Maintaining segregation of duties during talent shortages

2021 began with the “Great Resignation,” an ongoing economic trend in which employees voluntarily resigned from their jobs in masses. A record number of 4.5 million employees quit their jobs in March 2022, according to the U.S. Department of Labor. This trend leaves companies with vacant job positions and staffing shortages, saddling the remaining employees with additional responsibilities. Companies experiencing shifting of employee responsibilities should evaluate segregation of duties (SOD) around key processes to maintain effective operations and execution of key controls and activities.  

SOD is a fundamental element of internal controls and overall risk management and allocates key duties and functions of a specific process to multiple individuals to further reduce the risk of fraud and errors. There are four types of functions under the concept of segregation of duties: 

1. Authorization
2. Custody
3. Record keeping
4. Reconciliation

Roles and responsibilities should be designed and established to prevent one person from handling more than one type of function for any process.

Risks

Potential risks to an organization with a lack of SOD include:

• Fraud – A single employee performing all key functions within a process leaves no secondary oversight and allows for fraud to go undetected.  
• Errors – Lack of secondary oversight of a process means errors may not be detected and corrected in a timely manner. 
• Inefficiency – A single employee performing all key functions may increase the time it takes to complete tasks.

These risks can cause significant damage to an organization such as fraudulent payments, inaccurate financial statements, or reputational risks.

A real-world example

A strong SOD set up for functions under accounts payable might look like this:

1. Authorization – warehouse manager approves invoice for goods for payment
2. Custody – treasury clerk has access to bank accounts to make payments