Page 197 - Accounting Information Systems
P. 197

168     PART II       Transaction Cycles and Business Processes

                         Segregation of Duties
                         Segregating duties ensures that no single individual or department processes a transaction in its entirety.
                         The number of employees and the volume of transactions being processed influence how to accomplish
                         the segregation. Recall from Chapter 3 that three rules guide systems designers in this task:

                             1. Transaction authorization should be separate from transaction processing.

                           Within the revenue cycle, the credit department is segregated from the rest of the process, so formal
                         authorization of a transaction is an independent event. The importance of this separation is clear when
                         one considers the potential conflict in objectives between the individual salesperson and the organization.
                         Often, compensation for sales staff is based on their individual sales performance. In such cases, sales
                         staff have an incentive to maximize sales volume and thus may not adequately consider the creditworthi-
                         ness of prospective customers. By acting in an independent capacity, the credit department may objec-
                         tively detect risky customers and disallow poor and irresponsible sales decisions.

                             2. Asset custody should be separate from the task of asset record keeping.

                           The physical assets at risk in the revenue cycle are inventory and cash, hence the need to separate asset
                         custody from record keeping. The inventory warehouse has physical custody of inventory assets, but in-
                         ventory control (an accounting function) maintains records of inventory levels. To combine these tasks
                         would open the door to fraud and material errors. A person with combined responsibility could steal or
                         lose inventory and adjust the inventory records to conceal the event.
                           Similarly, the cash receipts department takes custody of the cash asset, while updating AR records is
                         an accounts receivable (accounting function) responsibility. The cash receipts department typically
                         reports to the treasurer, who has responsibility for financial assets. Accounting functions report to the
                         controller. Normally these two general areas of responsibility are performed independently.
                             3. The organization should be structured so that the perpetration of a fraud requires collusion between
                             two or more individuals.
                           The record-keeping tasks need to be carefully separated. Specifically, the subsidiary ledgers (AR and
                         inventory), the journals (sales and cash receipts), and the general ledger should be separately maintained.
                         An individual with total record-keeping responsibility, in collusion with someone with asset custody, is
                         in a position to perpetrate fraud. By separating these tasks, collusion must involve more people, which
                         increases the risk of detection and therefore is less likely to occur.


                         Supervision
                         Some firms have too few employees to achieve an adequate separation of functions. These firms must
                         rely on supervision as a form of compensating control. By closely supervising employees who perform
                         potentially incompatible functions, a firm can compensate for this exposure.
                           Supervision can also provide control in systems that are properly segregated. For example, the mail
                         room is a point of risk in most cash receipts systems. The individual who opens the mail has access both to
                         cash (the asset) and to the remittance advice (the record of the transaction). A dishonest employee may use
                         this opportunity to steal the check, cash it, and destroy the remittance advice, thus leaving no evidence of
                         the transaction. Ultimately, this sort of fraud will come to light when the customer complains after being
                         billed again for the same item and produces the canceled check to prove that payment was made. By the
                         time the firm gets to the bottom of this problem, however, the perpetrator may have committed the crime
                         many times and left the organization. Detecting crimes after the fact accomplishes little; prevention is the
                         best solution. The deterrent effect of supervision can provide an effective preventive control.


                         Accounting Records
                         Chapter 2 described how a firm’s source documents, journals, and ledgers form an audit trail that allows
                         independent auditors to trace transactions through various stages of processing. This control is also an
   192   193   194   195   196   197   198   199   200   201   202