Nonprofit Audit Types

The word “audit” often has negative connotations. However, for many nonprofits, an annual audit is standard practice. Though the IRS does not require audits of all nonprofit organizations, other government agencies do. What is just as important for organizations that rely heavily on donations is that many private foundations and independent donors will not consider supporting organizations that are not audited on an annual basis. In the nonprofit world, conducting an annual audit has, for the most part, become a best practice.

Though few states have laws requiring an independent audit for smaller organizations, once a contribution threshold has been exceeded, it becomes mandatory. Most nonprofit audits are performed under Generally Accepted Auditing Standards (GAAS). When an organization receives over $500,000 in federal awards, a compliance audit performed under the Generally Accepted Government Auditing Standards (GAGAS), often referred to as “Yellow Book” standards is required. These standards focus heavily on aspect of internal controls.

The GAAS Audit Process

During an independent audit, using the GAAS standards, a trained auditor will review an organization and its environment, and test account balances such as payables, revenues, expenses and cash. Fraud risk and internal controls will also be considered.

Once an audit is complete, the organization will receive an opinion on the statements, along with a letter explaining them, if any internal control deficiencies are found. Auditors will also suggest ways that your organization can improve and give appropriate procedure to follow.

Agreed –Upon Procedures Engagement

An alternative to the GAAS audit is the performance of an Agreed-Upon Procedures Engagement (AUP).  During this process, an auditor carries out procedures of an audit nature that are agreed upon by the auditor, the organization and any appropriate third parties. Once a report is received, an option is not issued; rather, the recipients may form their own conclusions.

Audit Alternatives

Not all organizations need an audit, but still seek the input of an independent accounting firm. Alternatives do exist that can save time and expense, while ensuring that an organization is being managed efficiently and is prepared for future audits.

One option for nonprofits is a review, where an organization’s financial statements are analyzed to ensure that they meet expected results. A second option is compilation, where financial statements are not analyzed but are reviewed to ensure that they are prepared in a format consistent with Generally Accepted Accounting Principles.

When preparing for a nonprofit audit and determining which option is most appropriate for your organization, it’s helpful to seek the advice of an accounting firm with specific experience with nonprofit audits. At Ernst Wintter & Associates, we work closely with nonprofit organizations to help them reach their highest potential. Contact us to learn more about the nonprofit audit process.


Employee Benefit Plan Audit Requirements

An employee benefit plan audit is subject to rules based on the Employee Retirement Income Security Act of 1974 (ERISA). This law was passed to protect the interests of employees with retirement plans such as 401k plans. ERISA rules for an employee benefit plan audit include reporting information to the Department of Labor and the Internal Revenue Service in accordance with generally accepted auditing standards (GAAS). All plan participants must be given access to this information on an annual basis. Here are other requirements administrators must follow for an employee benefit plan audit.

Small vs. Large Employee Benefit Plans

Usually only small employee business plans are allowed to waive the audit, which is up to the employer. More substantial plans with over one hundred eligible participants at the start of the plan year must generate an audit as a section of the required 5500 annual return form. Eligible participants, which are not to be confused with active plan participants, are defined as all individuals, whether active or not, that meet the eligibility requirements of participating in a qualified cash or deferred plan. Many administrators have misunderstood this wording to mean they are allowed to waive the audit as a small plan. This mistake can lead to huge monetary penalties from the Department of Labor, which is why experienced professionals must conduct a quality employee benefit plan audit.

Determining Audit Type

You must determine between a full or limited scope employee benefit plan audit for a 401k. A Full Scope Audit is necessary when the certification is unavailable for the portfolio’s custodian, who only holds a Type I SAS 70 report. In this scenario the auditor must test the custodian’s investments, which can take substantially more work. A Limited Scope Audit, on the other hand, in which the custodian holds a Type II SAS 70 report, only requires the auditor to test the participant data. The one exception to the large employee benefit plan audit is the “80-120 Participant Rule,” in which the Form 5500 annual report can be filed the same way as the previous year if the plan includes 80 to 120 participants at the start of the plan year. In other words, the option to waive the audit is possible if there were no audit the previous year.

How to Proceed

Contact Ernst Wintter & Associates for your 401k plan needs. They are Certified Public Accountants that provide audit services for employee benefit plans, as well as the securities industry and nonprofit organizations, which meet compliance standards of the DOL and IRS. The firm has been in business for over 25 years with expertise in small to midsize business employee benefit plan audit services and has a wealth of knowledge and experience to share about auditing and taxes.