The Party’s Over for Two Cardholders Taken into Custody

Two cardholders from a university are facing federal charges in conjunction with internal card fraud, but, as always, I keep thinking about the reviewers/approvers in this case. They are supposed to be the first line of defense against cardholder fraud and misuse, but we all know that managers’ vigilance can be hit or miss. This reality means the auditing process better be sound to catch anything missed at the cardholder and manager levels. Keep reading to see more about the fraud case, obtain six audit recommendations, and learn about a May virtual workshop for auditors.

About the Case

The two employees, who both held research-related positions at the University of New Hampshire (UNH), allegedly used their P-Cards to make thousands of dollars in personal purchases, including Amazon gift cards, and then falsified receipts. As reported by fosters.com, a service of seacoastonline.com:

  • The cards were intended for expenses incurred through research covered by federal grants.
  • They were required to provide receipts and written justification for their purchases.
  • Another UNH department reviewed and approved their transactions, seeking reimbursement from the appropriate grants.
  • A federal grand jury recently indicted both men on 31 counts of theft of government funds.

Read the complete article published by fosters.com. It indicates that the fraud was caught via a random audit, but the exact details are unknown.

Since managers’ vigilance (in overseeing cardholders’ activity) can be hit or miss, the auditing process better be sound...

Audit Recommendations

  1. Do not rely solely on random transaction audits. Be strategic; see examples.
  2. Ensure every cardholder is thoroughly audited at least once per year.
  3. If your organization does not already have it, seriously consider an auditing solution/technology. It covers more ground than what a human can do and is less prone to errors.
  4. For suppliers with whom your organization has an ongoing relationship, obtain reports showing what cardholders have purchased. This can help uncover falsified receipts.
  5. If purchases from Amazon are allowed, audit a high percentage of these transactions every month (audit 100% if using technology). Better yet, switch to Amazon Business, which offers various controls. 
  6. Occasionally verify the presence/location of purchased items to ensure the goods are not somehow “missing,” especially those that might be tempting for personal use.  

See also recommendations related to manager-approvers and how to help them be successful. I wish I knew what the aftermath was for the department that approved the two cardholders’ transactions! Accountability is critical.


P-Card eWorkshop for Auditors

Purchasing Card Audits—Best Strategies for Internal Audit

In early May, I will be delivering a four-hour virtual training course for The Institute of Internal Auditors/American Center for Government Auditing. Targeted at auditors in the public sector, but still suitable for all sectors, the content will help auditors better understand Purchasing Cards and what should be audited. Learn more about this event...  


About the Author

Blog post author Lynn Larson, CPCP, is the founder of Recharged Education. With 20 years of Commercial Card experience, her mission is to make industry education readily accessible to all. Learn more

Subscribe to the Blog

Receive notice of new blog posts.

Maximize manager training.

Are key P-Card messages reaching the management personnel who oversee cardholders? How strong is your training for this important group? Managers are the first line of defense against cardholder fraud and misuse. Prior to anyone fulfilling the “manager-approver” role, training should be mandatory. Some organizations are reluctant to take this step. Others enforce it, but could benefit from doing a fresh-eyes review of what they offer. Keep reading to learn more about the role and acquire tips to help you ensure manager training is effective.

About the Role

First, do you clearly define the manager-approver role? As a best practice, this person should be at least one functional job level higher than the cardholders they oversee. In the case of executive cardholders, the board of directors or similar group should provide oversight. Read about a case of executive card fraud, which demonstrates the importance of holding executives accountable.

Overall, manager-approvers serve as a key control. Communicate that their sign off on a cardholder’s transactions represents that:

  • transactions are for legitimate business purchases
  • the cardholder complied with applicable policies and procedures
  • there is appropriate supporting documentation for each transaction
Do not leave the delivery of important messages to chance. Design manager training to fit their role and schedules.

Do not leave the delivery of important messages to chance. Design manager training to fit their role and schedules.

Training Tips

In a September 2015 blog post, I offered nine tips to help managers be a successful part of a Commercial Card program. One tip was: Specifically design training for managers; make it relevant. While they need to understand the cardholder’s role, too, they do not need to learn the same details. To expand on this tip, they do not necessarily need to know details about declined transactions, initiating a dispute, placing an order, etc. (but cardholder training, as well as the program policies and procedures manual, should cover these topics).

Examples of content relevant to managers include:

  • Why the organization has a card program and the benefits gained; this is important for obtaining their buy-in up front
  • What their role entails 
  • How to review/approve transactions 
  • What cards should be used for
  • Prohibited purchases
  • Prohibited practices (e.g., splitting transactions to circumvent single purchase limits)
  • Supporting documentation requirements
  • Red flag behaviors that could indicate cardholder fraud; learn more
  • What to do if they spot or suspect fraud/misuse

In addition, consider the format and duration. To prevent scheduling challenges associated with classroom-style training, offer an online option that managers can pursue at their convenience. Avoid making it too long. They should be able to complete it within an hour.

Even though making separate, initial P-Card training for managers is extra work (hopefully a one-time effort that only requires minimal updates on a go-forward basis), it can pay off. Envision increased manager satisfaction and improved compliance.

What can you do to improve manager training?

See what else Recharged Education offers on the topic of training.


About the Author

Blog post author Lynn Larson, CPCP, is the founder of Recharged Education. With more than 15 years of Commercial Card experience, her mission is to make industry education readily accessible to all. Learn more

Subscribe to the Blog

Receive notice of new blog posts.

Two card program traps to avoid.

I recently delivered a presentation related to card program expansion. Afterward, two different end-users approached me, both expressing a reluctance to expand. Their reason? Card usage does not save their respective organizations money. As we talked further, the conversations revealed two classic program pitfalls. Following are their dilemmas (one pertains to auditing) plus suggestions to address the issues.

Manually Auditing 100% of Transactions

Driven by a fear of landing in the news for card misuse, the first end-user shared that AP manually reviews every transaction every month. They are not alone. Despite being costly and cumbersome, this type of auditing approach has prevailed since the beginning of card payments, especially within public sector organizations.

Suggestions

If your auditing efforts are primarily manual today:

  • Take the time to calculate the labor cost, based on the amount of time spent auditing and the average compensation of the employees performing the audits. 
  • Compare the labor cost to the value and severity of issues found as a result. You might be spending hundreds or even thousands of dollars to find few issues.
  • Explore automated auditing solutions, which can be tailored to your business rules and are often more effective than manual audits. Depending on your current labor cost, you might get a return on your investment more quickly than you think. Solutions are available from a variety of providers. Start by talking with your card issuer.  

If you are not able to pursue automation, at a minimum consider:

  • a more strategic approach; view examples of audit criteria
  • using Microsoft Excel or similar to filter and sort transactions collectively versus auditing each individual cardholder statement
Avoid the traps that prevent your organization from achieving the savings possible from card usage.

Avoid the traps that prevent your organization from achieving the savings possible from card usage.

No Accountability

The second end-user explained how issuing cards to employees has resulted in shopping sprees. Cardholders leave the office to shop with their P-Cards, wasting time and money. (It was unclear if any purchases were personal/fraudulent.) She said that, even if she strengthened card policies and procedures, there still would not be any consequences for the rogue behavior because management was part of the problem. Sometimes they were the shoppers. I had to agree that what she described was a mess.

Suggestions

The above is an extreme case for which an extreme response might be necessary: scale back or even eliminate the cards. (However, the problematic management team might resist that, too.) Rather than increasing check usage, her organization should at least focus on electronic payments—ACH and/or an electronic accounts payable solution like Virtual Cards or buyer-initiated payments.

Overall, unsupportive management is tough, and sometimes impossible, to overcome. If you are a program manager faced with this issue, try the following:

  • Stress best practices to management, including how a successful card program requires clear policies and procedures, consistent enforcement, and consequences for non-compliance.
  • Illustrate what can happen if program participants are not held accountable for their roles, such as fraud and blown budgets; if possible, quantify the problem. 
  • Propose a call or meeting between your management and the card issuer to discuss the importance of accountability.

Final Thoughts

Before embarking on card program expansion, evaluate the strength of your current program. Does it have a solid foundation on which to grow? Does your organization strive for best practices? Clear up major issues before adding volume.

For more information, access resources on card program management and growth.


About the Author

Blog post author Lynn Larson, CPCP, is the founder of Recharged Education. With more than 15 years of Commercial Card experience, her mission is to make industry education readily accessible to all. Learn more

Subscribe to the Blog

Receive notice of new blog posts.