Next in Our Internal Control Series – AuthorizationWhitney Irish
Post By Kaitlin Cardozo
‘Internal controls in the authorization of reporting and processing transactions’ can at first glance seem like an exceedingly dry topic. What exactly does this mean? Why is it important to my company or organization?
That phrase and understanding its implications is actually incredibly important in any organization – whether it’s a multimillion, multinational enterprise, or a small not-for-profit with a handful of employees. In layman’s terms, the phrase means that: 1) all transactions that occur, and the financial reporting that records them, undergo approval and review, and 2) the individuals that perform these functions have been approved to do so.
An organization without controls to ensure proper authorization in processing payment is open to big risks. For example, consider a system of processing payments to vendors that doesn’t require proper approvals. An employee could easily abuse this system by cutting checks to himself, or more indirectly, by setting up a fictitious vendor to make the payments appear more legitimate. Both scenarios have happened countless times and in more extreme cases, have resulted in large financial damage. However, scenarios like these could easily be prevented by instituting a system of proper controls to catch and monitor these types of illicit activities.
Aside from preventing fraud, proper authorization can also prevent against errors. Human error happens no matter the experience level of the person involved, but instituting proper approvals can help limit its occurrence in an organization. Consider the same disbursements process mentioned above. Without approval, it is entirely plausible that a clerk could end up paying the wrong amount to a vendor, or the wrong vendor entirely. Another scenario would be in the reporting of transactions – a clerk could easily key in a wrong number, which could in turn misstate the organization’s financials.
So what could an organization do? In the situations mentioned above, where clerks could set up and process fictitious vendors and invoices, several controls could be implemented to prevent this fraudulent activity from occurring, such as setting up an approval process for new vendors where new vendors are required to provide a W-9 or an EIN to validate their authenticity. Another control that could be instituted would be mandating review of invoices and outgoing checks by supervisors and above before payments are processed, which would not only prevent the fraudulent activity mentioned, but would also help prevent simple errors made in processing outgoing payments.
Setting up a proper process of authorization can seem tedious or adding extra work for an organization’s employees, but the benefits, ensuring that both an organization’s assets are protected and its reporting is accurate, certainly make the additional steps worth it.
– Prevents improper invalid transactions from occurring
– Ensures transactions being approved are being done by authorized personnel
– Ensures accountability for transactions (people know who is in charge of each step, people know their responsibilities in chain of command)
– Prevents falsification of transactions