Journal Entry Approval and Segregation of Duties

We’re looking to add an approval layer for the journal entry process. One option might be to check the “Manually Review All Transactions” box in GL Transaction Type Maintenance, which would send the journal entry to the review journal for approval by someone in the finance manager security group.

I see SingleGLJrn and MultiGLJrn in TransType maintenance, but Epicor doesn’t have any details on what those types are. I checked Field Help, Application Help, Edu course on the posting engine, as well as the posting engine technical reference… Does someone know?

Another option could be to restrict JE’s Actions>Post to a manager security group via BPM or Process Security, while allowing JE entries by anyone that has access to Journal Entry. Post could be based on dollar amount if nec.

Has anyone else been down this path?

Thanks!

Your last approach is the most common, and I consider this the best for accounting transaction controls:
“Another option could be to restrict JE’s Actions>Post to a manager security group via BPM or Process Security, while allowing JE entries by anyone that has access to Journal Entry. Post could be based on dollar amount if nec.”
If you are looking to do this by total value, then I generally suggest do this through a bpm. If it is all GJE, then you could do this through the process security maintenance.
We have also implemented like-procedures for AP and AR.

The Single vs Multi is related to multi-book. You would use this if you are posting to multiple GL books, but this will not help you with your current situation.

this is a common request for american owned companies, so we developed an approval dashboard and prevented anyone from being able to approve journals that they created.

We had a BPM on the Journal Post method (a pre BPM) that didn’t allow a person to post a journal if they were also the Entry person.

following, I have been approached internally about adopting practices such as this recently.

Can you segregate duties with different access on Journal Entry vs Journal Posting Process? If you add users A to the menu security for Journal Entry but remove user A from Journal Posting Process they would be able to create an entry but not post correct?

I have not been able to do it with Menu security but if you look at Process security you can limit posting to a certain group.

With a Method Directive, you could probably block the Post method if the Entry person was the same as the current user.

Ah…so any given individual with access to the “Journal Entry” menu can both Create and Post as long as the current user logged in is not equal to the EnterdBy UserID on the JournalHed when posting?

By default, in vanilla Epicor, the same person who entered can post a JE. You would have to add a Method Directive to the post method can prevent that from happening.