Nonprofits: Minimize Credit and Debit Card Fraud with These Best Practices
posted Apr 27, 2015 by Sandy Ross, CPA, CFE in the Mission Matters Blog
I recently did a presentation on Financial Management Priorities for nonprofit leaders. A number of excellent questions were raised during the presentation, one of which that we spent a lot of time discussing was the use of credit cards. Below I have outlined some of the best practices we discussed for nonprofits regarding credit card and debit card usage and the threat of fraud.
Credit card fraud is has unfortunately become a common issue that businesses and individuals face every day. In the past year my personal credit card was compromised on two different occasions. Although it is very difficult to prevent external credit card fraud, there are ways your organizations can help prevent internal credit card misuse. It is important to implement solid internal controls and these recommended procedures/best practices in your nonprofit organization:
- Require support for all credit card transactions in the statement. This can be an invoice, receipt, (meals should include the detail bill not just the signature receipt), boarding pass along with email travel confirmations, etc.
- Review the credit card receipts and statements on a regular basis and at a minimum initial the statement to document the review. If the Executive Director or President is the credit card user/holder then a board member should be reviewing and approving the transactions and statements.
- Retain the documentation of the all of the above based on your organization’s’ document retention policy.
- Limit the number of credit cards the organization distributes.
- Set credit limits that make sense for the role the individual credit card holder.
- If reimbursing personal credit cards withhold payment until all supporting documentation is received.
Debit cards are even scarier than credit cards because cash can be debited immediately from your account. Once the cash is gone it could take some time to recoup your funds as the fraud must be verified. We typically recommend that businesses avoid the use of a debit card or create a separate account and fund when you anticipate use (i.e. an event, travel, etc.). Debit card transactions should also follow the same policies noted above for credit cards.
To learn more about fraud and minimizing your fraud risk, read some of our related Mission Matters blogs:
Do You Know Anyone Committing Fraud in Your Organization?
Fraud in the Not-for-Profit Organization
The Growing Problem of Identity Theft
Questions? Contact us.