The larger an organization grows, the more complex its operations become. While growth is the sought-after goal of business, that success brings with it a heightened risk of fraud. Fraud committed through the accounts payable system is all too common in business. While one may suspect that fraud is most often committed by someone in accounts payable, it is frequently also committed by someone in another part of the organization exploiting weaknesses in accounts payable controls.
Process can help protect against fraud
One of the best ways to protect against accounts payable fraud is to institute a linear process for payment of vendors. This simply means that new vendors would be entered into the system, or existing vendors modified in the system, by one person; vouchers and invoices entered into the system by another person; checks issued by another person; and finally signed checks sent to payees by yet another. None of the people in that line of workflow would have system permissions allowing them to perform any other tasks within the accounts payable processing cycle.
The problem with this linear approach is that it is people-intensive. In today’s streamlined organizations, it is difficult to maintain the segregation of duties that good accounts payable best practices require. Many small businesses have only one person in accounts payable, and that person frequently has other responsibilities.
Technology in place of Segregation
Thus complete segregation of tasks among different people in accounts payable processing is often not possible. In order to reduce the potential for fraud, and to the extent that your accounting software allows it, you should separate system access permissions for creation or modification of vendors from entry of vouchers or invoices. Thus a good, well implemented software system can help you maintain safeguards against fraud even when segregation of duties among personnel is not completely possible.
In situations where it is not possible to use technology to create barriers to fraudulent activity, you may be able to create internal processes relying on some combination of manual processes plus heightened oversight to detect and deter fraudulent activity. In very small organizations, for instance, it is customary to have checks signed by the Owner / CEO for invoices processed by accounts payable personnel.