How to reduce the threat of internal credit card fraud

by James Leisner, CPA
Director, Corporate Services
StoneBridge Business Partners

Reprinted with permission from Fraud Matters Newsletter of CPA America.

Credit cards are a fact of life in the business world today.

They can streamline purchases and minimize the need for cash or cash advances. They are widely accepted and recognized in situations where company or personal checks may not be. They can reduce transaction time and reduce the volume of payments, paperwork and transaction costs.

Because credit cards are almost as liquid as cash, they are subject to risk. Theft or abuse by an unauthorized outside party is typically the first concern, but credit card abuse and fraud by those within an organization can also be a source of threat.

Employees already have access to the credit cards, and they know the credit card issuer, number, expiration date, credit limit and, perhaps most importantly, whether their activity is being monitored.

The most common types of credit card fraud are:

Personal charges benefit the individual and could include gasoline for their own vehicle, meals, groceries or other personal expenditures.

Double dipping is using an organization’s credit card to make a purchase and then submitting the documentation for the expenditure for reimbursement. An example is charging a business meal using the company credit card, and then submitting the invoice or receipt for the same transaction for reimbursement on the individual’s expense report.

Safeguards can be put in place to reduce risk and detect mistakes or fraud.

Limit the number of credit cards and authorized credit card users. Use as few providers and cards as possible. One or two issuers might fit all your needs. All authorized users should have their own unique cards that they are responsible for. They should not be loaned or be available to others. Collect and cancel cards when employees leave the organization.

Establish credit limits to limit your exposure. Review your users and their needs. If they don’t need more than a $1,000 line of credit, reduce and limit it to that. Establish low or no ability to obtain cash advances.

Subscribe to credit card company alerts. They can notify the organization of significant or unusual transactions as they occur. Investigate unusual activity immediately.

Be able to quickly report loss, theft or unauthorized use. Maintain in a secure area a list of credit cards by issuers, account numbers, authorized users and issuer phone numbers so that contact can be made quickly if necessary. Prompt notification can reduce or eliminate responsibility for fraudulent charges.

Communicate your organization’s policies. Employees are responsible for the activity on their card and for reviewing the statement for activity each period. Make it clear that the organization’s credit card is for its activities only and that fraud will not be tolerated. Violators should be terminated and prosecuted.

Set the tone at the top. You can lead by example – good or bad.

Receive credit card statements intact and review them. Credit card statements can be altered, revised or edited.

Request a credit card statement cutoff date for all cards that facilitates your organization’s ability to obtain, review and post credit card activity once a month and before month-end to facilitate accounting.

Review credit card activity for the type of expenditure, the vendor and the reasonableness of the amount. Do the types of transactions and the amounts seem reasonable for the organization and the user?

Insist on receipts. As the credit card is used, insist that original receipts be obtained as part of the documentation for the expenditure. Do not let the invoice, the credit card receipt or the credit card statement be the only supporting piece of documentation. The credit card transaction is the means of payment. It is usually not the sole piece of documentation.

Review expense reimbursement claims. Compare the expense report activity to the organization’s credit card statement, scrutinizing for the same vendor and/or amounts. Be alert to altered amounts and claims, as well as expense report claims made months after the original charge was made. Analytically review expenses, compare them to budget and investigate variances.

To effectively reduce the threat of credit card fraud, monitor credit card activity closely – and let your employees know that you are watching.

Return To Fraud Article Library