Organizations undertake ERP implementations in order to improve and automate business processes. This automation leads to improved efficiency due to the reduction of the cost of operations, enhanced asset efficiency, and improved quality of information. However, these benefits are only achievable if the ERP system has an inbuilt framework for controls.
Internal Controls
Internal controls are put in place by an organization in order to reduce the risk of error, theft or fraud, ensure accuracy and completeness of the accounting data, and ensure adherence to its policies and plans. Basically, this refers to a set of:
- Measures
- Processes
- Activities
They ensure stability, predictability, and consistency of a business process allowing for minimal normal variations. In an ERP system, internal controls can be said to be implemented in two primary ways;
-
Workflows
Workflows dictate how a business process is initiated and completed, who is involved, and what each participant must do to execute their assigned roles. -
Business Rules
Business rules ensure that the business process is followed correctly by setting out policies, roles, procedures, escalations, alerts, data types etc governing each activity in the workflow.
One of the critical areas of an ERP system where strong controls are required is in the sales & collection cycle. This cycle refers to the processes that begin with a customer ordering goods or service and ends with the receipt of payment for the purchase. Establishing controls in an ERP system for the sales team ensures that the organization does not materially misstate its revenue or accounts receivables.
Below, we look at 4 ways in which ERP systems can establish controls in the sales cycle.
1. Segregation of duties for fraud prevention
Segregation of duties refers to the division of principal duties and responsibilities among different people and is a crucial component when it comes to the development of a comprehensive control environment for the sales functions. When properly implemented, segregation of duties is impactful in the prevention of fraud and the alignment of business processes with IT principles such as minimal privileges for system users.
In the sales function segregation of duties include the separation of the responsibilities for authorizing transactions, processing transactions, reviewing and reconciling the information, and handling any related assets.
For example, the approval of sales orders is separated from the data capture and also from the collection of account receivables. Similarly, the people who raise requests for amendments of customer credit limits should not have access to the section of the systems which handles the appraisal and approval of such requests.
2. Workflows facilitates reviews and approvals
Secondary reviews and supervisory approvals help to ensure that transactions have been accurately captured, properly authorized, and correctly reflect the actual events which transpired in the organization.
By use of properly designed and implemented workflows for the sales processes, ERP system can effectively deploy a strong framework of internal controls. For example, requiring approvals for setting up a new credit customer or reviews of outgoing invoices before dispatch helps prevent sales to fraudulent customers or misappropriation of credit facilities through undercharged invoices.
With the workflow functionality, system users are able to insert comments at each step of the process. Additionally, the supervisors are able to view the status of each transaction in the systems and the system can be configured to automatically generate alerts and notification is a transaction remains at a given step longer than expected.
At WGS depending on our customers needs we recommend 2 approaches for the implementation of workflows. You can have a built-in solution inside the sales module of your ERP system or deploy a dynamic stand-alone system.
3. Electronic signatures and audit trails for electronic evidence
ERP systems have inbuilt audit trails capturing all the actions performed in the system, the users who performed them and the date and time stamps for the actions. This introduces a tamper-proof layer for accountability thus minimizing the occasions for abuse of the business process.
Moreover, if a business process involves manual controls, an ERP system can be configured to make provision for such controls. This is possible by allowing attachment of reviewed and signed source documents to the ERP software database records for archival purposes and future reviews or audits.
For example, in the approval of incoming hard copy purchase orders, a user reviews the PO and if satisfied with it, physically signs it to approve it. Once the physical approval is completed, the approved PO is scanned and linked to the PO record in the ERP. In required in future, say during audits, the physically approved PO is retrieved by drilling down through a list of POs and clicking on a link that brings up the stored document.
4. Automated Transaction Matching provides integrity of posted transactions
ERP systems incorporate transaction matching techniques as part of the transaction processing cycle so as to prevent the posting of unmatched/ unrelated transactions. For example, when packaging and shipping goods, the ERP systems have controls to ensure that, the package details match the details of the customer purchase orders.
Additionally, at the invoicing stage, the system must match the invoice details to the underlying customer record and delivery note details to prevent invoicing the wrong customers or the wrong quantities of goods.
Safety Measures: Data Backup and recovery procedures for business continuity
Achieving operational resilience is at the heart of any ERP implementation. The ERP system acts as a repository for information on all business aspects, prospects and clients, which the sales team can regularly update and maintain.
In order to ensure the accuracy, completeness, & data integrity; ERP systems must be compatible with other IT infrastructure installations designed to deliver extensive data backup and disaster recovery and failover procedures to ensure the ability for fast resumption of business in the event of some serious system failure.
Conclusion
To achieve a successful implementation of an ERP, organizations make huge financial investments and deploy substantial human efforts from a multi-disciplinary team draw from different areas of expertise. In most cases, such implementation resulted in redesigned business processes and calls for a significant rethink in the organization's business control environment.
For more details on how you can work with our team of ERP experts to build strong controls around your business processes for the sales team, please contact us here.
***