About this Policy
Segregation of Duties
Policy Number: 21302
Effective Date:
Dec 12, 2017
Last Updated:
Responsible Office:
Every Employee
Responsible Administrator:
Managers and Principal Investigators (PI)
Policy Contact:
Campus Accounting Office
Categories:
- Finance
Menu:
- Scope
- Reason for Policy
- Policy Statement
- Definitions
- Accountabilities
- Forms
- Related Information
- History
- Procedure
Scope
All University employees are responsible for performing their duties in accordance with proper Internal Controls as established by management. Segregation of duties is one of the key elements of Internal Control.
Reason for Policy
Segregation of duties is critical because it ensures separation of different functions and defines authority and responsibility over transactions. Segregation of duties is also a key Internal Control; it reduces the risk of errors and inappropriate actions.
Senior administration and all individuals responsible for assignment and supervision of employees that carry out fiscal activities, budget, and implementation of Internal Controls must ensure there is adequate segregation of duties within their areas of responsibility. An individual should not be in a position to initiate, approve, and review the same action. The recording/Verification function and the asset (e.g., money, inventory) custody function should be separated among employees.
Policy Statement
In an ideal environment, a different employee should perform each of the following major duties or functions:
- Authorization
- Recording
- Verification
- Custody of Assets
- Managerial Review
No one person should have responsibility to complete two or more of these major functions. There is a greater need for proper segregation of duties for assets that are more negotiable (i.e. cash funds, negotiable checks and inventories). If a person performs more than one of these major functions, mitigating controls should be put in place. Without additional Mitigating Controls in place, there is the potential to carry out and conceal errors and/or irregularities in the course of performing day-to-day activities.
Federal, state and other sponsor regulations impose additional requirements for the Authorization, review and documentation of sponsored activity that necessitate additional controls. Authorization, Verification and Managerial Review should not be performed by the same person. However, although it is less than optimal, the Principal Investigator (PI) may be allowed to perform all three functions when adequate Mitigating or Compensating Controls are in place.
The departmental office is responsible for maintaining accurate documentation of Authorizations and retaining documentation of the delegation of authority in a reproducible form, in accordance with records retention requirements (see the Records Retention Guides).
The major functions presented above are discussed as follows:
Authorization
All transactions must be authorized. The individual initiating the transaction must have the authority to do so. Authorization confirms adherence to the following general requirements:
- Employees cannot authorize transactions for their own reimbursement.
- Documentation of the Authorization.
- All transactions must adhere to University policies, existing laws, regulations, compliance requirements, as well as any terms and conditions of the sponsor.
- All individuals responsible for assignment and supervision of employees that carry out fiscal activities, or their designees, should appoint and document authorized signers of all financial transactions.
- The PI is responsible for all sponsored activity to ensure the activity is Allowable, Allocable, and within the period of availability.