Segregation of Duties for Supplier Management
Segregation of Duties for Supplier management is an essential element of any financial internal control concepts. In a nutshell, the Segregation of Duties eventually comes down to simple requirement of not allowing an individual or a small group within an organization to do both sets and evaluate principles and processes that ensure the safety and integrity of supplier information. This can be illustrated in the simple case of Supplier Onboarding. Segregation of Duties for Supplier Management dictates that the person that requests for a new supplier to be considered cannot also be the person who approves the “New Vendor’s Application”.
There is a timeless Latin phrase “who will guard the guardians themselves” (Quis custodiet ipsos custodes?). Traditional internal control systems strongly depend on assigning specific responsibilities to different employees, including segregation of incompatible functions. The main mission of Segregation of Duties for Supplier Management is to eliminate a possibility for one person to establish fake suppliers and ultimately funnel money into bank accounts that are fraudulent or owned by other entities altogether.
Segregation of Duties for Supplier Management Tips
Many organizations tend to assign a responsibility of enforcing Segregation of Duties for Supplier Management to the Internal Audit department. The reasons for this is because finance departments are the last stop for funds that leave the organization. There is too much chance of collusion within the department to funnel money from the intended purposes to more nefarious destinations. Placing the Audit responsibility further reduces the chances of collaboration and conspiring to defraud the organization
The Internal Audit department is tasked with ensuring the control of all mechanisms, including improved efficiency of audit procedures as well as the current Fraud Risk Assessment. The Fraud Risk Assessment process is to identify all potentially harmful financial risks that the Segregation of Duties for Supplier Management is supposed to minimize or eliminate. This process of “identification” includes the following:
- Understanding the structure of a fraud classification system, including a research oriented toward the risks that are unique to your business, industry, or organization.
- Evaluating all fraud scenarios and financial risks that could severely damage the financial structure of your organization.
- Develop a library, diary, or a book of all potential SOD conflicts for each and any relevant business process.
- Prioritize these Segregation of Duties for Supplier Management conflicts by evaluating the elements that influence the magnitude of potential risks and frauds.
- Identify all essential Segregation of Duties risks. The most important operation in simplifying the SOD scope is to reduce the area that the auditors have to process.
- Support your auditor’s risk assessment work with all necessary documentation. This documentation associated with the identification and recommendation of the principal risks should clearly indicate all the potential risks you previously evaluated.
Segregation of Duties is Your Duty
One more time, the very purpose of the Segregation of Duties for Supplier Management is to narrow a list of all potential risks to the very few, which you have to minimize or eliminate accordingly. An investment that is both timely and substantial in this field is always a smart move, which can and will pay off beyond your most optimistic expectations.