Procure to Pay : Invoice Processing Internal Audit

April 22, 2023 VMS Internal Audit 0

We have seen the goods receipt process in the previous article. We will not look at how the invoicing processing is performed and the test steps required to perform the audit. Invoice processing is an account payable function, whereby the invoices are handled, which are documents that contain the details of the goods and services provided by the vendor. Once the invoice is received, the accounts payable team has to review the details on the invoice, verify and then approve it for payment.

The key steps involved in invoice processing typically include capturing the invoice information, such as the vendor’s name, invoice number, and payment amount; matching the invoice with purchase orders or other supporting documentation; verifying the accuracy of the information and resolving any discrepancies or exceptions; and approving the invoice for payment.

When conducting an audit of invoice processing, it’s important to recognize that this activity is part of a broader procurement process that involves several interconnected stages, from purchase requisition to goods receipt. In addition, effective invoice processing relies on accurate vendor and material master data.

To ensure a thorough understanding of the invoice processing activities, it’s essential to gather complete and relevant information from the client. This includes the necessary fields for analytics and a clear understanding of the fields in the invoice data.

By comprehensively understanding the invoice processing process, auditors can identify weaknesses and inefficiencies that may exist in the process. However, it’s important to recognize that the specific process may vary depending on the organization and industry type. Thus, auditors should consider the context and relevant regulations to ensure that their audit findings are accurate and actionable.

Here are the key internal audit test steps to consider while performing an audit on invoice processing.

 

Below are the detailed test steps to consider:

3-Way Match:

  • In a 3-way match, it’s important to understand if there’s a way to bypass. If the auditor identifies instances, there is a need to probe further into potential cases that could be there from a design perspective.
  • Perform testing in a test environment to find out if it’s possible to process an invoice that is inconsistent with the purchase order and the receipt of the good.
  • Check if the system has controls defined for any override of the three-way match. If so, are the access controls restricted to the allowed party?
  • Understand recording an invoice without purchase orders. Typically, a small percentage of invoices will be directly expensed outside of the budget but will be charged to the appropriate expense control account. Obtain a sample of such invoices and review if they have been processed accurately.
  • Check for purchases routed in the non-PO method should have been done through a PO. Checking the goods or services received and comparing them with the purchase order dump will provide the output.

Tax, Freight & other charges:

  • Review if such charges are maintained through separate master files, auditors should review the access controls and processes for creating and updating these files. A sample check of the master file entries should also be performed to ensure their accuracy and proper approval.
  • If such charges are not controlled through separate master files but are instead entered manually at the time of invoice creation, auditors should select a sample of invoices and test whether the related information was accurately captured in the ERP system and is consistent with the PO terms.

Vendor Invoices not accrued correctly:

  • Review if monthly accruals are performed to identify and record liabilities in the proper period.
  • Select a sample of accruals (including invoices pending to be received, goods received, etc.) and trace to supporting documentation to test accuracy and approval.

 

When auditing the invoice processing activity, it’s critical for the auditor to conduct a comprehensive walkthrough of the ERP system to ensure that the controls in place align with the defined processes. The auditor should assess the effectiveness of the controls to detect and prevent errors, fraud, or other risks that may be prejudicial to the company’s interests. By performing a thorough review, auditors can identify potential control weaknesses or inefficiencies and make appropriate recommendations to strengthen the overall control environment. Read IT controls for P2P here.

Thanks for reading. Until next time!

About VMS 36 Articles
An Internal Auditor by profession and passionately taking my baby steps into data science with hope to contribute something valuable to the society someday. This blog is a long time dream and thanks to the lock down due to the pandemic it sees it's fruition. My posts will predominantly be on Internal Audit & Data Analytics & related posts, but will also have useful posts & quizzes related to courses relevant to the main topics & also certain irrelevant topics on my travel, music, movies and few other things I try my hands on. Hoping my posts help you learn new things, inspire you to do new things if not somewhat enjoyable. Happy Reading ! Connect with me here > https://www.linkedin.com/in/meenakshi-sundaram-b18a4399/

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.