Segregation of Duties
Segregation of duties is a basic, key internal control and often one of the most difficult to achieve, especially in a small operation. The basic concept for segregating duties is that no single individual should have control over all phases of a transaction. Ideally, the incompatible functional responsibilities of authorizing (initiating) transactions, custody of assets and record-keeping should be the responsibility of separate individuals.
Duties are considered to be incompatible if a single person can carry out and conceal errors and/or irregularities in the course of performing day-to-day activities. Assignments of duties should provide a cross-check of responsibilities to avoid incompatibilities.
Lack of proper segregation of duties may result in an audit criticism if it creates a material weakness in the internal control structure. A material weakness is one in which significant errors or irregularities may occur and not be detected timely by employees in the normal course of performing their assigned functions.
1. Authorizing a transaction and posting it to general ledger.
2. Receiving revenue funds (checks or cash) and approving write-off of receivables.
3. Reconciling bank statements and booking entries to general ledger.
4. Authorizing payments to vendors and mailing the payments.
5. Setting up new employees and processing payroll.
6. Unlimited access to assets, accounting records and computer terminals and programs. An example would be using checks as the source documents to post to accounting records rather than using a check log or receipts.
1.Existing controls may not be effectively used – for example, when one person prepares a mail log and another person processes the payments, a deposit ticket can be prepared, but the effectiveness of segregation of duties is minimized if the log total and deposit total are never compared.
2.Supervisory review of critical documents or activities may not exist or may be inconsistently applied.
3.Employees may have the power to negate established controls; often an employee in a supervisory position may have this power in an otherwise sound system. Documented oversight by a higher level of management will help lessen the possibility of abuse.
4.Information and transaction security may be compromised if computer access passwords are shared.
5.Employees may assume incompatible duties while filling in for vacationing or ill employees.
The old adage stating that “an ounce of prevention is worth a pound of cure” is a truism that applies equally to the business environment as it does to everyday life. Segregation of (incompatible) duties is a basic management tool to ensure that employees will be deterred from committing fraud or misappropriating assets. Caution should be taken to analyze each situation to ensure that segregation of duties is cost beneficial and that employees realize that a sound control environment is for their individual protection as well as for the business organization.
If you have any concerns about this subject or need assistance in this area, please contact the Inspector General's Office at (561) 297-3682. Additional information on segregation of duties is available on the Website http://en.wikipedia.org/wiki/Segregation_of_duties .