<% Option Explicit Response.Expires = 0 Response.Buffer = True %> <% 'If Session("passed")<>True Then ' Response.ReDirect "invalid_route.asp" 'End If %> Honesty in Cashiering


Maintaining honesty in your Cashiering Department

Published by Quantrax Corporation, Inc.
January 2002

While it is something we may not often talk about, within any collection operation, we must accept the existence of the potential for money to be "lost" in the area of cashiering. While no system is perfect, understanding your processes, your software and audit trails will help to minimize the risk of any losses. This document discusses this area and is designed to make you aware of possible problems and some of the solutions.

The most common problem you will face is the possibility that cash received does not get deposited, and is removed from the office by an employee. In every office there is a procedure for handling cash, and this usually involves issuing a receipt and balancing the cash deposit to the total of the receipts issued. This is usually a simple and effective system, but can be challenged by creative individuals. Consider the following example.

In the above circumstances, we have encountered creative employees who have found ways to overcome some of the obvious clues that would be left in executing such a plan. Take the example of entering the balance adjustment. During Nightly Processing, Intelec will print a detail list of all transactions for the day, along with the UserID of the person who posted the transaction. This information is also retained on the payment history for future use. If a person wishes to process a balance adjustment, without the risk of being detected, we have encountered instances where a person has entered a transaction at a different user's display station. (One that was left unattended and not signed off!)

A more creative method of hiding the transaction is to change the data on the files! Most computer systems have utilities that allow a user to access a record in a file and change some or all of the information on that file. As an example, it is possible to locate a payment transaction and change the payment amount after the transaction has been posted. Even if the method of doing this is known to someone, Intelec has sufficient security to prevent this. Remember that Intelec is a menu-driven system and users can only work within the menu options. Certain users can be allowed to "get to the system", but this a special authority that must be granted to that user. There is also a "Security Officer" in any company, who has access to the system and its utilities. These users will usually have more access to the system and will not be restricted by the rules within Intelec. As an example, if someone wanted to reduce the deposit for the day by $100, they could go into the payment history file and reduce a payment by $100, after the transactions had been posted! In the case of the AS/400, while a report may be printed when such a change is made, a determined individual could destroy that report and any edit reports, to remove any trail of their activities.

How does Intelec address these issues? While there is no specific safeguard against the theft of money, there are several things that can be used to identify a problem. Remember that if you give the authority to someone to access any area of the system, including system utilities, it is very difficult to stop such a person from using that authority to their advantage. This is no different from an employee who has the keys to the office and chooses to misuse their privileges.

Your defense against electronic fraud begins with good procedures. Make sure you have a system that tracks all cash that is received and deposited. You must restrict the number of people who have access to cash. You will need to decide whether you use your own receipts or use Intelec's receipt for payments received. Talk to your accountant about security such as numbered receipts, multiple receipt books etc. In addition :

In this type of operational area, where there are many variables to contend with, presenting an image that you are in control is very important. Automation will not provide all the answers. You have be alert at all times and ensure that everyone understands that you have designed and implemented excellent procedures. Discouraging a person from being dishonest may be the best plan of action for maintaining honesty within your cashiering department!

© Quantrax Corporation, Inc. 2002

Please sent comments to ranjan@quantrax.com