Segregation of duties in transactional banking

0
ONCE UPON A TIME: the relevance of history in risk management (final)
Alberta Quarcoopome

– is it an obstacle in modern banking?

“…I say, that Power must never be trusted without a check.”
― John AdamsAdams-Jefferson Letters 

Definition and general description

A Separation of Duties (SoD) is the concept of having more than one person required to complete a task. In business, the separation by sharing of more than one individual in one single task is an internal control intended to prevent fraud and error. The concept is alternatively called segregation of duties.

Is the policy retrogressive?

This is one policy in banking that has never changed. Whatever happens in any bank, whether during change management, product development, staff recruitment, technological improvements, this is a policy that is always constant. It is the segregation of duty or functions. This separation or segregation of duty or functions in banking connotes some perception among some staff that it is a retrogressive policy and should be done away with. It is sometimes regarded as retrogressive because of the slogan that banking depends on trust. Hold it there! Have you observed that even in digital banking  this function is built in the system? Though it is basic, it is by far the most potent as it ensures that errors or irregularities are prevented or detected on a timely basis by employees in the normal course of business.

The Benefits of SoD

Segregation of duties provides two benefits:

  • A deliberate fraud is more difficult because it requires collusion of two or more persons; and
  • It is much more likely that innocent errors will be found.

At the most basic level, segregation of duties means that no single individual should have control over two or more phases of a transaction or operation. Management should assign responsibilities to ensure a crosscheck of duties. If a single person can carry out and conceal errors and irregularities in the course of performing their day-to-day activities, they have generally been assigned or allowed access to incompatible duties or responsibilities.

Broadly, any financial institution’s organizational structure is usually separated into “Front Office”, “Middle Office” and “Back Office” departments and functions. The branch banking function is a one-stop banking with several activities going on at the same time. It includes account opening, receiving and paying cash, cheque processing, issuing bank drafts, cards, digital banking, issuing cheque books, processing loans, giving financial advice, marketing for prospects, attending to customer enquiries, reconciliation of books and supervision by managers. These transactional banking activities are a combination of the front and back offices, which support each other and blend together to enhance the banker-customer relationship.

Given the above scenario, you will think all the staff are working in a maze. It would have been so if the structure is not made for control mechanisms to be in place to avoid one person starting and ending a transaction. This is where the Segregation of Duty comes into force. This policy is also embedded in all banking applications including digital banking.

Negative perceptions among some bank employees

Here are a few negative perceptions among some bank employees.:

  • ‘When the customer is in a tight position and needs help, and the staff are also being bench-marked for every activity they perform, who needs segregation?”
  • “As for this policy it retards progress and its advocates are backward in their thinking. We need a break”
  • “Who needs segregation with all these new technologies, and inventions? After all, banking depends on trust and we trust each other. Even my counterpart is a close friend and I have no qualms about him doing anything behind my back!”

In this article, we will explore the reasons why the segregation of duty policy is always embedded in any bank activity, whether manual or electronic. An examination of various banking activities that involve separation or segregation of duties (SoD) will eventually prove to both customers and bank staff that it is a “necessary evil” that should be endured. With the concept of SoD, a   business’ critical duties can be categorized into four types of functions: Authorization, Custody, Record keeping, and Reconciliation. In a perfect system, no one person should handle more than one type of function.

Segregation of Duty in Branch Operations

It is a well-known fact that Segregation of Duties (SOD) is a top contributor for prevention of fraud activities. The lack of SoDs is an acute problem in many small financial institutions due to the lack of advanced tools or the expertise to manage this risk effectively. Let us look at a real- life case in USA, taken from the Internal Auditor publication:

A Colorado woman has been sentenced to 40 months in prison for defrauding the Bank of Colorado’s Craig branch of US $565,000 during her employment as head bookkeeper and later as the operations officer, according to a CRAIG DAILY PRESS article.

Court records show that over a four-year period, the operations officer made unauthorized electronic transfers by means of block entries from customers’ accounts into her own accounts as well as accounts of family members and other customers. The woman avoided detection by developing elaborate means of re-crediting those accounts before the end of their statement cycles, concealing the unauthorized transfers, and creating and distributing false monthly statements.

Moreover, she was in charge of customer inquiries, and bank employees were instructed to direct complaints to her. She also included false descriptions of transfers and back-dated electronic entries.

Lessons Learned

Control frameworks for organizations that rely on electronic transactions are built on automated controls. In this case, the head bookkeeper, who later became the operations officer, was not deterred from committing fraud by any preventive control. Without an adequate segregation of duties policy, the operations officer was authorized to process transfers, create and distribute monthly statements, and handle customer complaints. Weaknesses also existed in the preventive controls around transfers, which allowed her to have unsupervised access to customer accounts and make:

  • Transfers from customer accounts to her personal account.
  • Transfers just before the end of statement cycles.
  • Unauthorized transfers 

Source: Internal Auditor

We shall examine the lessons learned from the case later on, but before someone quickly reminds me that this does not happen in a bank, let us face it. Between 2014 and 2017,  many microfinance companies in Ghana did not recruit the proper caliber of staff, and some staff were seen to be performing a variety of functions similar to the case of the Bank of Colorado official. It seems rather harmless when a multi-tasking employee is described as very hardworking, reliable, has the ability to work under pressure, an all-rounder and honest”. In some cases, these “all-rounders” are family members who have gained the trust of the CEO. Management must not always use the excuse of lack of funds for recruitment. Lack of enforcement of the segregation of duty due to inadequate resources is an avenue for disaster.

There is more to add on, but let me pause here. For more insights on this topic, please book a copy of my new book, “THE MODERN BRANCH MANAGER’S COMPANION” which involves the adoption of a multi-disciplinary approach in the practice of today’s branch management. It also shares invaluable insights on the mindset needed to navigate and make a difference in the changing dynamics of the banking industry. Call 0244333051 for your copy.

TO BE CONTINUED 

ABOUT THE AUTHOR

Alberta Quarcoopome is a Fellow of the Institute of Bankers, and CEO of ALKAN Business Consult Ltd. She is the Author of Three books: “The 21st Century Bank Teller: A Strategic Partner” and “My Front Desk Experience: A Young Banker’s Story” and “The Modern Branch Manager’s Companion”. She uses her experience and practical case studies, training young bankers in operational risk management, sales, customer service, banking operations and fraud.

CONTACT

Website www.alkanbiz.com

Email:alberta@alkanbiz.com  or [email protected]

Tel: +233-0244333051/+233-0244611343

Leave a Reply