1.4 Payroll Records, Confidentiality, and Retention

Records prove the payroll story

Payroll records are the evidence behind every paycheck. They show who worked, what was earned, what taxes and deductions applied, when wages were paid, what was remitted, and how the employer responded to corrections or notices. For the FPC, recordkeeping is both a compliance topic and a control topic. A calculation may be correct on payday, but if the organization cannot later prove the hours, rate, tax setup, deduction authorization, deposit, or correction, the payroll process is weak.

DOL and IRS rules overlap but are not identical. DOL wage-hour rules focus on wages, hours, pay basis, and FLSA support. IRS employment tax rules focus on wage payments, withholding certificates, tax deposits, returns, employee identifying information, fringe benefits, reimbursements, and other employment tax support. Payroll must satisfy the longest applicable period and any additional state, local, benefit-plan, litigation, or company-policy requirement.

DOL FLSA recordkeeping basics

DOL Fact Sheet #21 says covered employers must keep accurate records for nonexempt workers. It also says the FLSA does not require one particular form of record, which means a timekeeping system, spreadsheet, paper log, or electronic workflow may work if it is complete and accurate.

Key FLSA payroll records include:

DOL's retention periods are high-yield: at least three years for payroll records, collective bargaining agreements, and sales and purchase records, and at least two years for wage-computation support such as time cards, piece-work tickets, wage-rate tables, schedules, and records of wage additions or deductions.

IRS employment tax retention

IRS Publication 15 says employers must keep employment tax records for at least four years and make them available for IRS review. The listed records include the employer identification number, amounts and dates of wage payments, employee tips, in-kind wage values, employee names, addresses, Social Security numbers and occupations, employment dates, withholding certificates such as Forms W-4, deposit dates and EFTPS acknowledgment numbers, filed returns and confirmation numbers, fringe benefit records, and expense reimbursement substantiation.

A practical payroll retention matrix looks like this:

Confidentiality and access

Payroll records contain high-risk data: Social Security numbers, birth dates, addresses, bank accounts, tax elections, garnishment orders, child support information, medical leave indicators, benefit elections, wage rates, bonuses, disciplinary deductions, and audit findings. Confidentiality is not just politeness. It reduces identity theft risk, wage privacy problems, retaliation risk, and control failures.

Good confidentiality practice includes least-privilege access, unique user IDs, multifactor authentication for sensitive systems, approval for report exports, secure transmission to banks and vendors, retention schedules, destruction procedures, and audit logs. Emailing a spreadsheet of employee SSNs to a personal account is a control failure even if no one changed pay. Storing payroll reports on an open shared drive is weak because people outside the need-to-know group can view compensation and banking data.

Electronic records

Electronic records are acceptable when they remain trustworthy. The FPC-level standard is practical: can the employer retrieve the record quickly, read it without special lost software, prove it was not altered improperly, and connect it to the payroll action? A scanned garnishment order without the remittance history is incomplete support. A timekeeping export without approval evidence may prove punches but not approval. A bank file without funding confirmation may prove intent but not completion.

Payroll example

A former employee files a wage claim 18 months after termination, saying overtime was unpaid. Payroll should be able to retrieve workweeks, daily and weekly hours, pay basis, regular rate, overtime earnings, deductions, total wages, pay dates, and source approvals. If the employer kept only net-pay direct deposit confirmations, it can prove money moved but not that overtime was calculated correctly. The missing wage-computation records are the weakness.

Compliance traps

• Retention trap: Keeping IRS records four years does not erase DOL's separate wage-hour categories, and keeping DOL records three years may not satisfy IRS employment tax retention.
• Format trap: DOL does not require a specific timekeeping form, but the record still must be complete and accurate.
• Access trap: A report is not safer because it is electronic. Access, encryption, audit logs, and secure disposal matter.
• Legal-hold trap: A normal retention schedule should pause when litigation, agency inquiry, audit, or internal investigation requires preservation.

Exam approach

When an FPC item asks what to keep, identify the purpose first. Hours and overtime support point to DOL records. Withholding certificates, tax deposits, and returns point to IRS employment tax records. Pay changes, direct deposit, garnishments, benefits, and bonuses point to source authorization and confidentiality. If the question asks how long, choose the longest applicable rule in the fact pattern and do not destroy records under an ordinary schedule when a dispute is active.

The best payroll answer protects three things at once: the employee's pay rights, the employer's ability to prove compliance, and the confidentiality of sensitive payroll information.