Segregation of duties (SoDs) is an important concept in internal control frameworks, financial reporting, and regulatory compliance. The premise of SoD’s is to prevent one employee from having both access to assets and responsibility for maintaining accountability for those assets. As a result of adequately dividing responsibilities across different team members, a company may increase effective internal controls, reduce the risk of potential errors and fraud, and improve the overall control environment. It’s important to keep in mind, however, that SoDs do not prevent collusion.
Segregation of duties is critical to effective internal control because it reduces the risk of both erroneous and inappropriate actions. Businesses should attempt to separate functional responsibilities to mitigate the risk that errors, either intentional or unintentional, could be made without being discovered by another person.
However, small and mid-sized resorts often face the problem of properly separating job functions due to limited staffing or resources, especially in today’s age of labor shortages. Having one employee performing such tasks as reconciling the bank statement, paying the company bills, receiving customer payments, and making the related general ledger entries increases the company’s risk of possible employee fraud and theft. This does not mean business owners should simply accept this risk. There are other mitigating procedures that can be implemented to offset risks and strengthen internal controls. The following procedures are simple and can be easily implemented:
First, consider this simple control: All bank statements should be provided to someone other than the bookkeeper, such as a board member, business owner or the like. This individual should receive the unopened bank statements before the bookkeeper or accountant. While no magic bullet, it has power.
The person who receives the bank statements should simply open the bank statements and review the transactions for appropriateness, paying attention to cleared checks noting payees and amounts. Alternatively, the bank can potentially provide read-only access to this individual in lieu of paper statements. Having a second person to oversee the bank statements is a deterrent for fraudulent activities.
Related: Timeshare Management Companies Share Labor Shortage Solutions
In many cases, fraud is perpetrated by purchasing goods for personal use, which often goes undetected in resorts. Implementing a policy of a payables review and approval before each disbursement cycle is prudent and is an easy way to provide an extra layer of control. When there is a small staff, an owner or board member can review a listing of payables before payment is made to help mitigate the risk of such things as items for an individual’s personal use, gift cards, or other unauthorized transactions occurring.
The point here is to have at least two sets of eyes on transactions. Fraud is less likely to be perpetrated if it is known that someone else will be reviewing transactions and asking questions.
Another way to create transparency within smaller businesses can be achieved by periodically scheduling a random inspection or review of financial information. Although these are not opinion audits such as those typically issued by an accounting firm, they can be performed by an accounting firm or done internally by management or by a board member. Consistency and sticking to a periodic, rotating schedule are key to this type of internal control. Make it a policy that the audits will be performed either monthly or quarterly but not specific as to which areas will be examined. Some potential areas of focus are as follows:
These are just a few ideas of ways to implement mitigating controls in a small to a medium-sized resort with limited team members, and the functions can be rotated among individuals. The idea is that employees know that there is a system of checks and balances in place. A resort should review whether there are other areas unique to its operation where employees may be able to manipulate information and/or assets and identify how to monitor these activities. The ideas above are straightforward and inexpensive to implement, yet they are powerful and can help reduce the risk of possible fraud or theft.
Withum is a forward-thinking, technology-driven advisory and accounting firm, committed to helping clients in the hospitality industry be more profitable, efficient, and productive in the modern business landscape. For further information about Withum and its cybersecurity, digital advisory, and hospitality services teams, contact Lena Combs (LCombs@Withum.com) at (407) 849-1569, or visit www.withum.com.
Vacatia Inc., a leading provider of innovative customer-centric solutions for independent timeshare resorts, has announced…
As much as we’d all love a crystal ball that accurately predicts the future, the…
During the American Resort Development Association’s (ARDA) 2024 ARDAventure—a first-class annual VIP member retreat designed…
After recently experiencing several poor customer service experiences where an apology would have massively diffused…
At Grand Pacific Resorts, we believe the true magic behind every memorable guest experience is…
While the subject of this article is “Financing, Then and Now,” the underlying reasons this…