Why is the Segregation of duties so important in managing fraud risk?

IN THIS ARTICLE
Table of Contents
Like it? Share it

Organizations need to stay alert to the ever-present risk of fraud from all angles. In 2023, 96% of US companies were targeted by payment fraud at least once. Unfortunately, far too few companies are making the effort to protect against or investigate fraud properly. There are many ways in which companies can protect themselves against fraud risk. Separation of duties – more frequently referred to as segregation of duties –  is one safeguard that an organization can implement to reduce opportunity and therefore their chances of being targeted by fraudsters.

Trustpair is the ultimate safeguard against fraudsters. Our software continuously controls vendor banking data to make sure there aren’t anomalies or suspicious data changes. Request a demo to learn more!

New call-to-action

What is the segregation of duties, and how does it help against fraud?

The segregation of duties (SoD) is the dividing up of responsibilities so that no single person has too much control over a process. For example, an employee might have the authority to order goods and sign off invoices as well. In this case it would be very easy for them to order whatever they wanted or create fake invoices and sign them off to be paid. There would be no requirement to seek approval to make either a purchase or a payment. They have the necessary access and responsibility to do so.

Continuing with this simple example, segregating duties and making one employee responsible for approving the ordering of goods or services, another for ordering them, and a third for paying the invoices, creates a system that helps prevent transfer fraud and manage third party risk. The person giving approval will need a reason for procuring the item or service. The person doing the ordering needs approval before they can go ahead. And the invoice payer will want to ensure that the goods or service have been received and that the supplier and their account details are genuine.

An example: segregation of duties in accounting

To properly segregate accounting duties, split responsibilities across different roles for accounts payable, receivable, payroll, and general ledger processes. For example, separate coding invoices, adding vendors, printing checks, and reconciling bank statements in AP.  In AR, have different people apply cash receipts, maintain customer master files, and perform account reconciliations.

 

How to build a segregation of duties matrix

To implement effective segregation of duties, it’s helpful to develop a comprehensive matrix that maps out all financial processes and the associated roles and responsibilities. This matrix should clearly highlight incompatible duties that need to be separated to prevent fraud, errors, or abuse. Here are the steps to get it done:

  1. Start by identifying the key financial processes, such as accounts payable, accounts receivable, payroll, and general ledger.
  2. Then, break down each process into its tasks, such as authorizing transactions, recording transactions, reconciling accounts, and handling physical assets.
  3. Assign these tasks to specific roles or job functions, ensuring that no single individual has control over incompatible duties within the same process.
  4. Review the matrix regularly and update it as processes or roles change to maintain proper segregation.

Implementing a well-designed segregation matrix can significantly mitigate the risk of fraudulent activities and strengthen internal controls.

 

What issues are associated with segregating duties?

The segregation of duties can be harder in smaller companies where there are fewer employees. Conversely, in larger organizations, separating duties between too many different people or departments can lead to slow and clunky processes. This can be detrimental to flow and efficiency. Speedy responses can often mean a reduction in control so there is a trade-off between efficiency and managing fraud risk effectively. The key is getting the balance right. 

 

Why are internal controls so important?

As explained by the fraud triangle, opportunity is one of the main drivers of fraud and third party risk. Reduce opportunity and you reduce risk. There are many areas in an organization where too much control over a specific area of duties can lead to fraud, so it is vital to ensure they are all covered with the right policies.

The Association of Certified Fraud Examiners’ (ACFE) 2020 Report to the Nations Global Study on Occupational Fraud and Abuse says that in 32% of cases the lack of internal controls contributed to occupational fraud. 

The segregation of duties will go a long way to reducing the chances of fraud in an organization, but this is not the only way in which it can save a company money. When auditing a company, auditors look at if and how internal controls have been set up. They will assess how well duty segregation has been applied and adjust their procedures accordingly if they judge it to be lacking. Because there is a greater risk of fraud the auditing process will be more robust and time consuming and therefore cost more.

 

Helping to fight fraud risk

Fraud risk are present in every company. However, by implementing the right controls to prevent it, such as ensuring duties are properly segregated, fraud risk can be minimized. The right company culture, controls, training, robust systems, and regular audits and assessments of fraud risk all help to reduce the risks. 

As well as the segregation of duties, digitizing accounting tasks and automating financial processes removes a lot of risk. Employees should be trained in fraud risk awareness so that they know how to spot it. Early investigation of warning signs will help to minimize damage. 

Aligned with the most stringent corporate security restrictions, Trustpair’s solutions automatically check third-party data at every stage of the Procure-to-Pay process to ensure data reliability. Bank details of third parties are systematically checked and continually verified to ensure they are associated with the company’s identity. Third-party risk management controls carried out are traceable and all our systems help in the fight against fraud. Our system provides peace of mind for the management team and safeguards company cash – by verifying each transaction before it’s executed. It also guarantees internal compliance. Find out more about how our software can help reduce your company’s fraud risk. Contact us to request a demo now!

To learn more about B2B payment fraud, download our latest fraud study!

New call-to-action

Key Takeaways:

  • Segregation of duties helps reduce fraud and third party risk 
  • Employees should not have too much control over a process
  • Trustpair SaaS will give extra security and peace of mind

You’d like these articles

FAQ
Frequently asked questions
Browse through our different sections and find the answer to your question.

A classic example of separated duties is in the accounts payable process.

One person orders goods/services, a different person approves the invoice for payment, and a third person handles issuing the actual check or electronic payment. This segregates the key duties to prevent any single individual from being able to divert funds.

The four major functions of properly segregating duties are:

  1.  Authorization – approving transactions,
  2. Custody – handling assets like cash/inventory,
  3. Recording – maintaining records and documentation
  4. Reconciliation – verifying and monitoring accounts.

Separating these functions across different roles and individuals is key to protecting your business from mistakes and fraudulent acts.

A SoD violation occurs when a single individual can perform two or more conflicting duties or phases of a process. For example, if one person can both create new vendors and issue payments, that would be a SoD violation creating excessive control by one individual. SoD violations introduce risks of fraud or errors going undetected.