When people leave: How offboarding processes fail to address authorised signatory removal
Most organisations take offboarding seriously: access to systems is revoked immediately, laptops are returned, accounts are closed, and HR records are updated. But there is one critical blind spot that many governance teams only discover when something goes wrong: outdated authorised signatory powers.
When an employee leaves, there is often no automated mechanism to remove their signing authority from banks, vendors, registrars, or internal approval workflows. In large organisations, these permissions may remain active for months or even years. This creates a substantial control risk, and it's rarely intentional. It's simply the result of fragmented ownership and systems that don't communicate.
The authorised signatory offboarding gap
Who's responsible for updating authority? HR? Legal? CoSec? Treasury? Operations? Each assumes another team is handling it.
This ambiguity is dangerous. A former employee with outdated authorised signatory status may still be authorised to approve payments, sign contracts, or execute legal documents. While malicious actions are rare, the bigger issue is accidental compliance failure. A historic approval may be questioned, an audit may flag inconsistencies, or a bank may reject a mandate update due to conflicting records.
The bigger the organisation, the bigger the gap. Traditional entity management software tracks corporate structures and filings, but wasn't designed to integrate with HR systems or manage real-time changes to authorised signatory permissions.
CoSec teams often discover the issue when preparing for an audit or during a governance review, at which point retrospective clean-up becomes painful, time-consuming, and politically sensitive.
Why this matters for governance and compliance
Failing to remove departed employees from authorised signatory lists creates multiple risks:
Operational delays when banks or counterparties identify discrepancies
Compliance failures under frameworks like MiFID II and AML regulations
Fraud exposure if outdated records enable unauthorised transactions
Legal disputes when contracts are signed by individuals without valid authority
Governance gaps that undermine board and executive confidence
Closing the gap: Integrating offboarding with authorised signatory management
Closing this gap requires a more integrated view of authority and a process that connects people changes to permission changes automatically. The modern approach includes:
Automated triggers for signatory removal when employees leave
Centralised authority records that eliminate outdated spreadsheets
Cross-functional visibility for HR, CoSec, Treasury, Legal, and Compliance
Audit-ready documentation with complete traceability
Proactive alerts when signatory records need updating
When offboarding and signatory governance are aligned, governance becomes safer, simpler, and more predictable.
The solution: Purpose-built authorised signatory management
Cygnetise bridges the gap between employee changes and authorised signatory updates, ensuring authority is efficiently adjusted when people join, move, or leave. The platform provides:
Centralised authorised signatory records integrated with organisational changes
Automated workflows for signatory removal during offboarding
Real-time updates shared instantly with internal teams and external partners
Complete audit trails showing exactly when and why permissions changed
Cross-functional visibility across governance, treasury, and compliance
Offboarding becomes seamless, secure, and audit-ready, eliminating the retrospective clean-ups that consume valuable governance resources.