I have been asked on more occasions than I care to remember to draft/document the Levels of Authority for various businesses. Sure, these levels are intrinsic in the safeguarding of assets and fraud prevention, plus they are a cornerstone of a robust system of internal financial controls. What’s not to like? Well, what they are not is a policy that sits on a shelf and gathers dust purely to satisfy statutory provisions and that is what I don’t like.
In order to be effective, a system should be configured in a way to ensure the desired outcome of a policy is achieved. But a policy is not, per se a control, even if it is Gazetted. Think of policy in terms of the Parliamentary handbook – which consists of fabled rules and regulations the Honorable members are supposed to follow. But how many times have we seen those pesky red overalls ignoring house rules and the Speaker shouting “Order” ad nauseum. Now if, for example, the punishment for disrupting a parliamentary sitting was public crucifixion, I would expect a sublime improvement in the overall control environment and behaviour of the Honorable members.
My demonstration is probably overtly harsh but my point is that rules are pointless unless they’re enforceable. Policies are the building blocks but unless they are/can be implemented, they are like our politicians, useless. Having said this, let’s not lose sight of Authority Levels and their purpose – it is irrefutable proof that Management is fulfilling one of their most important functional roles which is delegation. Providing a lesser mortal with a clear level of authority not only frees up the C-Suite’s time to focus on strategic issues, but it also empowers individuals; giving them a sense of responsibility and purpose which is a vital part of building a culture of continuous learning.
In my next column, I will elaborate on the importance of a sound internal control environment and its role in assuring the accuracy of an organization’s financial accounts. Until next time, stay true to yourself.