Internal Agreements
An internal agreement is a common preventative control. It specifies card-related roles, the associated responsibilities, and consequences for non-compliance. Cardholders and their managers who act as “approvers” should sign such an agreement prior to assuming their respective role to represent that he or she understands the requirements and agrees to comply.
Could your program’s internal agreement be refortified to improve P-Card program controls? Below are eight sample statements from the guide How to Revitalize Your P-Card Policies and Procedures (available for purchase) that could be included within a single agreement that covers both roles—cardholder and manager-approver.
Tip: Before you finalize and implement an agreement, ensure your legal team and/or HR department has reviewed it.
Related Resources
Don't forget to subscribe to the blog (no charge) to receive educational content!
The Introduction
Explain the purpose; for example:
Your participation in the P-Card program includes many responsibilities to help ensure the security, health and success of the program. Your signature below represents that you understand your role, and the related policies and procedures, and agree to comply with them.
The Body
Within the agreement, include content about:
who owns the card
who can use it
prohibited purchases
requirements for program participants
ongoing responsibilities
why the card could be canceled
when it must be surrendered
consequences for misuse/abuse
Eight Sample Statements
Even though a card is issued in an employee’s name, it is the property of [Company].
[Company] prohibits personal purchases on P-Cards, even if the cardholder intends to reimburse the [Company].
The cardholder is the only person authorized to use the card for allowed business-related purposes.
You must successfully complete P-Card training and any related training prior to card issuance and on an ongoing basis, as described within the P-Card policies and procedures.
You are part of an important line of defense against card fraud. To protect [Company] and its assets, you must follow [Company’s] Information Security Policy and: a) ensure the card is kept secure, along with related account information; b) complete the transaction reconciliation and review process outlined for your role within the P‑Card policies and procedures; c) immediately report a lost, stolen or compromised card.
A cardholder must cease using the P-Card and surrender it upon employment termination or as requested by management.
The program manager, after notifying you, may cancel the P-Card due to insufficient usage.
Violation of company and/or P-Card policies and procedures may result in disciplinary action, including termination. [Company] may also seek legal action and/or criminal charges in the event of card fraud involving any [Company] employee.