The amount of supplier payments is material at any type of organization and deserves a tight, effective control environment. Without that, an organization is more exposed to mistakes and fraud. Like any other organizational field, tighter and more effective control environment can be created and maintained by shaping policies and procedures and technologically enforcing them. Here are some useful guidelines to consider.
It is important to control the following related processes:
- Creation of new suppliers
- Updates to supplier details
- Invoice approvals
- Batch-payments
- Erroneous or fraudulent scenarios
Which control-guidelines should be considered?
Segregation of duties. The design of each supplier-payments related process should prevent any individual from being able to operate certain sequences independently. A given company may want to prevent any of its employees from being capable of both creating a new supplier, approve its invoices, add such invoices to payment batches, and process payments – independently.
Financial thresholds. A given company may require different approvals for different payable amounts. For example, it may prefer that, in addition to other approvers, invoices of up to $ 50 thousand be approved by a Director of Finance, and over that amount – by the CFO.
Enforced workflow. Supplier-payments related policies and procedures, including those relating to segregation of duties and financial thresholds as demonstrated above, should be technically / technologically enforced by “the system”. Specifically, system authorizations and credentials should fit such policies and procedures. For example, A given company may prefer that, by default, invoices must be assigned to purchase orders in order to be processed for payment. The logic behind such a requirement is a segregation-of-duties one: Purchase-orders involve additional personnel, i.e., the Purchasing department. Furthermore, such a requirement helps to keep organizational purchasing under control.
Control reports. Certain reports should be generated and reviewed as a routine. For example, it is advisable that the list of recently-opened-suppliers, be reviewed as a routine, along with details regarding the individual who performed that activity. Same goes for updates of suppliers’ bank details.
Periodical Finance-operations audits. From time to time, top management or Boards may want to be assured that such practices are actually maintained. Such assurance can ultimately be provided by an external, independent party, providing such services. For Finance personnel, such audits also provide an opportunity to verify that best-practices are, indeed, maintained, or align with such. The best-practice frequency for such audits may be once every two or three years.
The opinions expressed on this website are not suitable for all business circumstances.