Upload
others
View
5
Download
1
Embed Size (px)
Citation preview
AUDIT CONTROLS
September 12, 2018
Disclaimers
As part of our continued tradition and commitment to our Customer as well as the Community we serve, Paytime, Inc. is honored to provide this and many other educational resources. This presentation is being offered,
and was developed, to provide timely and accurate information delivered by a subject matter expert to the audience in attendance. This material and presentation is offered with the understanding that the presenter(s),
publisher(s), sponsor(s) and Paytime, Inc. are not engaged in rendering legal, accounting, or other professional services. This presentation is meant to provide general and summary information only. The subject matter
is not specific to any company, individual or industry and none should be implied. No attorney-client relationship or consultant-client relationship has been created and no legal or other professional advice is implied nor
inferred. If legal, accounting, consulting or other professional advice is needed, those services from a licensed professional in good-standing should be acquired. By attending this educational event, you agree to release
Paytime, Inc., its subsidiaries and affiliates and each of their respective shareholders, officers, directors and Employees from any and all losses, damages, liabilities, deficiencies, claims, actions, judgments, settlements,
interest, awards, penalties, fines, costs, or expenses of whatever kind arising from your use of this presentation and/or educational resource(s) and any and all information contained herein. The attendee and participant
assumes all responsibilities for the use, contents, interpretations and any circumstances resulting from the aforementioned.
Tricia Richardson, CPP, SPHR, SHRM-SCP
Account Relationship Manager
Confidential and proprietary. 2
AGENDA
▪ Checklists - (and we will give you one)
▪ Verifying deduction & earning taxation
▪ Internal Controls
▪ Reviewing batch totals and reports - what to look for
▪ Contingency planning
▪ Documented procedures
▪ Best practices
Confidential and proprietary. 3
CHECKLISTS
Why?
▪ Historical Reference
▪ Audit Trail
▪ Document Process
▪ Make sure everything is done
What to Include?
▪ Download Audit History – what happened this pay and who
made the change? – Review
▪ General Steps (refer back to procedures)
▪ Section by Month, Department, Person responsible
▪ Sign-offs
Confidential and proprietary. 4
CHECKLISTS
Confidential and proprietary. 5
Confidential and proprietary. 6
APPROVALS
& REVIEWS
Confidential and proprietary. 7
VERIFYING
DEDUCTION
& EARNING
TAXATION
Confidential and proprietary. 8
VERIFYING
DEDUCTION
& EARNING
TAXATION
Confidential and proprietary. 9
VERIFYING
DEDUCTION
& EARNING
TAXATION
Confidential and proprietary. 10
VERIFYING
DEDUCTION
& EARNING
TAXATION
Confidential and proprietary. 11
INTERNAL CONTROLS
Segregation of Duties
Segregation of Duties (SOD) is a basic building block of sustainable risk management
and internal controls for a business.
Use the “roles and responsibilities” function within software applications wherever
possible, and maintain an SOD workbook of each framework for all key processes. An
advanced organizational control will interface the Human Resources organization chart
with the SOD workbook to create a very strong control mechanism and a simultaneous
management tool for allocating resources and managing to budgets. If roles and
responsibilities are not followed, the opportunity for collusion cannot be controlled within
an organization’s risk preferences or within any acceptable framework.
Confidential and proprietary. 12
INTERNAL CONTROLS
▪ Inherent verification of data
▪ Segregation of Duties - No 1
Person or Department is
able to control the entire
process
▪ Payroll should NEVER enter
Salary information and
process payroll
▪ HRIS should be the only
department with the ability
to change User permissions
▪ User permissions by job
function, not individual
▪ Protected Information!
HRIS ensures permissions are
locked-down
Human Resources ensures New Hire
information completed (including pay)
Supervisor ensures Employee has access
to areas needed
Employee Time Entry with unique identifier
Time approved by Supervisor
Time imported by Payroll Department
Employee changes imported by Payroll
Department
Payroll Department reviews imports for
reasonability (missing timesheets, salary
levels, etc.)
Edits sent back to Human Resources or
Supervisor
Payroll processed and preliminary reports
provided to Management
Management approves and “posts” Payroll
Accounting/Finance sends direct deposit file and verifies all
banking against Payroll reports; general ledger
entry
Employee receives their pay
Confidential and proprietary. 13
Policies, Procedures and Internal
Controls Self-Audit
INTERNAL CONTROLS
Confidential and proprietary. 14
INTERNAL CONTROLS
EP Team Audit (EPTA) Program - Internal Control Questionnaire
Confidential and proprietary. 15
BDO Consulting Segregation of Duties Checklist
Confidential and proprietary. 16
Confidential and proprietary. 17
Confidential and proprietary. 18
REVIEWING BATCH TOTALS AND REPORTS – WHAT TO LOOK FOR
▪ If payroll administrator imported hours or amounts, the payroll administrator should confirm that
the batch totals in your payroll software match the totals that were provided on the original file.
▪ If payroll administrator manually keyed hours or amounts into a batch, the payroll administrator
should confirm that the batch totals in your payroll software match the totals that were provided
from your original source document, if totals are provided. Also, payroll administrator should
have a second set of eyes confirm each entry, to ensure hours or amounts were keyed on
correct employee record.
Confidential and proprietary. 19
BEFORE you “close” Payroll – Review:
▪ Payroll Summary Payroll Recap Funding
▪ Active Employees NOT PAID
▪ Terminated Employees PAID
▪ Vendor Check Summary (compare totals to previous pay)
▪ Live Payroll Check List
▪ Missed Deductions
▪ Labor Distribution Report
▪ Pre-Process Labor Distribution
▪ General Ledger Report
REVIEWING BATCH TOTALS AND REPORTS – WHAT TO LOOK FOR
Compare Totals and Data to Previous Pay
Confidential and proprietary. 20
REVIEWING BATCH TOTALS AND REPORTS – WHAT TO LOOK FOR
▪ If you have special circumstances, such as paying out PTO time, or doubling an
employee’s deduction on a particular pay - create a new batch to capture these special
changes. You can create a worksheet to total these special adjustments manually, then
confirm the batch totals in the payroll software.
TeamSuiteHR
Screenshot
Confidential and proprietary. 21
REVIEWING BATCH TOTALS AND REPORTS – WHAT TO LOOK FOR
▪ Always review each employee pay statement on the payroll register,
specifically those to which manual edits have been made.
▪ Always compare gross wage totals, deductions totals, and taxes total to the
previous payroll. If there is a variance of a certain amount (which could be
different based on Company), provide an explanation as to why the
amounts are less or more the previous payroll run. Examples could be
new hires or terminations, or benefit premium changes, etc.
Add this Process to your Audit & Internal Controls
In the event of a disaster, the
last thing an Employee needs
to hear is “Paychecks will not
be available”
Employees do not care that the
Payroll Processor has: Quit,
was in an accident, on Vacation
and trapped in an airport, etc.
Payroll MUST happen,
regardless
You have to have a contingency plan in place that should, at a minimum, include:
• Communication Plan
• Cross-train: more than 1 Employee should know how to process Payroll (the complete process)
• Staff appropriately
• The back-up Employee should perform the Payroll every few months to stay “fresh”
• Checklists, Documented Processes and Procedures – it may not be a hurricane, it may be a sudden lack of that key Payroll Employee
• Off-site remote Payroll processing
• Laptop, printer, generator, check stock, hot-spot off-site if needed
• “Recovery Site” – but plan for the Payroll processing to happen somewhere else
• “Cloud” access to everything a Payroll processor would need
CONTINGENCY PLANNING
Test your Contingency Plan
- Just like a fire drill
Confidential and proprietary. 23
The back-up Employee(s) should perform
the Payroll every few months
▪ Document everything you do, with Screenshots, helpful hints, etc.
▪ Back-up Employee(s) should use these instructions to test them
▪ Keep Checklists Updated
▪ Demonstrates your knowledge and understanding – adds value
DOCUMENTED PROCEDURES
BEST PRACTICES
▪ If there is going to be a manual adjustment made to your Employee’s paycheck – inform the employee prior
to processing. This will allow the employee to prepare for the adjustment and also ask questions about the
adjustment. This way if you were informed to make this adjustment in error, you still have time to fix before
processing. This also saves you time on pay day!
▪ Understand that taking time to review payroll reports prior to processing can save both you and your
employees a lot of stress. When an employee is over (or under) paid, there are adjustments that need to
be done in order to correct the issue. Sometimes it can wait till the next payroll run, but other times, it
can’t.
▪ Invest in Training: Stay current on legislation relating to payroll law, and take advantage of opportunities
(like this Webinar) to better your payroll processes. Continually look to improve the process to make it both
more effective and efficient for you and the Employees of the Company.
▪ Professional Credentialing. Payroll and Human Resource credentials give you, your Leadership, and
Employees confidence in your role. Regardless of how payroll is processed, or who processes, it is your
responsibility as part of the Team to ensure an Employee’s pay is accurate. Credentialing also requires
continuing education – you will be informed.
▪ Invest in Training your EMPLOYEES: Help them understand their paycheck proactively, so that you will not
have to address impromptu questions later. Empowering the Employee is a benefit that the Employee will
appreciate.
Confidential and proprietary. 25