Building controls in the accounts payable (AP) process

Accounts Payable can be a daunting task to take on, especially for small business owners. However, without the right internal controls, it could also doom your business. 

‍

This post delves into how to establish robust internal controls for your accounts payable (AP) processes, enhancing their everyday operations without requiring significant changes. This post uses real-life examples and actionable tips to improve financial operations, emphasizing the importance of cost-benefit analysis in implementing effective internal controls.

What are internal controls?

Internal controls are a set of processes that ensure the integrity of financial and accounting information. However, more importantly for small business owners, the right internal controls are typically designed to prevent & detect fraud.  This post will discuss how small business owners can build a robust accounts payable process, without having to make too many changes to their everyday operations.  

‍

The most important factor in the internal control structure is whether the internal control’s implementation costs are far greater than the benefits. However, when it comes to accounts payable, the cost is difficult to measure, because without having some measures in place to prevent fraud in the technological space we live in today, the Company’s bank account can get to $0 in the blink of an eye.

What are some examples of (a lack of) internal controls?

First, let’s consider this real-life example of a lack of internal controls in the accounts payable process.

‍

Tom, the senior accountant, frantically called the CFO’s cell phone. The CFO was scheduled to be on vacation all week, but this couldn’t wait. He had noticed, by happenstance, that 6 months ago, they had paid a former employee, Albert, $2,000, instead of their vendor Alberti Inc. 

‍

Tom always complained that it didn’t make much sense to have an executive assistant, with no accounting background reviewing his work, but there wasn’t much Tom could do. The CFO was too busy to review the nitty-gritty and thought someone at the lower level could be a second set of eyes. But this time, it was a manual error that couldn’t be reversed. The bank could not get involved because it was much past the number of days in order to reverse the wire. And that former employee’s phone was probably not going to get picked up any time soon.

‍

Here's another true story:

‍

Brenda, the controller, picked up the phone. It was Richard, a representative of a vendor who recently had a spat with the owners of the business where Brenda works. Richard asked if the owners were around because he really wanted to thank them! “What for?”, said Brenda. “Oh, it’s the holiday season and when I was looking at the most recent wire transactions, I noticed that the owners wired over to me $1,100 instead of the $100 that was owed. It was a nice gesture from them, given what a difficult year it has been. But I’m glad to see that they’ve decided to let bygones be bygones.”  Brenda hung up the phone to frantically take a look at the transaction that Richard was talking about. It turned out, she manually punched in an extra one. And now, she had no choice but to fess up to the owners. 

‍

The average business owner may read these examples and conclude that these accountants were just bad at their job. But as an auditor for 7 years, I never met a perfect accountant. But what prevented catastrophes like these to those imperfect finance departments was one thing—proper internal controls. 

How to implement internal controls

Now that we’ve explained the importance of building a proper structure around accounts payable, let’s discuss some tips on how to implement the structure:

• The current structure: To know where you want to get to, you have to know where you are today. Maybe you are the sole employee. Or, you have an accounting team of five. Either way, to find improvements in what works for you, you need to be able to put your current model on paper. You can call this a process narrative or a flowchart. Make it simple and easy to read.  
• What could go wrong: When I tested the internal controls of some of the largest publicly traded clients, my manager at the time would sit down and brainstorm with me as we dissected that process narrative and asked a simple question. “What could go wrong?” We would ask general questions like, "What is the company doing to ensure that the bill you pay goes out accurately and timely?" And sometimes we would get awfully specific and ask how to ensure that the new accountant you hired two months ago has not created a fictitious vendor that gets paid monthly. Put all of your “what could go wrongs” in another list. 
• Key controls: Now that you’ve established everything that can go wrong, you need to identify an idea or a process that prevents something wrong from happening. Or if it does happen, you need to be able to build a method to detect it. These are going to be your key controls because if these key controls fail, your financial statement is at risk of being materially misstated and when it comes to accounts payable, it could very much be due to a fraudulent transaction that was missed. 

Internal controls for the accounts payable process

Now that we’ve spoken generally on how to develop internal controls, let’s talk about some internal controls that can be built into the accounts payable process. What you’ll find here is that building an internal control structure does not necessarily have to be expensive, but it does require a commitment to excellence from yourself as a business owner and your staff. 

• 3-way match: This is the most critical internal control in the accounts payable process. It’s where the accounts payable clerk is doing a three-way match between the invoice from the vendor, the purchase order, or contract, and the receiving department’s receipt of the goods or service. It does not matter if the business owner is the sole individual in this process; when it comes to one-off transactions, this could be the most important internal control that needs to be implemented by every business. 

• Automate: Don’t be afraid of automation, especially on recurring expenses. Automation leads to less manual error, helping us easily avoid some of the gaffes discussed earlier. 

• Segregation of duties: Whether it be the 3-way match or some of the ideas below, you need to put the accounts payable process in a scenario where you have two sets of eyes acting as a preparer or a reviewer. Even if you are a sole business owner, it can very much help to hire a virtual assistant to do the preparation on a part-time basis and allow yourself to review it. Or, at the very least, the time you prepare the checks or wires should be the day before you actually intend to send them. This way, at least you are looking at what you are issuing two separate times to avoid mistakes.

‍

Here are some areas where segregation of duties can really help:

1. 3-way match: It goes without saying that after the AP clerk has looked at the 3-way match, make sure there is a more seasoned controller looking to ensure the 3-way match was done correctly.
2. Vendor approval: Here’s an easy control to build into your accounting software function. When there’s a new vendor, always have a preparer and reviewer look at each new vendor to ensure that the vendor's address is not secretly the new employee’s address. 
3. Wire/check approval: One individual should prepare the payments and only an authorized signer should have the capacity to approve the payment, after reviewing and signing off. 
4. Bank reconciliations: These should be performed every month to ensure that payments match the outgoing funds. Every bank reconciliation should have a preparer and reviewer.
5. Authorization limits: Limits will prevent a manual error of a payment that is larger than what it is supposed to be. Having an additional level of review and authorization when the transaction has gone above threshold is a sure way to avoid physical error.
6. AP aging report: This needs to be reviewed at least monthly to ensure reality sinks in with your expectations of what needs to be paid. 
7. Budget-to-actual: There’s no better way than figuring out you’ve gone over budget on a particular expense area because of an error. This won’t prevent the money from having gone out, but at least if monthly, it can be detected and remediated immediately. 

Wrapping up: Why are internal controls important in accounting?

Building an accounts payable process for a company needs to be tailor-made. It’s not one-size-fits-all, especially when it comes to the company’s budget. But when it comes to accounts payable, some of these ideas are easy and potentially cost-free. 

Take full control of your accounts payable with Ramp

Ready to implement these controls in your AP cycle? Ramp's accounting automation platform makes it easy to implement AP controls with real-time data sync, automated invoice processing, and integrated payments. Ramp’s automation capabilities simplify invoice processing, ensuring timely payments and helping you build strong relationships with vendors.