Dear readers, once again we have been bombarded with the devastating details in the annual Bank of Ghana Fraud Report. As expected, the details of internal fraud, external fraud and the underlying causes are being digested and discussed in all media, boardrooms and various platforms. This annual report which traces the sources to several internal lapses in various deposit taking institutions has gone viral and left many media personnel discussing it with several opinions. Despite the duty of confidentiality of bankers to customers, the exceptions to this include fraud reporting to Bank of Ghana as a statutory duty. My main concern is whether the various lessons from these cases are not being learnt.
Going back to basics to refresh staff of the basic tenets and principles in banking is therefore a must.
This article was first published in June 2021 but is still very relevant in banking.
Definition and general description
A Separation of Duties (SoD) is the concept of having more than one person required to complete a task. In business, the separation by sharing of more than one individual in one single task is an internal control intended to prevent fraud and error. The concept is alternatively called segregation of duties.
Is the policy retrogressive?
This is one policy in banking that has never changed. Whatever happens in any bank, whether during change management, product development, staff recruitment, technological improvements, this is a policy that is always constant. It is the segregation of duty or functions. This separation or segregation of duty or functions in banking connotes some perception among some staff that it is a retrogressive policy and should be done away with. It is sometimes regarded as retrogressive because of the slogan that banking depends on trust. Hold it there! Have you observed that even in digital banking this function is built in the system? Though it is basic, it is by far the most potent as it ensures that errors or irregularities are prevented or detected on a timely basis by employees in the normal course of business.
The Benefits of SoD
Segregation of duties provides two benefits:
- A deliberate fraud is more difficult because it requires collusion of two or more persons; and
- It is much more likely that innocent errors will be found.
At the most basic level, segregation of duties means that no single individual should have control over two or more phases of a transaction or operation. Management should assign responsibilities to ensure a crosscheck of duties. If a single person can carry out and conceal errors and irregularities in the course of performing their day-to-day activities, they have generally been assigned or allowed access to incompatible duties or responsibilities.
Broadly, any financial institution’s organizational structure is usually separated into “Front Office”, “Middle Office” and “Back Office” departments and functions. The branch banking function is a one-stop banking with several activities going on at the same time. It includes account opening, receiving and paying cash, cheque processing, issuing bank drafts, cards, digital banking, issuing cheque books, processing loans, giving financial advice, marketing for prospects, attending to customer enquiries, reconciliation of books and supervision by managers. These transactional banking activities are a combination of the front and back offices, which support each other and blend together to enhance the banker-customer relationship.
Given the above scenario, you will think all the staff are working in a maze. It would have been so if the structure is not made for control mechanisms to be in place to avoid one person starting and ending a transaction. This is where the Segregation of Duty comes into force. This policy is also embedded in all banking applications including digital banking.
Negative perceptions among some bank employees
Here are a few negative perceptions among some bank employees.:
- ‘When the customer is in a tight position and needs help, and the staff are also being bench-marked for every activity they perform, who needs segregation?”
- “As for this policy it retards progress and its advocates are backward in their thinking. We need a break”
- “Who needs segregation with all these new technologies, and inventions? After all, banking depends on trust and we trust each other. Even my counterpart is a close friend and I have no qualms about him doing anything behind my back!”
In this article, we will explore the reasons why the segregation of duty policy is always embedded in any bank activity, whether manual or electronic. An examination of various banking activities that involve separation or segregation of duties (SoD) will eventually prove to both customers and bank staff that it is a “necessary evil” that should be endured. With the concept of SoD, a business’ critical duties can be categorized into four types of functions: Authorization, Custody, Record keeping, and Reconciliation. In a perfect system, no one person should handle more than one type of function.
Segregation of Duty in Branch Operations
It is a well-known fact that Segregation of Duties (SOD) is a top contributor for prevention of fraud activities. The lack of SoDs is an acute problem in many small financial institutions due to the lack of advanced tools or the expertise to manage this risk effectively. Let us look at a real- life case in USA, taken from the Internal Auditor publication:
“A Colorado woman has been sentenced to 40 months in prison for defrauding the Bank of Colorado’s Craig branch of US $565,000 during her employment as head bookkeeper and later as the operations officer, according to a CRAIG DAILY PRESS article.
Court records show that over a four-year period, the operations officer made unauthorized electronic transfers by means of block entries from customers’ accounts into her own accounts as well as accounts of family members and other customers. The woman avoided detection by developing elaborate means of re-crediting those accounts before the end of their statement cycles, concealing the unauthorized transfers, and creating and distributing false monthly statements.
Moreover, she was in charge of customer inquiries, and bank employees were instructed to direct complaints to her. She also included false descriptions of transfers and back-dated electronic entries.
Control frameworks for organizations that rely on electronic transactions are built on automated controls. In this case, the head bookkeeper, who later became the operations officer, was not deterred from committing fraud by any preventive control. Without an adequate segregation of duties policy, the operations officer was authorized to process transfers, create and distribute monthly statements, and handle customer complaints. Weaknesses also existed in the preventive controls around transfers, which allowed her to have unsupervised access to customer accounts and make:
- Transfers from customer accounts to her personal account.
- Transfers just before the end of statement cycles.
- Unauthorized transfers
Source: Internal Auditor
We shall examine the lessons learned from the case later on . Lack of enforcement of the segregation of duty due to inadequate resources is an avenue for disaster.
There is more to add on, but let me pause here. For more insights on this topic, please book a copy of my new book, “THE MODERN BRANCH MANAGER’S COMPANION” which involves the adoption of a multi-disciplinary approach in the practice of today’s branch management. It also shares invaluable insights on the mindset needed to navigate and make a difference in the changing dynamics of the banking industry. Call 0244333051 for your copy.
TO BE CONTINUED
ABOUT THE AUTHOR
Alberta Quarcoopome is a Fellow of the Institute of Bankers, and CEO of ALKAN Business Consult Ltd. She is the Author of Three books: “The 21st Century Bank Teller: A Strategic Partner” and “My Front Desk Experience: A Young Banker’s Story” and “The Modern Branch Manager’s Companion”. She uses her experience and practical case studies, training young bankers in operational risk management, sales, customer service, banking operations and fraud.