Misuse of Government Purchase Cards
Misuse of Government Purchase Cards
July 30, 2008
Garrett L. Hatch
Analyst in American National Government
Government and Finance Division
Misuse of Government Purchase Cards
Summary
Since the mid-1990s, the use of government purchase cards has expanded at a
rapid rate. Spurred by legislative and regulatory reforms designed to increase the use
of purchase cards for small acquisitions, the dollar volume of government purchase
card transactions grew from $527 million in FY1993, to $18.7 billion in FY2007.
While the use of purchase cards has been credited with reducing administrative costs,
audits of agency purchase card programs have found varying degrees of waste, fraud,
and abuse. One of the most common risk factors cited by auditors is a weak internal
control environment: many agencies have failed to implement adequate safeguards
against card misuse, even as their purchase card programs grew.
In response to these findings, Congress has held hearings and legislation has
been introduced that would enhance the management and oversight of agency
purchase card programs. One of the most comprehensive proposals before the 110th
Congress is the Government Credit Card Abuse Prevention Act, which was
introduced on March 7, 2007, in both the Senate (S. 789) and the House (H.R. 1395).
Drawing on GAO recommendations, the bill would require agencies, other than the
Department of Defense (DOD), to implement a specific set of internal controls,
establish penalties for employees who misuse agency purchase cards, and conduct
periodic risk assessments and audits of agency purchase card programs. DOD would
be required to expand its use of technology to prevent and identify fraudulent
purchases, conduct periodic risk assessments and audits, and develop more specific
rules regarding card deactivation of former DOD employees.
This report begins by providing background on agency purchase card programs.
It then discusses identified weaknesses in agency purchase card controls that haveth
contributed to card misuse, and examines legislation introduced in the 110 Congress
that would address these weaknesses. The report will be updated as events warrant.
Contents
Background ..................................................1
Structure .....................................................4
Agencies .................................................4
GSA ....................................................5
OMB ...................................................5
Purchase Card Program Weaknesses...............................6
Ineffective Transaction Review and Approval Processes...........7
Inconsistent Program Monitoring.............................9
Lack of Separation of Duties.................................9
Inadequate Training.......................................10
Excessive Number of Cards Issued and High Credit Limits........11
Policy Proposals..............................................11
OMB Guidance..........................................11
Pending Legislation.......................................12
Other Considerations..........................................13
Staffing Levels...........................................13
Misuse of Government Purchase Cards
The General Services Administration (GSA) manages the federal government’s
charge card program, known as SmartPay. Through SmartPay, agencies are able to
select charge card products and services from contracts that GSA has negotiated with
major banks. The contracts allow agencies to select different types of charge cards,
depending on their needs. SmartPay charge card options include purchase cards (for
supplies and services), travel cards (for airline, hotel, and related expenses), and fleet
cards (for fuel and supplies of government vehicles.) This report focuses on purchase
cards.
The use of purchase cards has expanded at a rapid rate since the mid-1990s.
Spurred by legislative and regulatory reforms designed to increase purchase card use
for small acquisitions, the dollar volume of federal government purchase card1
transactions grew from $527 million in FY1993, to $18.7 billion in FY2007. While
the use of purchase cards has been credited with reducing administrative costs, audits
of agency purchase card programs have found varying degrees of waste, fraud, and
abuse. One of the most common risk factors cited by auditors is a weak internal
control environment: many agencies have failed to implement adequate safeguards
against card misuse, even as their purchase card programs grew.
In response to these findings, Congress has held hearings and legislation has
been introduced that would enhance the management and oversight of agency
purchase card programs. In addition, the Office of Management and Budget (OMB)
has issued guidance that requires agencies to implement internal controls that are
designed to minimize the risk of purchase card abuse. This report begins by
providing background on agency purchase card programs. It then discusses identified
weaknesses in agency purchase card controls that have contributed to card misuse,th
and examines legislation introduced in the 110 Congress that would address these
weaknesses.
Background
The government’s purchase card program has its origins in Executive Order
12352, issued by President Reagan in 1982.2 E.O. 12352 directed agencies to
develop programs that simplified procedures and reduced the administrative costs of
1 U.S. General Services Administration, Fiscal Year 2007 Card Sales Transactions and
Cardholder Data, Jan. 10, 2008, at [http://www.gsa.gov/gsa/cm_attachments/
GSA_DOCUMENT / GSA_SmartPay_Program_Statisti cs_March_2008_R2-u-f6_
2 Executive Order 12352, Federal Procurement Reforms, 47 Federal Register 12125, Mar.
procurement, particularly with regard to “small” purchases ($25,000 or less). Several
agencies subsequently participated in a pilot program that evaluated the use of a
commercial credit card, called a purchase card, as an acquisition tool.3 At the time,
even a routine order for widely available items, such as office supplies, typically
required agency program staff to submit a written procurement request to a
contracting officer, who reviewed it, obtained the necessary authorizing signatures,
made the actual purchase, and processed the associated paperwork. To critics, this
process was inefficient, especially for small purchases. Not only was it time-
consuming for both program and procurement personnel, but it also prevented
program offices from quickly filling immediate needs. Under the pilot program, non-
procurement staff used purchase cards to conduct small-dollar transactions directly
with local suppliers, thus bypassing procurement officers entirely. A report on the
pilot program concluded that purchase cards could reduce administrative costs and
improve delivery time, and in 1989 the Office of Management and Budget (OMB)
tasked GSA with making purchase cards available government-wide.4
Participation in GSA’s purchase card program was not mandatory, and card use
did not initially grow as rapidly as some had expected.5 In 1993, however, a report
issued by the National Performance Review (NPR) sparked a number of legislative
and regulatory reforms intended to increase purchase card use. The NPR was a
Clinton Administration initiative, headed by Vice President Al Gore, that sought to
“reinvent” the federal government by making government operations both less
expensive and more effective.6 One of the NPR’s objectives was to identify
opportunities to streamline a number of government-wide processes, including
procurement. Drawing on input from experts in the public and private sectors, the
initial report of the NPR recommended expanding the use of purchase cards across
the government, a step it said would “lower costs and reduce bureaucracy in small
purchases.”7 In a separate report that focused solely on procurement, the NPR
estimated that if half of all small acquisitions were made using purchase cards, the
government would realize $180 million in savings annually.8 The report further
recommended amending the Federal Acquisition Regulation (FAR) — the
3 U.S. Government Accountability Office, Acquisition Reform: Purchase Card Use Cuts
Procurement Costs, Improves Efficiency, GAO/NSIAD-96-138, Aug. 1996, p. 2, at
[ h t t p : / / www.ga o.gov/ a r c hi ve / 1996/ ns96138.pdf ] .
4 Ibid., pp. 2-3.
5 Association of Government Accountants, The Federal Purchase Card: Use, Policy and
Best Practice, Apr. 2006, p. 5, at [http://www.agacgfm.org/research/downloads/
VISA0406.pdf].
6 U.S. Office of the Vice President, From Red Tape to Results: Creating a Government That
Works Better & Costs Less, Report of the National Performance Review (Washington, D.C.:
Office of the Vice President, 1993).
7 Ibid., p. 164.
8 U.S. Office of the Vice President, Reinventing Federal Procurement (Washington, D.C.:
Office of the Vice President, 1993).
government’s primary source of procurement guidance — to promote the use of
purchase cards for small purchases.9
Building on the NPR’s recommendations, Congress passed the Federal
Acquisition Streamlining Act (FASA; P.L. 103-355) in 1994.10 FASA introduced
several reforms that increased the use of purchase cards.11 Among these, Title IV of
FASA established a simplified acquisition threshold of $100,000. Purchases at or
below the threshold were exempted from the provisions of a number of procurement
laws. This reform significantly reduced the administrative burden and procurement
expertise needed to make small purchases.12 To further streamline procedures for the
smallest acquisitions, Title IV also established a “micro-purchase” threshold of
$2,500 (which was increased to $3,000 in 2006).13 FASA further exempted micro-
purchases from sections of the Buy American Act and the Small Business Act, and
they could be made without obtaining a competitive bid, if the cost was deemed
reasonable by the cardholder.
At the same time, the Clinton Administration took steps to increase the use of
purchase cards. Citing the need to make agency procurement procedures “more
consistent with recommendations of the National Performance Review,” President
Clinton issued Executive Order 12931 on October 13, 1994.14 E.O. 12931 directed
agency heads to (1) expand purchase card use; and (2) delegate the micro-purchasing
authority provided in FASA to program offices, which would enable them to make
such purchases directly. E.O. 12931 also directed agency heads to streamline
procurement policies and practices that were not mandated by statute, and to ensure
that their agencies were maximizing their use of the new simplified acquisition
procedures. In addition, the FAR was amended in 1994 to designate the purchase
card as the “preferred method” for making micro-purchases, and to encourage
agencies to use the card for purchases of greater dollar amounts.15
Card use increased sharply as agencies implemented these reforms. The dollar
value of goods and services acquired with purchase cards increased from $527
9 Ibid., p. 36. The FAR is codified in Title 48 of the Code of Federal Regulations (CFR).
10 108 Stat. 3243.
11 Association of Government Accountants, The Federal Purchase Card: Use, Policy and
Best Practice, Apr. 2006, p. 5.
12 U.S. Office of the Vice President, Reinventing Federal Procurement, Sept. 14, 1993, p.
13 Section 807 of P.L. 108-375 (118 Stat. 2010) requires that the micro-purchase threshold
be adjusted for inflation every five years. Pursuant to that provision, Section 2.101 of the
Federal Acquisition Regulation (FAR) was amended (71 Federal Register 57366, Sept. 28,
14 Executive Order 12931, Federal Procurement Reform, 59 Federal Register 52387, Oct.
15 Federal Acquisition Regulation 13.201(b) and13.301(b).
million in FY1993 to $18.7 billion in FY2007.16 During that same time span, the
number of cardholders tripled to nearly 300,000, and the number of purchase card
transactions increased from 1.5 million to just under 24.7 million in FY2007.17 The
flexibility of the purchase card may have also contributed to its growth: it could be
used for in-store purchases, which allowed the cardholder to take immediate
possession of needed goods, or it could be used to place orders by phone or over the
internet and have goods delivered. According to GSA, the use of purchase cards now
saves the government $1.3 billion a year in administrative costs.18
Structure
The federal purchase card program is implemented by individual agencies, with
the involvement of GSA and OMB. In broad terms, agencies establish and maintain
their own programs, but they select purchase card services from contracts that GSA
negotiates with selected banks, and their programs must conform to the government-
wide guidance issued by OMB.
Agencies. Each agency is responsible for establishing its own purchase card
program. The agency, within the framework of OMB guidance, establishes internal
rules and regulations for purchase card use and management, decides which of its
employees are to receive purchase cards, and handles billing and payment issues for
agency purchase card accounts. Two levels of supervision generally exist within an
agency’s purchase card program. Individual cardholders are assigned to an
Approving Official (AO). The AO is considered the “first line of defense” against
card misuse, and agency policies often require the AO to ensure that all purchases
comply with statutes, regulations, and agency policies. To that end, the AO may be
responsible for authorizing cardholder purchases, either by approving purchases
before they are made or by verifying their legitimacy through reviews of cardholder
statements and supporting documentation, such as receipts. The AO may also be
required to ensure that statements are reconciled and submitted to the billing office
in a timely manner.
Each agency also appoints an Agency Program Coordinator (APC) to serve as
the agency’s liaison to the bank and to GSA. At some agencies, each major
component has an APC, one of whom is chosen to serve as the agency’s liaison. The
APCs are also usually responsible for agency-wide activities, such as developing
internal program guidelines and procedures, sampling cardholder transactions to
16 U.S. Government Accountability Office, Small Business: Trends in Procurement in the
General Services Administration (GSA), Charge Card Program Statistics Executive
Summary, May 2007.
17 Association of Government Accountants, The Federal Purchase Card: Use, Policy and
Best Practice, Apr. 2006, p. 6; GSA, Charge Card Program Statistics Executive Summary,
May 2007.
18 U.S. General Services Administration, Government Charge Cards, at
[ h t t p : / / www.gs a.gov/Portal/gsa/ e p/ cont ent V i e w.do?f a q=ye s&page T ypeId=8199&
contentId=10141&contentT ype=GSA_OV ERV IEW#5].
identify fraudulent or abusive purchases, setting up and deactivating accounts, and
ensuring that officials and cardholders receive proper training.
GSA. GSA’s primary responsibility is to negotiate and administer contracts
with card vendors on behalf of the government. Since 1998, agency purchase card
programs have been operating under GSA’s SmartPay initiative. SmartPay permits
agencies to select a range of credit card products from five banks with which GSA
has negotiated contracts.19 The SmartPay contracts, which are in effect until
November 2008, establish prices, terms, and conditions for credit card products and
services from five banks. Purchase cards are established as centrally billed accounts
under the contracts, which means that agencies, and not individual cardholders, are
billed for purchases. The contracts require agencies to make payment in full at the
end of each billing cycle. New purchase card contracts — known collectively as
SmartPay2 — were negotiated between GSA and four banks in June 2007.20
Agencies must phase out their existing purchase card programs, select new products
under the terms of the SmartPay2 contracts, and have them operational before the
current master contract expires.
OMB. OMB issues charge card management guidance that all agencies must
follow. This guidance, located in Appendix B of OMB Circular A-123, establishes
agencies’ responsibilities for implementing their purchase, travel, and fleet card
programs.21 Chapter 4 of Appendix B identifies the responsibilities of charge card
managers in developing and implementing risk management controls, policies, and
practices (often referred to collectively as “internal controls”) that mitigate the
potential for charge card misuse.22 Agency charge card managers must ensure that
!cardholder statements, supporting documentation, and other data are
reviewed to monitor delinquency and misuse;
!key duties are separated, such as making purchases, authorizing
purchases, and reviewing and auditing purchase documentation;
!records are maintained for training, appointment of cardholders and
authorizing officials, cardholder purchase limits, and related
information;
!disciplinary actions are initiated when cardholders or other program
participants misuse their cards;
!appropriate training is provided for cardholders, approving officials,
and other relevant staff;
19 GSA contracted with five national banks for the original SmartPay program: Bank of
America, Citibank, JPMorgan Chase, Mellon Bank, and U.S. Bank. U.S. General Services
Administration, Charge Card Program Statistics Executive Summary, May 2007.
20 The SmartPay2 bank contracts are with Citibank, GE Capital Financial, JPMorgan Chase,
and U.S. Bancorp.
21 Office of Management and Budget, Management’s Responsibility for Internal Control,
Circular No. A-123, at [http://www.whitehouse.gov/omb/circulars/a123/
a123_appendix_b.pdf].
22 Risk management generally refers to efforts to reduce or eliminate payment delinquencies,
charge card misuse, fraud, and other forms of waste and abuse.
!employees are asked about questionable or suspicious transactions;
and
!charge card statement reconciliation occurs in a timely manner.
Chapter 4 also identifies administrative and disciplinary actions that may be imposed
for charge card misuse, such as deactivation of employee accounts, and it requires
managers to refer suspected cases of fraud to the agency’s Office of Inspector
General or the Department of Justice.
Circular A-123 provides OMB with oversight tools by requiring agencies to
submit each year a charge card management plan that details their efforts to
implement and maintain effective internal controls and minimize the risk of card
misuse and payment delinquency. It also requires agencies to report the number of
AOs it has appointed, the average number of monthly purchase card transactions each
AO reviews, the number of reported cases of misuse, and the number of disciplinary
actions taken in response to misuse.
Purchase Card Program Weaknesses
Audits of agency purchase card programs conducted by the Government
Accountability Office (GAO) and agency inspectors general (IGs) have attracted
congressional attention with their revelations of abusive purchases made by
government employees. Among the many cases of abuse cited by auditors are a
Department of Agriculture employee who, over a period of six years, used her
purchase card to funnel $642,000 to her boyfriend; a Forest Service employee who
charged $31,342 to his purchase card for personal items, including Sony Playstations,
cameras, and jewelry; and a Coast Guard cardholder who used his purchase card to
buy a beer brewing kit — and then brewed alcohol while on duty.23 Congress has
held several hearings to address purchase card misuse and the underlying internal
control weaknesses that auditors say allowed it to occur.24 The following paragraphs
23 U.S. Government Accountability Office, Governmentwide Purchase Cards: Actions
Needed to Strengthen Internal Controls to Reduce Fraudulent, Improper, and Abusive
Purchases, GAO-08-333, Mar. 2008, p. 7, at [http://www.gao.gov/new.items/d08333.pdf].
FAA Purchase Cards: Weak Controls Resulted in Instances of Improper and Wasteful
Purchases, GAO-03-405, Mar. 2003, p. 36. Testimony of Gregory D. Kutz, U.S.
Government Accountability Office Managing Director of Forensic Audits and Special
Investigations, Purchase Cards: Control Weaknesses Leave DHS Highly Vulnerable to
Fraudulent, Improper, and Abusive Activity, U.S. Congress, Senate Committee onthnd
Homeland Security and Governmental Affairs, 109 Congress, 2 sess., July 19, 2006,
GAO-06-957T, p. 29, at [http://www.gao.gov/new.items/d06957t.pdf].
24 Most recently, on June 5, 2008, the House Committee on Oversight and Government
Reform, Subcommittee on Government Management, Organization, and Procurement, held
hearings titled “Oversight of Federal Financial Management,” which included testimony
on purchase card misuse, available at [http://governmentmanagement.oversight.house.gov/
story.asp?ID=1982].
discuss these weaknesses identified in audit reports published between 2002 and
Ineffective Transaction Review and Approval Processes. One of the
primary safeguards against improper use of government purchase cards is the review
and approval of cardholder transactions by someone other than the cardholder. As
noted, purchase card AOs are usually responsible for reviewing the cardholder’s
monthly statement. Given that the AO is often the only person other than the
cardholder to assess the validity of a purchase before payment is made to the
purchase card vendor, the review and approval process is considered one of the most
critical components of an agency’s purchase card control environment. Steven Kutz,
GAO’s Managing Director of Forensic Audits and Special Investigations, stated in
testimony before the Senate,
Basic fraud prevention concepts and our previous audits of purchase card
programs have shown that opportunities for fraud and abuse arise if cardholders
know that their purchases are not being properly reviewed.26
Despite the importance of the AO’s role in preventing and detecting improper
purchases, some agencies have failed to ensure that cardholder statements were
carefully reviewed prior to their approval. At the Department of Education, auditors
estimated that 37% of monthly cardholder statements they reviewed had not been
approved by the AO.27 Most recently, GAO reported that nearly one of every six28
purchase card transactions government-wide had not been properly authorized.
Even when AOs did conduct reviews, they often failed to meet government
standards. Agencies are required by OMB to ensure that cardholder statements are
compared with supporting documentation, such as invoices and receipts, as part of
the review process.29 This is necessary because purchase card statements are rarely
itemized; they usually provide only the store or contractor name and the amount
charged. For AOs, receipts and invoices are the principal means of verifying what
items were purchased and determining whether those items were for legitimate
program purposes. Many agencies have not ensured that supporting documentation
is available and examined as part of the review and approval process, according to
25 Because some audit findings are several years old, the agencies cited may have taken steps
to address them. The most recent audit reports, from 2007 and 2008, however, continue to
identify these types of internal control weaknesses in agency purchase card programs.
26 Testimony of Gregory D. Kutz, U.S. Government Accountability Office Managing
Director of Forensic Audits and Special Investigations, Senate Committee on Homeland
Security and Governmental Affairs, July 19, 2006, GAO-06-957T, p. 7.
27 U.S. Government Accountability Office, Financial Management: Strategies to Address
Improper Payments at HUD, Education, and other Federal Agencies, GAO-03-167T, Oct.
28 U.S. Government Accountability Office, Governmentwide Purchase Cards: Actions
Needed to Strengthen Internal Controls to Reduce Fraudulent, Improper, and Abusive
Purchases, GAO-08-333, Mar. 2008, p. 13.
29 Office of Management and Budget Circular A-123, Appendix B, Improving the
Management of Government Charge Card Programs, revised Feb. 2006, p. 7.
GAO. An audit of HUD’s purchase card program found that the agency did not have
adequate documentation for 47% of transactions auditors deemed questionable —
purchases from merchants that are not normally expected to do business with HUD
— which meant auditors “were unable to determine what was purchased, for whom,
and why.”30 Similarly, a 2004 audit of the Veterans Health Administration’s
(VHA’s) purchase card program estimated that $313 million of its transactions
lacked key supporting documentation.31
One consequence of these weaknesses is that fraudulent and abusive
transactions may slip through the review process unnoticed. For instance, GAO
found that AOs at agencies across the government have approved cardholder
statements that included transactions that should have been questioned, such as
purchases of jewelry, home furnishings, cruise tickets, electronics, and other
consumer goods. At the Forest Service, one employee used her purchase card over
a period of years to accumulate more than $31,000 in jewelry and electronics.32
Similarly, HUD cardholders spent $27,000 at department stores like Macy’s and
JCPenney in a single year.33 In one egregious case, an FAA employee had his
statement approved even though it showed he violated agency policy by charging
cash advances to his purchase card — while at a casino.34
The want of adequate oversight is also evident where AOs have approved
duplicate transactions — vendors charging the government twice for the same goods
or services — and purchases made by someone other than the cardholder. One audit
identified an estimated $177,187 in duplicate charges at one agency.35 An audit at
the Federal Aviation Administration (FAA) discovered that a cardholder had allowed
unauthorized individuals to charge over $160,000 to her purchase card account.36
When unauthorized and duplicate transactions are identified by the AO, they should
be disputed under the process described in the SmartPay master contract. When AOs
fail to identify and dispute fraudulent charges, the government often pays them in full
or fails to obtain a refund from the purchase card vendor.
30 U.S. Government Accountability Office, HUD Purchase Cards: Poor Internal Controls
Resulted in Improper and Questionable Purchases, GAO-03-489, Apr. 2003, p. 7, at
[ h t t p : / / www.ga o.gov/ n ew.i t e ms / d03489.pdf ] .
31 U.S. Government Accountability Office, VHA Purchase Cards: Internal Controls Over
the Purchase Card Program Need Improvement, GAO-04-737, June 2004, p. 16, at
[ h t t p : / / www.ga o.gov/ n ew.i t e ms / d04737.pdf ] .
32 U.S. Government Accountability Office, Forest Service Purchase Cards: Internal Control
Weaknesses Resulted in Instances of Improper, Wasteful, and Questionable Purchases,
GAO-03-786, Aug. 2003, p. 36, at [http://www.gao.gov/new.items/d03786.pdf].
33 U.S. Government Accountability Office, HUD Purchase Cards: Poor Internal Controls
Resulted in Improper and Questionable Purchases, GAO-03-489, Apr. 2003, p. 10.
34 U.S. Government Accountability Office, FAA Purchase Cards: Weak Controls Resulted
in Instances of Improper and Wasteful Purchases, GAO-03-405, Mar. 2003, p. 16.
35 U.S. Government Accountability Office, Forest Service Purchase Cards: Internal Control
Weaknesses Resulted in Instances of Improper, Wasteful, and Questionable Purchases,
GAO-03-786, Aug. 2003, p. 26.
36 Ibid., p. 31.
Inconsistent Program Monitoring. GAO further found that many
agencies fail to monitor and evaluate the effectiveness of their purchase card controls,
a responsibility that is often assigned to the APC. Monitoring and evaluation may
include sampling purchase card transactions for potentially improper purchases,
ensuring purchase card policies are being properly implemented across the agency
or component, and assessing program results. These duties are often unfulfilled. At
FAA, for example, an audit found that APCs “generally were not” utilizing available
reports to detect misuse and fraud, nor was the headquarters APC taking steps to37
assess the overall program. Similarly, an audit of the Forest Service purchase card
program found that the agency’s APCs failed to review sampled transactions for
erroneous or abusive purchases, as required by U.S. Department of Agriculture
regulations. 38
Lack of Separation of Duties. Agencies are required to ensure that key
procurement functions are handled by different individuals. When having goods
shipped, for example, the same person should not both approve and place the order,
or both place the order and receive the goods. At many agencies, however, the
cardholder may perform two functions that should be separated, which increases the
possibility that items may be purchased for personal use, lost, or stolen. In March
2008, GAO estimated that agencies were unable to document separation of duties for
one of every three purchase card transactions.39 Three Navy cardholders ordered and
received $500,000 of goods for themselves with their purchase cards before getting
caught.40 In this way, inadequate separation of duties may contribute to millions of
dollars of items that agencies have purchased which cannot be located. Items that are
easily converted to personal use — commonly referred to as “pilferable property” —
are particularly vulnerable to loss and theft. The Department of Education, for
example, could not account for 241 personal computers bought with purchase cards
at a cost of $261,500.41 An audit of FEMA’s spending on items related to hurricane
recovery found that $170,000 worth of electronics equipment acquired with purchase
cards had not been recorded in FEMA’s property records and could not be found.42
37 U.S. Government Accountability Office, FAA Purchase Cards: Weak Controls Resulted
in Instances of Improper and Wasteful Purchases, GAO-03-405, Mar. 2003, pp. 21-23.
38 U.S. Government Accountability Office, Forest Service Purchase Cards: Internal Control
Weaknesses Resulted in Instances of Improper, Wasteful, and Questionable Purchases,
GAO-03-786, Aug. 2003, p. 16.
39 U.S. Government Accountability Office, Governmentwide Purchase Cards: Actions
Needed to Strengthen Internal Controls to Reduce Fraudulent, Improper, and Abusive
Purchases, GAO-08-333, Mar. 2008.
40 U.S. Government Accountability Office, Purchase Cards: Increased Management and
Oversight Could Save Hundreds of Millions of Dollars, GO-04-717T, Apr. 2004, p. 10, at
[ h t t p : / / www.ga o.gov/ n ew.i t e ms / d04717t .pdf ] .
41 Ibid., p. 11.
42 U.S. Government Accountability Office, Purchase Cards: Control Weaknesses Leave
DHS Highly Vulnerable to Fraudulent, Improper, and Abusive Activity, GAO-06-957T,
July 2006, p. 19.
Inadequate Training. Given the complexities of federal procurement
policies and procedures, training on the proper use and management of purchase
cards is considered an important component of an agency’s internal control
environment. It is through this training that cardholders, approving officials, and
program managers learn their roles in ensuring compliance with applicable
regulations and statutes, and in reducing the risk of improper card use. To that end,
OMB requires all agencies to train everyone who participates in a purchase card
program.43 Cardholders are to be trained on federal procurement laws and
regulations, agency policies, and proper card use. Approving officials are required
to receive the same training as cardholders, in addition to training in their duties as
AOs. Program managers are required to be trained in cardholder and AO
responsibilities, as well as management, control, and oversight tools and techniques.
In addition, all purchase card program participants are supposed to take their initial
training prior to appointment (e.g., becoming a cardholder, or being designated as an
AO or program manager) and receive refresher training at least every three years.
A number of agencies have not fully implemented OMB’s training
requirements. A report by the inspector general at the Department of the Interior, for
example, noted that the Department of the Interior had not provided any training to
its AOs, and concluded that many of those officials were not performing adequate44
reviews. The AOs themselves reportedly said that they did not know how to
conduct a proper review of purchase card transactions, or how and why to review
supporting documentation — both subjects that are normally included in AO training.
Similarly, an audit at FAA concluded that the agency’s failure to provide
refresher training for cardholders and AOs may have contributed to violations of
statutory sourcing requirements.45 The failure to comply with sourcing statutes,
which require agencies to purchase certain goods and services from specified vendor
categories, may undermine congressional procurement objectives. The Javits-
Wagner-O’Day Act (JWOD), for example, requires the government to buy office
supplies and services from non-profits that employ blind and disabled Americans.
Cardholder failure to comply with the provisions of JWOD and other sourcing
statutes is widespread enough that GAO has estimated that tens of millions of dollars
of purchase card transactions may have been conducted with vendors other than the
ones Congress intended.46
43 Office of Management and Budget Circular A-123, Appendix B, Improving the
Management of Government Charge Card Programs, revised Feb. 2006, p. 7.
44 U.S. Department of the Interior, Office of Inspector General, Department of the Interior:
Integrated Charge Card Program, 2002-I-0011 (Washington: GPO, Dec. 2001), pp.7-8.
45 U.S. Government Accountability Office, FAA Purchase Cards: Weak Controls Resulted
in Instances of Improper and Wasteful Purchases, GAO-03-405, Mar. 2003, p. 19.
46 U.S. Government Accountability Office, Purchase Cards: Increased Management and
Oversight Could Save Hundreds of Millions of Dollars, GO-04-717T, Apr. 2004, p. 10.
Excessive Number of Cards Issued and High Credit Limits. The
number of cardholders grew from under 100,000 in FY1993 to 680,000 in FY2000.47
After auditors expressed concerns that the government had issued too many credit
cards and provided excessive credit limits — factors that raised the risk of card
misuse — OMB issued a memorandum in April 2002, that required agencies to
examine the number of purchase cards they issued and to consider deactivating all48
cards that were not a “demonstrated necessity.” That same year, provisions in the
Bob Stump National Defense Authorization Act for FY2003 (P.L.107-314) required
the Department of Defense (DOD) to establish policies limiting both the number of
purchase cards it issued and the credit available to cardholders.49 These reforms
contributed to a net decrease of 380,000 government purchase cards between FY2000
and FY2006.
Despite this decrease in the total number of purchase card users, audits indicate
that a number of agencies, including some with relatively large purchase card
programs, have yet to establish appropriate controls over card issuance and credit
limits. A 2006 GAO report on purchase cards at the Department of Homeland
Security (DHS), for example, identified 2,468 cardholders — about 20% of all DHS50
cardholders — who had not made any purchases in over a year. Similarly, a
congressionally directed audit of the Veterans Health Administration’s (VHA’s) $1.4
billion purchase card program found that VHA had issued cards with credit limits up
to 11 times greater than the cardholders’ historical spending levels, thereby exposing51
its program to unnecessary risk. It is not known how many other agencies have not
developed and implemented appropriate internal controls over card issuance and
credit limits, so the extent of the government’s financial exposure is also unknown.
Policy Proposals
OMB Guidance. OMB Director Jim Nussle, in response to a March 2008
audit report that detailed incidences of purchase card abuse at several agencies,
issued a memorandum on April 15, 2008, outlining steps agencies must take to52
strengthen their internal controls. The new requirements include developing more
specific guidelines for (1) documenting independent receipt of items obtained with
47 General Services Administration, Charge Card Program Statistics Executive Summary,
May 2007.
48 Office of Management and Budget, Use of Government Purchase and Travel Cards, M-
49 116 Stat. 2633.
50 U.S. Government Accountability Office, Purchase Cards: Control Weaknesses Leave
DHS Highly Vulnerable to Fraudulent, Improper, and Abusive Activity, GAO-06-1117, Sept.
51 U.S. Government Accountability Office, VHA Purchase Cards: Internal Controls Over
the Purchase Card Program Need Improvement, GAO-04-737, June 2004, pp. 23-25.
52 Office of Management and Budget, “Preventing Waste, Fraud, and Abuse in Use of
Government Charge Cards,” Memorandum for the Heads of Departments and Agencies from
Jim Nussle, Apr. 15, 2008, M-08-18, at [http://www.whitehouse.gov/omb/memoranda/
fy2008/m08-18.pdf].
purchase cards, (2) inventorying items bought with purchase cards that are easily
stolen, and (3) imposing disciplinary actions for purchase card misuse. Agencies
must also develop policies that require cardholders to obtain approval or subsequent
review of purchase card activity below the micro-purchase threshold. The
memorandum also stated that OMB is in the process of revising its charge card
guidance in Appendix B of Circular A-123.
Pending Legislation. Several bills have been introduced in the 110th
Congress that address purchase card misuse. The most comprehensive of these bills,
the Government Credit Card Abuse Prevention Act of 2007, was introduced in both
the Senate (S. 789) and the House (H.R. 1395) on March 7, 2007. The bill was
drafted to implement the recommendations of GAO regarding internal control53
weaknesses in both purchase and travel card programs. The bill would require all
federal agencies, except the Department of Defense, to implement more than a dozen54
internal controls over their purchase card programs. Specifically, the bill would
require agencies to ensure that
!adequate records of cardholder credit limits and purchase activity are
maintained;
!cardholder statements and supporting documentation are regularly
reviewed and reconciled;
!cardholders and officials are provided with proper training;
!agencies use available technology to monitor activity and identify
fraud;
!the number of cards issued and their credit limits are appropriate;
and
!payment, dispute, and cost recovery procedures are effective.
The bill would also mandate that non-DOD agencies develop penalties for card
misuse, and require IGs to conduct periodic risk assessments and audits of agency
purchase card programs to identify waste, fraud, and abuse. Provisions specific to
DOD would require increased use of technology to prevent and identify fraudulent
purchases, expand risk assessment and audit practices, and develop more specific
rules regarding card deactivation of former DOD employees.
Other purchase card legislation introduced in the 110th Congress includes two
bills that focus on micropurchases: S. 2300, the Small Business Contracting
Revitalization Act of 2007, which seeks to measure and promote the participation of
small businesses in micropurchases made with purchase cards; and S. 680, the
Accountability in Government Contracting Act of 2007, which would require the
Director of OMB and the GSA Administrator to work with vendors and program
53 Congressional Record, vol. 153, Mar. 7, 2007, p. S2798.
54 H.R. 1395 has not yet been acted on by the House Subcommittee on Government
Management, Organization, and Procurement, to which it was referred on March 27, 2007.
S. 789 was favorably reported by the Senate Committee on Homeland Security and
Governmental Affairs on April 10, 2008.
agencies to achieve savings when using purchase cards for making micropurchases.55
In addition, Section 1005 of H.R. 5658, the Duncan Hunter National Defense
Authorization Act for Fiscal Year 2009, would require the Secretary of Defense to
implement policies that ensure inventory and property systems are updated
“promptly” after pilferable property is bought with a purchase card.56
Other Considerations
Staffing Levels. Few agencies are able to dedicate employees to work full-
time as AOs; rather, AO duties, which include time-intensive activities such as
reviewing cardholder statements, often fall to staff who already have full workloads.
Not surprisingly, some AOs have said it is difficult to find the time to carefully
review purchase card statements because of the demands of their other57
responsibilities. This problem may be compounded if the number of cardholders
assigned to an AO — referred to as the span of control — increases. There is no
government-wide span of control policy, but GAO has recommended that agencies
assign no more than seven cardholders to each AO; beyond that 7:1 ratio, the ability
of the AO to conduct effective oversight may be diminished, particularly when the
AO has other, significant duties.58 Although data are limited, audits have found that,
at some agencies, the span of control exceeds GAO’s recommendation. In 2006,
according to GAO, 2,150 purchase card holders at the Department of Homeland
Security — nearly 20% of DHS’s total number of cardholders — were managed by
AOs with a span of control in excess of 7:1.59 Additional research might be useful
for determining whether AOs are hindered in their ability to provide effective
oversight due to either the number of accounts they are expected to monitor, or to the
demands of their other duties, or both.
55 S. 2300 was ordered to be reported favorably, with an amendment in the nature of a
substitute by the Senate Committee on Small Business and Entrepreneurship on November
56 H.R. 5658 passed the House on May 22, 2008.
57 U.S. Government Accountability Office, Government Purchase Cards: Control
Weaknesses Expose Agencies to Fraud and Abuse, GAO-02-676, May 2002, at
[ h t t p : / / www.ga o.gov/ n ew.i t e ms / d02676t .pdf ] .
58 U.S. Government Accountability Office, Purchase Cards: Control Weaknesses Leave
DHS Highly Vulnerable to Fraudulent, Improper, and Abusive Activity, GAO-06-957T, July
59 Ibid.