Segregation of Duties in Office of Three, Two, or One
Download
Report
Transcript Segregation of Duties in Office of Three, Two, or One
Matt Malinowski
Susan Green
•
•
•
•
•
MYTHS
Internal control starts with a strong
set of policies and procedures
Internal control – That’s why we
have external/internal auditors.
Internal control is a finance thing
Internal controls are essentially
negative, like a list of “thou-shaltnots.”
Internal controls take time away
from our core activities – serving
students.
•
•
•
•
•
FACTS
Internal control starts with a strong
control environment
While external/internal auditors
play a key role in the system of
control, management is the
primary owner of internal control
Internal control is integral to every
aspect of business
Internal control makes the right
things happen the first time
Internal controls should be built
“into,” not “onto” business
processes.
•
Benefit payment receipt
•
County Official – Post office refunds
•
Do you have a fraud policy?
•
•
•
•
Money
Reputation
Public Trust
Acceptable Practice / prevalent in other
areas
•
Definition from Merriam Webster Online
Dictionary:
a: deceit, trickery; specifically: intentional
perversion of truth in order to induce another to
part with something of value or to surrender a
legal right
b: an act of deceiving or misrepresenting : trick
•
•
•
•
•
•
Payroll Fraud
Benefit Fraud
Double Payments
Charge Off Fraud
Disposal Fraud
Travel Claim Fraud
•
Simply what it sounds like –
Separating Duties
•
•
Segregation of duties means separating the
recordkeeping function from the operational responsibility
of that activity and from those who exercise physical
control over the records.
Categories of duties:
– Authorization
– Custody
– Record keeping
– Reconciliation
• Do
I have to add more people to make this
work?
NO
A Balanced Assessment should take into
account the following:
• Significance- The degree of harm that
could result
• Likelihood of Occurrence- What is the
probability that a given risk will
materialize?
• Inherent Risk – Where will there always be
risk?
•
Rotation of duties
– Mandatory vacation
– Job rotation periodically / cross training
•
Management oversight
– Open the mail twice a month
– Reconcile the checking account periodically
– Review, review, review
•
Third party help such as consultants
•
Receipts
– Manual checks and cash
– Electronic receipts
•
Disbursements
– Board checks
– Payroll
•
Transaction –
– Initiation
– Approval
– Recording
– Reconciliation
– Asset handling
– Review of reports
•
You don’t have 6 employees in your
business office. Now what?
•
•
•
Person #1 issues a purchase order based
on a requisition completed beforehand.
Person who ordered the item verifies that
the goods are received (Sign off on PO
copy)
Separate Person in the business office
issues or authorizes payment.
•
•
After the fact review
Review of the bank reconciliation is a
compensating control vs. review of the
check register before checks are cut
•
•
Control related policies to compensate for risks.
Examples:
– Purchases orders must be approved by department head or
other designated official.
– Policy to only pay off of an original invoice
– Reconcile encumbrances to open purchase orders
– Leave approval and leave posting
– Technology for efficiency = sub calling / electronic leave
recording
•
Separate
– approval,
– accounting/reconciliation
– Safeguarding
•
Reduce/eliminate those that accept and
disburse funds
Assertions to ensure that all significant risks
are identified in a purchasing cycle:
1) Has a purchase been recorded for goods
not yet received? Has a vendor been paid
twice?
2) Have purchases been made, but not
recorded?
3) Were all purchases properly authorized?
4) Were charges to appropriate accounts?
•
•
•
•
•
•
Treasurers Report on all Cash Balances
Special Fund Reports (Food Service, Capital,
Special Revenue, Activity)
YTD Budget Report
Budget Transfers
All Tax Exonerations
Bill List (Include monthly, emergency, wires)
•
•
•
•
•
Budget preparation, monitoring
Purchasing/Payroll functions
Tax Collection/Reporting – (tax collector’s
course)
Investments
Records
•
•
•
•
•
U.S. Government Accountability Office (GOA) – New
Edition Yellow Book –
http://www.gao.gov/govaud/ybk01.htm download. See
pages 81-87.
Roslyn School District, New York http://www.osc.state.ny.us/localgov/audits/2006/schools/ros
lynfoll.pdf (a real life scandal)
GFOA article "Evaluating Internal Controls"
http://goliath.ecnext.com/coms2/gi_01992938675/Evaluating-internal-controlscontrol-self.html