Cash Management: Internal Controls Checklist

Per the U.S. Chamber of Commerce, about 75% of employees are stealing from their employer. Research has shown that the most common item stolen was cash, with the average amount stolen amounting to $20,000. Here is a checklist of internal controls your business clients should have in place to protect themselves both from internal employee theft and external theft:

1. Segregation of duties – On the accounts receivable side, ensure that the same person who is receiving cash, is not also depositing it and recording it in the accounting records. For accounts payable, ensure that the same person approving payments is not also writing the checks and reconciling the bank account.
2. Make timely deposits – Cash and checks received at a business should be deposited daily to decrease the chance of the money being stolen.
3. Review check signing authority – Review the records with the bank to ensure that the appropriate team members have check signing authority. Consider requiring more than one signature for checks above a certain threshold.
4. Control access to check stock, accounting systems, and cash – Unused check stock should be locked up. Access to computer systems or banking systems where checks can be generated should require strong passwords. Cash and checks waiting for deposit should be securely stored in a safe.
5. Discourage management override of controls – Management override of existing controls should be strongly discouraged as it sets a poor example for team members about the importance of internal controls, and because external thieves are targeting businesses this way. We have seen thieves pretend to email as the company CEO requesting funds be wired, and the accounting employees follow those instructions without following the normal process and controls for purchases resulting in payments made to cybercriminals.
6. Reconcile the bank accounts – All bank accounts should be reconciled on at least a monthly basis. Ideally, a person uninvolved in the day to day accounting activities for cash receives an unopened bank statement with canceled check copies to reconcile the bank account from so that the statement activity and canceled checks can be reviewed for irregularities. If there are not enough team members for this to happen, it is important that an owner, manager, or board member obtain the bank statement and review for irregularities prior to the regular bookkeeper preparing the reconciliation.
7. Utilize technology to help – New technology exists to help businesses prevent theft. Segregation of duties can be easily accomplished via system-based approval processes for purchases and payments. Controls on customer payments received can be gained by streamlining client payment collection via lockbox services. The risk of stolen check stock can be reduced by utilizing a bill payment service. Positive pay systems can be enabled at the bank to ensure fraudulent checks are not paid.