Hello, we just realized that anyone with the Admin role in Ramp can request a card without any approval process. We are attempting to become publicly traded, so this is a major internal control that the auditors will point out. Can this be fixed, so that no matter your role, any card request (physical or virtual) must go to someone else in the company? We read about the accountant for the Jaguars football team stealing hundreds of thousands of dollars b/c he was the only one in charge of the credit cards.
Another question somewhat related, is what Role would be best for the CEO’s personal assistant, so they can log in and do the admin side of things for the CEO’s charges?
Hey, Steph - former external auditor and current Ramp admin here. From an audit perspective, there are two steps:
- We have our policy set up so that even Admins have to have a secondary approval when they request a card to enforce segregation of duties.
- Since the Admin could potentially turn that feature off to temporarily circumvent the control, a back end check is that the someone who is not an the admin should regularly review spend issuance history and transaction history for admins to make sure nothing was self-approved (@charlotte
Is this a feature Ramp has? Reports that flag self-approval? We need this on our small team, too)
Our executive assistants all have Employee access, but their supervisor has them listed as an assistant under the setup screen.
Hope that helps 
1 Like
Katherine, thanks so much for sharing 
Currently, Ramp does not have a specific feature that flags self-approvals. However, as you mentioned, you can set restrictions on self-approvals in Ramp.
Go to:
Settings → Expense Policy → ‘Expense Approvals’ → ‘Separation of Duties’ → toggle this on
This will ensure that if you’re in the approval chain, you’ll be removed from approving your expenses, and an admin approver will take your place.
Best,
Charlotte
1 Like
Thank you both! I just did all of the above. One last question. I realized my role is ‘Owner’. I am the person in Finance who was tasked with getting the new credit card platform set up, invited to all, I sync the trx every month, and reconcile the account. Will any spend requests, card requests, spend on cards of mine go to my manager or Any Admin as well? After updating our Spend Requests under the Expense Policy this is what it states now:
}
Hi @stephenie! That is correct! As long you have enforced separation of duties, you should be good to go – your requests will now require additional approval.
Best,
Charlotte
1 Like