CREDIT CARD PURCHASES Page 1
CREDIT CARD PURCHASES
A system of internal control may be implemented in many different ways. Because political subdivisions vary in purpose, size and complexity,
no single method of internal control is universally applicable. However, the five internal control components should be present and functioning in all political
subdivisions.
Questions have been accumulated for all five internal control components. This document includes questions pertaining to various
noncompliance issues regarding the use of credit cards. These questions can be used to aid in designing a proper system of internal control over the use
of credit cards that will allow deficiencies in procedures over credit cards to be prevented or detected and corrected. It is not necessary to address all
questions in this document. These are only suggestions and ultimately it is up to the unit on how they implement it. The internal control system as a whole
has to be designed and implemented appropriately in order to allow deficiencies over credit card procedures to be prevented or detected and corrected.
Control Environment
The questions in this section are divided by questions that pertain to the governing board and management.
Risk Assessment
YES NO
1) Does management identify, analyze, and respond to risks related to credit card procedures?
a. What areas have been identified regarding credit card procedures that may be exposed to risk?
b. How has management analyzed and responded to identified risks? For example, management may accept the risk and take no
action, choose to eliminate certain processes to avoid the risk and/or institute proper internal controls.
Governing Board: YES NO
1) Does the governing board oversee the unit’s internal control system regarding credit cards?
2) Did the governing body authorize credit card use through an approved credit card policy? If yes, was the credit card policy
approved in the minutes?
3) Did the credit card policy include the following?
a. Internal control procedures over credit card purchases.
b. Outline the authority and responsibility for credit card purchases within the governmental unit.
c. Issuance and use must be handled by an official or employee designated by the governing board.
d. Limit the number of credit cards and users to a minimum if possible.
e. Set account limits with credit card companies and vendors.
f. Deactivate the ability to make cash advances.
g. The purpose for which the credit card may be used. (travel, online purchasing, emergency/small purchases, automatic
payments)
h. Types of purchases that are prohibited or restricted. (personal expenses, purchases above a threshold amount, etc.)
i. The card must be returned to the custody of the responsible person after credit card purchases are made.
j. The designated official or employee must maintain an accounting system or log which would include names of individuals
requesting usage of the cards, their position, estimated amounts to be charged, fund and account numbers to be charged, date
the card is issued and returned. The log should be reviewed by the appropriate level of management.
k. Credit cards must not be used to bypass the accounting system.
l. Purchase orders are issued to provide the fiscal officer with the means to encumber and track appropriations to provide timely
and accurate accounting information and monitoring of the accounting system.
m. Payments cannot be made on the basis of a statement or a credit card slip only. Supporting documents such as paid bills and
receipts must be available.
n. Any interest or penalty incurred due to late filing or furnishing of documentation by an officer or employee may be the personal
obligation of the responsible officer or employee.
Management:
1) What procedures did management put in place for the handling of credit cards?
a. Does management assign responsibility, and delegate authority to oversee credit card use and ensure that the credit card
policy is being followed?