Version 1.0
Prepared by: @Lorraine Sebata
Approved by: @Marcia Wilkinson
Reviewed date: 2025-09-12
Next review date: 2026-09-11
This policy applies to all employees, contractors, and authorized third parties who have access to and use the company's Xero accounting software.
This policy establishes the guidelines for the use of Xero accounting software at Easyterms. Its purpose is to ensure the integrity, accuracy, and security of all financial data, promote consistency in financial record-keeping, and maintain compliance with internal financial controls and external regulatory requirements.
This policy applies to all employees, contractors, and authorized third parties who have access to and use the company's Xero accounting software. This includes the Finance Department, Branch Managers, and any other staff involved in financial transactions and reporting.
Access to Xero shall be granted on a need-to-know basis. User roles and permissions will be assigned based on the principle of least privilege, ensuring each user has access only to the functionalities required for their specific job duties. All users must have a unique login.
All users are responsible for ensuring the data they enter into Xero is accurate, complete, and supported by appropriate documentation. Any discrepancies or errors must be reported to the Finance Manager immediately for correction.
The Chart of Accounts is a controlled document. No new accounts, categories, or classifications shall be added, deleted, or modified without the express written approval of the Finance Manager.
All financial transactions must be recorded in Xero in a timely manner. This includes loan disbursements, repayments, expenses, and revenues. Bank and other financial accounts must be reconciled in Xero on a daily or at least weekly basis.
Separation of duties will be enforced to mitigate risk. For example, the person responsible for entering invoices should not be the same person approving payments. All significant transactions, such as loan disbursements and large expense payments, must be approved by a second authorized party.
Users are responsible for protecting their login credentials and not sharing them with anyone. All financial data within Xero is considered confidential and shall not be disclosed to unauthorized parties. Any security breaches or suspicious activity must be reported immediately.
Supporting documentation (e.g., invoices, receipts, loan agreements) must be attached to the corresponding transaction in Xero to ensure a complete audit trail.
The Finance Department will generate regular financial reports from Xero for management review. The data within Xero will be the primary source of information for internal and external audits.
Senior Management: Overall responsibility for the approval and oversight of this policy.
Finance Manager: Responsible for managing user access and permissions, maintaining the integrity of the Chart of Accounts, overseeing the reconciliation process, and acting as the primary point of contact for all Xero-related issues.
Finance Department: Responsible for daily data entry, transaction processing, reconciliation, and generating financial reports.
All Users: Responsible for adhering to this policy, accurately entering data, protecting their login credentials, and reporting any issues or discrepancies.
This policy will be reviewed annually by the Finance Manager and Senior Management, or more frequently if there are significant changes in business operations, the use of the software, or internal control requirements.