Key Control Roles

The three roles below are important parts of the P-Card control environment, as each involves transaction review, which should occur a minimum of monthly.

Related Resources

Don't forget to subscribe to the blog (no charge) to receive educational content!


1. Cardholders

They are the first line of defense against external fraud, as they should spot any fraudulent activity during their transaction review and reconciliation process. See also related content:

2. Managers (“Manager-approvers”)

Their role is equally important as the cardholder role, as they should be looking for any signs of cardholder fraud and misuse. Their sign off (ideally, electronic) on cardholders’ transactions represents the transactions are legitimate and comply with the organization’s policies and procedures.

Tip: A manager-approver should hold a position with more authority than the cardholders for whom he or she provides oversight. See related content about helping managers be more successful.

shutterstock_307232705.jpg

3. Audit

Monthly transaction auditing is most effective when accomplished by a robust auditing solution/technology. As an alternative, something as common as Microsoft Excel would be better than nothing. Whatever tool is used, someone—internal audit, the program manager, or other team—should be following up on the audit results. The primary purpose is to catch any potential fraud and/or policy violations previously missed by cardholders and manager-approvers.

In addition, on an annual basis, there should be process audits that verify and test internal controls. See more about auditing.


Best Practices

Help cardholders and managers (“program participants”) be successful at their roles by:

Everyone, including executives, should be held accountable for their respective role. Lack of (or inconsistent) enforcement sends a message that policies and procedures are optional, increasing risk of card fraud and misuse.