The challenge of ACA compliance

Data on how organizations are managing ACA reporting

The Challenge of ACA Compliance_Hero

The challenge of ACA compliance

Data on how organizations are managing ACA reporting

The Challenge of ACA Compliance_Hero


Despite the challenges that many organizations have with ACA compliance there is relatively little research on the topic. We have worked to fill that gap with focus groups, a survey to learn how organizations are coping with compliance and what they can do to make things easier, as well as data from Trusaic's internal study of penalty responses.

This 2023 survey gathered data from 244 professionals involved in ACA compliance. The quantitative data was complemented with qualitative data from three focus groups which did a deep dive into the practical issues of ACA compliance. Interviews with ACA experts from Trusaic provided additional insight on why compliance can be difficult.

This research provides readers with data on how other organizations are managing ACA compliance and offers insight on how to improve the process.

How Burdensome is ACA Compliance?

It's easy to understand the goals of the Affordable Care Act, however for employers the issue is how burdensome it is to comply with the regulations. Over half of the respondents feel it's somewhat burdensome and another 21% feel it is overly burdensome. Only 27% say it is not burdensome.

The difficulty of compliance varies enormously by the nature of the business of the employer. Employers with only a few eligible workers will find compliance quick and straightforward. Those with large numbers of eligible workers and high turnover face significant difficulties. Special situations, such as dealing with mergers and acquisitions can also create extra complexities that make compliance especially burdensome.

Focus Group Insight:

Feeling overwhelmed

It's not uncommon for HR professionals with particularly demanding ACA compliance issues to say they feel overwhelmed

Focus Group Quote:

A second set of eyes

"There can be a lot of self-doubt as you fill in the submission. It's really helpful to have a second set of eyes to review the data".

The takeaway for professionals who find ACA compliance challenging is that they are not alone, it genuinely is a highly burdensome task for many organizations. This study looks at what causes those burdens and uncovers tactics for reducing the burden.

What is your opinion about the reporting requirements of the Affordable Care Act (ACA)?

The burden of ACA compliance shows up quantitatively in the number of hours it takes to comply. Almost 70% spend more than 80 hours a year on ACA compliance-and it is easy to underestimate the number of hours involved because of the constant checking of data that eats up time all year long.

The point of tracking the hours involved is to provide a basis for deciding if investing in better software or an outsourcing solution makes sense. Any HR professional who is spending more than 80 hours on ACA compliance can make a good case that there will be a positive return on investment from outsourcing. Furthermore, the labor costs involved are not the only reason for outsourcing, an even more compelling reason is to reduce the risk of fines, a topic we explore in depth later in this whitepaper.

Why is Compliance So Hard? What Takes So Much Time?

There is no single reason why compliance is burdensome. The problem arises from the many different activities, respondents reported that the main themes were:

  • Checking the data
  • Software issues
  • Ensuring forms are filled correctly
  • Ensuring changes are accurately documented
  • Managing exceptions
  • Understanding the codes

Enormous amount of double-checking

Due to the need to have very high data accuracy, those responsible for compliance spend a shocking amount of time checking and rechecking data. Some go through every 1095 form themselves to ensure each one is correct.

The figure below shows some of the specific time-consuming activities that respondents highlighted.

What activities take the most time?

Compliance with ACA regulations is relatively easy for organizations with mainly white collar workers or high-wage full-time salaried workers where an offer of health insurance is made right away. It is harder for organizations with lower-paid variable hour workers where there are low levels of participation in the organization's health plan.

In the survey, slightly over half of respondents said compliance is easy or very easy, with the remainder reporting moderately difficult, difficult or very difficult. The takeaway is that for many organizations with a varied and/or low hourly paid workforce, compliance is a difficult process and will require a requisite amount of effort to get right.

How difficult is it to comply with ACA regulations?

Why do so many organizations find compliance difficult or very difficult? There are many challenges, almost every respondent had their own angle on what was making it hard, the common themes were:

  • Lack of clarity of the rules
  • So many elements to track
  • Complicated situations
  • Need to check coding
  • The amount of time
  • The fact that it is done at a very busy time
  • The lack of staff to do it
  • The tight deadline

The number and range of challenges teaches us that there isn't a simple fix for the person responsible for compliance. They need support, along with the right processes and technology, to get the work done correctly and finished in time to submit.

The most common compliance problem is employee misclassification, etc. (see the next figure). Over half the respondents have encountered this problem.

The next most common compliance problems are determining ACA affordability and additional state requirements. Five jurisdictions (California, New Jersey, Rhode Island, Washington D.C., and Massachusetts) have ACA reporting requirements over and above what is required by the federal government.

Which of these potential compliance problems has your organization faced? (Select all that apply).

Short timelines

In some cases, the data needed to complete the ACA submission isn't available until a couple of weeks before the submission is due. The pressure created by this short timeline is exacerbated because it is already at a busy time of year.

At the mercy of the insurance provider for data

"The insurance provider can't get me the data until the end of January which doesn't give me much time".

According to respondents, the root causes of these problems include:

  • Complicated rules and rules that change
  • The amount of tedious work involved
  • The difficulty of getting accurate data
  • Lack of training
  • Poor software

Organizations seeking to reduce the burden of ACA compliance will need to take the time to address these root problems. It's not simply an issue that can be resolved just by working harder or "being more careful." While it is definitely true that not all ACA software is well-designed, it's worth noting that one of the reasons that people cite "poor software" as a problem may be that they are expecting too much from the software. Much depends on the correct processes, a detailed understanding of the complex regulations, and excellent execution. Software alone won't fix organizations' ACA woes.

How Have Organizations Tackled the Compliance Challenge?

As shown in the figure below, the three most common approaches for ensuring ACA compliance are:

  • Included with payroll
  • In-house ACA compliance team
  • Outsourced to ACA compliance vendor

Note that these are not mutually exclusive, it's common for organizations to outsource compliance but still have an in-house team.

Lack of answers on coding

"No one in the government is available to answer questions. We have a consultant but they can't answer our questions either. There is no one you can call to check which code is correct."

It's lonely work

In many cases, there is only one person in the organization handling ACA compliance. This puts a lot of stress on that individual to manage that workload and do so without making any mistakes.

What has been your approach to ensuring ACA compliance? (Select all that apply)

The two actions that have most commonly been successful are developing a dedicated internal team and outsourcing to ACA compliance experts (see the figure below). It is likely that what makes these the preferred solutions is that if done well, they address two major challenges of compliance: knowing exactly what to do in all situations and being able to execute flawlessly.

What actions have helped your organization manage ACA compliance? (Select all that apply).

What Support is Available from Vendors?

The ACA support organizations get from most vendors is underwhelming. Fewer than half offer designated support for verifying ACA accuracy, which is one of the biggest burdens organizations face. Only 41% support organizations when they are in a dispute with the IRS which is their greatest time of need.

The takeaway for organizations is that when choosing a vendor it is important to check the scope of services they offer. Given the difficulties many organizations face with ACA compliance, they will want a vendor who offers excellent support across the full range of services. In particular, focus groups participants expressed how much they appreciate being able to get the answers they need from a vendor's subject matter experts.

If your organization receives help from a vendor, what services do they offer?
(Select all that apply)

Are Most Organizations Compliant? How Many Get Letters from the IRS?

Despite the burden and challenges, over three quarters of respondents are confident or very confident (i.e., at least an 8 out of 10) that they are 100% ACA compliant. The fact that these organizations feel confident, likely reflects the amount of effort they put in and that amount of effort is probably due to the fear of penalties.

There is a caveat to this otherwise positive finding. One in four respondents say they have been audited by the IRS for potential ACA non-compliance. Eighty percent of those respondents who got a letter from the IRS had been confident or very confident they were compliant (i.e., rating 8 or above out of 10). In our experience, many organizations who receive a penalty letter are very surprised to discover they were not fully compliant.

One in four respondents say they have been audited by the IRS for potential ACA non-compliance.

The most common letter respondents received from the IRS was the "Warning letter for failure to file ACA Information." The second most common was "Warning letter for ACA non-compliance." Less common were warning letters for "ACA penalty letter for failure to file" and "ACA penalty letter for non-compliance".

Technology issues

ACA reporting is based on data and data comes from technology. Several focus group members mentioned that the technology they had was ill-suited to deliver the information they needed to determine ACA compliance.


"When you make an acquisition, you don't necessarily know what ACA data that organization filed with the IRS. If the data you file is different, then it could trigger an audit."

The HR professionals responsible for ACA compliance should be alert to the risk of overconfidence. Your organization may be at more risk than you suspect.

I am confident our organization is 100% ACA compliant.

The Risk of Penalties is Real

Among the respondents to this survey, about 70% of the fines are over $50,000 and in rare cases over $1 million. Fortunately most respondents, almost three-quarters, appealed the fine and of those over 36% had it reduced by at least 50%.

Trusaic has gathered a substantial amount of data on ACA penalties from 2015-2020 (more recent data is not yet available since it takes the IRS a couple of years to process ACA penalties). While this data is not complete, it only covers the cases Trusaic was aware of, and may be skewed by the type of employers that have worked with Trusaic, we believe it is the best source of information available. Based on this set of data, we observed the following:

Industries most likely to receive ACA penalty letters:

1. Agriculture, Forestry, Fishing and Hunting

2. Accommodation and Food Services

3. Educational Services

4. Health Care and Social Assistance

Industries least likely to receive ACA penalty letters:

1. Real Estate and Rental and Leasing

2. Transportation and Warehousing

3. Manufacturing

These differences are likely driven by a number of factors. First there is simply the number of variable hour workers where tracking who is eligible is a challenge. If there are many low-wage workers then issues around affordability and workers turning down offers of insurance arise. All the problems are magnified if there is high turn-over. In industries like fast food, a person may be hired, quit and rehired, all in the space of a couple of months. Yet another issue is the states in which an organization operates. Five states (California, New Jersey, Rhode Island, Washington D.C., and Massachusetts) currently have ACA employer reporting requirements over and above what is required by the federal government. Organizations operating in those states face more burdensome compliance requirements and hence more opportunities for mistakes to occur. Those responsible for ACA compliance need to be aware that other states, including Connecticut, Hawaii, Maryland, Minnesota, and Vermont, are considering adding state level ACA regulations.

HR can do a back of the envelope risk assessment based on the nature of their workforce so that they can estimate the resources they need to ensure compliance.

The Trusaic data showed that employer size also had an effect on the likelihood of receiving a penalty letter

  • Employers with 500+ employees are almost six times more likely to get letters than 100-499 firms.
  • Employers with less than 100 employees were roughly half as likely to get a penalty letter as those with 100-499.

This discrepancy probably reflects the fact that having more employees creates more opportunities for error. However, it is very important that smaller firms do not think they can fly under the radar. The IRS has an automated process that will pick out any cases where a discrepancy is flagged. All organizations required to comply with ACA need to take the compliance process seriously.

You can never relax

"You don't know if a penalty from past years is just waiting around the corner."

There is no way to get clear answers

There can be a lot of complexity around various aspects of ACA such as coding. There is no easy way to get clear answers on how to handle these difficult cases.

The Trusaic data on appealing fines is encouraging. In the cases that Trusaic intervened, penalties were completely eliminated for 43% of cases or significantly reduced for another 30% of the cases. Significantly, for those reduced cases, the median amount of the final penalty in these cases was $1,040, that's a 99% reduction on the original median amount.

The Trusaic data also provides insight on the root cause of error and hence where organizations need to be particularly careful (see the next figure).

Root cause of ACA reporting errors

Root Cause20152016201720182019
1094-C error73%47%36%60%34%
1095-C coding error6%16%23%24%38%
Incorrect full-time count3%13%23%5%6%

From 2015 through 2018 the most common root cause was an error on the 1094-C form. In many cases, the 1094-C error arose simply from choosing the wrong check box for the statement: "I offered MEC to at least 95% of my full time staff for the applicable year (Yes/No)." The form did not spell out that MEC stood for minimum essential coverage, which could lead to a misunderstanding. Entering "no" or failing to check either box will automatically lead the IRS to issue a penalty letter. Worse, some software packages would default to the wrong answer and if HR did not catch this then the IRS would automatically flag their form.

Form 1095-C coding errors as a proportion of all (simplified) root causes has been rising throughout the years 2015 to 2019. For the first time, in 2019, 1095-C errors were more frequent than 1094-C errors. Form 1095-C is a disclosure on whether the organization has offered an employee health insurance. If that employee goes to an exchange to get insurance, regardless of whether the employee had an offer of coverage from the employer, and then claims a Premium Tax Credit when they file their income tax, the IRS will automatically check to see what the relevant 1095-C says. If there is a discrepancy, then the IRS may send a penalty letter to the organization.

Fear of high penalties

The person leading ACA compliance is under extra stress because innocent errors can still lead to high penalties.

In a white collar workforce where everyone is offered health insurance, forms like the 1095-B and 1095-C rarely lead to problems. However, as previously mentioned, when the workforce has variable hours then complications quickly add up. It is even worse when the workforce is dispersed because it can be very difficult to get them to fill in an acknowledgement that they were offered insurance. It's common for workers in the field to have little interest in logging into the HR website (and they may not even remember their password) simply to confirm that-as they have done year after year-they are turning down the insurance.

The important takeaway is that in many industries, complying with ACA is a difficult and time-consuming task. Errors often occur despite the time and effort HR puts into the compliance process. Leaders may have a poor understanding of the complexities and hence fail to provide HR with the resources they need to minimize the risk of high penalties.

If all that is not enough to grab the attention of leadership, then HR should point out that the cap at 400% of the poverty level has been removed, which makes 3 million more workers eligible. Similarly, the former 9.5% cap for affordability has been reduced to 8.5%, meaning that employers cannot impose more than 8.5% of the employee's pay to satisfy the affordability safe-harbor requirement under the ACA. Furthermore, the various state individual mandates will drive more people to the exchanges. This is not the time for employers to expect HR to handle ACA compliance without adequate time and resources.

The End of IRS 'Good Faith' on Penalties

Any discussion on penalties needs to be prefaced with the fact that the last year of IRS 'good faith transition relief' period was 2020. In the good faith period, the IRS recognized that ACA compliance was a new challenge for employers and so was lenient when employers made mistakes in their ACA filings. This lenience is over and employers need to recognize that things they got away with in the past may trigger more severe penalties in the future.

Even in the period of good faith, penalties were significant. To be clear, good faith could have only mitigated against late, inaccurate or incomplete filings, it would not have helped with regard to penalties resulting in errors by HR in failing to offer affordable, minimum essential coverage to full-time employees.

What Will Make ACA Compliance Easier and Less Error Prone?

The insights from the survey and focus groups should give HR professionals a sense of comfort that they are not alone in finding ACA compliance both challenging and burdensome. However, the critical question is what we can do to make ACA compliance easier and more effective. This research provided some answers.

The data, as shown in the next figure, reveals that the most common approaches to ACA compliance in the future are relying on an in-house ACA compliance team (57%) and outsourcing to ACA compliance experts (40%). There is no question that organizations facing complex ACA situations need to have a deep level of expertise and these two methods are ways to achieve that.

The most important lessons from the data are:

  • Companies are far less likely to rely on payroll, 51% are currently using this approach but only 28% want to use it in the future.
  • Companies are more likely to outsource to ACA compliance experts, 32% are currently using this approach, but 40% want to use it in the future.
  • Companies are more likely to use an in-house ACA compliance team, 44% are currently using this approach, but 57% want to use it in the future.

What will be your organization's approach to compliance in the future? (Select all that apply)

HR professionals also provided a wide range of specific advice about how to approach ACA compliance, their insights included:

  • Appeal to legislators for common sense rules and reporting that will actually be used.
  • Be sure you fully understand the requirements and don't rely on your payroll company for compliance knowledge.
  • Check for changes monthly.
  • Get software and experts to help and track 100% if you can.
  • Make sure your data is accurate.
  • Outsource!
  • Take your time, be careful and start early in the year compiling your monthly hours per employee.
  • Use a software provider that will file on your company's behalf.
  • Network, speak with legal counsel and Workday is helpful.

This advice from HR professionals can be summarized as "be especially systematic and careful in your compliance work" and "get the support such as experts, software and outsourcing that you need."


With respect to ACA compliance, the first step for any HR department is to make a rough assessment of the scale of challenge they face. In organizations with a well-paid white collar workforce ACA compliance may be relatively simple. Other organizations, particularly those with many lower paid, variable hour workers are likely to face a serious challenge.

For organizations facing a complex compliance situation the common problems are:

  • The rules are complex and it is hard to get answers.
  • It's difficult to collect accurate data.
  • Managers and employee may not be as cooperative as HR would like in maintaining compliance.
  • Even when the rules are clear and the data is accurate the volume of work is burdensome.
  • The time between when HR gets the final data and the time it needs to submit reports to the IRS can be tight.
  • The penalties for making a mistake can be severe and the risk of being penalized is greater than in year's past due to the end of the good faith transition period.

This leads to the conclusion that, for many organizations, ACA compliance is both so important and so difficult that HR needs leadership support to get the systems and resources it needs. Hence, the challenge for HR is to determine what they need and then make it clear to leaders why it is so important that those needs are met.

It's unlikely that leaders will have a good understanding of the nuances of ACA compliance, so it is not surprising that they underestimate what is required. We hope the data in this report provides evidence HR can use to get the resources it needs to take the stress and risk out of ACA compliance.

Overwhelmed by ACA compliance? We can help.