Finding Text
#2022-002 ? Significant Deficiency ? Authorization and Approval Criteria Authorization and approval are control activities that mitigate the risk of inappropriate transactions. They serve as fraud deterrents and enforce segregation of duties. Thus, the authorizer and the approver should generally be two separate people. Condition During the course of the audit, it was determined that the CEO's credit card charges are reconciled by the Finance Director and CEO, and then reviewed by the CEO. The charges are not being individually reviewed by the Board Treasurer and President, as is the policy with other payables/disbursements. Cause This condition is not uncommon for similar size organizations. Effect There is always the potential for errors or irregularities that would not be detected by employees in the normal course of performing their assigned functions. Questioned Costs None Perspective Information After reviewing credit card statements and receipts for FY 2022, it was noted that several charges on credit cards lacked supporting documentation. Identification as a repeat finding There was no similar finding in the prior year. Recommendation We recommend that all credit card charges are matched to a receipt and reviewed and approved by both the Board President and Board Treasurer, as is the policy with other payables/disbursements. This eliminates the risk associated with having the CEO issue approval over his own credit card charges. View of Responsible Official All credit card receipts will be submitted by the CEO or appropriate staff member to the financial services team. Credit card reconciliation documentation and appropriate receipts will be provided to the Board Treasurer for regular review.