What is the difference between segregation of duties and establishment of responsibility?

Read time: 3 mins

Read the highlights

Internal controls are the processes, checks and balances that need to be put in place as a business grows. Internal controls can relate to any aspect of your business, from human resources to IT. Internal controls in accounting are critical and are used for safeguarding assets. Having a system of internal controls, including a segregation of duties, matters because as much as you trust your team, simply having a team means there is no longer one person with complete oversight and knowledge of the operations.

When implementing an internal control procedure, ensure it includes a means to generate evidence that a process has been followed or completed. This may be as simple as requiring that a document be initialled—but if there is nothing to show that something happened, it didn’t!

Benefits of internal controls

As your business grows and becomes more complex, it is more likely that errors, duplication or omissions can occur. For example, without internal controls to dictate who is responsible for certain purchases, more than one person may make the same purchases, resulting in duplication and waste. Or products may be received by mistake from a supplier and, without internal controls, the fact that the items were not ordered may be missed. There are many other reasons to implement internal controls—and the longer you wait to introduce these procedures, the more difficult it will be to change your company’s processes and to get buy-in from your employees [see below].

The importance of internal controls in accounting

Why establish internal controls in accounting? If you are required to have a review or an audit but do not have sufficient internal controls in place, an accountant will not be able to satisfactorily conduct their tests. And if you are claiming a tax credit such as through the SR&ED Program, you may not be able to support your claim if you do not have adequate timesheets and other records, and this could result in a significant loss of funding.

Securing the buy-in from your employees

Employees may have a negative reaction to the implementation of internal controls. They may feel that these are time consuming, labour intensive or show a lack of trust in them. It is important to communicate to your co-workers and colleagues that these processes are required as the business grows, not only for oversight purposes [although this is certainly part of it] but also for planning, tracking and review purposes.

Types of internal controls: Preventative and detective

Internal controls generally fall into one of two categories: preventative or detective.

Preventative controls are those such as requiring dual signatures on cheques or having password-protected files. This type of control protects and limits access to business assets.

Detective controls include reconciling the bank or inventory counts. Typically these internal controls are performed periodically to see if any need to be corrected. They will often turn up internal errors or problems, as well as any external errors [such as bank errors].

Segregation of duties: Safeguarding assets

One of the key concepts in placing internal controls over a company’s assets is segregation of duties. Segregation of duties serves two key purposes:

It ensures that there is oversight and review to catch errors
It helps to prevent fraud or theft because it requires two people to collude in order to hide a transaction

Segregation of duties involves separating three main functions and having them conducted by different employees:

Having custody of assets
Being able to authorize the use of assets
Recordkeeping of assets

This segregation of duties is often difficult to achieve in small businesses, but should be implemented as much as possible. In some cases, it may result in an employee from another department being responsible for one of the functions.

When having adequate internal controls is not possible

Where it is not possible to have adequate preventative internal controls including segregation of duties, it is important to implement a compensating control. An example of this could be increased periodic oversight by you or the board of directors.

Summary: Internal accounting controls [e.g., processes, checks, balances, segregation of duties] safeguard assets and need to be implemented early on.

Purpose

All organizations should separate incompatible functional responsibilities. Proper segregation of duties helps ensure that errors, omissions, or misstatements, whether intentional or unintentional, will be detected by another person. Where segregation of duties is not possible or practical, deploy alternative controls.

Key Concepts and Control Examples

Address Unit Differences:

Segregation of duties may vary depending on a unit's size and structure.

Control Example: Duties may be segregated by department or by individuals within a department. Consider the level of risk associated with a transaction when determining the best way to segregate duties.

Demonstrate Segregation of Duties:

It should be possible to demonstrate segregation of duties to an outside party.

Control Example: Procedures and authorizations are documented to prove that a system of control includes segregation of duties.

Document Responsibilities:

Segregation of duties should be clearly defined, assigned, and documented.

Control Example: Document and clearly communicate who will initiate, submit, process, authorize, review, and reconcile each activity within the unit.

Increase Review and Oversight:

When it is difficult to sufficiently segregate duties, unit management should increase review and oversight functions.

Control Example: Assess the potential for mistakes or fraudulent transactions. If the segregation of duties is not sufficient to eliminate or adequately reduce the risk of discovering errors, the level of management’s review should be increased over that particular activity.

Rotate Job Duties:

Unit management should rotate key internal control responsibilities to enhance segregation of duties and identify potential lapses.

Control Example: Rotating key job duties, such as responsibility for reconciling bank accounts or approving transactions, offers the opportunity to determine whether a control is functioning as intended, and it is an opportunity to cross-train others to perform those functions.

What is the meaning of segregation of duties?

Segregation of Duties [SOD] Segregation of Duties [SOD] is a basic building block of sustainable risk management and internal controls for a business. The principle of SOD is based on shared responsibilities of a key process that disperses the critical functions of that process to more than one person or department.

What is an example of segregation of duties?

Examples of segregation of duties: The person who requisitions the purchase of goods or services should not be the person who approves the purchase. The person who approves the purchase of goods or services should not be the person who reconciles the monthly financial reports.

What are the four major functions of segregation of duties?

There are four general categories of duties or responsibilities which are examined when segregation of duties are discussed: authorization, custody, record keeping and reconciliation. In an ideal system, different employees would perform each of these four major functions.

Who is responsible for segregation of duties?

Responsible administrators must consider the principle of segregation of duties when designing and defining job duties. They must implement processes and control procedures that, to the extent feasible, segregate duties among employees and that include effective oversight of activities and transactions.