Model SACCO

Internal Control Policy

.
1. DEFINITION

Internal Control is the coordination between the Accounting System, employee duties,
and management procedures, whose purpose is to get reliable information and to
protect assets. An internal control structure thus aids Management in running the
SACCO in the most efficient manner, avoiding possible risks, and ensuring benefits
for the members.

2. INTERNAL CONTROL AS A WAY TO PREVENT FRAUD AND DETECT

ERROR

In order to prevent fraud and detect errors, the main goal of any SACCO management
is to run it in such a way that results are positive, that is, generation of institutional
capital that provides security for its members. This is achieved through ensuring the
quality of the services offered, so management should promote maximum efficiency in
all the operational areas, such as attraction, management, and use of financial
resources. It is thus necessary to institute policies which will allow:

a. an adequate selection and hiring of personnel, their training and compensation;

b. communicating regarding the way in which goals will be met;
c. monitoring performance through supervision;
d. internal personnel rotation;
e. function segregation.

Monitoring and supervision effect primarily documentation supporting operations,

how they are posted, and the presentation of financial reports which reflect the status
of the SACCO and its results.

It is management’s responsibility to institute and supervise a system for Internal

Control that is able to prevent and detect fraud and mistakes. Every system is subject
to failure; even if control is efficient, it will not be totally fraud- or error-free.

It is necessary to keep in mind some considerations regarding Fraud and Errors:

FRAUD: It is defined as the premeditated distortion of financial information,

which may be carried out by one or more members of the SACCO and
which may also involve persons outside the SACCO.

2
Common kinds of fraud include:

 forging or alteration of documents;

 embezzlement;
 omission of operation effects;
 keeping records of fake operations;
 wrongful usage of accounting policies.

ERROR: It is defined as an involuntary mistake in financial information. Some

typical errors include:

 Arithmetic or recording errors in documents and main ledgers;

 Omission or incorrect entry of an operation;
 Incorrect usage of accounting policies.

The following list includes a series of conditions and circumstances which should be
kept in mind in order to reduce the possibility that the safeguards of the control
systems are violated:

a. Management should not be controlled by a single person or a small group of

persons.

b. Ensure that the efforts to correct deficiencies in internal control are successful;

c. Prevent constant turnover of personnel in charge of accounting and finances;

d. Make sure the Accounting Department has sufficient and qualified personnel;

e. Prevent constant turnover of auditors and supervisors, both internal and

external;

f. Do not exert excessive pressure on the Accounting Department to produce

reports in a short period of time;

g. Ensure all personnel have and use vacation time;

h. Verify the posting of unusual operations, especially on dates close to the

accounting closing date and which have an important influence on the
accounting period’s results.

i. Pay special attention to payments for services received which appear excessively
large, whether these be technical or administrative. Examples include: lawyers,
consultants, electric utilities, phone service, etc.

3
4
 j. Inadequate records, for example:

 Misplaced files
 Excessive adjustments
 Entries in the general ledger not reconciled with auxiliary records,
etc.

k. Inadequate support documentation for operations:

 Lack of authorization;
 Document alteration;
 Documents that do not fulfill legal requirements, etc.

3. SPECIFIC INTERNAL CONTROLS

The following is a brief list of control actions and procedures, related to credit services
and their relationship to the handling of liquidity.

3.1 AVAILABILITIES

Segregating Functions to Personnel

One specific employee will have control and responsibility over:

 operation codes;
 books of unused cheque stubs;
 issuing cheques which support payment orders and verified receipts;
 cheque protection machines;
 protection of cheques issued, and
 ensure numeric order of both issued and voided cheques.

Accounting personnel should have a daily cash-box audit for each recipient to
ensure that there are no significant shortages or surpluses.

At the end of each day, the Head Cashier should collect the funds assigned to
each recipient and deposit them in the safe or vault. He/she will also be
responsible for removing excess cash and providing cash when recipients ask
for it.

5
 Adequate function segregation should be achieved in the following way:

 The heads of the different areas will be responsible for authorizing

operations.
 The Cashier is responsible for issued documents.
 Accounting is in charge of the posting of the operations.
 Someone unrelated to the above processes will be in charge of
handling blank documents.

Separate duties should always be distributed among two or more employees.

One person shall be appointed to maintain control of the keys for the cashier
area.

Books of blank receipt stubs should be controlled by personnel unrelated to the

Cashier and Accounting departments.

Handling of Bank Accounts

The Board of Directors shall authorize the set of signatures registered for
issuing checks, and in no case may signatures from accounting personnel be
accepted.

It is required to have joint signatures when issuing checks and withdrawing

funds from a savings account.

Always issue checks payable to a specific person or institutions and never issue
a check payable to the bearer.

All issued checks should be non-negotiable to protect the issuer and recipient.

Forbid the signing of blank checks. No responsible employee may sign checks
without the corresponding supporting documentation.

Income

Never accept checks:

 dated beyond the current date;

 issued to third parties;
 which are personal checks from employees for cash exchange.

6
 All checks received must be deposited and verified daily so that the total
deposit matches the amount stated in the daily income report.

Apply to all checks received the Usual Collection Reserve to ensure that there
will not be withdrawals on resources not yet verified by the Bank.

The receipts issued should be pre-numbered and authorized by the appointed

institution.

For issuing and operating receipts, a numerical and chronological sequence

must be followed.

Income and withdrawal receipts and slips should be signed by the entering
party.

Expenditures

All payments to suppliers should be done by check.

There must be written guidelines which regulate the maximum amount of cash
to be kept in the cash-box by each recipient. In any case, it must be ensured
that the cash amounts never exceed the amount covered by loss insurance.

All loan disbursements should be documented by a Payment Order issued by

the credit area and authorized by Management.

For every expenditure there should be an authorization via payment order,

purchase order, or an application for check issue signed by the higher
command levels.

All exit vouchers should contain the following features:

 numerical and chronologically ordered pre-numbered forms;

 authorized by the corresponding authority;
 all amounts written in both numbers and letters.

Security

The SACCO should have the appropriate protection (adequate bonding) for
those employees who handle funds and valuables.

There should be dual control of the vault and safe combinations and keys.

7
 Upon replacement of those personnel in charge of vaults and safe
combinations, the combinations should be changed forthwith.

Documentation of the vault and safe combinations and duplicate keys should
be secured in a location apart from the SACCO.

Registration and Conciliation

Entries and postings in auxiliary registers (Cards) and notebooks are valid if
they are:

 simultaneous and thorough;

 reviewed daily and matched with receipts to ensure their validity.

Expenditure reports, daily reports, summaries and income vouchers must be

signed by the reviewer and the author of such documents before they are
posted.

Payments made for savings withdrawals, contributions and loans should match
the entries in the auxiliary registers.

Bank Conciliations

Maintain records of rejected checks and of charge or deposit notes received

from the bank.

Maintain official monthly conciliations.

Investigate conciliation entries and/or any differences that may arise.

Bank conciliations must be prepared by personnel unrelated to areas which

issue checks or make deposits.

3.2 LOAN AREA

Disbursement

Prior to loan disbursement, the person responsible for expenditure certification

documents must ensure there is an appraisal of the real assets offered as
guarantee and lien certification in favor of the SACCO issued by the
corresponding authority.

Loans made to directors and employees will not be disbursed unless there is
authorization from the Board of Directors.
8
For each loan either the Financial Department or the Credit Department must
issue a payment order prior to disbursement.

Personnel who participated in the analysis or authorization stages of the credit

application may not authorize disbursement.

Document Safeguarding

There should be two files for each approved credit:; legal documents and
administrative documents.

The legal files should be kept apart from the administrative files. Ideally, the
legal files would be microfilmed or recorded on magnetic media.

Accounting will post the real guarantees accepted into order accounts and will
randomly spot-check appraisals to ensure that all the documents are there and
that no mortgages have been released in a disorderly manner.

No guarantee deed may be given to the member unless written proof of total
payment is provided, whereupon member may remove the lien from the
property. The documents returned and the issued Letters of Total Payment will
be cross-referenced to ensure validity.

Control of co-debtors will be administered to avoid possible duplication of

granted bonds.

The filing system must provide adequate physical protection for files.

The custody of loan files should be the responsibility of a single employee, who
will keep a detailed log of the exit and entry of all loan files.

There should be control of pending loan files and of canceled loans.

Members should receive their contracts when their loan is canceled.

Information

There shall be periodic and random reviews of the quality of the information
kept in delinquency, purged credits, and recovery of written-off loan reports.

The Board of Directors will be informed of and act upon delinquent loans of
employees and executives and will take action.

9
 The Chief Financial Officer will supervise transactions between the auxiliary
registers and the general ledger and will inform Management of any differences
found in order to take pertinent actions.

Members balances should be confirmed annually.

3.3 ELECTRONIC DATA PROCESSING

Access to cashier’s screens are visible or where visible transactions take place
shall be restricted to avoid unauthorized transactions.

There shall be different passwords to access the different operational levels, as a

preventive measure so personnel may only have access to those applications or
programs they are allowed to modify. These levels should be set for:

Consultations, Operations, Changes, and System Administration.

The system will keep a log of all people who access the different levels and
workstations for auditing purposes.

10
Backups should be made in accordance with the following timetable:

Transaction information Daily

System Monthly

System backups should be made on two different media and be stored in

different places, and at least one of them should be outside the SACCO offices.

Whenever possible, have two disks with the same information so that service
will remain uninterrupted even while problems are being tended to.

There must be a contract that allows for the procurement of support

equipment during periods hardware failure.

All system corrections should be logged and adequate supervision levels

established that state who will be in charge of authorizing changes, depending
on the area in question.

Fixed schedules shall be created for receiving data and for issuing the reports
obtained from the processed data.

11