Internal control is a process — affected by plan management and other personnel, and those charged with governance, and designed to provide reasonable assurance regarding the achievement of objectives in the reliability of financial reporting. Your plan’s policies, procedures, organizational design, and physical security all are part of the internal control process.
Because errors and fraud can and do occur, it is important that you establish safeguards for your plan to ensure you can adequately meet your fiduciary responsibilities. One way this can be accomplished is by implementing effective internal control over financial reporting.
Internal control will vary depending on the plan’s size, type, and complexity; whether the plan uses outside service organizations to process transactions and manage plan investments; and the size and qualifications of the department responsible for financial reporting.
Internal control should be based on a systematic and risk-oriented approach, to ensure that there are adequate individual controls in areas with high risk, and that they are not excessive in areas with low risk. Before making the decision to adopt a control, analyze the costs of establishing and maintaining it, and consider:
The potential benefits the control will provide
The possible consequences of not implementing it
Determine your plan’s internal control objectives
Individual controls should be designed to meet your system’s objectives
Establish, document and communicate your internal control
Once controls are established, it is important that they be documented and communicated to staff members who are expected to follow the policies and procedures. Staff training is a key element in ensuring the effectiveness of the plan’s internal control.
Extra: As a plan sponsor, administrator, or trustee, you are considered a fiduciary under ERISA — As such, you are subject to certain fiduciary responsibilities, and with these responsibilities comes potential liability. Your responsibilities include plan administration functions such as maintaining the financial books and records of the plan, and filing a complete and accurate annual return/report for your plan.