Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Employee Plans Master File (EPMF)

 

Privacy Impact Assessment – Employee Plans Master File (EPMF)

EPMF System Overview 

EPMF is a master file housed in ECC-Martinsburg that contains information on the size, funding, operations, and other characteristics of employee benefit plans.  The Employee Retirement Income Security Act of 1974 (ERISA) requires that certain employee benefit plans submit this information to the Government every year on 5500-series forms.

Accounts on the EPMF are identified by Employer Identification Numbers (EINs); plans are identified by a combination of EIN and Plan Number.  Batch processing updates the EPMF weekly, although some processing is performed daily (Employee Plans Master File Pre-Posting), and some is real-time (Employee Plans Master File Online).  All return data and related information pertaining to employee benefit plans are posted to EPMF so that the file reflects a continuously updated and current record of each plan sponsor’s account.  All data therein is used for answering inquiries, classifying returns for audit, preparing reports and other matter concerned with the processing and enforcement activities of the IRS.

Each plan sponsor account has an entity function and optionally one or more plan functions.  Each plan has optionally one or more tax module functions.  The entity function contains data that describes the plan sponsor as an entity and that applies to all records of the plan sponsor.  This entity function contains groups of data including name, address, etc.  Each plan function contains data that describes the plan and that applies to all records of the plan.  This plan function contains groups of data including plan name, plan effective date, plan administrator, and plan determination information from the Employee Plans-Exempt Organizations Determination System (EDS).  Each tax function contains groups of data including total assets, number of plan participants, record of examination, and information relating to a specific plan period.  In addition, the return transaction function contains the entire 5500-series return.

System of Records Number  

Treasury/IRS 50.222 Tax Exempt/Government Entities (TE/GE) Case Management Records

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A.    Plan Sponsors: EPMF contains data identifying the Plan Sponsor / Employer, including:
* Employer Identification Number (EIN)
* Plan Sponsor (Business) Legal Name and “Doing Business As” Name
* Plan Sponsor (Business) Address

EPMF contains data identifying the employee benefit plan, including:
* Plan Number
* Plan Name
* Plan Effective Date
* Plan Administrator EIN
* Plan Administrator Name
* Plan Administrator Address
* Plan application information from 5300-series Pension Plan Applications
* Plan determination information
* Plan termination information

EPMF contains data related to a specific plan year, including:
* Characteristics of the plan from 5500-series returns, including total assets and number of participants
* Information about proposed penalties for late or incomplete 5500-series returns
* Information about a filer’s participation in the Department of Labor’s Delinquent Filer Voluntary Compliance (DFVC) program
* Excise tax information from Form 5330
* Record of examination
* Record of delinquency investigation
* Record of denied request for extension of time to file
* Record that an authorized representative (power of attorney) is on file with the IRS (although information about the representative is not stored on the EPMF)

Finally, EPMF contains all data from form 5500-series returns, including:
* Plan information from forms 5500 and 5500-EZ and historic forms 5500-C and 5500-R
* Plan insurance information from Form 5500 Schedule A, including the name and EIN of the insurance carrier and coverage information, along with names and addresses of agents, brokers, or other persons to whom commissions or fees were paid.  Schedule A also includes investment and annuity contract information.
* Actuarial information from Form 5500 Schedule B, including the actuary name and actuary enrollment number, along with all actuarial information
* Service provider information from Form 5500 Schedule C, including the names and EINs of service providers along with the names, EINs, addresses, and telephone numbers of terminated accountants and actuaries
* Direct Filing Entity (DFE) and Participating Plan information from 5500 Schedule D including the plan name, sponsor name, and EIN of participating plans
* Employee Stock Ownership Plan (ESOP) information from 5500 Schedule E
* Fringe Benefit Plan information from historic 5500 Schedule F
* Financial Transaction information from 5500 Schedule G, including the names and addresses of organizations transacting certain business with the plan
* Financial information from 5500 Schedules H and I and 5500-EZ, including plan assets, liabilities, income, expenses, and transfers
* Fiduciary of Employee Benefit Trust information from 5500 Schedule P, including the name and address of the custodian, the name of the trust, and the trust’s EIN
* Retirement plan information from 5500 Schedule R, including distribution and funding information
* Information identifying separated participants with deferred vested benefits from 5500 Schedule SSA, including participant Social Security Number (SSN), name, and benefit information
* Qualified pension plan coverage information from 5500 Schedule T

All information from 5500-series returns is public information except information from Schedule B (when attached to a 5500-EZ), Schedule E, Schedule F, and Schedule SSA.

B.       The only employees who have direct access to the EPMF are developers.  Other employees access the EPMF through systems such as IDRS, CFOL, and RICS.  These systems are granted access to the EPMF, not individual employees.  Employee information is stored as part of these other systems; it’s not stored in the EPMF (i.e., outside of the scope of the EPMF application).

C.       No Audit Trail for EPMF:  As explained in B above, the only employees who have direct access to the EPMF are developers.  Other employees access the EPMF through systems such as IDRS, CFOL, and RICS.  These systems are granted access to the EPMF, not individual employees.  Audit trail information is stored as part of these other systems; it’s not stored in the EPMF. 

D.    N/A.  Employees do not have direct access to the EPMF.  Most employees access the EPMF through IDRS command codes, and most IDRS command codes access a copy of a subset of the EPMF which is extracted each week through a batch run.  Other employees access the EPMF through AIMS which also includes information extracted from the EPMF.  Users of IDRS CFOL command codes ERTVU and EMFOL have direct read-only access the EPMF, as do RICS users.  Audit trail information for all of these accesses, including log-in information, is maintained by the individual systems (IDRS, which includes CFOL; AIMS; and RICS).

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A.    All data on the EPMF, except certain enforcement information, comes from other IRS systems, and most of this data originates from plan sponsors. (See answers in Sections 2B-2F for data from other sources.) For example, Form 5330 excise tax information originates with the plan sponsor but is passed to the EPMF from the BMF.  Plan application information originates with the plan sponsor but is passed to the EPMF from the Employee Plans-Exempt Organizations Determination System (EDS).  Enforcement information identifying plan sponsors who should have filed returns but did not (delinquency investigation) comes directly from IRS’s EPMF.

The enforcement information is information identifying plan sponsors who should have filed returns but did not.  The following is additional information about this enforcement process: 
At a given point in time, currently about 15 months after a return is due, analysis is done to determine if a return should have been filed but was not.  If a return was not filed, this is noted on the EPMF (by a transaction with transaction code 141) and IDRS, and IDRS sends a CP403 notice asking the filer for the return.  If the return is not filed, a follow-up CP406 notice is sent.

A record that an examination has started is also stored on the EPMF.  This information originates with the RICS and AIMS systems, and the PIAs for these systems should have additional information.

B.    Most data on the EPMF, except certain enforcement information, comes directly from the plan sponsor on Form 5500-series returns (through a system operated by the Department of Labor).  Additional data comes from the plan sponsor on 5300-series employee plan applications, Form 5330, and plan sponsor correspondence.

C.    IRS employees provide information when an examination is closed.  IRS employees analyze correspondence from plan sponsor, make determinations based on this correspondence, and provide information about whether a penalty should be assessed.

The systems which provide information to the EPMF are responsible for maintaining information about who makes changes and why changes are made.  For example, AIMS maintains information about an examination and sends status updates with minimal information to the EPMF (return selected for examination, examination started, and examination closed).  No employee information is stored with any of these transactions on the EPMF.

D.    The Department of Labor operates the ERISA Filing Acceptance System (EFAST) for processing Form 5500-series returns and sends data captured from these returns to the EPMF (although all data originates with the plan sponsor or plan administrator).  The Department of Labor also sends information about participation in the Delinquent Filer Voluntary Compliance (DFVC) program.  The United States Postal Service (USPS) provides Plan Sponsor address change information

The IRS has an Interagency Agreement with the Department of Labor renewed and re-signed on 07/01/2005.  The IRS also has an Interagency Agreement with the U.S. Postal Service.

E.    N/A

F.    The data is reported by the Plan Administrator (i.e., third party) on various returns and schedules.  After the initial filing of the return, any changes or updates to the Plan information, whether initiated by the Plan Administrator or the IRS, are submitted as a transaction to post to the EPMF Master File so that the file reflects a continuously updated and current record of each Plan’s information.  Nothing is posted other than what is on the form submitted by the Plan Administrator.  There is no data from other sources.

3.  Is each data item required for the business purpose of the system?  Explain.

Yes. The name, EIN, and addresses of the Sponsor and Plan Administrator are required to identify the Plan’s account. The characteristics and financial statement information are required to determine eligibility for tax-exempt status, and maintain a record of how these requirements are met.

4. How will each data item be verified for accuracy, timeliness, and completeness?

EPMF is unique in that the pre-processing of the IRS forms is performed by another Government entity, the Department of Labor.  Under the Department of Labor’s ERISA Filing Acceptance System (EFAST), plan sponsors or plan administrators submit Form 5500-series returns, either on paper or electronically, directly to the EFAST vendor’s processing site.  The EFAST vendor captures data from the returns and performs initial data validation.  This initial validation includes more than 200 tests to ensure the completeness and consistency of data supplied on the forms, up to two rounds of correspondence with the filer to correct any errors, and extensive entity validation to ensure that the EINs and plan numbers are correct. 

1. The EFAST Interagency Agreement (IAA) TIRNO-00-M-00030 between IRS and DOL was renewed July 1, 2005.  The IAA provides IRS with Form 5500 filing data from DOL through the DOL EFAST contract with NCS Pearson (U.S. Department of Labor Contract No. J-9-P-8-0037) for receipt and processing of Form 5500 returns.  The EFAST security requirements are covered under the IRS-DOL IAA and the DOL-NCSP contract:

Section C, Requirements, Table C.2.a of this contract states that the EFAST system must meet the security requirements of OMB Circular A-130, Appendix III.  The EFAST system has been evaluated and certified that it meets these requirements.  The latest certification was obtained May 2005.

2. The data is shipped each week on CD to ECC-MEM for posting to the EPMF.

3. As described in the NCSP document:  EFAST Computer Security Plan, Deliverable #298-1, Section 3.2.1 – Physical Access Controls:

All areas containing EFAST material are designated as EFAST-restricted access areas.  Under the Minimum Protection Standards (MPS), all material containing SBU information is protected by at least two barriers.  Some areas, because they contain equipment and material critical to this project, are designated as high-security areas.  These areas are enclosed within a secured perimeter in addition to the external secured perimeter. These areas are:

* Communication and Computer server room(s)
* Data file storage area
* Form storage area
* On-site tape library
* Telephone closet
* Power supply
* Software Development Area

The NCS Pearson facilities use the HID Access Control Security System to control access to its buildings, the restricted EFAST operating area and the secured interior areas such as the storage area and the communication rooms.  This system also provides access control to selected exterior doors such as the loading dock area and the mailroom. There is 7-day, 24-hour guard protection for the premises.

The Safeguard Review was done in December 9-11, 2003 and the report was issued in May 2004 with the TEGE response in August 2004.  All recommendations were addressed and closed.

Contractors do not have access to the EPMF.

Another layer of validation is done when the returns reach the EPMF, where returns can either be rejected and not processed (for severe errors that might cause IRS systems to crash, like an unexpected record format) or sent to the Generalized Unpostable Framework (GUF) system for manual review and correction (for errors that might result in inaccuracies on the EPMF, like a return transaction where the EIN exists on the EPMF but the sponsor name on the return appears to be different than the sponsor name on the EPMF, indicating a possible EIN problem).  GUF users research possible errors using tools like IDRS command codes ERTVU (to view the complete return) and EMFOL (to view the entire EPMF account).

Non-EFAST transactions are validated by the systems that generate them (IDRS, AIMS, etc.).  Non-EFAST transactions are also subjected to another layer of validation when they reach the EPMF, with errors corrected through the GUF.

Once return data is in the system, it can only be changed when a filer (the plan administrator) submits an amended return through EFAST.  The EPMF can be updated only by custom code tightly controlled by MCC Mainframe Administrators. 

Adjustments, whether originated by IRS or the Plan Administrator are input through the Integrated Data Retrieval System (IDRS) and transmitted for posting to the master file.  If the data is accurate when it is originally added to the system, it will remain accurate.  Technical methods ensure that the data remains unchanged throughout its life on the system.  Batch processing is performed weekly.

The timeliness and completeness of a filer’s submission is checked when a return posts to the EPMF.  If the return is late, or if certain critical information is missing, a notice of proposed penalty is mailed to the plan sponsor.

The timeliness of EFAST processing is monitored weekly using an EPMF-generated report.

5. Is there another source for the data.  No. 

6. Generally, how will data be retrieved by the user? 

EPMF data is not directly accessible by users. 

Data is extracted on a weekly basis for generating reports, loading into other IRS systems, and transmitting to DOL.  The IRS-DOL Interagency Agreement was signed on 07/01/2005.

IRS employees with a “need to know” can access a copy of the data posted to the EPMF using the IDRS command code Employee Plan Master File Online (EMFOL).  

Employees do not have direct access to the EPMF.  Most employees access the EPMF through IDRS command codes, and most IDRS command codes access a copy of a subset of the EPMF which is extracted each week through a batch run.  Other employees access the EPMF through AIMS which also includes information extracted from the EPMF.  Users of IDRS CFOL command codes ERTVU and EMFOL have direct read-only access the EPMF, as do RICS users; access is controlled by IDRS and RICS. 

Data is extracted each week for EFAST in accordance with the IRS-DOL Interagency Agreement signed on 07/01/2005.

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

Yes, data is retrieved by the name (i.e., employer or sponsor name) and EIN (i.e., Employer Identification Number) of the Plan Sponsor or Administrator.  The Sponsor is a company, business, etc.  The Plan Administrator is often a company that provides this service, but some plans are administered internally by a business.  In these cases, the business that has responsibility for the Plan must apply for a unique EIN for the Plan Sponsor or Administrator.  This is used for reporting purposes of the Plan and is not related to that Plan Sponsor or Administrator’s own tax return.

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

Authorized users, managers, and System Administrators will have access to the data.  Actual access to the data by a System Administrator is rare but unavoidable, and would be mission related.

Most EPMF data is available through the IRS to the public for a nominal fee.  The Form 5500 Series is not only an important compliance and research tool for the Department of Labor, but is also required to be disclosed (on request) to Plan participants and beneficiaries.  Also, the Form 5500 series is an important source of information and data for use by other Federal agencies, Congress, and the private sector in assessing employee benefit, tax, and economic trends and policies.   Individuals are not identified. 

The Form 5500 Series is part of ERISA's overall reporting and disclosure framework. This is intended to assure that employee benefit plans are operated and managed in accordance with certain prescribed standards and that participants and beneficiaries, as well as regulators, are provided or have access to sufficient information to protect the rights and benefits of participants and beneficiaries under employee benefit plans. Individuals are not identified in these disclosures and reports.

9. How is access to the data by a user determined and by whom? 

Data access is granted on a “need to know” basis.  The OL5081 (Online 5081) is used to document access requests, modifications, and terminations for all types of users, including System Administrators.  When a new user needs access to IRS systems or applications, the user’s manager or designated official, completes an OL5081 requesting access for the new user.  OL5081 is an online form, which includes information, such as the name of the system or application, type of access, and the manager’s signature approving authorization of access.  The completed OL5081 is submitted to the Security or User Administrator, who assigns a user ID and an initial password.  Before access is granted, the user is required to digitally sign OL5081 acknowledging his/her security responsibilities when using the system.

Profiles for users are determined according to access rights granted when the user creates an OL5081 request.  The profiles are controlled by pre-set tables.  These tables may be changed only by a programmer with a Change Request from a Security Manager.  Users are prevented from exceeding their assigned access privileges. 

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.

Yes.  Most input is received from DOL; however, IRS does have the ability to input F 5300 Series Pension Plan Application data through Employee Plans-Exempt Organizations Determination System (EDS). Adjustments to accounts are input through the Integrated Data Retrieval System (IDRS). Both input sources are processed by the Generalized Mainline Framework (GMF) which provides the data to the EPMF processing system.

Any input (initial or subsequent) which is unable to post to the master file for any reason, is returned to the originating system via the Generalized Unpostable Framework (GUF) for correction.  Unpostables can vary in severity. If severe, the master file processing dumps the input and asks for it to be re-entered.  If it is minor, the system keeps the data that was input and asks for a correction to be entered via IDRS.

Posted data is replicated for use in other IRS processing systems. The entire EPMF is replicated for Corporate Files On-line (CFOL), which provides on-line read-only access for authorized IRS employees.  MFTRA processing accesses the EPMF directly. Other systems that receive EPMF data do not access the EPMF directly but receive a file generated by EPMF OUTPUTS. These include IDRS, Audit Information Management System (AIMS) and reports.

Excise tax information from Form 5330, including sponsor information, filer information, excise tax abstract number, and excise tax amount, is received from the Business Master File (BMF).

All EPMF data is shared directly with the Returns Inventory Classification System (RICS).  RICS provides users with the ability to query any part of the EPMF, including all return elements, and allows users to print facsimiles of returns or select returns for examination.

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?

Certification and Accreditation (C&A): 

The following systems hold a current Certification and Accreditation in the Mission Assurance Master Inventory:
* IDRS
* BMF
* RICS

The following systems do not have a current Certification and Accreditation in the Mission Assurance Master Inventory:
* EDS
* GMF
* GUF
* CFOL

Privacy Impact Assessment (PIA): 
The following systems hold a current Privacy Impact Assessment in the Office of Privacy Inventory:
* BMF   (will expire 8/22/06)
* GMF  (will expire  8/31/07)
* IDRS  (will expire  7/27/08)
* CFOL  (within IDRS)

The following systems do not have a current Privacy Impact Assessment in the Office of Privacy Inventory:
* RICS  (expired 9/29/05)
* EDS   ( expired 4/3/04)
* GUF  (PIA is not required of the GUF process)

12.  Will other agencies provide, receive, or share data in any form with this system?

Yes.  The forms are submitted by the Plan Administrator to the Department of Labor (Employee Benefits Security Administration) for initial processing.  Then, pertinent data is electronically distributed to the Internal Revenue Service, the Social Security Administration, and the Pension Benefit Guaranty Corporation.  Each agency only receives the information they are entitled to receive. 

Most EPMF data is available through the IRS to the public for a nominal fee.  The Form 5500 Series is not only an important compliance and research tool for the Department of Labor, but is also required to be disclosed on request to Plan participants and beneficiaries.  Also, the Form 5500 series is an important source of information and data for use by other Federal agencies, Congress, and the private sector in assessing employee benefit, tax, and economic trends and policies.   Individuals are not identified. 

The Form 5500 Series is part of ERISA's overall reporting and disclosure framework.  This is intended to assure that employee benefit plans are operated and managed in accordance with certain prescribed standards and that participants and beneficiaries, as well as regulators are provided or have access to sufficient information to protect the rights and benefits of participants and beneficiaries under employee benefit plans. Individuals are not identified in these disclosures and reports.

EPMF sends Sponsor and Plan information, including new EIN assignments, EIN and plan number changes, name and address changes, and plan terminations, to the Department of Labor’s ERISA Filing Acceptance System (EFAST).  EFAST uses this information while processing 5500-series returns.

EPMF also sends information to the Social Security Administration (SSA).  SSA uses this information to notify retirees who apply for Social Security benefits that they may be entitled to receive benefits from other retirement plans.

Administrative Controls of Data

13.  What are the procedures for eliminating the data at the end of the retention period?

Annual processing (Conversion) updates the EPMF and moves all entities, plans, and tax modules that have had no posting activity for 10 or more years to a recirculating purge file.  This is per published agency guidance, to include IRM 25.6.11 that discusses the statute of limitations for any excise tax assessed on an Employee Plan as set forth in Law Enforcement Manual 11.3.  IRC 6104 relates to the publicity of information as required from certain exempt organizations and certain trusts also cover the EPMF application.  It states that one must always follow the agency and the National Archives and Records Administration (NARA) approved record retention schedules.  However, once IRS receives a FOIA request for the records, they may not be destroyed, even if the records ought to have been destroyed in accordance with applicable record retention schedules (Reg. 601.702(c) (12). As per “Exempt Organizations- Technical Instruction Program for FY 2003.

There does not appear to be any IRC/IRM/LEM reference to the purging of EPMF data.  It is possible this data is in the Problem Resolution Program or Functional Specification Package documentation for the application; however, such a reference would not be binding (i.e., procedural only).

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15. No.

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.

No for individuals.  Form 5500 Schedule SSA includes information identifying separated participants with deferred vested benefits, but this information is only used to ensure that complete Schedules SSA have been filed.  The IRS never contacts individuals included on Schedule SSA.   Groups of Plans can be identified.  Each year, pension, welfare, and fringe benefit Plans generally are required to file an annual return/report regarding their financial condition, investments, and operations.  Filing the Form 5500 Annual Return/Report of Employee Benefit Plan and any required attachments typically satisfies the annual reporting requirement.  The Department of Labor, Internal Revenue Service, and the Pension Benefit Guaranty Corporation jointly developed the Form 5500 series so employee benefit plans could utilize the Form 5500 to satisfy annual reporting requirements under Title I and Title IV of ERISA (Employee Retirement Income Security Act) and under the Internal Revenue Code.

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.

No for individuals.  Form 5500 Schedule SSA includes information identifying separated participants with deferred vested benefits, but this information is only  used to ensure that complete Schedules SSA have been filed.  The IRS never monitors individuals included on Schedule SSA.  Groups of Plans can be identified.  This data is used to ensure compliance with the requirements of ERISA.  The establishment and administration of an employee Plan under this statute is a matter of public record.

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.

No.  The master file data identifies the Plans only by the Sponsor and Administrator EIN’s. Individuals are not included in these records.  While the Plans may be differentiated, individuals are not.

The EPMF treats all sponsors of plans with similar characteristics the same way.  For example, if the IRS is performing taxpayer delinquency investigations on Form 5500 filers, all Form 5500 filers who should have filed a 5500 return but did not, will receive a letter.

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?

Yes.  The EPMF includes transactions that record correspondence with the Plan Administrator regarding compliance with the ERISA reporting requirements.

For example, if a 5500-series return is late, a CP213 notice is sent to the plan sponsor explaining that a penalty will be assessed unless a reasonable explanation for filing late is provided.  If the filer provides a reasonable explanation, a transaction with a specific action code is added to the EPMF to prevent the penalty from being assessed.

As another example, if IRS sends a delinquency notice to a filer because the return has not posted to the EPMF, and if the filer responds with a copy of the filing that was submitted to EFAST that has not yet posted to the EPMF, a transaction is added to the EPMF to prevent further actions.

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?

No.  EPMF is not a web-based system.
 


Page Last Reviewed or Updated: March 08, 2006