Enterprise resource planning systems (ERP) like SYSPRO have evolved dramatically as operational complexity continues to bolster the case for integration and automation.
Of course, with increased ERP capability comes increased risks to mitigate. In their wake, segregation of duties (SoD) has surged in importance as a means of filling the void left by new compliance and financial vulnerabilities.
In this brief guide to SoD in ERP, we’ll go from basic SoD definitions to applications and benefits before revealing the good news for businesses yet to implement strong SoD practices.
What is Segregation of Duties?
The American Institute of Certified Public Accountants (AICPA) puts it like this:
”The principle of SOD is based on shared responsibilities of a key process that disperses the critical functions of that process to more than one person or department.”
It’s really less of a mouthful than that. Let’s reduce it down to human terms.
An everyday example of SoD:
Suppose you’re at the supermarket buying everything except for the milk you went for. The cashier calls a manager to override a transaction they don’t have the authority to void.
That’s street-level segregation of duties.
SoD at the enterprise level
At the business level, segregation of duties can be required by law, or certain standards, in areas such as corporate governance, security and accounting.
A few more sophisticated business examples of SoD in practice might be:
System access permissions
Adding and editing system access permissions is regarded as a root authority separate from financial management activities.
Accounts receivable reconciliation
Separating roles that manage customer cash deposits and the process of reconciling those deposits with sales records.
Sales & approvals
Separation of selling and approval of sales deals, such as approval of margin.
Why Is SoD in ERP So Important for Businesses?
The perks and functions of implementing segregation of duties to ERP environments are fourfold.
- Risk mitigation
When consistently applied in the right way, all four perks will be felt throughout every business layer and department.
What does ‘the right way’ look like? If the wrong way is through archaic manual methods, then the right way starts with ‘auto’ and ends with ‘mation’.
1. Risk mitigation, fraud and error
The number-one gap that well-applied segregation of duties plugs is financial risk and fraud prevention—and it’s worth stressing that fraud needn’t be active embezzlement. After all, data errors and oversights can land you in just as much hot water.
2. Assurance & SOX compliance
If you’re not aware of the Sarbanes-Oxley Act (SOX), here’s a little light reading.
In short, the SOX act protects the public from fraudulent or erroneous business practices.
What role does SoD play in gaining SOX compliance? To get SOX assurance publicly traded companies must document and verify financial reporting controls.
Having strong SoD protocols in place is one of the big green ticks that will gain you your SOX compliance assurance.
The kicker is: If it’s established that SoD was knowingly fudged, the CEO & CFO could even face prison time, so it’s worth doing, and it’s worth doing right.
No business is asking to be slapped with fraud charges. However, when a single person handles more than one step in a transaction cycle, it’s not hard to land in hot water.
Without strict segregation of duties in place and supporting processes behind it, financial risk through low accountability looms overhead like a mission-ending grand piano.
The compound effects of robust segregation of duties practices is operational and financial efficiency.
Whether you’re a small business serviced by a part-time bookkeeper or a multinational with a dedicated accounting wing, SoD helps to keep accounting processes lean and business performance agile.
The Good News: Managing SoD Doesn’t Have to Be Rocket Surgery
Your first stepping stone to establishing strong segregation of duties for ERP is defining clear access policies and processes that fit around stakeholder roles and responsibilities.
Read the EnterpriseWorx Segregation of Duties Brochure and find out how you can easily manage and monitor internal controls for SoD.
Once everything’s in place the objective changes to maintaining SoD through monitoring and best practice to prevent HR activity and other influences from taking segregation of duties out of alignment.
For advice on getting started with SoD, or if you’d like a demo of EnterpriseWorx Segregation of Duties, get in touch. We’re here to help.