Separation of duties in accounting: A guide to preventing errors and fraud
Separation of duties in accounting: A guide to preventing errors and fraud
Effortless expenses start here.
Accounting errors are a growing headache
A recent Gartner survey revealed that a shocking 59% of accountants reported that they make several errors per month. And these are just the errors that accountants are willing to admit to! The true number is likely much higher, fueled by the growing accountant shortage. And with many finance teams using a centralized accounting system, which creates a single point of failure with higher risk of error, the issue is compounded.
But fear not, there are simple and effective ways to virtually eliminate the growing risk of errors and fraud in accounting: separation of duties, also known as segregation of duties, and automation.
When one individual or small group controls the majority of financial functions, there is exponentially increased risk. Without separation of duties, there are fewer checks and balances and no oversight to ensure that everything is accurate. You’re forced to trust that the person in control of your finances will always do the right thing; and your business continuity is at risk if they become unavailable.
A lack of separation of duties also ups the risk of human error. With only one set eyes on data entry and reporting, accidental errors may be overlooked. This creates compliance and financial risks, especially if incorrect data gets passed along to your board or regulatory agencies.
Automating manual work and separating duties are two of the most reliable ways to combat the vulnerabilities of a centralized system and prevent fraud, theft, security breaches, misuse of financial data, and more.
What is the separation of duties?
Simply put, the separation of duties requires you to have different people in charge of different financial tasks, rather than one person handling every step. For example, the person inputting payroll shouldn’t also be the one reconciling your bank account.
In addition to improving error detection, just by involving multiple people in a process or workflow, you may deter employees from even attempting fraud or making careless mistakes in the first place. We all behave a little better when we know someone is watching, right?
In accounting departments, it’s typically recommended that you segregate duties in 3 key areas: authorization, recordkeeping, and custody of assets. Preventing any single person from having complete control over these three key areas will lead to:
Fewer errors: Separation of duties creates a safety net, catching errors before they snowball into bigger problems.
Fraud prevention: Creating checks and balances makes it much harder for someone to cook the books or divert funds for personal gain.
Greater accuracy: Separation of duties ensures multiple people are responsible for the accuracy of your financial records, giving you peace of mind and pristine financial reports.
Key functions and recommended separation of duties
Let’s talk more in depth about ensuring separation of duties in these key accounting functions:
Authorizing transactions: Authorizations are the first step, where someone verifies the legitimacy of a request (think, approving a purchase order).
Recordkeeping: Accuracy is paramount when recording everything related to those approved transactions, including updating the general ledger.
Custody of assets: This is all about safeguarding your company's valuables, like cash, inventory, and access to financial accounts and PII.
Transaction authorization
The authorizer is the first line of defense against fraud and error. They review transaction requests from around the business and in many forms, such as purchase orders (POs), expense reimbursements, bills and invoices, and spend limit requests on a corporate card.
Once the authorizer verifies that the transaction is legitimate, within spend limits, and for an authorized vendor, they’ll also consider any financial, operational, or reputational risk and whether adequate controls are in place. When they approve or reject the transaction, they also must document their decision and reasons.
There is significant room for error and fraud if authorization duties are not separated from other accounting duties. For instance, the person who authorizes payments shouldn’t be the same person who records them in the books to ensure data isn’t maliciously doctored or accidentally incorrect.
A spend management platform like Brex can improve control and compliance in this area by allowing employees to submit spend requests and reimbursements with supporting documentation attached, and allowing approvers to embed controls before approving a transaction.
Recordkeeping
Every type of payment must be recorded to ensure financial health and compliance. Let’s look at some financial records common at businesses of any size:
General ledger: The almighty GL is the central repository of all financial transactions recorded by a business, including assets, liabilities, equity, revenue, and expenses.
Accounts receivable and accounts payables: AR and AP records are critical for understanding cash flow – that is, how much you owe and how much is owed to you!
Payroll: Payroll is one of the biggest expenses of a business with a lot of associated legal requirements, and payroll records track employee compensation, deductions, and benefits.
Bank reconciliation: These records track outstanding checks, deposits in transit, bank fees, and other items to reconcile the cash balance recorded in the accounting records and the actual cash balance in the business's bank accounts. Every penny matters here!
Financial statements: The classics include the balance sheet, income statement, and cash flow statement and they summarize your company’s performance, profitability, liquidity, and cash flow.
Businesses rely on having accurate records to comply with regulatory requirements and to make informed decisions, which is why Brex includes robust real-time financial reporting. Companies can use this data to assess the effectiveness of initiatives, as well as to budget and forecast, and devise tax planning strategies. Inaccurate data would have a massive and detrimental ripple effect throughout your business.
It’s critical to ensure separation of duties so people recording transactions cannot manipulate other steps in the process to falsify records. For example, if the person in charge of keeping records of your bank account also held a custody role, they could divert payments and alter records to cover it up.
Custody of assets
Safeguarding your company’s assets, such as cash, documents, and inventory, and controlling access to financial accounts such as business bank accounts, is critically important for several reasons.
Let’s start with the most obvious – you need to preserve your cash flow, the lifeblood of your business. Especially in industries such as retail and manufacturing, inventory is incredibly expensive. Proper inventory management and control measures help prevent loss, damage, or theft. Likewise, a breach of one of your financial accounts – from internal or external parties - could be catastrophic.
If your assets are misused, you will have fewer resources until you can (hopefully) recover them, which will harm your ability to meet your financial obligations. Therefore, custody of assets is a critical area to ensure separation of duties. Here are some ways to go about it:
Use password protection, encryption, and multi-factor authentication such as enabled by the enterprise-grade Brex platform
Monitor access logs and review activity reports regularly
Designate cashiers or cash custodians for handling cash transactions.
Implement dual authorization or verification of cash receipts and disbursements.
Separate the duty of handling cash from recording cash transactions in accounting records.
Implement access codes or keycard entry systems to limit access to inventory storage.
Ensure the person doing physical inventory counts does not have access to inventory records.
Require periodic inventory audits conducted by independent parties.
The resulting checks and balances can help prevent unauthorized transactions, fraud, or cyberattacks – and help you sleep at night.
Examples of separation of duties in accounting
Let’s look at some common examples of where to ensure separation of duties in accounting.
You should ensure that employees responsible for accounts payable are distinct from those responsible for authorizing transactions. For instance, an accounts payable administrator may request payments to satisfy invoices, but another employee should be responsible for approving the payment.
Furthemore, the same person who authorizes payments should not be the same person who records them in the accounting system. A manager may approve an invoice for payment, but the accounting team should be responsible for recording those transactions in the accounting records.
Brex offers accounting automation software that automates approvals and reconciliation to increase accuracy and eliminate potential for fraud. Here’s a quick video on how Brex helps you Prepare, review, and export journal entries — accurately and automatically in one place.
Implementing effective separation of duties
Are you convinced yet that separation of duties should be a priority? Good! Let’s talk about the best place to start. Here’s a comprehensive list:
Authorization: Think about where spend requests come from in your business – invoices, POs, reimbursements, corporate cards, etc. Make sure there is a dedicated, segregated authorization process.
Multi-level approvals: Did the boss approve that? You’ll never have to wonder if you establish automated approval hierarchies that route requests to the right approvers in the right order automatically, such as those offered by Brex expense management.
Recording/recordkeeping: Every step in financial workflows must be tracked to maintain truthful records. Separating recording duties ensures that no one can cook the books for their own gain.
Custody of assets: Cash, inventory, documents, and financial accounts must be protected, ideally by someone not also involved in the related accounting transactions.
Reconciliation: This duty involves comparing financial records to ensure accuracy. You need an eagle-eyed team member – or software – who does not also have the ability to modify transactions.
Approval of financial reports: Separating this duty ensures that reports are scrutinized by a fresh set of eyes – not the same person who prepared the report, reducing the risk of fraud and error. Using a solution like Brex allows you to run custom reports for any time period to facilitate reviews.
Compliance monitoring: Compliance is essential and you can be audited at any time. To keep things objective, it can be valuable to hire external auditors or designate a separate team internally.
Access to systems: Restrict access to accounting systems, databases, and financial records on a “need to know” basis to help reduce the risk of data manipulation or accidental leaks. Brex makes it easy for you to customize permissions and access to financial data.
Best practices will vary slightly based on business size, largely depending on your number of resources. Read on for tips on determining what will work best for you.
Practical tips for implementing separation of duties and automation
Startups have the challenge of fewer resources, so they should prioritize higher-risk duties for separation, such as cash handling, procurement, and financial reporting. Startups can also rotate employee responsibilities – a fresh set of eyes can help identify any flaws or gaps. Outsourcing certain functions to specialized third parties is always an option of course.
Midsize companies will typically want a more formalized process that establishes layers of signoff for riskier transactions and custody of large assets and PII. Midsize companies may also want to invest in training to ensure employees understand the importance of separation of duties, internal controls, and compliance with company policies and procedures.
Large enterprises have the luxury of more resources, but that comes with more risk – as fraud and error can hide among the volume of data, processes, and people. Large enterprises may want to segment duties by department or division and establish an oversight function, with roles such as compliance officers, internal auditors, or risk management.
All companies should tap into accounting automation and accounts payable software. It can be incredibly helpful in increasing efficiency, ensuring accuracy, and mitigating risk and fraud in key areas:
User access: You can customize roles and permissions, such as for data entry, authorization, and reporting so employees only have access to the data and functionality needed to do their jobs.
Approvals: Technology can automate multi-level approval flows, ensuring that transactions are approved by the right individuals before they are processed.
Audit trails: It’s essential to track who did what and when. Most accounting and AP software will automatically record an audit trail of user activities, including logins, data modifications, and approvals.
Gap analysis: In some cases, accounting or AP tools may even have a feature that identifies gaps in your separation of duties approach or user permissions for you.
Reconciliation: Accuracy and truthfulness are paramount here, which makes automated reconciliation a smart move.
Document collection: Look for technology that allows you to attach supporting documents, including invoices, receipts, and contracts, directly to a transaction. Brex even auto-generates receipts and memos for most transactions, making it easier to close the books.
Fraud detection: AI-powered accounting and AP software can automatically detect anomalies and fraud that might indicate a failure in your separation of duties approach.
Real-time reporting: Holistic dashboards can give your finance team insights into key metrics, helping you identify trends, outliers, and potential issues.
Companies like Signifyd and Alchemy are using Brex to automate processes in all of these areas, saving hours and boosting accuracy in the process.
Addressing segregation of duty challenges in startups
As we touched on above, segregating duties in startups can pose challenges, primarily due to limited staff and informal processes. Employees in startups may wear multiple hats within the organization, and it’s common for certain key players such as the founder to be heavily involved in day-to-day operations and decision-making.
Unfortunately, the fast pace and overlap in roles at startup can create opportunities for errors, collusion, and fraud. So it’s important to implement separation of duties where possible – tips include:
Adopt a risk-based approach and prioritize areas where separation is most critical.
Cross-train employees to perform multiple functions and rotate responsibilities periodically.
Leverage accounting automation software and AP automation software to automate processes while enforcing controls.
Implementing regular reviews and oversight by management or external advisors to mitigate the risk of errors and fraud.
Leverage automation for improved accounting controls
Now that you know what separation of duties is and how to implement it, you’re well equipped to protect your company from the growing problem of accounting errors, as well as from fraud, theft, security breaches, and misuse of information.
Although it may take a more creative approach in a startup vs. a midmarket or enterprise company, it’s essential for any business to separate the authorization, recordkeeping, and custody functions to ensure the integrity of business transactions – and keep everyone on their best behavior.
We also explored how accounting automation, AP automation, and other technologies are easy ways to make a step-change improvement in accuracy and risk mitigation and to improve separation of duties practically overnight. You can learn more about how accounting automation can help with the challenges of separation of duties by signing up to get connected with a financial specialist from Brex.
See what Brex can do for you.
Learn how our spend platform can increase the strategic impact of your finance team and future-proof your company.
See what Brex can do for you.
Learn how our spend platform can increase the strategic impact of your finance team and future-proof your company.