1 / 11

Best in Class Controls for AP

Best in Class Controls for AP. The Institute of Financial Operations Indiana – Southern Illinois Chapter June 15, 2011 Sherry DePew. About The Speaker. Sherry DePew, Vice President of Account Management for Lavante 14 years at Boise Cascade, Director of Global Shared Services

sarila
Download Presentation

Best in Class Controls for AP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Best in Class Controls for AP The Institute of Financial Operations Indiana – Southern Illinois Chapter June 15, 2011 Sherry DePew

  2. About The Speaker • Sherry DePew, Vice President of Account Management for Lavante • 14 years at Boise Cascade, Director of Global Shared Services • President and founding member of Idaho IAPP Chapter • President: Oracle/PeopleSoft Accounts Payable Product User Group • President Oracle Supplier Relationship Management User Group • Co-founder and Board member of Oracle • Featured AP and P2P writer and blogger for several on-line resources

  3. Agenda • Segregation of Duties • Benefit of Segregation of Duties • Financial System Access Controls • Electronic Data Management (EDM) • ACH/EFT vs. Check • New Vendor’s • Vendor Changes • Purchase to Pay Control Continuum

  4. Controls - Segregation of Duties • Persons establishing vendors should not write,process or approve PO’s, receipts or invoices. • Persons making changes to vendor data should not write, process or approve PO’s, receipts or invoices. • Persons with access to add or change vendor information should not handle payments of any type. • Persons with authority to request a check or payment should not approve, sign or handle payments. • The person(s) issuing checks should not not reconcile bank accounts. • Ensure reconciling of accounts is done by different people within cost centers. • Establish a separate post office box for returned checks. • Replace your company name and address on disbursement envelopes with a simple post office box number.

  5. Benefits of Segregation of Duties One of the most difficult & complex set of controls to implement, monitor and manage. • Mitigates Risk of Deliberate Fraud • Mitigates Risk of legitimate errors • Mitigates Cost of Corrective Action • Organization’s Reputation for Integrity and Quality Enhanced

  6. Controls - Financial System Access Control of Security Object Privileges Control of Multiple Security Profiles Access to add users and change their security profiles • Screens • Pages • Read vs. Change Access

  7. Controls - Data Management (EDM) • Controls for the Tracking and Storage of Electronic Documents • Controls Often Reside in Enterprise Departments Responsible for Emails, Documents & Files • Purchase to Pay workflow with Images and Approvals • Make sure that images of approvals, exceptions and original documents can be accessed for External Audit and SOX Control Testing

  8. Controls - ACH/EFT vs. Paper Checks • Mitigate Risk for Paper Checks • Positive Pay • Reverse Positive Pay • Check Stock Handling • Void Check Process • Mitigate Risk for ACH or EFT • Handling of file sent to Bank, Clearing House or Outsource Provider • Access and Protection of payment file • Bank Account Design • Funding Process

  9. Controls – Establishing/On-Boarding a New Vendor • Most Critical Control for Fraud Prevention • IRS TIN - Name Consistency • Verify Name and TIN against IRS data • OFAC and FTO Checks • Check vendors against OFAC / FTO list and other lists • Utilize 3rd Party Databases • Add D&B Numbers • Add SIC or NAICS codes • Add Credit Information • Obtain W-9 or Substitute • Obtain Minority Owned Business, Women Owned Business status, etc.

  10. Controls – Vendor Changes • Same or Greater Risk than On-Boarding a New Vendor • Vendors Must be Participative in Changes • Controls that are no longer effective • Banks Accounts Changes (Treasury?) • Merging Vendors • Vendor Name Changes

  11. Controls – Purchase to Pay Control Continuum Procurement Accounting AP is Part of a Continuous Procure to Pay Cycle With A Great Potential for Risk. Separation of Duties Should Look Across the Entire Cycle Vendor File Management Check Requests Goods Receipt Invoice Processing

More Related