Segregation of duties (SoD) and user access governance constitute a foundational layer of internal control in treasury operations, but the cross-border character of multinational treasury complicates their design and operation. Common platforms, regional service centres, and local statutory requirements interact to produce a control environment in which rigid SoD rules developed for single-jurisdiction operations produce material inefficiencies without necessarily reducing risk. This article develops a cross-border SoD and access-governance framework for multinational treasury functions, grounded in the Committee of Sponsoring Organizations of the Treadway Commission (COSO) internal control framework (COSO, 2013), the ISACA Control Objectives for Information and Related Technology (COBIT) framework (ISACA, 2019), and the empirical literature on information-system access controls (Warkentin & Willison, 2009; Hoitash et al., 2009). The framework distinguishes three control layers: transactional SoD within the treasury management system, functional SoD across treasury teams, and cross-border SoD between shared-service centres and local treasuries. It identifies the control-objective conflicts that arise between efficiency-maximising and risk-minimising access designs, and proposes a governance architecture for resolving them. The article develops six propositions about the relationship between access-governance maturity and treasury-specific risk outcomes, including unauthorised-payment frequency, reconciliation-break volume, and audit-finding severity. It concludes by identifying research priorities including the effect of emerging identity-governance technologies on SoD enforcement cost, the interaction between Sarbanes-Oxley (SOX) Section 404 testing and cross-border SoD design, and the moderating role of treasury centralisation on access-governance effectiveness.