Now Is the Time to Prepare for Health Plan Audits

Compliance requirements of the Affordable Care Act are gradually being implemented, and with each new provision that employers must comply with, the more you have to keep track of.

But 2015 is really when the rubber hits the road for ACA compliance. This is the year you’ll learn more than you ever wanted to about the various ACA coverage and reporting requirements.

There are three federal agencies in charge of ACA compliance: the Employee Benefits Security Administration (EBSA) of the Department of Labor (DOL), the Internal Revenue Service and the Department of Health and Human Services.

The main agency in charge of compliance will be EBSA and there are a number of areas the agency will be looking at.

Already, EBSA has set up a health benefits security project team to handle ACA enforcement. Getting numbers is difficult, but EBSA said in 2010 that it was hiring about 670 new investigators to help with matters such as ACA compliance audits. By now, hundreds of them are be on board, trained, and ready to investigate.

EBSA has the authority to conduct audits on benefit plans that are governed by the Employee Retirement Income Security Act (ERISA). DOL audits often focus on violations of ERISA’s fiduciary obligations and reporting and disclosure requirements.

The DOL may also investigate whether an employee benefit plan complies with ERISA’s protections for plan participants, such as the special enrollment rules or mental health parity requirements. Recently, the DOL has been using its investigative authority to enforce compliance with the ACA.

Penalties for noncompliance and other errors found during an audit can be steep. For example, during the 2013 fiscal year, more than 70% of audits resulted in monetary fines or other corrective action.

Triggers

There are several factors that increase or indicate your likelihood of being audited.

Audits can be random or triggered for a variety of reasons. Some audits can be avoided through careful administrative efforts, while others can be initiated through no fault of your own.

Common triggers for a DOL audit include:

• Enrollee complaints – If any of your plan’s enrollees complain to the DOL about potential ERISA violations, the plan will likely be subjected to an audit. According to a DOL audit summary, 775 new investigations in 2013 resulted from participant complaints.
• Incomplete or inconsistent information – The DOL is more likely to investigate a plan that has incomplete answers on the plan’s Form 5500, or if information you report is inconsistent from year to year.

Another reason your plan might be selected for an audit is the DOL’s national enforcement priorities or projects, which focus investigative resources on certain issues.

According to the DOL, the following are areas of heightened importance for audits:

• Major case enforcement – EBSA is focusing on major cases in order to best protect areas that have the greatest impact on plan assets and participants’ benefits.
• Employee contributions initiative – EBSA is focusing on delinquent employee contributions in order to help protect employee contributions to their 401(k), health care and other plans.

But wait, there’s more!

In addition to the above, the DOL has several national enforcement projects that receive investigative emphasis:

• Contributory Plans Criminal Project
• Fiduciary Service Provider Compensation Project
• Health Benefits Security Project
• Rapid ERISA Action Team
• Employee Stock Ownership Plans
• Voluntary Fiduciary Correction Program

Remember, DOL audits can be triggered by mistakes you make, complaints by your employees (whether valid or not) or if your plan is swept up in an area on which the agency is focusing its enforcement efforts.

Be prepared

But even if you’re not at fault, if your plan is audited, you have to be prepared and have all of your documents and documentation in order.

The DOL has asked for the following in its audits during the last few years:

• Plan documents for each plan, along with any amendments. (Content in all plan documents must comply with ERISA regulations.)
• Trust agreement (if any), and all amendments.
• Current summary plan descriptions.
• Form 5500 and accompanying schedules for most recent plan year and previous three years.
• Listing of all current service providers and those from the past three years.
• All current contracts with administrative service providers on the plan, and the most current fee schedules.
• All insurance contracts between plan and service providers.
• Name, address and telephone number of plan administrator.
• Sample HIPAA certificate of creditable coverage and proof of compliance with on-time issuance of COBRA notices.
• Notice of special enrollment rights and record of dates when notice was distributed to employees.
• Written eligibility criteria for plan enrollment.
• Documentation regarding all mandatory employee notices, such as Statement of ERISA Rights, Women’s Health and Cancer Rights Act notice, etc.
• Copy of most recent monthly bill for premiums from insurance company.
• Copy of check, wire transfer or other method of payment for insurance premium.
• Enrollment form(s) for the plan.
• Employee handbook.
• All documentation of claim adjudication and payment procedures.
• Fidelity bond (if any).

Fines

Fines can be substantial.

ERISA’s reporting and disclosure requirements carry a fine of $110 per day, per person, per violation for every plan participant who was covered under a single contract.

The fine is $200 for plan participants covered by a family contract.

ERISA fines represent just one flag from the DOL auditor and can cost the plan sponsor dearly. Most fines for noncompliance under the ACA are not tax-deductible, either.