In business, as in life, if we
don’t take care of little things, they can become big things. I’ve always
remembered a quote from a parenting expert I heard years ago: “As time goes on,
the mistakes get more expensive”. This concept is particularly true of internal
controls.
Accountinged.com is an online training academy. Click here for a free trial.
The Hartford Courant reported in
May of 2015 that the Ex-Finance Director of Plymouth, David Bertnagel, was sentenced to 30 months in prison. This individual
embezzled $808,000 from the city. If you live in any major city, you’ll see an
article about business theft every week. This crime is particularly difficult
for a governmental entity. The money that was stolen was public funds- a
violation of the public’s trust.
So how did it happen?
The theft
The article explains that: “For
several years, Bertnagel wrote checks to himself from Plymouth's accounts, and
then simply deleted the entries from the accounting ledger.” He was caught
when a bank official reported two suspicious checks to the Mayor. The bank noticed
that the checks were written to Bertnagel (a city employee) on town bank accounts.
Understanding the purpose of an audit
Here’s another quote from the article:
“Meyer (The Judge in the case) asked
how the town's auditors from Blum Shapiro failed to uncover the theft, which
included more than 200 checks.
"That's an excellent question. We've asked that
question many times," Merchant (The Mayor) replied, saying the town will
be changing firms after an ongoing audit is completed.”
This issue is tricky. An audit is
designed to determine whether of not the financials are free of material misstatement.
By material, we mean an error large enough that would cause the financial statement
reader to change their opinion about the entity’s finances.
Most audits now require the auditor
to assess internal controls- and here’s where we have the tricky problem: An audit
is not designed to detect fraud. However, the reason that this theft occurred is that
the internal controls were woefully inadequate. It’s reasonable to expect the auditor
to recognize the internal control weakness and point it out.
Segregation of duties
Whenever possible, these
three duties should be assigned to three different people in an organization:
·
Custody of assets: Custody refers to the person
who has access to the assets. This would include possession of the checkbook, or
keys to the company warehouse. In this case, the Finance Director has access
to the checkbook.
·
Authority to move assets: Authority means the person
who can sign a check (move cash) or who can take equipment out of the warehouse.
The Finance Director could sign checks. Generally, accountants should avoid signing
checks- because of the other two duties that need to be segregated (above and below
this duty).
·
Recordkeeping: If a person has custody
of assets or authority to move assets, that person should not post accounting entries
or reconcile the bank account. Fortunately, a banker noticed the issue and pointed
it out to the Mayor.
Don’t neglect internal
controls. As you can see, a lack of segregation of duties can be devastating to
an organization. Every entity should have a written set of internal controls
and monitor to take sure those controls are being followed.
Have you seen a lack of segregation
of duties in your business experience? Tell me about it- I’d love to hear from you.
Ken Boyd
St. Louis Test Preparation
Author: Cost Accounting for Dummies, Accounting
All-In-One for Dummies, The CPA Exam for Dummies and 1,001 Accounting Questions for Dummies
Co-Founder: accountinged.com
(email) ken@stltest.net
(website) www.stltest.net
No comments:
Post a Comment