Credit Cards and Fraud

Having a policy can thwart fraud

mbkWhen it comes to fraud in any organization, credit cards are frequently a fraudster’s tool. Because the use of credit cards is so commonplace today, there’s always the risk of improper charges to your account. Credit card misuse could hurt your organization financially and jeopardize its reputation in the community. Always remember that physically locking credit cards only protects you from unauthorized use by those who have never been in possession of the card. Online purchases don’t require physically having the card, just knowledge of the card information. But there are ways to protect your organization against credit card fraud. Developing a credit card use policy is an important first step.

Certain components make sense
While each organization’s policy will vary according to its circumstances and priorities, certain components are both commonsense and essential. It’s important, for example, to address eligibility by setting restrictions on which employees may have or use your organization’s credit cards. You might, for example, want to limit cards to full-time employees who:

  • Travel regularly for their jobs,
  • Purchase large volumes of goods and services for the organization’s use, or
  • Otherwise incur regular business expenses of a kind appropriately paid by credit card.

You also should require written approval from a supervisor prior to having a credit card issued to an employee. In addition, your policy should clearly identify prohibited uses for the cards, such as cash advances, bank checks, traveler’s checks and electronic cash transfers — and explicitly state that the credit cards may never be used for personal expenses. You also might bar using the card for purchases of alcohol or other items inconsistent with your organization’s mission and values. Additionally, you may want to prohibit capital purchases, which often need to go through a more layered approval process. Finally, your policy should specify that reimbursement for returns of goods or services must be credited directly to the card account. The employee should receive no cash or refunds directly.

Spending limits should be specified, preapproval required
In addition to restricting the types of purchases, your policy should set a spending limit. Or you can rely on the specific limit set with the issuer for each card if that limit is in sync with the user’s needs. Do you know you can make more than one payment per month on a credit card? If you must use corporate credit cards, low credit limits are amongst your best tools to limit exposure to fraud. Many nonprofits require all employees to seek preapproval (usually in writing) prior to incurring any credit card charge as a proper internal control. Clearly state in your policy that unauthorized credit card purchases and charges without appropriate documentation are the responsibility of the employee, including any related late fees or interest.

Documentation and statement reconciliation are key
Employees must provide documentation — usually the original itemized receipt — to support all charges. For meal purchases, require employees to provide the names of everyone in attendance and a description of the meal’s business purpose to comply with IRS regulations. Request that all original receipts be submitted to the accounting department in an organized manner, and provide users with a standardized format to expedite processing by requiring department coding and descriptions of each charge. Supervisors should indicate their review and approval of the charges by a signature and date on the receipt or on the required form. Your accounting department should reconcile monthly credit card statements, and the statements should be reviewed by an executive or board member.

Enforcement should be mentioned
A policy without an enforcement mechanism is simply a piece of paper. Your policy should state that violations will result in disciplinary action, up to and including termination of employment and, where appropriate, criminal prosecution. Once you communicate your credit card policy, require the employee to sign an acknowledgment stating that he or she has read and understands the policy and procedures governing credit card use before receiving the card.

The right steps
Credit card use is sometimes a convenient way to handle expenses, particularly for event planning and travel. So if your not-for-profit permits credit card use, make sure that you have controls in place to deter and guard against misuse. Also implement similar controls for debit and purchase card use. Our best advice is:  Don’t go it alone. Ciuni & Panichi, Inc. has a team dedicated to working with not-for-profit organizations. The team provides accounting and 990 preparation as well as management advisory services. Additionally the firm provides consulting services on fundraising strategies, board and volunteer engagement, and marketing. Contact Mike Klein, CPA, Partner, at mklein@cp-advisors.com or 216-831-7171 to learn more.

You may also be interested in:

Smartphones:  The Next Fraud Frontier

Consider Your Not-for-Profit Growth Stage