What: when posting manual journal entries, a 4-eye principle should be applied, in the sense that an entry created by a user needs to be approved/ authorized by another user before becoming effective. In other words:
- whenever a Journal Entry is created, the status of this entry should be “authorization pending”
- there needs to be a screen where a designated user with an "authorizer" role has an overview of the pending journal entries that need to be approved
- when clicking on any of the entries pending approval, the system should display the originally entered information and give the "authorizer" user the possibility to reject or accept the entry
- if rejected, the journal entry should be deleted (audit trail should be available of this).
- if accepted, the journal entry is booked (also with audit trail)
Ideally, the "4-eyes" option should be parameter-driven - i.e. tenants who don't want to apply it should have the possibility to disable it.
Why: reviewing and authorizing journal entries before they are effectively posted on GL accounts is a best practice workflow recommended (and often required) by auditors.