Tuesday, January 26, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights

Combating P-Card Fraud

by Chris Stewart-Smith
January 14, 2014
in Uncategorized
woman holding credit card

According to the Association of Certified Fraud Examiners, fraudulent use of purchase cards, or p-cards, is one of the most commonly occurring types of employee fraud, and a 2013 survey of 2,200 audit, risk management and compliance professionals reveals that risk related to internal fraud and abuse is an area of highest concern.

On the positive end of the spectrum, p-cards can help employers increase efficiency by automating supplier and vendor payments, eliminating unnecessary paperwork and trimming costs tied to administrative efforts. On the other hand, regardless of the size of an organization, whether p-card access is provided to 50 or 5,000 employees, the risk for misuse is high.

Employees can be tempted to abuse p-card program controls and in extreme cases, commit sophisticated, high-level fraud.

If any risk exists for this type of activity to become widespread within an organization, not only can the total monetary losses become considerable, but a culture that promotes fraudulent behavior can also become prevalent.

It’s critical that the risk management, compliance and audit departments have this threat on their radar. But it’s also important for the executives and senior-level management of an organization to have a sense of where the areas of risk are and how to identify red flags before they become material problems.

Monitoring for suspicious activity within a p-card program can be extremely labor intensive if performed manually, generating high costs and low productivity. In order to ensure that issues are identified immediately, it’s advantageous for a company to employ a continuous monitoring system that uses data analytics. In addition, if management sets the tone at the top by letting everyone know that they are keeping a close eye on p-card use, an ethical culture will emerge and employees will be less likely to engage in troublesome behavior.

Data analytics deliver a powerful method for minimizing an organization’s risk exposure and validating internal controls. Analytics support business assurance by providing:

  • Independent control testing
  • 100 percent data review with cross-platform analysis
  • Prompt notification of key exceptions
  • Predefined and tailored analysis of pain points

When it comes to p-card programs, analytics are typically designed to cover each of the four major components of the p-card process:

  1. Managing cards
  2. Managing merchants
  3. Managing transactions
  4. Conducting review and analysis

Effective analytics might test for invalid employees and duplicate purchase cards using name and address matches, for example. Other key analyses include validating card limit changes, pinpointing blocked merchant categories and key words (such as alcohol, clothing and casinos), and looking for unusual behavior patterns (such as using cards during weekends and holidays for employees not known to travel). The opportunities are endless, but first, let’s look at data analytics in action.

Streamlined efforts produce big results

Global security and technology firm Lockheed Martin offers a nice example of how to develop a coordinated p-card monitoring process. The company created a Commercial Card Operations division to maximize its commercial card value proposition and minimize risk. The p-card program covers:

  • 90,000 cardholders across multiple continents
  • 2.5 million transactions per year
  • Four primary cards – travel, meeting, fleet and purchasing

The Commercial Card Operations division implemented data analytics to create an early warning system that flags suspicious transactions on a near real-time basis. When unusual transactions occur, cardholders receive a message requesting additional details on a fixed timeline. The program quickly made a powerful impression on cardholders. As auditors know firsthand, people are far more likely to follow the rules when they know someone is watching.

Start small and keep sharpening your analytics

Automating p-card control validations is clearly an effective audit strategy, but a well-designed monitoring program driven by analytic technology can provide significant value when applied to business processes across the organization. Analytics can find money, increase efficiency, reduce risk, and identify problems before they snowball into crises. They also provide evidence and support for internal and external audits.

If you’re eyeing your p-card program and looking for a concrete plan, the key is to start with simple tests that you can continue optimizing for long-term value. Identify just a handful of areas and launch simple, specific analytics based on pain points, risk areas, and top opportunities for improving processes.

Next, be sure to leverage other people’s expertise to get your plan up and running. There are terrific industry associations – such as the NAPCP – and user groups out there that can offer a helping hand.

Finally, it’s critical to benchmark your work against past experiences. Look at the time it takes to audit transactions, the number and quality of issues you identify and the risks mitigated. Detailed anecdotes will also make it easier to get buy-in from senior management.

Analytics aside, one reliable way to reduce leakage though p-cards is to “leak” the fact that a comprehensive program for p-cards is about to begin: this notion on its own has reduced fraud and “discrepancies” in many companies.


Tags: bribery
Previous Post

G8 Open Data Charter – The Implications for Due Diligence

Next Post

What is the FCPA? CCI Video Training Series Kicks off Today

Chris Stewart-Smith

About the Author Chris Stewart-Smith is Manager of ACL’s Global Solutions Consulting group and works with clients worldwide to help them realize the benefits of data analytics and GRC technology, thereby bridging the knowledge gap between IT and business leaders. With over 15 years’ experience in software consulting across a broad range of industries, Chris is a frequent speaker and educator on the topics of Data-Driven GRC and Continuous Monitoring. For more information, visit www.acl.com.

Related Posts

digital cybersecurity and network protection

Vetting Vendors’ Cybersecurity

January 26, 2021
RiskMap 2021: Legal and Compliance Outlook

RiskMap 2021: Legal and Compliance Outlook

January 25, 2021
illustration of man on ladder with binoculars, 2021 outlook concept

Financial Services Compliance in 2021

January 25, 2021
illustration of mafia man in silhouette with red tie

The Mafia’s Jackpot: How Criminal Organizations are Profiting from COVID-19

January 22, 2021
Next Post

What is the FCPA? CCI Video Training Series Kicks off Today

Access realtime data
Dynamic Risk Assessments with Workiva

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk supply chain technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights