...
Access to the ACH details entry screen has to be limited to just one person and should not be a shared role, this will put a better control over the activity in case of a dispute. Each user has a pre-defined security role assigned to them in the Employee record. For most of them it is set to "No Admin Privileges" which gives them ability to submit/approve reports but no access to administrative functions.
The security roles for each user can be controlled through the application. The administrators can configure specific security roles for each user by giving them access to certain menu items if needed (without giving them the Main Administrator Role).The security roles are configurable.
...