control, and governance
control, and governance
Taking Credit
A recent report highlights the risk of corporate credit card fraud and suggests using a combination of internal controls to circumvent potential losses.
Thirty-two percent of employees commit fraud by using their organization’s corporate credit cards for personal gain, according to Payments Fraud, a 2010 whitepaper published by J.P. Morgan. The paper — which comprises data from surveys conducted by the Association for Financial Professionals (AFP) and the Association of Certified Fraud Examiners (ACFE) — further reports that only consumer credit card fraud has a higher occurrence than corporate credit card fraud, with 14 percent of organizations reporting incidents in an AFP survey.
According to an ACFE survey conducted in the first quarter of 2009, corporate credit card fraud has risen over the past few years. Moreover, experts do not expect it to decrease within the foreseeable future. Eighty-eight percent of the certified fraud examiners who responded to the survey agreed that the next 12 months will bring even more corporate credit card fraud, which will be further exacerbated by layoffs and cutbacks in internal control systems.
Since the economic downturn, employees have relied frequently on two common techniques to perpetrate corporate credit card fraud:
- Misuse, which occurs when an actual cardholder makes purchases not authorized by the organization.
- Embezzlement, which involves an employee with authorized access to the card using the information to defraud the organization.
Worse still, misuse of corporate cards by employees is not typically considered fraud by card issuers, which leaves the organization responsible for any loss.
To combat this type of fraud and relieve the burden of paying for losses, organizations must put procedures in place and implement them throughout the business. Purchasing card customers surveyed by J.P. Morgan Treasury Services shared key internal measures that are most important in detecting and preventing corporate credit card fraud, including:
- Tasking senior management with championing a card compliance program to obtain the organization’s
- full buy-in.
- Creating checks and balances through logical segregation of duties.
- Establishing protective controls (e.g., transaction and monthly limits) up front.
- Auditing for red flags beyond spending limits (e.g., off-hour or personal purchases).
- Conducting peer reviews before official audits to mitigate improper card usage and help support U.S. Sarbanes-Oxley Act of 2002 requirements.
“Stealing Funds for a Nest Egg,” featured in the August 2008 issue of Internal Auditor magazine, describes how an executive assistant uses a corporate credit card, gift checks, and an online payment account to embezzle US $1.5 million.
Share This Article:
COMMENT ON THIS ARTICLE
Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online, or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to edit/remove comments.
To make something bold:
<strong>Text to bold</strong>
To make something italic:
<em>Text to italicize</em>
To make a hyperlink:
<a href="URL">Text to link</a>
