For those interested in keeping material errors and fraud out of their organization (and who isn’t), it’s important to embrace segregation of duties.
Segregation of Duties (SOD) is a fancy term for a simple idea: having more than one person required to complete a task. The reason to do this is also simple: no employee should be in a position to both perpetrate a fraud and to conceal it. SOD also helps by bringing another set of eyes to a task. This reduces the possibility that a large error will happen and grow to cause a serious problem.
Do you want to implement SOD into your business or nonprofit? Here are three ways to make your organization more secure today:
1. Understand the underlying idea behind SOD.
Remember the acronym ARC: Authority, Recording, and Custody. No one person should be assigned to authorize a transaction, record a transaction, and have custody of the physical assets (think checks or cash). Ideally, each of these items should be assigned to a different person. Because there are many different situations that cannot all be covered here, it’s important to understand the rationale behind SOD. When in doubt, separate them out.
2. Get control over cash.
To reduce the possibility of fraud or error, it’s important to have a different individual collecting and counting cash and receiving checks from the one who enters the data into the financial reporting system. Provide numbered receipts to payers, and keep track of the numbers. Put restrictive “for deposit only” endorsements on checks when they’re received. For large amounts of cash, have more than one person receiving and counting the currency. Once again, these people should be different from the one who enters the total into the system.
3. Get control over accounts payable
Fraud often happens in this area of a business or nonprofit because management, while focused on other items, often delegates all duties to one person to streamline processes. Ideally, accounts payable procedures should be separated out with one person approving the purchase, one person receiving the ordered materials, and one person approving the invoice for payment. At least once per month, management should review the list of vendors, scanning for any that are unfamiliar.
No one wants to believe that they could be a victim of fraud. By putting a robust system of internal control in place and evaluating it periodically, you won’t have to experience this issue at your organization.