Felony charges and fraud-fighting tactics.

Since writing in February about Purchasing Card misuse by the Minneapolis Public Schools, I have seen two similar articles about other public school districts. There is a mix of questionable business purchases via P-Card and blatant personal purchases. However, the two stories are quite different, as described below. One involves felony charges and the other discloses a unique policy for missing receipts.

1. Felony Charges for Ex-Principal

As reported by the Star Tribune, a former principal for a suburban Twin Cities high school has been charged with three felony counts of theft by swindle, stemming from inappropriate P-Card use spanning more than a year. Purchases include flowers for his father’s funeral, gift cards and electronics. In addition, he purchased iPads for which “the location of the purchased equipment is unknown.” Released information includes copies of receipts, invoices and card statements. It appears to me that no one was monitoring his purchasing activity.

Be vigilant about finding the policy violators and invoking the related consequences. 

Be vigilant about finding the policy violators and invoking the related consequences. 

The lessons to take from this story are: 

  • Monitor all cardholders.
  • Mandate documentation (e.g., itemized receipts).
  • Ensure purchases comply with policies.
  • Swiftly address fraud, misuse and abuse.

I cannot understand why any organization would be lax about these fundamental controls. This story is not about the problems with P-Cards, even though this is the message that some readers might receive. Rather, it is a story about the ignorance and/or laziness of the school district. To top the matter off, this man resigned at the end of last year, but the district had not taken any disciplinary action against him prior to that.   

2. District Takes Hard Stance

Saint Paul Public Schools (SPPS) is trying to avoid the hot water Minneapolis was in. While they, too, have had inappropriate P-Card purchases, SPPS has cracked down. 

Missing Receipts

Like other organizations, SPPS requires itemized receipts for every purchase, but there is no “missing receipt” form for cardholders to use as a backup. They suspend the card and instruct cardholders to write a personal check for purchases lacking the required documentation. And, yes, they have enforced this. One director-level employee who said he did not know about the receipt policy repaid the district $130 for missing travel-related receipts.

It is unclear how SPPS employees are trained prior to card issuance. However, by requiring employees to sign an internal card agreement to confirm their knowledge of policies, an “I didn’t know” claim does not hold.

Questionable Business Purchases

SPPS also investigates questionable purchases (e.g., expensive yoga pants for a gymnastics team and more than $800 for dozens of potted poinsettias). They ask cardholders for justification and the business purpose, and their policy directs them to be as frugal as possible. I appreciate the intent of such policy language, but, unless there are specifics to define frugal, everyone can interpret differently. Certainly, for public sector organizations, training for cardholders and managers becomes even more critical. In the private sector, an organization might be more lenient in allowing departments to decide how to spend their budgets.

Monitoring activity and consistent policy enforcement set the right tone. Employees know they are watched.


About the Author

Blog post author Lynn Larson, CPCP, is the founder of Recharged Education. With more than 15 years of Commercial Card experience, her mission is to make industry education readily accessible to all. Learn more

Subscribe to the Blog

In need of compliance reinforcement?

Developing controls is one thing. Compliance is another matter. I recently read an AOC Solutions’ blog post about the Verizon 2014 PCI Compliance Report. It cites that nearly 60% of companies do not regularly test their data security systems and processes, even though this is a requirement of the Payment Card Industry Data Security Standard (PCI DSS). Does your P-Card program suffer from similar low compliance in one or more areas? What do your compliance metrics show?

I previously wrote about declined transactions and delinquent cardholders, but there are more potential issues; for example:

  • incidents of personal use of a Commercial Card
  • purchasing prohibited goods/services
  • improper card storage (e.g., cardholders leaving cards on their desks when they are not there)
  • improper disposal of cards or documentation reflecting card account information
  • sharing system login IDs and passwords or posting the information next to a computer
  • cardholders allowing someone else to use their card
  • suppliers who are not PCI-compliant (the Verizon report will make you think twice about what your suppliers are doing) 

A good auditing program is critical to catching and resolving compliance problems, but prevention is equally important. Do your policies and procedures (P&P) address the bullet points listed above? For tips on what P-Card P&P should include, purchase the related guide for $29.99. What about your training program? P-Card training should complement other organization training, such as training focused on ethics and information security. If your organization could use help with any of these efforts, contact Recharged Education.


About the Author

Blog post author Lynn Larson, CPCP, is the founder of Recharged Education. With more than 15 years of Commercial Card experience, her mission is to make industry education readily accessible to all. Learn more

Subscribe to the Blog