecurity guidance for Plan Sponsors, Plan Fiduciaries, Record-keepers and Plan Participants.   The guidance emphasizes the importance of combatting cybercrime and gives important tips to remain vigilant against emerging cyber threats. Click here for the DOL Cybersecurity Program Best Practices.
  • Oversight of service providers – Plan Sponsors can outsource tasks, but they cannot outsource their responsibility of the Plan’s oversight. Plan Sponsors should obtain and review service providers SOC 1 Reports to ensure no exceptions found that affect the service providers’ operations. SOC 1 Reports also include Complementary User Entity Controls (CUEC) which are internal controls that all Plan Sponsors should have in place to ensure effective internal control over the Plan’s administration and reporting. Plan Sponsors should frequently review service provider reports for proper allocation of contributions, required minimum distributions, etc.  Additionally, while many service providers are offering participants an election to self-certify their qualification for a hardship distribution, the IRS still requires Plan Sponsors to obtain and retain support for self-certify hardship qualifications in the Plan’s records.
  • Plan Sponsors are responsible for compliance with plan provisions and current regulations – Common operational errors relate to definition of eligible compensation, vesting provisions, loan provisions, and timely remittance of contributions.
  • For “large” plans with more than 100 participants: New Employee Benefit Plan audit standard (AU-C Section 703) – Plan Sponsors must maintain a current executed Plan Document (including amendments), provide their auditors with a substantially complete Form 5500 prior to financial statement issuance, acknowledge responsibility for determining that an ERISA section 103(a)(3)(c) audit is permissible, and that investment information is properly certified, and maintain documentation of their analysis that the certification is from a qualified institution and that the certifications meets ERISA requirements

If you have any questions about the information above, please contact a WFY advisor here.


Wright Ford Young & Co. is headquartered in Irvine, CA and is the largest single office CPA firm in Orange County. WFY is a full service corporate accounting firm offering audit, tax, estate and trust, and business consulting services to closely held company and family business owners. More information about our Firm can be found at