1. Revenue and cash receipts:
Individuals responsible for revenue and cash receipts should have no control over the disbursement of funds. This can be accomplished by having different individuals responsible for receiving payments and issuing payments. The separation of these duties helps to ensure that funds are not mishandled or stolen.
2. Purchasing and disbursements:
Purchasing and disbursement activities should be segregated to prevent someone from illegally obtaining goods or services using company funds. For example, the individual responsible for ordering supplies should not be the same person who issues payments for those supplies. This helps to reduce the risk of fraud or theft.
3. Payroll and Human resources:
Activities related to payroll and human resources should be segregated in order to protect employee information and prevent unauthorized access to financial data. For example, the individual who processes payroll should not have access to employee bank account information.
4. Investments and banking:
Individuals responsible for investments and banking should have no control over the day-to-day operations of the company. This can be accomplished by separating the roles of controller and treasurer, for example. This prevents any one individual from engaging in financial misconduct.
5. Document preparation and recordkeeping:
Individuals responsible for document preparation and recordkeeping should have no control over authorizing transactions or performing reconciliations. This can help to ensure that proper records are maintained and that fraudulent activity is detected quickly.
6. Physical assets, including inventory:
Physical assets, including inventory, should be segregated to prevent theft or misuse. For example, the individual in charge of receiving goods should not be the same person who stocks the shelves with those goods. This makes it more difficult for someone to steal goods or inventory without being noticed.
7. Information systems access and controls:
Access to information systems should be restricted to authorized individuals only. Controls such as passwords and user IDs can help to ensure that only authorized personnel can access sensitive data. In addition, regular reviews of user privileges can help to identify any unauthorized activity quickly.
8. Authorization of transactions:
Only authorized personnel should be able to authorize transactions such as payments or purchases. This helps to prevent unauthorized individuals from making illegal transactions using company funds.
9. Reconciliations and reviews:
Reconciliations and reviews should be performed by individuals who do not have access to the accounts being reviewed. This helps to ensure that any discrepancies or irregularities are identified quickly.
10. Segregation of duties in all departments:
Overall, segregation of duties should be implemented in all departments in order to reduce the risk of fraud and other malicious activities. By ensuring that different individuals are responsible for different tasks, it makes it more difficult for anyone to engage in wrongdoing without detection. This is especially important for businesses that handle large amounts of money or sensitive customer information.