What Goes Wrong in a 401(k) Audit (and What It Reveals About Your Plan)

Kim Moore

Just like your annual physical flags health issues for early treatment, 401(k) audits detect plan problems so they can be promptly corrected. Most issues revealed during an audit are the result of plan decisions and process gaps building throughout the audit year.   Most findings aren’t isolated mistakes — they usually reflect process gaps in payroll setup, plan governance, or administrative follow-through that have built up over the plan year. Diagnosing and acting to remedy plan maladies can keep your plan healthy and save you from bigger concerns down the road.  

Since forewarned is forearmed, here are some of the issues that often surface during 401(k) plan audits.  

Eligibility & Enrollment Failures 

A common audit finding is failure to enroll some employees due to eligibility tracking errors. One reason is that recent revisions to retirement law under the SECURE Act 2.0 have made eligibility tracking more complex. Even so, denying enrollment of qualified employees can lead to systemic compliance risk.  

You must now automatically enroll new employees into 401(k) and 403(b) plans and qualified long-term, part-time employees are now also eligible for enrollment. Part-time employees who meet the minimum age requirement and work at least 500 hours in two consecutive 12-month periods can participate in the plan. With more variables to track, newly eligible employees are sometimes quietly excluded. Since the change became effective at the beginning of the 2025 plan year, this issue is a factor for plans we are now auditing.  When eligibility tracking fails, it’s often a sign that plan governance and payroll procedures haven’t kept pace with changing rules — and that’s where audit risk starts to compound. 

Deferral & Compensation Errors 

Audits also reveal deferral errors, which often occur when an incorrect or inconsistent definition of compensation is applied. Some plans are designed to include bonuses as compensation and others exclude it. If payroll codes for bonuses are set up incorrectly, it can cause systemic errors requiring employer-funded corrections. Incorrectly defining compensation or missing deferrals doesn’t just create minor discrepancies, it can require larger, employer-funded corrections across multiple employees.  

If payroll treatment of bonuses doesn’t match your plan document, corrections can be costly and time-consuming — especially if discovered in a later year when W-2 corrections and participant tax re-filing may be required. 

To avoid these problems, we encourage all Plan Sponsors to periodically audit their payroll systems to make sure all codes and processes are set up correctly. 

If you suspect missed deferrals have occurred, start with How to Correct Missed Participant Deferrals to understand the correction approach and documentation expectations. 

Contribution Timing Issues 

The most common audit issue we see is inconsistent timing of deposits into participant accounts. After deferring the money from an employee’s paycheck, how long does it take before it lands in the participant’s account? Even small delays can trigger regulatory inquiry.  

Department of Labor regulations require employee contributions to be made into their retirement accounts as soon as administratively feasible.  There is a safe harbor rule for small plans but those with 100 or more active participants do not have that option.   

The DOL looks at your processes to determine the soonest you can execute the deposits and then makes that the standard for your plan. If contributions are late, you need to correct by calculating the missed earnings and then deposit those into participants’ accounts. There is no such thing as materiality when it comes to these earnings. So, even if you were only a few days late, the DOL expects you to deposit the missed earnings, even if it amounts to just pennies for each participant’s account.  

We recommend that you examine your history for timing deposits and update your plan procedures to reflect a detailed, realistic policy. For example, if you consistently deposit within three-to-five business days, your policy should state that you will have remittances completed within five days of payroll. What’s important is that you have a policy, it’s reasonable, consistent, and management enforces it.  

If you’re preparing for an audit, a documented deposit policy is one of the easiest ways to reduce findings — use this 401(k) audit checklist to confirm you have the supporting documentation in place. 

Loan & Distribution Errors 

Related to the timing of contribution deposits is the timing of loan repayments. If contributions are late, then loan repayments are likely late, which means loan payments deviate from their amortization schedules.  

Sometimes we find that loan payments aren’t set up correctly or in a timely manner within a payroll system. If loan payments are starting later than the amortization schedule, you need to re-amortize the loan schedule.  

We recently discovered a situation where a participant took out a 401(k) loan and the loan defaulted because repayments were never set up in the payroll system. This caused hardship for the employee because the loan was then classified as a distribution by the IRS and became a taxable event. Plus, since the participant was younger than 59½ she had to pay a penalty on top of the taxes. 

In addition, many distribution errors result from the improper calculation of vesting. We’ve seen distributions that are too large or too small because the vesting policy was not clearly followed. Is your vesting based on hire date? Number of hours or days worked? What if the employee leaves the company and later returns to employment? What if there is a leave of absence during the employee’s tenure? There are many points to consider. 

The bottom line is that all transactions must follow carefully crafted policies to ensure that both employees and employers operate consistently under the plan. It’s important to periodically review your policies and communicate them to participants, human resources, payroll, recordkeepers, and all parties involved in plan operations. 

Loan and distribution findings often point to a broader breakdown in how plan rules are operationalized across payroll, HR, and recordkeeper workflows. 

Plan-Level Compliance Issues 

Audits also reveal plan-wide compliance gaps such as bonding or testing failures. While these aren’t operational mistakes, they are violations that can trigger broader regulatory review. 

One example is a missing or inadequate fidelity bond. This ERISA requirement protects plan assets against loss from fraud, theft or dishonesty. 

To remain compliant, the bond must be issued in the name of the plan, cover the entire plan year and meet minimum coverage requirements based on plan assets. If coverage is insufficient or not kept current, it can create compliance issues that surface during an audit. 

For a full breakdown of 401(k) fidelity bond requirements and how to stay compliant, see our guide: What is a 401(k) Fidelity Bond? 

The DOL & Participant Risk 

Discovering and treating plan problems quickly is key to your plan’s sustained health. It is especially important for avoiding participant risk. We’ve observed that most regulatory investigations don’t start with audits, they start with frustrated employees who complain to the DOL. An audit provides the check-up needed to anticipate participant concerns and deal with them before they escalate. 

What These Findings Actually Tell You 

Each audit finding is a data point — but patterns across findings tell a bigger story. Eligibility issues often trace back to tracking and governance gaps. Deferral and compensation errors usually indicate plan document misalignment with payroll configuration. Timing issues tend to reflect whether processes are disciplined, repeatable, and monitored. 
When multiple categories surface in the same audit year, it’s often a sign that internal controls haven’t scaled with plan complexity. The audit highlights the symptoms — but the root cause typically sits in operations. 

Resolving Issues Early Can Avoid Future Expenses 

It’s natural to want to avoid scrutiny — but the purpose of a 401(k) audit is to surface issues early, when corrections are simpler and less costly. The audit is designed to confirm that plan operations align with your plan document, company procedures, and federal requirements. 
At the conclusion of an audit, you’ll receive an internal control memo describing issues that need attention. Treat it as a practical roadmap: prioritize the items that affect participants, then address the process gaps that allowed them to occur. Over time, this reduces correction costs, shortens audit timelines, and supports a more consistent experience for plan participants. 

Request a Consult
View all Blog Posts

Our firm provides this information for general educational guidance only and does not constitute the provision of legal advice, tax advice, accounting services, investment advice, or professional consulting of any kind. The information provided herein should not be used as a substitute for consultation with professional tax, accounting, legal, or other competent advisers. Before making any decision or taking any action, you should consult a professional adviser who has been provided with all pertinent facts relevant to your particular situation. Podcasts posted by Anders are not intended to be used and cannot be used by any individual or business, for the purpose of avoiding accuracy-related penalties that may be imposed on the taxpayer. The information is provided "as is," with no assurance or guarantee of completeness, accuracy, or timeliness of the information, and without warranty of any kind, express or implied, including but not limited to warranties of performance, merchantability, and fitness for a particular purpose. Please note that some content may be generated using artificial intelligence and is intended for educational and informational purposes only. In no way does listening, reading, emailing or interacting on social media with our content establish a professional relationship.