Segregation of Duties in a Small Government: What Really Matters (and What to Do When You’re Short-Staffed)
Feb 09, 2026
If you work in a small city, village, school district, or county, you’ve probably heard this phrase more times than you can count:
“You need better segregation of duties.”
Easy to say. Much harder to implement when one person is responsible for most—or all—of the accounting work.
The good news?
Segregation of duties is about reducing risk, not achieving perfection. Even small governments with limited staff can build strong controls when they understand what truly needs to be separated and how to layer compensating controls when separation isn’t possible.
This post breaks it down in plain language—for both finance staff and CPAs advising small governments.
What Is Segregation of Duties (and Why It Matters)?
Segregation of duties means no single person should control all parts of a financial transaction from start to finish.
The goal is to reduce:
-
Errors going unnoticed
-
Fraud going undetected
-
Over-reliance on one individual
In government, this matters even more because you’re handling public funds and are accountable to taxpayers, boards, and oversight bodies.
The Core Functions That Should Be Separated
At a high level, segregation of duties focuses on separating four key functions:
-
Authorization – Approving transactions
-
Custody – Having access to cash or assets
-
Recording – Entering transactions into the accounting system
-
Reconciliation/Review – Verifying transactions and balances
Ideally, no one person should handle more than one of these for the same transaction.
Key Areas Where Segregation of Duties Matters Most
1. Cash Receipts
Best practice:
-
One person opens mail or receives payments
-
A different person records receipts
-
Another person reconciles the bank account
Common risk in small governments:
-
One person receives checks, records deposits, and does the bank reconciliation
Why it matters:
-
Cash is the most susceptible to misappropriation
-
Errors or missing deposits may never be detected
2. Disbursements (Accounts Payable)
Best practice:
-
One person enters invoices
-
Someone else approves payments
-
A separate person signs checks or releases ACH payments
Common risk:
-
The same person enters invoices, prints checks, and signs them
Why it matters:
-
Creates opportunity for unauthorized or duplicate payments
3. Payroll
Best practice:
-
One person prepares payroll
-
Another reviews payroll reports before processing
-
Someone independent reviews payroll changes (new hires, rate changes)
Common risk:
-
One person sets up employees, processes payroll, and posts entries
Why it matters:
-
Payroll errors and ghost employees can go undetected
4. Bank Reconciliations
Best practice:
-
Performed by someone who does not handle cash or disbursements
Common risk:
-
The bookkeeper who processes everything also reconciles the bank
Why it matters:
-
Reconciliations are often the only detective control catching errors or fraud
What If One Bookkeeper Does Almost Everything?
This is reality for many small governments, and auditors know it.
When duties can’t be fully separated, the focus shifts to compensating controls.
These don’t eliminate risk, but they significantly reduce it.
Effective Compensating Controls for Small Governments
1. Independent Review by Management or the Board
Even if leadership isn’t “accounting-minded,” review still matters.
Examples:
-
Monthly review of bank statements and reconciliations
-
Review of check registers before or after payment
-
Review of budget-to-actual reports with follow-up questions
The key is documented review, not just a quick glance.
2. Dual Signatures or Payment Approval
-
Require two signatures on checks over a threshold
-
Use ACH approval workflows where one person initiates and another approves
This adds a second set of eyes before money leaves the entity.
3. Restricted System Access
Limit what a single user can do in the accounting system:
-
Separate “enter” and “approve” permissions where possible
-
Restrict the ability to create vendors and issue payments
-
Periodically review user access rights
Even small system tweaks can reduce risk.
4. Board-Level Transparency
Provide the governing board with:
-
Detailed financial reports
-
Check registers
-
Budget variance explanations
Visibility alone is a deterrent.
5. Periodic Spot Checks
Management or another employee can:
-
Randomly select transactions and trace them to support
-
Review vendor changes
-
Compare cleared checks to approved invoices
Unpredictability with these checks matters.
What Auditors Are Really Looking For
For CPAs advising clients:
Auditors aren’t expecting small governments to operate like large ones.
They’re asking:
-
Do you understand where the risks are?
-
Are there controls in place to mitigate them?
-
Is there evidence those controls are actually happening?
A documented review by a superintendent, administrator, or board member often makes a meaningful difference.
Strong Controls Are About Intentional Design
Segregation of duties in a small government isn’t about checking every box.
It’s about designing a system that makes errors and fraud harder—and easier to detect.
Even with:
-
One bookkeeper
-
Limited staff
-
Tight budgets
You can still build a control environment that is reasonable, defensible, and effective.
For governments: focus on transparency and review.
For CPAs: help clients design controls that actually fit their size and structure.
Good controls don’t require more people.
They require more intention.
Your Next Step Forward
Join the newsletter designed to help CPAs take the next best step in building a practice they love, with practical insights, game-changing tools, and quick wins in every email.
We hate SPAM. We will never sell your information, for any reason.