Zepth Edge · Asset & financial

Asset Disposal

Where assets walk, data leaks, and ghost assets are born.

Last updated

Zepth Edge module

Asset Disposal

AI agent built into the module
Disposal workflows per methodTiered approval routingSegregation of dutiesCertificate capture

$66K

median loss per non-cash misappropriation case — equipment and inventory theft, of which fake and undervalued disposals are a classic vector

ACFE, Report to the Nations 2024

Non-cash misappropriation features in 22% of occupational fraud cases, and runs a median of 12 months before anyone detects it.

$95M

paid by one global bank across two regulators after decommissioned data-centre drives were resold unwiped

OCC (2020) and SEC (2022) enforcement actions, Morgan Stanley

Roughly 1,000 hard drives went to auction without documented sanitisation. The disposal was outsourced; the liability was not.

62 Mt

of electronic waste generated globally in 2022 — of which only 22.3% was documented as properly collected and recycled

UN Global E-waste Monitor 2024

Per-day

penalties for venting refrigerants during appliance disposal — certified recovery is mandatory before a chiller, PTAC or minibar leaves site

US Clean Air Act §608 (EPA)

We do not print a dollar figure here. The statutory maximum is adjusted for inflation annually, so any number quoted on a web page is wrong within the year — and the obligation is the point, not the amount.

Overview

Asset disposal is the governed end of the asset lifecycle: the decision and the process for selling, scrapping, donating, transferring or writing off an asset — with authorisation thresholds, valuation, segregation of duties, environmental compliance and a clean accounting derecognition behind it.

It is the least-loved workflow in asset management and the one with the most exposure. Done loosely, disposal is where assets walk, where data leaks, and where ghost assets come from.

Why disposal is where the exposure concentrates

Three separate exposures converge on a single moment, which is what makes disposal disproportionately dangerous for a workflow most organisations run on an email and a gate pass.

Fraud, first. Non-cash misappropriation — the theft of equipment and inventory rather than money — features in 22% of occupational fraud cases, at a median loss of $66,000 and a median of twelve months before detection. Fake and undervalued disposals are a classic vector, for the obvious reason: an asset that has been recorded as scrapped is an asset nobody will ever look for.

Data, second. In 2020 and again in 2022, one global bank paid $95 million across two regulators after decommissioned data-centre equipment — roughly a thousand hard drives — was resold at auction without documented sanitisation. The disposal had been outsourced. The liability had not. A hotel holds guest personally identifiable information on its PMS servers, its POS terminals and its key-card encoders, and every one of those devices eventually reaches the end of its life.

Environment, third. Refrigerant-bearing equipment — chillers, PTACs, minibar units — legally requires certified recovery before disposal, with per-day penalties for venting. Electronics fall under WEEE and its equivalents. And the global picture is not encouraging: of 62 million tonnes of e-waste generated in 2022, only 22.3% was documented as properly collected and recycled.

What a governed disposal actually requires

  • Segregation of duties is the anti-fraud core, and it is not negotiable. Authorise, execute and record must be three different people. The person who sells the asset never posts the entry. The proceeds are handled by someone other than the seller. Collapse any two of those roles into one pair of hands and you have built the scheme the fraud statistics describe — sold it, pocketed it, marked it scrapped — and you have built it yourself, in your own policy.

  • Authorisation is tiered by value, and two conditions escalate it regardless. Departmental sign-off for small items, rising through to CFO and board as value climbs. But a sale below net book value, and a sale to any related party, need elevated approval and documented justification whatever the amount — because staff buying disposed assets at undervalue is one of the oldest schemes there is. Open bidding or an independent valuation is what defuses it.

  • Disposal, write-off and impairment are three different things, and confusing them corrupts the books. Impairment writes an asset’s value down while you still hold it. Disposal removes it, by sale, scrap or donation. Write-off removes it with no proceeds — lost, stolen or destroyed, and that requires incident documentation, not just a journal entry. Derecognition is the accounting act at the end of a disposal: gain or loss equals proceeds minus carrying amount, and it is not revenue.

  • Disposal discipline is the upstream control for register accuracy. Ghost assets — items on the books that no longer exist — are, overwhelmingly, unrecorded disposals. Fix the disposal workflow and you stop manufacturing them. And watch the trade-in, which is the stealth gap: the old asset leaves inside a procurement transaction, so no disposal record is ever raised, and nobody notices because the paperwork that exists is all about the new asset. Policy has to force a disposal record on every trade-in, or the register will quietly keep the ghost.

  • Renovation is where registers go to die. A PIP cycle generates hundreds of rooms of FF&E at once — liquidation, auction or donation, in bulk, at speed. Two risks ride along with it: revenue leakage on bulk lots that were never competed, and skip-loads of refrigerant-bearing units going out the back with nobody holding a recovery certificate. The volume is exactly what makes item-by-item discipline feel unreasonable, and exactly why it is required.

What happens without a disposal workflow

Assets walk — the ACFE pattern, running a median of twelve months before anyone notices. The seller records the entry, so proceeds are skimmed and the item is marked scrapped, and the control that would have caught it was the one you decided not to build.

IT equipment is scrapped unsanitised, and guest PII leaves the building on a drive you no longer own. Disposals go unposted, so ghost assets accumulate, so the register overstates the asset base, so the audit write-off arrives in a year nobody chose.

And refrigerants are vented, because the unit was in the skip before anyone asked. Per-day penalties follow, and so does the ESG damage — which, unlike the penalty, does not have a ceiling.

How Zepth runs disposal

A disposal workflow per method — sale, auction, donation, scrap, write-off — with approval routing driven by value and by flag conditions, so a below-NBV sale or a related-party purchaser escalates automatically rather than depending on someone choosing to raise it.

Certificates, bills of sale and environmental records are captured against the asset, and the register and lifecycle state update on posting rather than on a follow-up nobody owns. The result is that the audit trail auditors sample is produced as a by-product of working, instead of assembled the week before they arrive.

The value

Why it matters

The scheme that the fraud statistics describe cannot run, because authorise, execute and record are three different people.

Data-bearing devices leave with a destruction certificate and a serial number against them, so a resold drive is not a liability you find out about from a regulator.

Disposals are posted, so ghost assets stop being manufactured at the source rather than cleaned up annually.

Refrigerant recovery and e-waste routes are evidenced, so the environmental obligation is discharged and provable.

Capabilities

What you can do

01

Disposal workflows per method

Sale, auction, donation, scrap and write-off — each with the evidence its method actually requires, rather than one generic form for all five.

02

Tiered approval routing

By value, and by flag condition: below-NBV and related-party purchasers escalate automatically instead of depending on disclosure.

03

Segregation of duties

Authorise, execute and record enforced as three roles. The person who sells cannot be the person who posts.

04

Certificate capture

Bills of sale, auction records, destruction certificates with serials, refrigerant-recovery certificates — attached to the asset, not filed in an inbox.

05

Derecognition and register update

Gain or loss on disposal posted, lifecycle state moved, register and ledger updated together so they cannot drift apart.

06

Bulk renovation disposal

Hundreds of rooms of FF&E handled as a governed batch, with item-level records — which is the only thing that stops a PIP cycle from destroying the register.

The workflow

How it actually runs

  1. 1

    Raise the disposal request

    With justification and photographs. The request is the record that the asset is leaving — and on a trade-in, it is the record that would otherwise never exist.

  2. 2

    Value it

    Net book value against market value, with quotes for anything material. This is the step that turns “sold it cheap to a friend” from an opinion into a documented variance.

  3. 3

    Authorise, on a tier

    By value, rising to CFO or board. Elevated approval for any sale below net book value and for any related-party purchaser, whatever the amount.

  4. 4

    Execute by method, and collect the certificates

    Sale, auction, donation, scrap or write-off. Certificate of disposal, destruction certificate with serial numbers for data-bearing devices, refrigerant-recovery certificate for anything with a compressor in it.

  5. 5

    Handle the proceeds separately

    By someone other than the person who executed the sale. This is the leg of segregation of duties that is most often quietly skipped, and it is the leg the scheme depends on.

  6. 6

    Post the derecognition

    Gain or loss equals proceeds minus carrying amount — and it is not revenue. Register and ledger both updated, in the same movement, so they do not drift.

AI that does the work

How AI changes Asset Disposal management.

Disposal-pattern anomalies.

Serial small disposals sitting just under an approval threshold. Repeat buyers across unrelated lots. Clusters of below-NBV sales. Any one of these is explicable; the pattern is what is not, and a pattern is precisely what a human reviewer of individual requests cannot see.

Missing-certificate detection.

Before closure, not after. A data-bearing device with no destruction certificate, or a refrigerant-bearing unit with no recovery record, is held open rather than closed on trust.

Trade-in detection from procurement records.

The stealth gap, closed. Procurement transactions that imply an asset left the building are matched against the disposals that were actually raised — and the missing disposal record is forced.

Bulk renovation disposal planning.

Drafted from the affected room count and the register itself: what is going, by category, with the refrigerant-bearing units already separated out from the lots that can simply be liquidated.

The engineer’s judgment stays in charge; the AI removes the latency and the blind spots.

Best practices

  • Never let the disposer record the disposal. Every other control on this page is decoration if authorise, execute and record are not three different people.
  • Force a disposal record on every trade-in. The old asset leaves inside a procurement transaction, so nothing raises a disposal unless policy makes it — and this is where ghost assets are quietly born.
  • Compete the bulk lots. A renovation liquidation that was never competed is revenue leakage with a paper trail that says it was fine.
  • Get the certificate before the asset leaves your control, not after. Sanitisation you cannot evidence is sanitisation that did not happen, as far as a regulator is concerned.

Dashboards & reporting

Disposals by method, value and approver, with the gain or loss on each — reported as gain or loss, not as revenue. Below-NBV and related-party sales surfaced as their own view rather than buried in the total. Outstanding certificates by asset. And the reconciliation between disposals posted and the register, which is the report that tells you whether you are still creating ghost assets.

Live dashboards
Drill-down & filters
Export to Excel / PDF
FAQ

Common questions

Who approves an asset disposal?

It is tiered by value — departmental level for small items, rising to CFO and board as the amount climbs. Two conditions escalate regardless of value: a sale below net book value, and any related-party purchaser. Both need elevated approval with documented justification, because both are how the classic schemes are dressed as ordinary business.

What is the difference between disposal, write-off and impairment?

Disposal is the asset leaving by sale, scrap or donation. Write-off is removal with no proceeds — lost, stolen or destroyed — and it requires incident documentation rather than just a journal entry. Impairment reduces an asset’s carrying value while you still hold it. All three end in accurate books. They get there by completely different routes, and treating them as interchangeable is how the books stop being accurate.

Why can’t the person disposing of the asset record the disposal?

Segregation of duties. Authorise, execute and record split three ways is the control that prevents the scheme the fraud statistics describe: sold it, pocketed the proceeds, marked it scrapped. Non-cash misappropriation runs a median of twelve months before detection precisely because the person who took the asset is often the person who wrote down what happened to it.

Read the full answer
What is a certificate of disposal?

Third-party evidence that the asset was disposed of as claimed: a bill of sale, an auction record, a destruction certificate carrying serial numbers for data-bearing devices, a refrigerant-recovery certificate for anything with a compressor. It is the document that closes the audit trail — and it has to be obtained before the asset leaves your control, because afterwards it is a favour you are asking rather than a condition you set.

What rules apply to scrapping IT equipment and HVAC units?

Data-bearing devices need documented sanitisation — NIST 800-88-style, with serial numbers — before they leave your control. Refrigerant-bearing units need certified recovery under rules such as the US Clean Air Act §608, with per-day penalties for venting. Electronics fall under WEEE and its equivalents. Get a certificate for all three, and get it in advance.

Read the full answer
What should hotels do with renovation FF&E?

Compete the bulk lots through liquidators or auction rather than accepting the first offer, use donation programmes where the residual value is genuinely low, and force a disposal record item by item. The volume is what makes that feel unreasonable, and the volume is exactly why it matters — the renovation is where registers go to die.

Read the full answer

Sources

  • ACFE — Report to the Nations 2024: non-cash misappropriation as a share of occupational fraud cases, median loss, and median time to detection
  • OCC (2020) and SEC (2022) enforcement actions against Morgan Stanley — penalties totalling $95m following the resale of unsanitised decommissioned data-centre equipment. Stated as the regulators recorded them.
  • UN Global E-waste Monitor 2024 — e-waste generated in 2022, and the share documented as properly collected and recycled
  • US Clean Air Act §608 (EPA) — certified refrigerant recovery before appliance disposal, and per-day penalties for venting. No dollar figure is quoted here: the statutory maximum is inflation-adjusted annually.
  • NIST SP 800-88 — media sanitisation guidelines for data-bearing devices

Terms defined here

Zepth is the construction project delivery platform — it runs construction, procurement and asset management on one record, and does the work: reading the drawings, reviewing the submittals, matching the invoices and flagging the risks, with a human sign-off on anything consequential.

See it on your project.

A short, tailored walkthrough on your real workflow — no generic demo.