insight
401(k) audit requirements: What employers need to know
Last updated: June 15, 2026
401(k) plan audit requirements generally apply once a plan reaches 100 or more eligible participants. At that point, employers must evaluate their plans for any data inconsistencies or operational gaps that may exist. Audits also help protect the accuracy of employee contributions and retirement savings, and they support compliance with Department of Labor (DOL) and Internal Revenue Service (IRS) reporting requirements.
This guide for HR leaders and employers focuses on 401(k) audit requirements and proactive methods to help reduce risk, prevent filing delays and strengthen plan oversight.
401(k) plan audit key takeaways:
- A 401(k) plan audit is generally required when a plan has 100 or more participants at the start of the plan year.
- Audits focus on financial accuracy, operational compliance and adherence to plan terms, including contributions and participant data.
- Common risks include late contributions, incomplete records and inconsistent data across systems.
- Preparation requires organized documentation, coordination with service providers and well-documented internal controls.
- Integrated payroll and retirement solutions can help simplify audit readiness and improve ongoing compliance.
Table of Contents
What is a 401(k) plan audit?
A 401(k) plan audit is an independent examination of a retirement plan’s financial statements and operations conducted by a qualified, independent auditor. This individual reviews how the plan is administered, how contributions are handled and whether financial records align with plan terms and applicable regulatory requirements. The goal is to validate accuracy, identify gaps, and confirm that the plan operates in accordance with its governing documents and ERISA requirements.
Definition: An independent examination of the plan’s financial statements and related operations
A 401(k) plan audit involves an independent auditor performing the following:
- Reviewing plan documents and related amendments
- Testing payroll data and employee contributions
- Verifying employer contribution calculations and vesting
- Examining distributions, loans and other participant transactions
- Confirming investment balances and financial reporting
Ultimately, audits add accountability and help confirm that the plan operates as intended.
401(k) plan audit vs IRS/DOL review: What’s different?
Conducted by independent auditors, 401(k) plan audits focus on accuracy, operational consistency and compliance with plan terms and reporting requirements. They are an annual requirement of the Form 5500 Series. Thus, employers anticipate and prepare for audits as part of their routine plan maintenance.
IRS or DOL reviews, in contrast, are regulatory investigations triggered by filings, complaints or identified risks. Their purpose is to uncover potential violations – such as late contributions, reporting errors or fiduciary issues – which could result in corrective actions, penalties or additional oversight.
When is a 401(k) audit required?
A 401(k) audit is generally required when a plan reaches 100 or more participants, measured at the start of the plan year. Crossing this threshold without realizing it in time can cause delays, increased administrative costs and heightened regulatory scrutiny. Consequently, many organizations proactively identify audit requirements for 401(k) plans during annual planning or as part of ongoing compliance reviews.
Typical trigger: Plan size/participant count thresholds and annual filing requirements
As previously stated, the most common trigger for a 401(k) plan audit is reaching the “large plan” threshold of 100 or more participants. This figure includes employees eligible to participate and those with account balances at the start of the plan year. The total headcount is reported on Form 5500, along with audited financial statements.
Filing Form 5500 is required for all retirement plans, though an audit may not be necessary if a plan has 80 to 120 participants and was filed as a small plan in the previous year.
What counts toward the audit threshold and common misconceptions
Counting participants for a 401(k) audit can be confusing for employers. Those who don’t know the proper method will often count only active contributors or exclude former employees with balances, which can lead to misclassification.
The correct way to tally 401(k) participants is to include all of the following:
- Employees eligible to participate, even if they do not contribute
- Employees with account balances, including terminated participants
- Participants with outstanding loans or prior plan activity
What must employers do each year?
Annual 401(k) audit requirements are part of a broader cycle of routine plan maintenance. Such maintenance includes keeping accurate records, tracking participant data and staying aligned with filing and reporting obligations throughout the year.
Core annual responsibilities: Conducting audits and filing Form 5500
If a plan meets the participant threshold, employers must complete an annual audit and include audited financial statements with their Form 5500. This process entails the following tasks:
- Compiling thorough and consistent financial data
- Aligning payroll and contribution records with plan activity
- Confirming participant headcounts and plan classifications
- Completing the audit in time for Form 5500 submission
Working with service providers: Data gathering and coordination
A 401(k) audit requires accurate data and documentation from multiple sources, including payroll providers, third-party administrators (TPAs) and recordkeepers. Here’s how each of them contributes:
- Payroll providers track compensation and contribution data.
- TPAs support plan administration and compliance testing.
- Recordkeepers maintain participant accounts and transaction records.
Coordination amongst these groups keeps information aligned and reduces reconciliation issues. Integrated payroll and retirement solutions can help further by reducing manual data transfers and improving consistency across systems.
What do auditors review?
401(k) auditors comprehensively review payroll data, participant information and financial reports to identify any inconsistencies in the retirement plan’s operations.
Plan document compliance: Eligibility, contributions, match, vesting and distributions
Independent 401(k) auditors compare plan operations against the official plan document. They review eligibility rules, contribution calculations, employer match formulas, vesting schedules and distribution processing to confirm that each aligns with the plan’s terms.
Payroll and contribution remittances: Timing, accuracy and reconciliations
Auditors review how employee contributions move from payroll into the retirement plan. They test timing, accuracy and reconciliation processes to confirm that contributions are deposited correctly and without delay.
Participant data integrity: Census, deferrals, loans and distributions
Auditors verify that census data, deferral elections, loan activity and distributions are documented completely and consistently across systems. The accuracy of these records is essential – even small discrepancies can create issues if they are not caught early.
Investments and fees: Valuations, participant allocations and expense reasonableness
A thorough review of plan investments and related fees entails validating asset valuations, confirming that participant allocations match account activity and reviewing whether plan expenses align with disclosures.
Note: Auditors do not evaluate the prudence of investment selections.
How to prepare for a 401(k) plan audit
Preparation begins well before the audit. It requires clean records, consistent processes and organized documentation to reduce disruptions and delays.
Common provided-by-client (PBC) items: Plan documents, payroll reports, census, trust statements and vendor reports
Auditors will often ask clients to provide certain documents, or PBC items, which form the foundation of 401(k) audits. Examples include:
- Plan documents and amendments
- Payroll reports and contribution records
- Participant census data
- Trust and investment statements
- Reports from TPAs and recordkeepers
If any of these items are missing or inconsistent, the audit may be slowed.
Internal controls documentation and evidence of review/approval processes
Strong internal controls show that a plan operates with oversight and consistency. When evaluating controls, auditors will often assess how contributions are reviewed, who approves transactions and how errors are identified and corrected.
Common issues that slow audits: Missing data, inconsistent records and late remittances
Issues that tend to delay audits include:
- Missing or incomplete documentation
- Inconsistent data across systems
- Late or irregular contribution remittances
These problems often require additional testing and follow-up with 401(k) auditors.
Practical steps for 401(k) audit readiness
The following 401(k) audit checklist can help employers consistently execute all the steps needed to keep a retirement plan audit-ready.
- Review participant data for accuracy
Validate census data, eligibility status and deferral elections. The goal is to catch errors before they surface during audit testing. - Reconcile payroll and contribution timing
Confirm that contributions move from payroll to the plan correctly and on time. Also, address any gaps in remittance timing and reconciliation. - Organize documentation and audit trails
Reduce delays and follow-up requests by maintaining centralized, up-to-date plan documents, payroll reports and vendor data. - Check plan documents against operations
Confirm that eligibility rules, match formulas and vesting schedules match how the plan operates in practice. - Confirm roles and responsibilities across vendors
Align expectations among payroll providers, TPAs and recordkeepers to reduce potential confusion and ensure data consistency.
Common findings and risks: Lessons from IRS audits of 401(k) plans
Issues commonly discovered during an independent audit include data gaps, timing errors and misalignment between plan documents and operations. If an IRS or DOL review ensues, the auditors often seek instances of late contributions, incorrect eligibility determinations and inconsistent recordkeeping.
These mistakes may result in financial penalties and mandatory plan adjustments. Employee trust can also be eroded if they experience delays or inaccuracies in their retirement savings.
Employers can prevent such negative consequences by auditing their 401(k) plans as part of their ongoing compliance processes. Doing so often supports stronger plan performance as well.
After the audit: Next steps and ongoing compliance practices
The audit does not end with the final report. Based on the findings, employers may need to perform the following:
- Update internal controls
- Improve documentation and review processes
- Strength coordination across payroll, HR and recordkeeping systems
Integrated retirement solutions can support these efforts by improving data visibility and reducing manual processes.
Turn audit season into an advantage
Satisfying 401(k) audit requirements is more than a compliance necessity. It provides insight into plan accuracy, data integrity and operational alignment.
Audits also improve plan performance, reduce risk and build employee confidence. HR leaders can achieve these outcomes by proactively auditing their 401(k) plans and making the process part of routine plan management rather than a temporary disruption.
Help your people plan for peace of mind
Get simple, affordable, and easily customizable retirement plans backed by the experience and service of ADP.
Frequently asked questions about 401(k) audit requirements
Do small businesses need a 401(k) audit?
A 401(k) audit is generally only required when a plan has 100 or more participants, including employees eligible to participate and those with account balances at the start of the plan year. Smaller plans typically do not need an audit, but they must still file Form 5500 and meet other compliance requirements.
What documents are needed for a 401(k) audit?
To accurately review plan operations and financial activity, auditors may request the following:
- Plan documents and amendments
- Payroll and contribution reports
- Participant census data
- Trust and investment statements
- Reports from TPAs and recordkeepers
This documentation must be complete and consistent to keep the audit on track.
How long does a 401(k) audit take?
Most 401(k) audits take several weeks to a few months, depending on plan size, data quality and how quickly documentation is provided. Organized records and timely responses can shorten the timeline. If any information is missing or if there are inconsistencies across systems, delays will likely occur.
How do you choose 401(k) auditors?
Employers may want to prioritize independent 401(k) auditors who have:
- Experience with employee benefit plans
- An understanding of DOL and IRS requirements
- Effective communication abilities
- Familiarity with the plan size and structure
Want more exclusive business insights like this delivered to your inbox?Subscribe now
M-947774-2026-06-04
ADP Inc. owns and operates the ADP.com website. Unless otherwise disclosed or agreed to in writing with a client, ADP, Inc. and its affiliates (ADP) do not endorse or recommend specific investment companies or products. Please consult with your own advisors for such advice. Investment options are available through the applicable entity(ies) for each retirement product. Investment options in the “ADP Direct Products” are available through either ADP Broker-Dealer, Inc. (ADP BD), Member FINRA, an affiliate of ADP, Inc., One ADP Blvd, Roseland, NJ 07068 or (in the case of certain investments) ADP, Inc. Only registered representatives of ADP BD may offer and sell ADP retirement products and services or speak to retirement plan features and/or investment options available in any ADP retirement products.
