Facebook icon Twitter icon Forward icon

DOL Issued New Cyber Security Guidance

DOL Issued New Cyber Security Guidance

On April 14, 2021, the Department of Labor (“DOL”) announced first-ever guidance for plan sponsors, plan fiduciaries, record keepers, and plan participants on best practices for maintaining cybersecurity. In this day and age of electronic storage, internet and cloud use, and electronic transmission of data there is increased potential for hackers to gain access to participant accounts and information.

According to the DOL news release, the guidance is intended to assist in safeguarding participants retirement benefits and personal information. The DOL’s cybersecurity guidance take the following three forms:

  • Tips for Hiring a Service Provider: Helps plan sponsors and fiduciaries prudently select a service provider with strong cybersecurity practices and monitor their activities as ERISA requires. Key tips include understanding your service providers’ security standards, policies and audit results, make sure your provider has appropriate cybersecurity insurance, discuss any breaches your provider has had and the impacts.
  • Cybersecurity Program Best Practices: Assists plan fiduciaries and record-keepers in their responsibilities to manage cybersecurity risks. Includes best practices on things such as maintaining formal, well documented cybersecurity program and policies, annual risk assessments and reviews, annual third party audit, strong control procedures, awareness training, etc.
  • Online Security Tips: Offers plan participants and beneficiaries who check their retirement accounts online basic rules to reduce the risk of fraud and loss. Some of these tips are: routinely monitor your accounts, use strong and unique passwords, close unused accounts, beware of phishing, use anti-virus software, don’t use free wifi, know how to report identity theft.
  • Individuals can now take penaltyfree early withdrawals of up to $5,000 from their qualified plans and IRAs due to the birth or adoption of a child.

We recommend that you review the DOL’s new cybersecurity guidance and consider implementing it where applicable. You may also want to provide the DOLs guidance “Online Security Tips” to your plan participants to assist them in reducing the risk of fraud and loss to their retirement accounts. It is important that plan sponsors and participants take precautions to prevent cybersecurity attacks.

– Julie Courtney, CPA, CEO

New Audit Standards

New Audit Standards

The AICPA Statement on Auditing Standards (“SAS”) No. 136 prescribes certain new performance requirements for ERISA plan financial statement audits and changed the form and content of the related auditor’s report to improve audit quality and enhance the communicative value and transparency of the auditor’s report. It includes new requirements in all phases of an audit of ERISA plan financial statements.

The SAS will be effective for audits of ERISA plan financial statements for periods ending on or after December 15, 2021. This means that our 2021 year-end audits being performed in 2022 will be required to follow the performance and reporting requirements of this SAS, including using the new form of the auditor’s report.

The new SAS includes changes that will need to be implemented for all ERISA audits, including changes related to management acceptance, management representations, communications with those charged with governance, and the auditor’s report. Audits previously referred to as limited scope audits will now be referred to as ERISA Section 103(a)(3)(C) audits. The new SAS notes that an ERISA section 103(a) (3)(C) audit is unique to employee benefit plans and is not considered a scope limitation, therefore we would no longer issue a modified opinion (typically a disclaimer of opinion) due to investment related information that is certified by a qualified institution.

The SAS also contains incremental requirements specific to ERISA audits relating to management’s responsibilities for:

  • Maintaining a current plan instrument, including all plan amendments.
  • Administering the plan.
  • Determining that the plan’s transactions that are presented and disclosed in the financial statements are in conformity with the plan’s provisions.
  • Maintaining sufficient records with respect to each of the participants, to determine the benefits due or which may become due to such participants.

The SAS also includes other key provisions which will include changes to the engagement letter, risk assessment, planning, fieldwork, and management representation letter. For your 2021 and future audits, you can expect additional work that needs to be performed to comply with these new standards.

– Chris Baxter, CPA Senior Manager

Ethics Hotline

Are You Interested?

Shannon & Associates is proud to be able to offer Red Flag Reporting to its clients. Red Flag Reporting is an ethics hotline which is aimed at the prevention and detection of fraud and employee protection incidents. Red Flag Reporting is recognized by the Journal of Accountancy and Accounting Today.

Companies who implement a hotline:

  • See increase rate of detection of fraud and HR claims
  • Limit losses in employee related claims
  • Assist in prevention of fraud
  • Set a strong “tone at the top”
  • Find it the most cost effective internal control

Contact Jessica Kinney at 253-852-8500 for more information or email jkinney@Shannon-cpas.com

Retirement Benefit Plan Limitations

Retirement Benefit Plan Limitations

The IRS has announced that some retirement benefit plan limitations will be adjusted for 2022. Above are selected limitation amounts.

Webcast Series – Fiduciary Responsibilities

The Department of Labor is offering a webcast series for Plan Fiduciaries: Getting It Right - Know Your Fiduciary Responsibilities: Webcast Series for Retirement and Health Plan Sponsors

Operating an employee benefit plan can be challenging, especially for small and medium sized employers who have limited time, resources, and access to professional help with benefit programs. To help increase awareness and understanding about basic fiduciary responsibilities when operating a retirement or health benefit plan, the Department of Labor is presenting the Getting It Right – Know Your Fiduciary Responsibilities webcast series. The three part series will help employers and service providers understand how the fiduciary responsibility provisions of the Employee Retirement Income Security Act (ERISA) apply to employer-sponsored retirement and health plans and provide information on how to avoid common problems in managing a plan. Specifically, getting it right means understanding your plan and your responsibilities, carefully selecting and monitoring service providers, making contributions on time, providing appropriate disclosures to plan participants and filing annual reports to the government on time, and avoiding prohibited transactions. Attendees can register for all sessions or for individual sessions.

March 24 11am-12:30pm PST
ERISA’s reporting and disclosure provisions and the department’s voluntary correction programs for employer-sponsored retirement plans. To register click HERE.

March 29 11am-12:30pm PST
Basic fiduciary responsibilities when operating an employer-sponsored group health plan, ERISA’s reporting and disclosure provisions, and qualified medical child support orders, or QMCSOs. To register click HERE.

2021 Annual Report & 2022 Shoe Drive!

Shannon & Friends

Dear Clients, Shannon Staff and Friends of the Shannon & Friends Foundation.

Our primary purpose in forming Shannon & Friends Foundation was to help elementary school children with shoes, coats, and school supplies. Our focus was on Kent Elementary School which is in our office’s back yard so to speak. We have also helped fund some other local charities that help community citizens with similar needs.

During the last two years we have raised close to $20,000 in cash donations and donations of shoes and coats from our clients, staff, and friends.

Shannon staff have become experts in searching out bargains for purchases of shoes and coats to donate. We have been given accommodations with some stores to receive even further discounts in our purchases.

Last year, since the school was not doing in school learning, we took over our accumulated shoes and coats to the school for a drive-up event to hand them out. It was emotional for us to see a long line of cars coming by to accept new shoes and coats for the winter.

As these school children grow so fast, there is a constant need for shoes and clothing and so the need never ends. We want to thank you all for your support and let you know we are continuing our program to help the community and the children of our local elementary.

100% of your donations go directly to helping people in need. We are a 501(C)(3) Non-Profit charitable entity.

Our 2022 Tax Season Fundraiser is underway now. You can donate by going to www.g8pa2-shoes-for-kids. For everyone dollar donated between January and April 15, 2022 Shannon & Associates, CPA’s will match your donation.

Here is to a healthy, happy, and great new year.
Shannon & Friends Foundation

Shannon & Friends Foundation
(253) 852-8500

We Are Asking for Your Help!

Shannon & Friends Foundation was formed in 2018 by the employees of Shannon & Associates.

In three years you helped us provide over $20,000 of shoes and coats to kids in need – thank you!

We are asking for your help again this year! For every tax return we prepare for you between now and April 15th, we are asking you to give a donation. Between now and April 15th we will match your donation – 100% of the funds donated go directly to kids in need in our community. Let us do the shopping for you by making a tax-deductible* donation to our Shannon & Friends Foundation!

Donations can be made online here or by mail at Shannon & Friends Foundation c/o Shannon & Associates 1851 Central Place S., #225, Kent, WA 98030.

Please make checks payable to Shannon & Friends Foundation.