According to the ACFE, a lack of effective internal controls are the primary contributing factor in nearly one-third of fraud cases. Why is this? For many companies, the issue stems from the effort it takes to change set processes. Boosting internal controls isn’t difficult, but it does involve taking time to reassess company procedures. For smaller businesses, the challenge often lies in the lack of resources or staff.Read More
Sheila Keefe, CFE, CPA
CFO, Professional Power Products Inc.
Segregation of duties aims to deter fraud by eliminating the ability of any one individual to complete enough steps in a transaction that they are able to both steal and conceal. With properly designed segregation of duties, employees can still steal, but they would have to enlist the help of a co-worker, increasing the possibility of detection. According to the soon-to-be-released Board Member and Audit Committee Survival Guide, conspiracies are hard to maintain over the long-term, making segregation of duties an appealing fraud deterrence tool.
The following table illustrates an advisable segregation of duties. However, not all organizations have sufficient staff to allow appropriate segregation of duties to be accomplished using just finance department staff. Creative organizations can make use of the receptionist and the owner to handle tasks that cannot be adequately segregated with one- and two-person finance departments.
When owners endeavor to pick up critical control duties, they are most likely to retain check-signing authority. Some owners stop there, assuming that seeing all checks written will effectively limit embezzlement. Not so fast; there are other ways fraudsters manipulate the accounting records to conceal their wrongdoings. Additional steps owners should consider performing include opening bank statements and periodically (perhaps quarterly) reviewing credit memos, General Journal entries, changes to the master vendor file and the master payroll file.
Segregation of duties, scalable to the size of the organization, remains one of the most effective fraud deterrence tools and remains within reach for even the smallest organizations. Remember, trust is not a control.
Read more of Sheila’s insights on her blog, Business Done Right.