Improving Segregation of Duties in Smaller Entities to Prevent Fraud

The Association of Certified Fraud Examiner (ACFE) reported in their 2014 Report to the Nations that a typical organization loses approximately 5% of its revenues each year due to fraud. Approximately 77% of the acts of fraud in the ACFE’s study were acts of internal fraud committed by employees working in accounting, finance, operations, purchasing, sales, customer service and upper management. Segregation of duties (SOD) is an essential component of strong internal control than can help prevent internal fraud. Management at smaller organizations often believe they lack the personnel and resources to create strong SOD.  However, there are a number of ways to implement SOD that are relatively easy and cost effective.

  • Involve the Owner or Treasurer
    • Have bank statements and credit card statements mailed to the business owner or treasurer’s home instead of the entity’s finance office. The business owner or treasurer should open and review the statements for unauthorized transactions. The owner or treasurer should also perform, or at least, review the reconciliation.
    • Have payroll change reports from the payroll provider sent to the owner or treasurer’s home. The owner or treasurer can review the reports for unusual hires and changes in compensation.
    • Have the owner or treasurer randomly spot check finance employees’ work. For example, the owner or treasurer could review an occasional bank reconciliation, cash disbursement and its supporting documentation or journal entry. Encourage the owner or treasurer to ask questions such as “what is this bank fee?” Random review and pointed questions put finance staff on notice that someone is watching.
    • Keep check signing authority with the owner or treasurer. Do not delegate check signing authority to a bookkeeper or controller. Or, consider using an on-line bill paying system and grant access to only the owner or treasurer.
  • Fully Utilize QuickBooks
    • Ensure that the owner or treasurer is the only individual with Administrator access.
    • Routinely review the voided and deleted transactions report, closing date exception report and the audit trail report in QuickBooks.
    • Set QuickBooks to alert users duplicate purchase orders, duplicate bill numbers from the same vendor and duplicate invoice number. In this way, QuickBooks can act as a second set of eyes.
  • Consider Part-Time Employees- If it is not financially practicable to hire more than one full-time employee to perform accounting functions, consider a part-time employee to only process payroll or enter bills.
  • Involve Other Employees- Employees outside the finance department can be used to open mail, mail checks or make deposits.
  • Convey the Importance of Segregation- Ensure that finance staff understand why segregation of duties is required. Explain the consequences of a lack of segregation of duties including theft, fraud and loss of tax exempt status for non-profit organizations.
  • Know Your Vulnerabilities-
    • Use the Association of Certified Fraud Examiner’s (ACFE) Uniform Occupational Fraud Classification System (also known as “the fraud tree”) to identify areas where your organization is vulnerable. The classification system links common business transactions and the types of frauds to which they are vulnerable.
    • Ask your staff how they could bypass controls. Honest employees may alert you to weaknesses in your systems.
  • Consider Outsourcing IT- Recent improvements in technology, including Cloud computing, allow smaller entities to outsource the design and maintenance functions of accounting software, ensuring that the design and maintenance of the accounting system is performed by someone other than the person reconciling or internally auditing the transactions. IT outsourcing has become less expensive with the Cloud.
  • Utilize your Board and Outside Specialists- Board members and outside consultants can provide another set of eyes and additional perspective on important financial decisions.
  • Consider CPA Firm Review- Have the entity’s monthly or quarterly financials reviewed by a CPA firm. This especially important in entities where only one person is managing the finances. CPAs can review your financials for management purposes only, without having to issue an opinion.

KMM can assist you in improving the segregation of duties in your organization and in reviewing your financial statements.

For more information, please contact Sarah Abbott.