The "Guide for Organizational Representative Payees" recommends that your organization establish internal procedures and guidelines governing how your organization manages beneficiary funds. These internal procedures should also include internal controls to help ensure the integrity and accuracy of your accounting system.
What follows is a brief description of some common practices for ensuring the integrity and accuracy of an accounting system, whether it is manual or automated. Many of these practices are standard in a well-designed accounting system. Your organization may already follow many of these best practices, but you may also find some useful new ideas.
Separation of employee duties helps deter both check fraud and employee theft. When establishing or re-evaluating your internal procedures, consider the best way to separate employee duties. Ideally, assign a different person to perform each of the following basic duties:
- Logging paper checks into the organization as soon as received;
- Depositing paper checks into bank accounts promptly;
- Maintaining ledgers and bank records;
- Making requests for goods and services on behalf of beneficiaries;
- Holding blank check stock;
- Writing checks for approved disbursements;
- Signing checks for approved disbursements; and
- Reconciling ledgers and banks accounts.
SSA realizes that your ability to achieve separation of duties can be affected by the size of your accounting staff.
Your internal procedures should provide for adequate review and supervision of accounting functions. For example, you may require a second employee's approval when a proposed disbursement exceeds a certain limit, assign a second employee to review bills for propriety before a check can be written, and establish a countersignature requirement for all checks written or those that exceed a certain threshold.
You should perform monthly reconciliations of ledgers and bank records as soon as you receive bank statements. Monthly reconciliations will give you the opportunity to adjust for any differences in your records. The reconciliation should include explanations for any differences you find and be kept to document your accounting records. You should not assign an employee who is authorized to deposit or withdraw beneficiary funds to perform this job. Have someone other than the preparer certify that the reconciliation is complete and accurate.
Besides monthly reconciliations, you should conduct internal audits of financial and bank records regularly. The person who performs the internal audit should be someone who can verify the accuracy and completeness of your records, but not the same person responsible for the daily upkeep of ledgers and bank accounts. Finally, you should have an outside contractor or entity conduct annual audits of your financial and bank records.
In a secure cabinet or container, preferably in an access-controlled area, lock up:
- Checks for beneficiaries, until deposited;
- Stock of blank checks; and
- Check signature stamps.
Be sure to change the key or combination to the cabinet or container periodically.
Remember: If your organization receives paper checks, record them right away and deposit them promptly.
When you throw out papers, shred any papers with information identifying beneficiaries. Examples of identifying information that your organization may keep includes name, Social Security number, date of birth, sex, and address. Identifying information could be on bank records, bills, and internal records you throw out.
Your organization should have a backup procedure and disaster recovery plan whether its accounting system is manual or automated. You should regularly (for example, daily, weekly, or monthly, as appropriate) make backup copies of computer and/or paper records and files so you can recover records if your master files are lost, stolen or destroyed. Arrange to store backup copies in a safe place, such as a fireproof, locking cabinet. You should also have a disaster recovery plan so that procedures are in place for using backup copies to restore records and files if this ever becomes necessary.
If you keep your accounting records on a computer, you can help protect your files from unauthorized access by using password protection. Many off-the-shelf software programs include a password protection feature that you can enable for this purpose.
The "Guide for Organizational Representative Payees" explains how representative payees must title bank accounts holding beneficiary funds. Keep in mind that proper account titling will ensure Federal Deposit Insurance Corporation (FDIC) protection of up to $250,000 per depositor in an FDIC insured bank.
SSA has received reports from representative payees that some beneficiaries have gained access to bank accounts even though the accounts were titled correctly. To prevent beneficiaries from making unauthorized telephone and internet transactions, do not reveal their bank account numbers to them.
Occasionally organizations report internal fraud or check fraud to SSA. Fraud might take the form of embezzlement, forged signatures on checks, theft of check stock, and forged check endorsements. We recommend that you work with your bank to help prevent fraud. You may be able to arrange for your bank to check for two signatures whenever a check exceeding a certain amount is presented for payment. Your bank should also be able to advise you about check security features and any fraud prevention programs it has. For example, if a bank has a "positive pay program," it can compare a check number and amount to a list of check numbers and amounts that your organization provides. With a "positive payee program," if you identify the payee of a check you issue, the bank will verify if the payee information is correct when the check is presented.