Accounts Payable Review Audit Report - Sample 2.pptx

Accounts Payable Review Audit Report: Sample 2

Table of Contents 03 Executive Summary 05 Key Issues and Action Plan Summary 06 Background 09 Objectives and Work Performed 10 Audit Scope 2 11 Internal Control Assessment 12 Best Control Practices Scorecard 14 Benchmarking Analysis 15 Detailed Issues and Action Plans 34 Appendix I: Data Analysis Summary

Executive Summary 3 The current AP function is divided into two distinct areas with separate dedicated resources: expense payables and merchandise payables. This is because expense payables or non-merchandise purchases are not designed to utilize a purchase order (PO) system or other upfront purchase approval processes and a subsequent system receipt. On the other hand, by design, the merchandise payables do utilize the aforementioned elements necessary for proper payment processing. Expense payables are processed based solely on a signed invoice, which is approved by the person who ordered the goods/services. Consequently, this practice significantly increases the risk of payments for inappropriate purchases, as purchases are not properly approved prior to commitments and proof-of-delivery is not required. AP has implemented and continues to utilize several controls in order to better manage the function. For example: Segregation of duties exists between vendor set up/maintenance and payment processing functions Exception reports are being used to monitor duplicate payments and “paid prior to” payments Several performance measurement reports are used to monitor AP performance A systematic three-way match is performed among the PO, receipt and invoice for merchandise payables Receipt, purchase price and quantity exceptions for merchandise payables are monitored Accounting has also implemented key reconciliation procedures for the various files used within the mainframe and system (financial controller and general ledger [G/L]). These reconciliations are being performed to ensure that AP activity is accurately, completely and timely updated in all the applicable files. Specifically: Monthly reconciliation of financial controller to G/L The primary objective of an accounts payable (AP) function is to ensure that vendor payments are made accurately, completely and in a timely manner to the right vendors and only for the goods/services received. While keeping these objectives at the forefront of the AP function, companies also do their best to maximize cash flow by establishing superior vendor relationships and favorable payment terms through their procurement/purchasing functions. Accordingly, an efficient AP function is interdependent on the vision and efficiencies of the procurement/purchasing and receiving functions. Given the importance of compliance with its debt covenants, achievement of these objectives is even more important for Company ABC. Company ABC must maintain an efficient and properly-controlled AP function while ensuring that merchandising/purchasing and receiving understand that AP cannot appropriately function without their support. Essentially, merchandising/purchasing, receiving and AP functions should be viewed as one process in order to achieve “purchase-to-pay” cycle goals and superior cash flows. Keeping with this theme, recently, management has re-aligned AP to be part of the broader supply-chain process.

Executive Summary 4 Comparatively, most controls within the merchandise payables are automated and preventative in nature; however, due to systems transactional flow customization, improvement opportunities exist to combat the various re-works and processing inefficiencies. For example: Invoices are paid prior to systems receipt of goods. In (Year), approximately $X million were paid prior to receipt. Duplicate payments are identified only after payments have been made to vendors, which results in excessive re-work and loss of working capital and would also result in poor vendor relationships. Vendor Repayments: Inaccurate invoice deductions due to price and/or quantity differences and "paid prior to" invoices (invoices paid prior to receipt) are being processed at a rate of X% and X% for quantity and price discrepancies, respectively. Total vendor repayments were $X million during (Year). Separately, there two different vendor master files: one in merchandising and other in AP. Information contained in these two files is not synchronized systematically. The management team recognizes these weaknesses and has articulated its commitment to addressing and resolving them. Implementation of our audit recommendations will facilitate Company ABC's goal of enhancing controls and establishing accountability/credibility within the AP process. Please refer to Page 12 for AP best practices and Page 14 for AP benchmarking data. We appreciate and value all the support received during this review. Although AP utilizes basic controls to ensure that appropriate payments are being made, these controls are manual and detective in nature and rely heavily on the performance of a few individuals for the controls to be effective. The manual nature of the current controls inhibits implementation of additional relevant preventative and monitoring controls. Significant opportunities for both control and efficiency improvements exist in the current expense payable process. For example, expense vendors are not properly approved prior to being set up in the vendor master file. Additionally, corporate personnel do not have any approval procedures/dollar parameters restrictions as to what and how much they can purchase. The only control to monitor these expenses is the monthly budget-to-actual comparison. Expense payable invoices are paid daily. Total expense payable transactions processed in (Year) were approximately $X, totaling $X million. Of this amount, approximately X% of these invoices were $X or less, representing only X% of the total dollars paid.

Key Issues and Action Plan Summary 5 Issues Business Impact Responsible Impact Due Date Access to the various systems utilized during the AP process is not adequately secured or monitored. Loss of data integrity and inappropriate use of the systems Merchandise Payables: Invoices are paid prior to the verification of the receipt of goods. Negative impact on cash flow due to inaccurate payments to vendors Expense Payables: There are no approval and authorization procedures for supplier selection prior to the purchase of goods. Unauthorized disbursements and possible financial loss Expense Payables: A purchase order system or other upfront approval process is not used for recurring expenses or non-merchandise related purchases. Unauthorized disbursements and possible financial loss Expense Payables: Proof of receipt is not required to be submitted with approved invoices prior to payment. Inaccurate payments to vendors and possible financial loss Two versions of the vendor master file are utilized and maintained. Inaccurate payments to vendors and possible additional costs incurred

Background 6 There are X# full-time employees (FTE) in the accounts payable department. The department currently has one AP manager. X# and X# merchandise and expense invoices, respectively, were processed and X# checks were printed in (Year). There are X# active vendors. Vendors are currently being paid within discount terms (e.g., X% X# days) or by the vendor due date. Top 10 Merchandise Vendors by Invoices Processed Vendor Name X# of Invoices Value (‘000s) Total Total Fiscal Year (FY) Invoices X# $X X% of Total X% X% Top 10 Expense Vendors by Invoices Processed Vendor Name X# of Invoices Value (‘000s) Total Total FY Invoices X# $X X% of Total X% X%

Background (continued) 7 Top 10 Expense Vendors by Invoice Amounts Vendor Name X# of Invoices Value (‘000s) Total Total FY Invoices X# $X X% of Total X% X% Volume of Expense Invoices and Dollar Amounts Processed in (Year) Total : X# Insert Chart

Background (continued) 8 Top 10 Merchandise Vendors by Invoice Amounts Vendor Name X# of Invoices Value (‘000s) Total Total FY Invoices X# $X X% of Total X% X% Volume of Merchandise Invoices and Dollar Amounts Processed in (Year) Total : X# Insert Chart

Objectives and Work Performed 9 Obtain an overall, high-level understanding of the accounts payable process and related functions. Evaluate the adequacy and effectiveness of key internal controls and overall operational effectiveness related to the accounts payable and disbursement process. Assess the existence and adequacy of policies and procedures. Identify opportunities for process and control improvement. Evaluate other key process performance measures and compare current performance to available benchmark data. Objectives Interviewed key process personnel within the accounts payable department to obtain an understanding of the accounts payable process and related functions. Tested key controls to ensure that controls were operating effectively. Performed limited transaction testing of disbursements. Performed computer-assisted auditing techniques (CAATs) including analysis of the disbursement and vendor master files. Reviewed relevant company policies and procedures. Compared Company ABC practices with best practices. Summarized observations and management action plans. Benchmarked Company ABC’s accounts payable operations against other companies. Risk Approach and Work Performed

Audit Scope 10 Understand Process Assess Control Design Assess Control Gaps Test Vendor File Maintenance Understand Process Assess Control Design Assess Control Gaps Test AP Understand Process Assess Control Design Assess Control Gaps Test Accounting Expense payables, stock and relay Review for completeness, accuracy and timeliness of input and payment processing (electronic data interchange [EDI] and manual) Review access to systems and check stock/signature plates Review the PO and invoice-matching process (pre- and post-paid) Review the disbursement approval process For significant recurring expense payables, review for underlying contract/commitment Review controls over stop payments and reissues Review daily balancing performed by AP Review vendor maintenance within the AP vendor master file (stock and relay) along with access controls Review the vendor master file creation for expense payables Review the integrity of the interface from the AP subledger to the GL Review the monthly reconciliation of the AP subledger to the GL In Scope Out of Scope Review of vendor master files created by merchandising Petty cash Direct ship Wire transfers

Internal Control Assessment 11 We assessed the existence and effectiveness of controls in relation to the business objectives of the accounts payable process. Possible control improvements (rated as "Moderate" or “Limited Controls”) are referenced to the detailed issues and action plans section for further details. Authority/Limit Rating Detailed Issues and Action Plans Reference Suppliers are properly authorized prior to procuring goods/services Detailed Issue and Action Plan #4 Accounts payable disbursements are properly authorized Detailed Issue and Action Plan #1, #2, #5, #7 Access to applicable AP systems is properly segregated Detailed Issue and Action Plan #2, #12 Effectiveness/Efficiency Rating Detailed Issues and Action Plans Reference Disbursements are made to maximize cash flow Detailed Issue and Action Plan #2 Costs are reduced as much as possible Detailed Issue and Action Plan #2, #8, #9, #10 Processing time is minimized Detailed Issue and Action Plan #2, #3, #4, #5, #6 Performance measures used to control the process are reliable N/A Strong Controls Moderate Controls Limited Controls

Best Practices Scorecard 12 Best Practices Company ABC Practice Rating Strengthen cash flow by explicitly managing payment dates and terms. Monthly costs or savings of late payments and prompt-payment discounts Invoices are not paid before their due dates A “cost of terms” table exists within the system, which compares the cost of money between the discount offered and extended payment terms prior to payment Expense payable invoices are due upon receipt Some merchandise payable invoices are paid prior to receipt Manage communication with suppliers to establish mutually agreeable practices. Merchandising only agrees to the supplier’s terms when AP can meet the terms AP pays invoices within a few days of its agreed-upon terms AP seeks advice from its suppliers on how to improve the process Suppliers’ performance is monitored and communicated back to them There is no formal communication between AP and the merchandising (buyer) department to develop uniform, beneficial practices for supplier management. Invoices are always paid within discount terms (if offered) AP communicates with suppliers on a regular basis No formal supplier performance program is utilized Analyze money, quality and time costs in the current accounts payable process. AP has identified the bottlenecks in the process AP categorizes different types of errors and investigates their causes by category The source of mismatches between invoices, purchase orders and receiving documents is identified and resolved where it originates The AP department compiles numerous statistics on cost, quality (errors) and FTEs by invoice type The AP department resolves all mismatches regardless of source (e.g., purchase price versus invoice price) Best Practice Implemented Partially Implemented Limited Use Detailed comparisons of Company ABC practices against best practices are as follows:

Best Practices Scorecard 13 Best Practice Implemented Partially Implemented Limited Use Detailed comparisons of Company ABC practices against best practices are as follows: Best Practices Company ABC Practice Rating Implement rigorous, pervasive policies to protect against disbursement fraud and overpayments Tasks are segregated so that individuals do not perform a full range of payables tasks, such as disbursing funds and reconciling bank accounts AP knows the most common reasons why it has issued duplicate payments in error and has created policies and procedures to prevent recurrence AP works in partnership with the IT department to implement changes and upgrades to existing measures There are no policies and procedures related to the selection and approval of expense payable vendors AP has appropriately segregated tasks such as disbursement approval and reconciling bank accounts (corporate performs these functions) AP has identified the most common reasons for duplicate payments and is implementing procedures accordingly Reports are utilized for both expense and merchandise payables to identify duplicate payments AP works with the IT department on a regular basis to strengthen these reports Establish controls appropriate to the risk and value of corresponding transactions. Processing procedures are applied uniformly to all expense payable transactions. Mismatches are not investigated under $X for merchandise payable transactions. Reduce the volume of accounts payable transactions. Purchasing cards are used to procure the bulk of office supplies Expense reports are processed through payroll Summary invoicing is requested from suppliers with numerous transactions No centralized purchasing/procurement function exists to research and implement various efficiency/cost-saving methods Purchasing cards are not utilized (Outside Software) processes expense reports; however, special bonuses and expense reports for personnel not able to use (Software) are paid through AP Summary invoicing is not used Integrate accounts payable with related operations. Company ABC is currently re-aligning the AP department with the merchandising and supply chain division of the company. Process accounts payable electronically. Merchandise payables utilize EDI for approximately X% of their vendors for invoice receipt only. Expense payables do not utilize any form of electronic processing. Payments are not made electronically.

Benchmarking: Accounts Payable 14 Quantitative Performance Measures Company’s Name Evaluation Median Best in Class Action Matrix Ref One of the objectives for this review was to benchmark Company ABC’s accounts payable function against other companies. The matrix on the left compares Company ABC’s current accounts payable process performance measures with other distribution and wholesale companies similar in size. The information used for this benchmarking was gathered from the global best practices database and surveys completed by other companies. World-Class Performance Above-Median Performance Below-Median Performance

Detailed Issues and Action Plans 15 Issues/Observation Action Steps Responsible Person Due Date Merchandise Payables: Paid-Prior-To Invoices Issue: Invoices are being paid prior to the verification of receipt of goods. Currently, the system will allow an invoice to be marked as available for payment without a receipt if the invoice is due (within discount terms or net due date). Consequently, invoices are paid and then later matched, and any price or quantity discrepancies are deducted from vendors. Total invoices categorized in the system as paid prior to (Year) were $X. Since the system releases the invoice from (System) to AP on the invoice due date instead of the weekly cycle, approximately X% of $X million invoices are paid prior to being matched with receipts. Root Cause: The system functionality allows invoices to be paid prior to a proper receipt in the system. This is driven by the due date and not the receipt of goods. The due date is pulled by the system daily instead of being based on payment date, which prematurely categorizes it as a paid-prior-to invoice. Also, it appears that there are no receipts of goods in the system at the time of the automatic matching process which leads to paid-prior-to scenarios. Further, buyers negotiate strict terms (e.g., X% X# days, net X#) with reliable vendors that do not allow enough time to systematically receive and put away inventory. We will perform a cost-benefit analysis to determine the business case of changing the system functionality to prevent invoices from being paid prior to proper receipt. We will change the paid prior to report to be printed daily to manually correct and minimize the number of paid prior to invoices, which will be reviewed daily by AP. We will perform a cost-benefit analysis to develop a business case for either changing the system functionality to recognize payments on a weekly basis or investing in a new system. Buyers will attempt to negotiate terms that will allow enough time to systematically receive and put away inventory while maintaining strong vendor relationships. Discrepancies between the invoice, purchase order and/or receipt will be communicated to the logistics department via a system report rather than the current manual process. The logistics department will follow up with receipt discrepancies in order to stress the importance of accurate system receipts. SVP Logistics Controller AP Manager Director of Financial Systems Internal Audit

Detailed Issues and Action Plans 16 Issues/Observation Action Steps Responsible Person Due Date Merchandise Payables: paid prior to Invoices (continued) Impact: If vendors are paid prior to receipt, Company ABC may end up paying for goods it may not receive, which will have a negative impact on its cash flow. Additionally, if there are price or quantity discrepancies after receipt, Company ABC will have to spend additional time and effort to either get the money back from vendors or deduct their accounts because of inaccurate overpayments. Company ABC incurs additional processing costs for correcting discrepancies, resulting in decreased productivity and decreased supplier satisfaction. (Group) will monitor its performance to ensure that it is following these action plans and receiving goods in an accurate and timely manner. Internal audit will perform a review of the receiving procedures.

Detailed Issues and Action Plans 17 Issues/Observation Action Steps Responsible Person Due Date Expense Payables: Purchase Order System/Purchase Approval Limits Issue: A purchase order (PO) system is not used for recurring expenses or non-merchandise purchases. Consequently, invoices are directly sent to the personnel who purchased the goods for approval, who then approve and manually forward them to AP for processing. The approved invoice (signed and dated) with a cost center is the only verification required for payment. On a sample of X# expense payable invoices, we noted that the average cycle time (time from invoice date to AP entry date within the system) was X# days. Additionally, a list of authorized personnel with related dollar thresholds for expense purchases has not been established and communicated. Currently, an approved list for personnel exists; however, it does not contain dollar limits. No such list exists for corporate personnel. Monthly P&L statements detailing invoices processed against each cost center are the only monitoring tools utilized for expense payables. Root Cause: Policies and procedures have not been established regarding the use of a PO system or other proper authorization and approval of purchase commitments for expense or non-merchandise purchases. Additionally, there is no centralized procurement/purchasing function to oversee expense-type purchases. Short-Term: We will establish and communicate an approved list of authorized corporate and Company ABC personnel for the approval of invoices. This list will also incorporate appropriate dollar thresholds for authorized personnel. Additionally, authorized personnel’s signatures will be maintained on file (in AP) for verification purposes (prior to payment). Long-Term: We will explore and implement, if feasible, a PO system to approve and procure goods prior to purchasing. The PO system will have approval thresholds built-in with systematic routing. This may include enhancing existing PO systems currently being utilized. OR We will explore and implement, if feasible, an application service provider that enables users to enter and store transactions, distribute documents, route messages for notification and dispute resolution, check record status and approvals, and view documentation on policies and vendor issues. Controller AP Manager

Detailed Issues and Action Plans 18 Issues/Observation Action Steps Responsible Person Due Date Expense Payables: Purchase Order System/Purchase Approval Limits Impact: By not implementing a PO system or other upfront purchase approval process, in addition to the absence of a standard list of authorized approvers with their respective dollar limits, there is no ownership and front-end monitoring of purchase commitments made by Company ABC and corporate personnel. This prevents Company ABC from accurately forecasting its cash flow, which could result in a negative impact on debt covenants. We will explore and establish, if feasible, a centralized purchasing function to manage and monitor expense purchases. We will identify and create specific monitoring tools or reports needed to monitor purchase commitments by cost center on a monthly basis. Once a PO system or other upfront purchase approval process has been implemented, invoices will be sent directly to AP in (Location) for matching and further processing.

Detailed Issues and Action Plans 19 Issues/Observation Action Steps Responsible Person Due Date Expense Payables: Verification of Receipt of Goods/Disbursement Controls Issue: No proof of receipt is required to be submitted with approved invoices prior to payment. As stated in Issue 5, an approved invoice (signed and dated) with a cost center is the only verification needed prior to payment. Additionally, dual signatures are not required for expense payable checks greater than $X. Currently, only invoice backup is pulled and reviewed by personnel independent of the AP department. Root Cause: Policies and procedures have not been established regarding the use of a purchase order (PO) system or other upfront purchase approval processes for expense or non-merchandise purchases. Accordingly, system receipts are not required to enable matching of POs with receipts and vendor invoices prior to payments. Impact: By not matching or reviewing the goods received vs. goods invoiced, Company ABC may be paying for goods never received, which would result in a financial loss to Company ABC. Short-Term: Packing slips and/or receiving documents will be required to be submitted along with the approved invoices prior to payment. Dual signatures independent of the AP department will be required for all expense payable checks greater than $X. AP will review the check register on a periodic basis (e.g., weekly, monthly) to identify any suspicious disbursement activity (e.g., checks consistently below the $X threshold). Long-Term: We will explore and implement, if feasible, a PO system that will allow for the system receipt of purchases, which will subsequently allow for proper systematic matching prior to payment. OR We will explore and implement, if feasible, an application service provider that enables users to enter and store transactions, distribute documents, route messages for notification and dispute resolution, check record status and approvals, and view documentation on policies and vendor issues. Controller AP Manager

Detailed Issues and Action Plans 20 Issues/Observation Action Steps Responsible Person Due Date Vendor Master File Issue: There are two versions of the vendor master file being utilized (one in merchandising and the other in AP). Also, the information contained in these X# versions is not synchronized systematically. Currently, syncing between the X# versions of the vendor master file occurs based on a report that AP receives indicating changes made in the merchandise file. Setups or changes are then performed in the AP version of the file; however, there is not a systematic update process between the two files. Root Cause: Vendor information is initially entered into the merchandise version of the vendor master file. AP personnel can only access the “remit-to” information for these vendors. Therefore, everything in the AP version is also in the merchandise version, but not vice versa. Impact : The differences in versions of the vendor master file could result in improper application of credits and debits to vendor codes, as well as potential overpayment of accounts. The result of having multiple vendor master files is manual workarounds, additional reconciliations and duplicate work. Short-Term: We will assign responsibility for identifying (through periodic audits) discrepancies in the two files and appropriately updating and maintaining the two versions prior to consolidation. Long-Term: We will implement a standard vendor coding system with a one-to-one correlation between the vendor and associated code that can allow for the consolidation of vendor master files. Controller AP Manager

Detailed Issues and Action Plans 21 Issues/Observation Action Steps Responsible Person Due Date Expense Payables: Expense Vendor Approval Issue: There are no approval and authorization procedures for supplier selection prior to the purchase of goods/services. Additionally, no procedures are performed to ensure that expense vendors are legitimate businesses. Currently, expense vendor master file information is set up based on information from the vendor’s first invoice. Also, W-9s are not obtained from the vendor for tax identification numbers and proof of business. Separately, vendor checks can be routed to company personnel upon receipt of a dual-approved request form. Our data analysis revealed that approximately X# active vendors were noted as having PO boxes as the primary or main address. Root Cause: Policies and procedures have not been established regarding the proper approval of expense payable vendors. Additionally, there is no centralized procurement/purchasing function to oversee expense or non-merchandise purchases. Impact: Fraudulent vendors may be set up, resulting in unauthorized disbursements and a financial loss to Company ABC. Additionally, a lack of proper vendor approval and setup results in the inability to monitor commitment of company funds. Total expense disbursements in (Year) were approximately $X million. Short-Term: We will develop and implement policies and procedures for the approval and authorization of expense vendors prior to the purchase of goods/services. These policies and procedures will address: Verification of place of business and tax identification number. Required documentation (W-9s, etc.) from approved vendors. Guidelines for business situations in which it is appropriate for checks to be routed to company individuals in lieu of mailing. Contracts/corporate accounts to ensure centralized purchasing. An approved vendor list will be maintained and distributed to personnel authorized to procure goods/services including AP. A review of the vendor master files will be conducted for those vendors identified as having PO boxes as main addresses to ensure that these are only remit-to addresses. We will also ensure that the main vendor address is set up appropriately within the vendor master file (e.g., proper street address). Controller AP Manager

Detailed Issues and Action Plans 22 Issues/Observation Action Steps Responsible Person Due Date Expense Payables: Expense Vendor Approval (continued) For instance, if only X% of these disbursements are unauthorized, it will result in approximately $X million loss to Company ABC. Long Term: We will explore and implement, if feasible, a purchase order system that will allow only approved purchases from approved vendors for all expense items. This may include enhancing existing PO systems currently being utilized (e.g., Company ABC manufacturing). OR We will explore and implement, if feasible, an application service provider that enables users to enter and store transactions, distribute documents, route messages for notification and dispute resolution, check record status and approvals, and view documentation on policies and vendor issues.

Detailed Issues and Action Plans 23 Issues/Observation Action Steps Responsible Person Due Date Merchandise Payables: Repayments of Deductions Issue: Vendor deductions for quantity and price discrepancies between the invoice and purchase order and/or receipt are currently being repaid at X% and X%, respectively. There are X# full-time employees dedicated to process repayments. Total vendor deductions for (Year) were $X (gross). Additionally, there are no-dollar-threshold approval procedures available for the buyers to review and approve pricing discrepancies before a debit memo is created. We noted an instance during our testing in which a line item was documented in the system receiving log as a shortage and was deducted from the vendor; however, this line item was later adjusted into the system as found merchandise. Additionally, X# of X# (X%) line items that were included in our testing sample had cost discrepancies between the purchase order and the invoice. Root Cause: It appears that receipt of goods in the system is not available in a timely manner, causing unnecessary debit memos to be created. Also, proper documentation of any over, short or damaged goods may not be communicated to AP prior to manual matching, resulting in inaccurate debit memo creation. AP will communicate price discrepancies to the buyers via a system-generated report. AP will automatically deduct from the vendors based on the discrepancies, while the deduction amount will be charged to the buyer margin accounts. This will eliminate the need to wait on the buyers prior to taking a deduction and will allow the buyers to investigate price discrepancies. AP manually tracks and forwards quantity and price discrepancies to buyers and RDCs, respectively; however, a system enhancement will be made to sort discrepancies by department and by vendor. This report will include quantity and price discrepancies, which will be reviewed by buyers. A system enhancement will be made to capture the repayments of debit memos. A report will be created to capture this information, which will be forwarded to directors in the merchandise supply chain to review for repayments due to price discrepancies. Additionally, quantity discrepancies detailed on the report will be forwarded to review for repayments due to quantity discrepancies. SVP Logistics Controller AP Manager Director of Financial Systems Internal Audit

Detailed Issues and Action Plans 24 Issues/Observation Action Steps Responsible Person Due Date Merchandise Payables: Repayments of Deductions (continued) Further, buyers are not communicating known price discrepancies to AP via the system or directly to AP personnel, which may cause matchers to create unnecessary debit memos. Impact: Repayments of vendor deductions due to inaccurately identified price and quantity discrepancies will result in additional processing costs. This increases inefficiencies and may also decrease supplier satisfaction. An over/short and damaged (O/S&D) report will be made available to the matcher online to avoid unnecessary debit memos. A pilot project for online O/S&D reports is set to start in (Location) on (Date). The logistics department will re-communicate the importance of receiving goods in an accurate and timely manner, as this directly affects AP processing. The group will monitor its performance to ensure that it is following these action plans and receiving goods in an accurate and timely manner. Internal audit will perform a review of the receiving procedures.

Detailed Issues and Action Plans 25 Issues/Observation Action Steps Responsible Person Due Date Duplicate Payment Detection Issue: Current controls to identify possible duplicate payments are not adequate to capture all possible instances of duplicate payments prior to disbursement. Recently, Company ABC has implemented X# monthly duplicate payment exception reports based on the following parameters: Same PO number and invoice amount Same invoice number and invoice amount Same amount Most of these duplicates are identified upon vendor disbursements. Any duplicates identified must be re-worked and settled with the vendor. Approximately $X duplicate payments were identified in (Year) through the existing controls; however, this number is skewed due to duplication of matching EDI and hardcopy invoices. Of the $X, approximately $X is attributable to expense payables. Current report parameters are not comprehensive and do not capture all duplicates. For example, the duplicate reports are based on a calendar month-end, while the system is based on a period end, which is not consistent with month-end dates. Root Cause: Company ABC has just recently begun to research and develop measures to identify duplicate payments. Previously, this function had been outsourced to a third-party; however, the current reports will identify most duplicates after disbursement has been made. We will research and develop procedures for identifying possible duplicate payments (e.g., exception reports) prior to disbursement. This will avoid unnecessary rework and possible damaged supplier relationships. We will continue to further identify and develop necessary parameters needed to enhance existing duplicate measures, such as: Duplicate reports to detail a matching debit and credit of an invoice to show offsets or duplicate cancellations Duplicate reports to capture similar or like invoice numbers Duplicate reports to be printed weekly Controller AP Manager Director of Financial Systems

Detailed Issues and Action Plans 26 Issues/Observation Action Steps Responsible Person Due Date Duplicate Payment Detection (continued) Impact: By not identifying and developing preventative measures for identifying duplicate payments, additional disbursements will occur, resulting in a financial loss to Company ABC and a potential negative impact on supplier relationships.

Detailed Issues and Action Plans 27 Issues/Observation Action Steps Responsible Person Due Date Vendor Master File Maintenance Issue: Potential inactive vendors and/or missing data fields exist within the vendor master file. Data analysis revealed the following: X# active vendors (as noted in the system) did not have any activity in (Year) X# active vendors have an incomplete address Additionally, X# vendors have been identified as inactive by the AP department. These have been appropriately designated within the system as either “next for purge” or “inactive”; however, a system purge has not been performed by the IT department since (Year) to delete these vendors from the system. Root Cause: Ownership and delegation of responsibility for the maintenance of the vendor master file either in the IT or the AP departments has not been developed and enforced. Impact: By not routinely maintaining the vendor master file, inappropriate vendors may be used, resulting in inappropriate vendor payments and a financial loss to Company ABC. We will review the vendor master files for any missing fields and possible “inactive” statuses and make changes accordingly. We will determine an appropriate time period to retain vendor information and activity within the vendor master files for sales and use tax audits, etc. Currently, that time period is X# years. Prior to conducting a system purge, considerations between automatic feeds between the two vendor master files used will be evaluated. Once an appropriate time period has been established, a system purge will be conducted accordingly. On an ongoing basis, we will periodically (e.g., annually) review the vendor master file for proper maintenance. Controller AP Manager

Detailed Issues and Action Plans 28 Issues/Observation Action Steps Responsible Person Due Date System Access Configuration Issue: Access to the systems associated with the accounts payable (AP) process is not adequately secured or monitored. Mainframe: Password standards, while currently in place, do not meet best practice standards Passwords are required to be a minimum of X# characters and do not have character-type restrictions (e.g., require both numeric and alphanumeric characters) No password history is maintained by the system No periodic (quarterly) review of access rights to critical resources is performed System: Shared, powerful accounts are utilized on the system X# duplicate user IDs were found having differing access levels and operator IDs The initial password is not randomly generated or unique and there is no forced change following the first login Terminations are not properly being communicated to system administration personnel X# of X# user IDs were for terminated individuals Logs monitoring access to the system are not being reviewed For various systems involved in the AP process, access controls will be implemented, including: Deactivations Timely communication of all deactivations to the appropriate system administration personnel Automated removal of access from all applications following the receipt of a deactivation notice Passwords Randomly generated initial passwords and forced password change upon initial login X# character minimum, alphanumeric passwords Maintenance of a password history Monitoring Periodic review of access and activity with shared, powerful user IDs Periodic review of access rights to critical resources Periodic review of activity on critical system resources Human Resources Director of Financial Systems

Detailed Issues and Action Plans 29 Issues/Observation Action Steps Responsible Person Due Date System Access Configuration (continued) Root Cause: Efforts to update current access restriction practices have not been made. Monitoring of access to critical resources on the mainframe is not regarded as a high priority due to a lack of resources. Additionally, responsibility for the monitoring of system activity has not been clearly assigned to reflect the current organizational structure. Impact: By not maintaining best-practice security controls, inappropriate access may occur and result in the loss of data integrity. Additionally, the failure to monitor access privileges and activity could result in the loss of data integrity and potential malicious activity on the system.

Detailed Issues and Action Plans 30 Issues/Observation Action Steps Responsible Person Due Date Expense Payables: Processing Efficiency/Transaction Volume Issue: Expense payable invoices are processed daily regardless of dollar amount and/or volume. These procedures have resulted in inefficiencies. An analysis of (Year) expense payable disbursements revealed the following: X% of expense payable checks were paid for only X# invoice, representing X% of the total dollars paid. X# invoices or X% of total invoice amounts are $X or less, representing only X% of the total dollars paid. X# vendors or X% of total vendors were paid X# times or less, representing X% of the total invoices and X% of the total dollars paid. Of these, X# vendors were paid only X# times, an amount totaling $X million. Root Cause: There is no centralized procurement/purchasing function to develop efficient channels for procuring expense-related purchases. Additionally, there are no monitoring reports available to identify inefficient transactions as noted above. Favorable payment terms and invoice frequency are not agreed upon with expense payable vendors prior to purchases. Impact: By not processing expense payables in an efficient manner, additional costs may be incurred due to additional head count and excessive manual processes, resulting in a financial loss to Company ABC. We will research various methods of reducing transaction volume and focus processing efforts on higher-dollar valued items. Such methods will include: Consolidation of suppliers Corporate/national accounts Procurement cards Summary invoicing Once the best option is determined, we will implement the method(s), accordingly. We will incorporate monitoring procedures to ensure that the method(s) implemented result in desired opportunity improvements. For example, we will monitor: Number of invoices per vendor Average dollar value of invoices Controller AP Manager

Detailed Issues and Action Plans 31 Issues/Observation Action Steps Responsible Person Due Date Cross-Functional Communication Issue: There is inconsistent communication among the accounts payable, merchandising and receiving departments to share knowledge regarding known inefficiencies and/or potential process improvements. For instance, receiving errors identified by AP are consistently communicated, but price discrepancies are not communicated to the buyers and buyers do not communicate special, negotiated prices to AP. AP is currently being re-aligned with merchandising to have more of a “purchase-to-pay” focus, which will enable Company ABC to better manage its supply chain function. The first stage of this realignment will be completed by (Date). Root Cause: Prior to the recent realignment, these departments have functioned independently of each other. Accordingly, issues identified by one department were not proactively communicated to other affecting departments for effective and efficient problem resolution. Impact: By not openly communicating and resolving process inefficiencies, unnecessary rework will occur and continue to cause additional costs, resulting in a financial loss to Company ABC. Additionally, lack of proper communication among different departments will result in the creation of independent “tunnel vision,” which may not be aligned with the corporate strategy. As we continue to realign AP and merchandising, we will develop and implement inter-departmental/cross-functional communication protocols. For example, we will choose from the following options: Periodic meetings to develop and monitor goals and objectives and identify and mutually resolve process issues and/or inefficiencies Cross-communication of individual department performance measures Controller AP Manager Director of Financial Systems

Detailed Issues and Action Plans 32 Issues/Observation Action Steps Responsible Person Due Date System Access Policies and Procedures Issue: Policies and procedures related to security administration for the various systems utilized in the AP process either do not exist or have not been appropriately updated: The Company ABC information security policies manual and information security procedures and forms manual were last updated in (Date) No formal policies or procedures exist for system administration Root Cause: Efforts to identify best practice policies and standards for Company ABC have not been made. Accordingly, procedures are either outdated or nonexistent for system administration. Impact: By not maintaining standard, documented security policies and procedures, inappropriate access may be granted to individuals, which could result in inappropriate segregation of duties. This could compromise the integrity of data and could result in possible financial loss to Company ABC and an overall decrease in member satisfaction. We will create and update documented and standardized security policies and procedures for all systems utilized in the AP process. These policies and procedures will address, at a minimum: Security Administration Process Written management approvals for user ID creation Standard forms for creating access Specific, documented access standards established by job function A process for timely communication of terminated employees to security administrators Security Monitoring Process Monthly review of inactive users Regular review of failed login attempts Periodic (quarterly) review of current access levels

Detailed Issues and Action Plans 33 Issues/Observation Action Steps Responsible Person Due Date File Transfer Protocol (FTP) Communication Issue: There is no encryption or additional security over transfers to and from several vendors. Transmissions are made over standard transmission control protocol (TCP)/internet protocol (IP) and verified by username and password only. Root Cause: Most vendors utilize a direct line of communication with Company ABC. A smaller number of vendors utilize FTP, and therefore, appropriate efforts have not been made to secure this information transfer. Impact: Inadequate protection over FTP transfers could allow information to be intercepted without company knowledge, resulting in the loss of data integrity and possible financial loss to Company ABC. We will create an additional level of security over FTP transactions and all transmissions across the internet will be encrypted to protect the integrity of data being transferred. Director of Financial Systems

Appendix I: Data Analysis Summary 34 Expense Payable Invoice Net Amount Number of Invoices X% of Total Invoices Extended Invoice Net Amount X% of Total Amount Merchandise Payable Invoice Net Amount Number of Invoices X% of Total Invoices Extended Invoice Net Amount X% of Total Amount Invoice Amount Stratification: The following tables list stratification of disbursement invoices by the invoice net amount. Most checks are issued for invoices less than $X.

Appendix I: Data Analysis Summary (continued) 35 Expense Payable Count Number of Checks X% of Total Invoice Net Amount X% of Total Amount Merchandise Payable Count Number of Checks X% of Total Invoice Net Amount X% of Total Amount Number of invoices per check: The following tables detail the range of the number of expense and merchandising invoices consolidated and paid per each check issued in (Year). Most checks were paid for only X#-X# invoice(s).

Appendix I: Data Analysis Summary (continued) 36 Expense Payable Number of Payments Number of Vendors X% of Total Vendors Invoice Net Amount X% of Total Amount Merchandise Payable Number of Payments Number of Vendors X% of Total Vendors Invoice Net Amount X% of Total Amount Number of payments made per vendor: The following analysis details vendor activity by distributing the number of payments per vendor for expense and merchandise invoices during (Year). For expense payables, most payments are made to X# or X# vendors, whereas for merchandise payables, most payments are made to multiple vendors.

Accounts Payable Review Audit Report - Sample 2.pptx

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Accounts Payable Review Audit Report - Sample 2.pptx

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Pray For The Peace Of Jerusalem and You Will Prosper

Don_t_Waste_Your_Life_God.....powerpoint

VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf

Fertility awareness methods for women in the society

Chapter 5 Arithmetic Functions Computer Organisation and Architecture

syakira bhasa inggris (1) (1).pptx.......