Key takeaways
- Benefits and retirement plan compliance is a structured diligence area for every buyer; undisclosed liabilities here can result in purchase price reductions of $200K–$1M.
- Missed 401(k) deferrals — where the company failed to withhold and deposit employee contributions on time — trigger IRS Voluntary Correction Program (VCP) costs of 50% of the missed contribution plus lost earnings.
- Top-heavy plan failures occur when more than 60% of plan assets belong to key employees; correction typically requires a 3% employer contribution to all non-key employees.
- Late deposit of 401(k) contributions is one of the most common and underreported compliance failures; deposits must generally be made within 7 business days for small plans.
- Change-in-control provisions in deferred compensation plans can trigger immediate vesting and payment obligations that must be disclosed and quantified before signing.
In this article
Late deposit of 401(k) contributions is the most common plan operational failure
Missed deferrals require correction at 50% of the missed amount plus lost earnings
Top-heavy plan corrections can require contributions of 3% of compensation for all non-key employees
Employee benefits diligence is one of the most technical and frequently underestimated areas of M&A due diligence. For buyers, benefits represent a category of undisclosed liabilities that can be material relative to purchase price. For sellers, benefits compliance failures discovered during diligence create negotiating leverage for buyers — price reductions, escrow holdbacks, or specific indemnities for known failures.
Most founder-owned businesses with 10–200 employees have a 401(k) plan, some form of health insurance, and possibly other benefit arrangements like deferred compensation, supplemental executive retirement plans (SERPs), or incentive compensation. Each of these is a structured diligence category. Founders who have not audited their own plan compliance before entering a sale process are walking into diligence with unknown exposure.
The 401(k) compliance failures buyers always find
Three 401(k) compliance failures appear repeatedly in diligence for founder-owned businesses: late deposits of employee contributions, missed deferrals, and top-heavy testing failures. All three are correctible through IRS programs, but the corrections have real costs that reduce the value delivered to the seller at closing.
Late deposits occur when the employer fails to remit employee 401(k) contributions to the plan trust within the required timeframe. For small plans (fewer than 100 participants), the Department of Labor requires deposits within 7 business days of the pay date; for larger plans, the standard is the earliest date the employer can reasonably segregate the funds from company assets. Late deposits trigger DOL correction requirements and, if systemic, can result in excise taxes and penalties.
Missed deferrals occur when the plan document provides for automatic enrollment or allows employee elections that are not properly implemented — the payroll system fails to withhold the correct amount. The IRS Voluntary Correction Program requires the employer to make a corrective contribution equal to 50% of the missed employee contribution, plus lost earnings calculated from the date the contribution should have been made.
50%
Missed deferral correction rate
7 days
Small plan deposit window
3%
Top-heavy correction contribution
A business with 50 employees where 10% of employees had missed deferrals averaging $2,500 per year over 3 years has approximately $125,000 of missed contributions. The IRS VCP correction cost: $62,500 plus earnings — a real purchase price issue that buyers price as a dollar-for-dollar reduction.
Top-heavy testing and plan design failures
A 401(k) plan is considered top-heavy if more than 60% of plan assets belong to key employees (generally defined as officers with compensation above $220K, 5% owners, or 1% owners with compensation above $150K). Top-heavy plans must provide a minimum employer contribution of 3% of compensation for all non-key employees, regardless of whether those employees make their own contributions.
Top-heavy failures are common in founder-owned businesses where the owner and a small group of senior executives are the primary plan participants. If the founder has a $400K balance in the plan and the non-key employees collectively have $300K, the plan is top-heavy. If the plan did not make the required 3% contributions to non-key employees in prior years, the correction requires retroactive contributions plus earnings.
Plan document failures — where the written plan document has not been updated to reflect IRS required amendments — are another frequent finding. The IRS requires periodic restatements of plan documents; the most recent cycle required restatements by July 31, 2022. Plans that have not been restated are technically non-qualified, which creates a separate set of correction requirements.
Scroll to see more →
Working through this yourself?
Kolton works directly with founders on M&A readiness, deal structure, and AI implementation — one advisor, not a team of generalists.
Schedule a conversation →Health plan liabilities and COBRA obligations
Group health insurance is a diligence area separate from the 401(k) plan but equally important for businesses with 20 or more employees (subject to COBRA) or 50 or more employees (subject to ACA employer mandate). Buyers look at three things: the adequacy of IBNR (incurred but not reported) reserves, historical claims experience and premium trends, and COBRA administration compliance.
Self-insured health plans — more common at companies with 100+ employees — carry a specific liability risk: claims incurred before the closing date but not reported until after closing are the seller's obligation unless the purchase agreement allocates them otherwise. Buyers require an actuary-determined IBNR reserve, and any shortfall in the reserve is a purchase price adjustment item.
COBRA administration failures are a compliance risk even for fully-insured plans. Employers must provide COBRA election notices within 14 days of a qualifying event; failures to provide timely notices expose the employer to $110 per day per qualified beneficiary. For a company with 10 employees who experienced qualifying events over three years without proper COBRA notices, the potential penalty exposure can exceed $200K.
COBRA penalties of $110 per day per qualified beneficiary are strict liability — buyers who find COBRA administration failures in diligence will demand dollar-for-dollar indemnification, not a percentage-of-exposure haircut.
Deferred compensation and Section 409A
Section 409A of the Internal Revenue Code governs nonqualified deferred compensation arrangements, including executive bonus plans, salary deferral arrangements, and certain equity award structures. 409A violations trigger immediate income recognition for the employee plus a 20% excise tax on the deferred amount — and the employer is liable for income tax withholding failures.
The most common 409A issues in middle market businesses: (1) informal bonus arrangements that technically constitute deferred compensation without 409A-compliant payment timing; (2) employment agreements with severance provisions that do not comply with 409A's six-month delay rule for specified employees; (3) equity awards repriced below fair market value; and (4) change-in-control arrangements that trigger payment upon a transaction but have not been structured with 409A-compliant payment elections.
Change-in-control provisions are particularly important in M&A diligence. If the company has a deferred compensation plan, an executive employment agreement, or equity arrangements with change-in-control provisions, those arrangements may trigger immediately upon signing or closing. The aggregate payment obligation must be quantified and disclosed in the purchase agreement.
A $30M revenue services company with two senior executives each holding $300K of accrued deferred compensation under an informal bonus plan faces $600K of payment obligations triggered by the sale, plus potential 409A violations on amounts that were not documented under a compliant plan. Buyers price this as a dollar-for-dollar reduction to the seller's net proceeds.
How to prepare for benefits diligence before a sale process
The most effective preparation is a pre-sale benefits audit conducted 12–18 months before a target transaction date. The audit should cover: 401(k) plan compliance (reviewing the last three years of Form 5500 filings, testing results, and deposit records), health plan compliance (confirming COBRA administration, ACA reporting, and IBNR reserve adequacy), and deferred compensation arrangements (confirming 409A compliance for any nonqualified arrangements).
Engage a Benefits Counsel or TPA for Plan Review
Identify operational failures before buyers do
Commission a 409A Compliance Review
Identify any informal arrangements that trigger 409A
Document COBRA Administration History
Confirm timely notice issuance for all qualifying events
Review Form 5500 Filings for Last 3 Years
Identify late filings, errors, or reportable events
Quantify Change-in-Control Obligations
List all agreements with CIC provisions and estimate aggregate cost
Prepare a Benefits Summary Memo
Document plan structure, carriers, compliance status, and corrective actions taken
Sellers who identify and correct benefits issues before entering a sale process control the narrative. IRS and DOL voluntary correction programs are available for most common failures and generally produce lower cost corrections than buyer-demanded adjustments. A seller who discloses corrected failures with documentation is in a stronger position than one who has uncorrected failures discovered during diligence.
Pre-sale benefits audits that identify and correct compliance failures typically cost $10K–$40K in professional fees — a fraction of the purchase price reduction exposure that undisclosed failures create in diligence.
What buyers look for in benefits diligence and how to present it
Sophisticated buyers request a benefits disclosure memo as part of the initial data room, covering all benefit plans, their compliance status, and any known or corrected failures. The memo should include: a list of all benefit plans (with plan documents), the last three Form 5500 filings for the 401(k) plan, confirmation of nondiscrimination testing results for the last three years, COBRA and ACA compliance confirmation, and a summary of all deferred compensation arrangements.
Buyers also look at the quality and tenure of the third-party administrator (TPA) for the 401(k) plan. A plan that has had three TPAs in five years, or that was administered by a regional bank trust department with limited ERISA expertise, will receive more diligence scrutiny. A relationship with a reputable TPA (Voya, Empower, Fidelity, Ascensus) and a dedicated ERISA counsel signals operational rigor.
The goal of benefits diligence preparation is to present a clean, well-documented picture of a business that takes its obligations to employees seriously. Benefits compliance is not just a legal matter — it signals to buyers whether the business has been managed with institutional discipline or with the informal practices common in founder-owned businesses that have not been through institutional oversight before.
Work with Glacier Lake Partners
Get Transaction-Ready
Glacier Lake Partners helps founders identify and remediate benefits liabilities before a sale process begins.
Assess Your Readiness →Research sources
Disclaimer: Financial figures and case studies in this article are illustrative, based on representative middle market assumptions, and are not guarantees of outcome. Statistical references are drawn from cited third-party research; individual transaction and operational results vary based on business characteristics, market conditions, and deal structure. This content is for informational purposes only and does not constitute legal, financial, or investment advice. Consult qualified advisors for guidance specific to your situation.
Explore adjacent topics
