How does separation of duties in accounting may help the organization to preserve internal control?

May 18, 2022

By Karla K. Jimenez, CPA, Director, Managed Accounting Services

After two years in pandemic mode, the world is starting to return to normal — although the new normal looks and feels different than it did in 2020. As rush hour returns, businesses welcome workers back to the office, and in-person events resume, leaders across industries are facing a few common challenges. Aside from the overall staffing shortage and challenge to fill open positions, many companies are also struggling with internal controls that lapsed during the last two years.

Responding to employee demands, many organizations have adopted a hybrid or flexible work environment. These working arrangements add complexities and challenges to the organization’s internal controls. As a result, leaders are forced to spend time adjusting internal control procedures and determining what needs to be updated, all while they struggle to hire and retain talents to fill vacant positions. These leaders should focus first on segregation of duties, which is one of the basic risk management and internal control principles.

For internal controls to be effective, there must be an adequate division of responsibilities between the individuals who handle assets and those who perform control activities or accounting procedures. But in an industry with a limited number of employees, it may not always be possible to achieve proper segregation of duties. In those cases, appropriate compensating controls must be established to reduce the risk of an existing or potential control weakness. There are general industry guidelines indicating which positions should be separated and which require compensating controls when they are combined. Each organization must thoroughly analyze business processes and make choices about detecting and resolving potential conflicts.

In general, the principal incompatible duties to be segregated are:

• The custody of assets;
• The authorization or approval of related transactions affecting those assets; and
• The recording or reporting of related transactions.

For example, the person responsible for opening and logging the mail should not also be responsible for depositing the check, recording the transaction in the accounting system, or reconciling the bank accounts. This reduces the risk that checks will be removed from the company and deposited into a personal bank account.

Likewise, the person responsible for receiving customer payments should not be able to create credit memos to customers. This reduces the risk that an employee will divert an incoming payment from a customer and cover the theft with a matching credit to that customer’s account.

Most nonprofits have small accounting departments, which means there are not a lot of options to segregate key functions in the first place. As a result, nonprofits are considering how technology can help streamline processes amid limited resources. Many organizations have already automated the accounts payable process and moved to electronic payments versus cutting checks. There is also a shift to cloud-based software solutions and storage to accommodate an increasingly remote workforce. Integrating technology in accounting processes can help with segregation of duties.

Another important consideration is whether to outsource certain positions. For most nonprofits, outsourcing makes sense because most finance and accounting functions do not necessarily require full-time employees, particularly when it comes to more skilled, higher-level positions. When there is high employee turnover and a scarce workforce, partnering and integrating with an outsource provider will not only provide a flexible and scalable solution for the organization, but it will also help with segregation of duties. And it can also be a cost-effective way to access skilled experts and the full resources an outsourced partner has to offer.

That said, there maybe certain functions that are better handled in-house, so some organizations may opt for another staffing solution to temporarily fill a vacant position during the Great Resignation. Regardless of how organizations are addressing their staffing needs, the focus has gone back to ensuring that there is oversight and review to catch errors and prevent fraud or theft.

Segregation of duties in an accounting department serves as the primary defense against internal fraud. Having employees check each other's work may reduce errors, but simple mistakes do not reduce profit to the same degree. Small businesses suffer disproportionately from fraud, losing an average of 5 percent of revenue, or $160,000 to internal theft. Segregation of duties within the accounting group minimizes opportunities for employees to steal from the company.

The Triangle of Fraud

1. Fraud prevention experts recognize a “triangle of fraud” that creates conditions for embezzlement. That triangle consists of financial pressure on the employee, rationalization of criminal action and opportunity to commit the crime. Segregation of duties within the accounting department breaks the triangle at the point of opportunity. Knowing that others review and check critical components of his work alters an employee’s perception of opportunity. Given the potential cost of employee fraud, an investment in steps to prevent it provides a good return.

Accounts-Payable Fraud

1. Accounts payable, if not monitored properly, offers many opportunities for fraud. An employee can create false invoices, disbursing funds to an account he controls. Or he may write checks to himself and recording them as payments to one of the company’s vendors. Separating duties by function, so that no one person can approve an invoice, create a new vendor in the system or issue a check, reduces these possibilities. More than one person should monitor refunds to vendors, another source of fraudulent activity. Requiring strict review of vendor approval and contract acceptance also avoids kickbacks paid by vendors receiving preferential treatment or overpayments.

Other Avenues for Fraud

1. Other functions within the accounting department provide similar avenues for fraudulent activity. Possible payroll frauds include inflated expense accounts, false claims of hours worked and even “ghost” employees. In the last instance, the thief creates employees that don’t exist, submits time reports for them and deposits their paychecks into his own account. Segregation of hiring and payment functions breaks this link in the triangle. Customer accounts also create possibilities for fraud. A dishonest employee may simply pocket cash payments from customers or divert checks to his own account. To hide the theft, the thief may divert subsequent payments from other customers in a scheme called skimming.

Segregation of Duties in a Small Business

1. Large companies segregate accounting duties into departments, providing the necessary controls on funds. Creating the appropriate segregation of duties presents a small business owner with a challenge, but not an insurmountable one. A small business owner may have the bank deliver the monthly statement to his home. This insures that no employee has an opportunity to remove evidence before anyone else sees it. When possible, the owner should sign all disbursements. Requiring two signatures on checks may prevent fraudulent check writing. Two employees, or the owner and the bookkeeper, should review all bank deposits, payroll items, and expense submissions. This division of duties may not stop all fraud, but it does reduce the opportunity.

How does separation of duties in accounting may help the organization?

Is separation of duties an internal control?

What is separation of duties How can IT be used to improve?

What is the purpose of separation of duties?