Purchasing Cards Compromise Business Security
Safer P-Card Practices in Six Steps
Are you looking for a way to streamline your staff’s ability to make purchases AND reduce the amount of paperwork generated by your company’s business activities? Purchasing Cards (also known as p-cards) may be the option you’re looking for – as long as you are willing to implement the proper controls first.
This short article will provide you with the information you need to help prepare your business for p-cards by identifying which cost-effective internal controls will best protect you from becoming a victim of fraudulent activity.
Read Also: Cost-Effective Ways To Deter Fraud
Step 1: Policies & Procedures
Your first line of defense is to make sure your organization’s policies and procedures are current, that they are provided to all employees in writing and that they are easily accessible to all employees and other relevant parties. Your policies should be all-inclusive and should detail the entire purchasing card transaction process, including steps to be taken by key employees, cardholders, management and members of your accounting team. IMPORTANT: Be sure to have written procedures in place to guide you through the p-card termination process to protect your business from former employees as well.
Step 2: Informed Authorization
Once you or another member of your management team has identified a need for an employee to have access to your company’s p-card, the process should be initiated and approved at the accounting level. Prior to issuing the card, the employee should be required to sign a Purchase Card Cardholder Agreement, indicating their acknowledgement and agreement of their expected role in p-card purchases. Consider listing the responsibilities of the cardholder in this agreement as well, including (but not limited to):
- The terms and conditions that govern the card.
- The employer’s purchasing policies and procedures.
- The procedures in place to safeguard the card.
- The procedures for reporting lost or stolen cards to the organization.
Step 3: Review Regularly
Management should review the organization’s p-card user list (at least) annually to ensure that it is current and complete. One best practice you might consider is to offer refresher training sessions to enhance cardholders’ knowledge and understanding of any updated policies and procedures.
Step 4: Set Limitations
You have a variety of options when it comes to controlling what purchases can and cannot be made with your business’s p-cards. You might decide to limit the amount a cardholder can spend on a single transaction, for example, or to place a cap on the purchases an individual can make each month. Another business might find that it’s more effective to use merchant category codes as a way to prevent improper p-card usage. Every business is different. The best way to identify the solution that makes the most sense for you is to work directly with your p-card company.
Step 5: Establish Structure
For every purchase made, make sure that supporting documentation for the purchase is tracked by the cardholder, approved by a supervisor and provided to the accounting department for payment processing. Proper oversight and segregation of duties is necessary when it comes to protecting your business from occupational fraud.
Step 6: Dot i’s, Cross t’s
Supporting documentation should include (at a minimum) related receipts and invoices, itemized description of goods purchased, vendor name, transaction date and transaction total. Furthermore, be sure to reconcile p-card statements to supporting documentation regularly. During the reconciliation process, make sure that the documentation is being reviewed to identify transactions that exceed single-purchase limits, potential split purchases and other questionable transactions.
Purchasing cards can be great if you are looking for a way to streamline your staff’s ability to purchase the items or services they need to effectively to their jobs every day. But it’s only a good option if you take the steps needed to protect yourself and your business from the increased risk of fraud. These steps should help, but if you are still questioning the effectiveness of your internal control structure, email Rea & Associates for more insight.