Is 3 Way Matching a SOX Requirement? 1722

  • In a recent audit, we had an exception noted for not having a ‘3 Way Matching’ control of expenditures, PO to Receiving Report to Invoice.
    My understanding was that Evaluated Receipts Settlement (ERS) - issuing automatic payment upon PO based Receiving Report - was considered an Industry Bet Practice, and I would like to recommend it to our management.
    Is there an audit issue for SOX to accept an ERS based process?
    Is it contradictory to require 3 Way Matching, and then implement an ERS system?
    Thanks in advance,

  • No specific control is mandated by SOX.
    However, 3-way match is a pretty standard key control over purchase to pay cycle. That said it is not necessarily the only key control(s) that you can use to meet the relevant risks.
    Also, it may be OK for you to be initiating payment on the basis of matching order and receipting information - but you surely would still need to obtain an invoice for tax purposes. It is possible that the 3-way match could be completed after payment.
    Also, be aware that in many companies there isn’t really a 3-way match at all but more like 2 2-way matches a) PO to goods received and later b) invoice to goods received.

Log in to reply