Utility

How effective are your internal controls?

By Gary Sanders | March 11, 2014

I recently completed a business review for a small utility in which I recommended purchasing new billing software, among other internal changes. As I finished presenting my report to the management team, the general manager slid a page across the table and asked “Will implementing your recommendations take care of this?”

What he showed me was the exceptions page from their most recent annual audit in which the auditors had cited the utility for inadequate separation of duties.

Separation of duties

Separation of duties is a form of internal control based on having more than one person involved in a process to prevent errors and fraud.

For example, in a utility business office, the following combinations of tasks should be divided among two or more employees:

Issuing bills and accepting payments or adjusting accounts
Accepting payments and adjusting or writing off accounts
Accepting payments and preparing bank deposits
Approving and entering adjustments to accounts
Writing checks and reconciling bank statements

Limited staff

The reality in many small offices with limited staff is that it’s not possible to separate all of these responsibilities.

Such was the case with the utility described above. They have two customer service representatives who also function as cashiers and one billing clerk. The billing clerk fills in for the customer service reps during their lunch hours and this is what the auditors cited in their audit exception.

I explained to the general manager, as I suspect he already knew, that what he faces is a staffing issue, not something new software will remedy. Unless he is willing to hire another person or have only one person in customer service during the busy lunch hour, this will be a perennial issue.

Effective oversight

In cases like this, a strong set of checks and balances is vitally important to protect the organization against dishonest or fraudulent acts.

Have a supervisor or manager review all transactions before they are updated. This is especially important for adjustments, which are the easiest way to try to cover up payments that are pocketed.

I recommend periodically reviewing your internal control policies and procedures with an eye out for how they can be improved. And don’t stop at just reviewing your written policies – take time to insure and validate they are being followed as intended.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

How effective are your internal controls?

Related Articles

Edmunds GovTech Case Studies: A Glance into Enhancing Local Government Operations

Eliminating Needless Days of Exposure

Could Your Office Benefit from a Calm Cubicle?