Self-service is becoming relatively common for employees, who can di­rectly access the payroll system and change their address, tax deductions, benefits deductions, and related information. In addition, some companies have separate self-service systems for managers that allow them to enter pay rate changes, termination and hire dates, and similar types of information. Because these systems are based on the concept of switching the payroll staff from data entry work to process monitoring, any controls added to this process should not require manual labor by the payroll staff. Instead, the computerized self-service functions should include these automated controls.

• Install limit checks on pay rate changes. Managers should be allowed a budgeted maximum pay rate change per employee, after which work flow software should route any change request to a higher-level manager for further review.
• E-mail employees with change information. Whenever an employee uses a self-service screen to alter information, the system should send a confirming e-mail message detailing the change. This gives employees the opportunity to spot errors in their entries, while also notifying them if someone else has gained access to the payroll system using their ac­cess codes and has altered their payroll information.
• Notify payroll staff of unauthorized state residencies. If an employee uses the self-service feature to record a state of residence for which the company is not set up to record state income or unemployment tax remittances, the system should notify the payroll staff. The address change should also be rejected until the correct tax identification num­bers have been obtained from the targeted states.
• Require secondary approval or notification of bank account number changes. If an employee has been terminated and another person obtains access to their self-service user ID and password, that person could alter the bank account numbers to which direct deposit pay­ments are being made so that funds are sent to his or her personal ac­counts. By requiring secondary approval of these changes, or at least notification of another person, the risk of such changes occurring is reduced.
• Link termination information to self-service access. If an employee leaves the company, the easiest way to commit fraud is for another em­ployee to continue making payments to that person and to intercept the payments for personal use. To avoid this problem, termination informa­tion from any other system in the company-pension plan, benefits, even building access codes-should be interfaced to the self-service feature and automatically shut down access to it while also notifying the pay­roll department that no further payments should be made, other than a termination payment.

[tags]self service payroll, controls payroll[/tags]

Tags: controls payroll, self service payroll