By Jessica M. Dunlap, CPA
The phrase “segregation of duties” is used by CPAs every day, but what does that mean to the small-business owner? And why is it so important anyway?
Simply put, segregation of duties means no single person has too much control of a transaction involving important business assets, such as cash or inventory. Transactions can be divided into the following four parts: authorization, custody, record keeping, and reconciliation.
Small-business owners should look at the key assets of their businesses to determine what might be at risk. With these assets in mind, make a list of the processes related to them. Let’s use cash as an example. Some processes would include cash receipts, cash disbursements, and payroll, just to name a few.
Once you identify the processes that affect your assets, you should objectively evaluate how each process operates. To evaluate objectively, you have to step back from your employees and your relationship with them. Let’s say Jane has worked for you for 20 years, you know her family, and you trust her; she would never steal from you. To properly evaluate your processes and your exposure to fraud, you must remove the biases you have when you think of the process and Jane simultaneously.
The reality is most people who commit fraud have no history of fraud convictions. In a 2016 study conducted by the Association of Certified Fraud Examiners, 88.3 percent of perpetrators had never been charged or convicted previously. Additionally, the same study reported that in about 70 percent of cases the perpetrator had been an employee of the business for at least six years. As you can see, when you evaluate areas of vulnerability you need to remove personal feelings about Jane so you can truly see how vulnerable your business may be.
Once you have made a conscious effort to separate your relationship with your employees from the process, you are now ready to evaluate each key business areas independently. Jot down who authorizes transactions and how the authorization occurs. Note who has custody or control over the physical asset itself or custody or control over the process. Next, document who is responsible for the underlying records regarding the asset, how the record is kept, and who has access to the record. Lastly, write down how the transaction is reconciled and who reconciles it. Generally speaking, having one person control more than one phase of a transaction cycle results in an environment that is more conducive to fraud and errors that to go undetected. This is why segregation of duties is so important.
For additional information on how to protect your business from fraud, check out these articles:
Jessica M. Dunlap, CPA, is an audit manager with the Catanese Group. She specializes in audits of not for profit organizations, employee benefit plans, and health care companies, as well as providing accounting and consulting services for a variety of small businesses. She is past president of the PICPA Central Chapter.