As the U.S. Department of Labor’s (DOL) benefits portfolio has swollen with the implementation of healthcare reform, wellness rules, and other mandates, the agency’s health plan audits have become more frequent, comprehensive, and fraught with pitfalls for plan sponsors and fiduciaries.
What DOL is looking for, and how to respond, were discussed by regulators and benefits attorneys at a recent American Bar Association (ABA) conference.
For Human Resources directors, health and welfare plan compliance now “really needs to be on the front of the plate,” said Patricia Moran, an attorney with Mintz Levin in Boston, Massachusetts. “The compliance needs have snowballed in the last 40 years.”
The Employee Retirement Income Security Act (ERISA) Section 504(a) gives DOL authority to require submission of records and other data, and to conduct onsite inspections when it has “reasonable cause” to suspect violations. When the agency investigates, it looks for violations of various coverage, notice and documentation mandates, as well as fiduciary breaches and improper payments from plan assets.
DOL’s investigations most often are triggered by participant complaints, advocacy groups, or ongoing retirement plan scrutiny, said Suzanne Bach, acting chief of the Division of Field Operations at DOL’s Employee Benefits Security Administration (EBSA). In 2012, DOL launched the Health Benefits Security Project to target systemic violations, she added. When the agency finds “global” problems, it will go to the service provider, if necessary, to get them corrected for all clients.
DOL will be looking at the plan operations, not only for compliance with ERISA’s procedural and Title 7 rules but also to determine whether benefits are being paid according to plan terms, Bach said. On out-of-network benefits, for example, sometimes the plan terms are inconsistent with how the systems are actually set up to calculate the benefits, so “make sure the documents are current and compliant with the systems you use,” she said.
Particular concerns include plan sponsors that are in financial distress and not funding premiums, causing participants to lose coverage retroactively, Bach said. “The misrepresentation aspect of that is what we would be looking for.”
Requested Documents
Requested documents typically include signed plan documents, summary plan descriptions (SPDs), and recent, signed Forms 5500. “I am seeing the agents really hone in on whether you are giving them signed documents,” said Christine Poth, an attorney with Vorys, Sater, Seymour, and Pease LLP in Columbus, Ohio.
“You have to have some meat to your SPD,” Bach added. For example, list the types of services covered versus those that are not.
DOL also requests meeting minutes, Poth noted. “These are almost nonexistent for health and welfare plans in my experience,” but employers should document these not only in case of audit but to show that fiduciary plan oversight duties are being met, she said. Plans also must produce financial records, service provider and insurer contracts, and employees’ enrollment applications.
DOL asks plans to document compliance with various notice requirements, including the Health Insurance Portability and Accountability Act (HIPAA) and related laws. For example, the agency still sees problems with the notices required by the Women’s Health and Cancer Rights Act and the Newborns’ and Mothers’ Health Protection Act, Bach noted.
DOL requests documents on compliance with HIPAA’s nondiscrimination and wellness rules, Poth noted. In fact, she added, the agency is finding violations of HIPAA wellness rules and requiring the employer to pay back all the noncompliant wellness penalties it collected, even if it means tracking down former employees.
As the Affordable Care Act (ACA) matures, DOL is increasingly “digging down into the ACA provisions,” Poth said. Auditees must document compliance with market reform provisions and ACA claims procedures (if not grandfathered), and distribution of any medical loss ratio rebates.
If your plan is grandfathered under the ACA your files for each plan year should include documentation that the plan meets all of the requirements to be grandfathered, said Mark Stember of Kilpatrick, Townsend & Stockton in Washington, D.C. This makes it much easier than trying to go back and reconstruct these. Likewise, keeping accurate records of how SPDs are sent out is much easier than trying to reconstruct the process later, he added.
In a change from previous years, DOL now is asking for claims data, Bach said. Plan sponsors should be prepared to get this from their service provider if necessary. Specifically, DOL looks for reports on how long the plan takes to pay claims and, for the past 6 months, listings of claims, appeals, and preauthorization requests that were denied.
Responding to Request
In responding to DOL’s request, “you’re going to have to make some judgment calls on ‘what do I include?’” but be careful not to be considered impeding a government investigation, Poth said.
Most EBSA agents now want all of this information electronically, so work with your information technology staff to get it to them securely, Poth added. If the plan is fully insured, you can have the carrier provide it to them directly.
Creating spreadsheets, while DOL cannot require it, may be a good idea to control the appearance of the plan’s data, Moran said.
Audit Process
As part of the audit, DOL typically spends 2 to 3 days onsite, interviewing employees involved in plan operations. In preparing individuals for this interview, “tell them it’s OK to say I don’t know” and make sure they don’t use terms of art inappropriately, Poth said.
If DOL finds no violations, or once violations are corrected, the agency will issue a closing letter. If violations are found, DOL can assess penalties, refer any criminal conduct for prosecution, and/or refer the matter to the Internal Revenue Service for possible excise taxes.
Sometimes a plan can get a closing letter from DOL before all corrective actions have been completed, such as issuing a revised SPD, said Stember, an advisory board member for Thompson HR’s HIPAA guides.
When seeking corrective action, DOL issues a “voluntary compliance (VC) letter” detailing its findings. “The VC letter is the start of the conversation—it’s not the end,” Bach said. But if DOL can’t get voluntary agreement, it may seek a court order or, if that fails, go to litigation, she warned.
Bach, Moran, Poth, and Stember spoke October 6 in Washington, D.C., at the Health and Welfare Benefit Plans National Institute, sponsored by the ABA Joint Committee on Employee Benefits.