The Congressional Research Service has issued a report summarizing the issues and proposals related to the use of government purchase cards, which have been the series of a series of reports over the years critical of the program for mismanagement and waste. Following are excerpts from the report.
The General Services Administration (GSA) manages the federal government’s charge card program, known as SmartPay. Through SmartPay, agencies are able to select charge card products and services from contracts that GSA has negotiated with major banks. The contracts allow agencies to select different types of charge cards, depending on their needs. SmartPay charge card options include purchase cards (for supplies and services), travel cards (for airline, hotel, and related expenses), and fleet cards (for fuel and supplies of government vehicles.) This report focuses on purchase cards.
The use of purchase cards has expanded at a rapid rate since the mid-1990s. Spurred by legislative and regulatory reforms designed to increase purchase card use for small acquisitions, the dollar volume of federal government purchase card transactions grew from $527 million in FY1993, to $18.7 billion in FY2007.1 While the use of purchase cards has been credited with reducing administrative costs, audits of agency purchase card programs have found varying degrees of waste, fraud, and abuse. One of the most common risk factors cited by auditors is a weak internal control environment: many agencies have failed to implement adequate safeguards against card misuse, even as their purchase card programs grew.
In response to these findings, Congress has held hearings and legislation has been introduced that would enhance the management and oversight of agency purchase card programs. In addition, the Office of Management and Budget (OMB) has issued guidance that requires agencies to implement internal controls that are designed to minimize the risk of purchase card abuse. This report begins by providing background on agency purchase card programs. It then discusses identified weaknesses in agency purchase card controls that have contributed to card misuse, and examines legislation introduced in the 110th Congress that would have addressed these weaknesses.
The government’s purchase card program has its origins in Executive Order 12352, issued by President Reagan in 1982. E.O. 12352 directed agencies to develop programs that simplified procedures and reduced the administrative costs of procurement, particularly with regard to "small" purchases ($25,000 or less). Several agencies subsequently participated in a pilot program that evaluated the use of a commercial credit card, called a purchase card, as an acquisition tool. At the time, even a routine order for widely available items, such as office supplies, typically required agency program staff to submit a written procurement request to a contracting officer, who reviewed it, obtained the necessary authorizing signatures, made the actual purchase, and processed the associated paperwork. To critics, this process was inefficient, especially for small purchases. Not only was it time-consuming for both program and procurement personnel, but it also prevented program offices from quickly filling immediate needs. Under the pilot program, non-procurement staff used purchase cards to conduct small-dollar transactions directly with local suppliers, thus bypassing procurement officers entirely. A report on the pilot program concluded that purchase cards could reduce administrative costs and improve delivery time, and in 1989 the Office of Management and Budget (OMB) tasked GSA with making purchase cards available government-wide.
Participation in GSA’s purchase card program was not mandatory, and card use did not initially grow as rapidly as some had expected. In 1993, however, a report issued by the National Performance Review (NPR) sparked a number of legislative and regulatory reforms intended to increase purchase card use. The NPR was a Clinton Administration initiative, headed by Vice President Al Gore, that sought to "reinvent" the federal government by making government operations both less expensive and more effective. One of the NPR’s objectives was to identify opportunities to streamline a number of government-wide processes, including procurement. Drawing on input from experts in the public and private sectors, the initial report of the NPR recommended expanding the use of purchase cards across the government, a step it said would "lower costs and reduce bureaucracy in small purchases." In a separate report that focused solely on procurement, the NPR estimated that if half of all small acquisitions were made using purchase cards, the government would realize $180 million in savings annually. The report further recommended amending the Federal Acquisition Regulation (FAR)–the government’s primary source of procurement guidance–to promote the use of purchase cards for small purchases.
Building on the NPR’s recommendations, Congress passed the Federal Acquisition Streamlining Act (FASA; P.L. 103-355) in 1994. FASA introduced several reforms that increased the use of purchase cards. Among these, Title IV of FASA established a simplified acquisition threshold of $100,000. Purchases at or below the threshold were exempted from the provisions of a number of procurement laws. This reform significantly reduced the administrative burden and procurement expertise needed to make small purchases. To further streamline procedures for the smallest acquisitions, Title IV also established a "micro-purchase" threshold of $2,500 (which was increased to $3,000 in 2006). FASA further exempted micro-purchases from sections of the Buy American Act and the Small Business Act, and they could be made without obtaining a competitive bid, if the cost was deemed reasonable by the cardholder.
At the same time, the Clinton Administration took steps to increase the use of purchase cards. Citing the need to make agency procurement procedures "more consistent with recommendations of the National Performance Review," President Clinton issued Executive Order 12931 on October 13, 1994. E.O. 12931 directed agency heads to (1) expand purchase card use; and (2) delegate the micro-purchasing authority provided in FASA to program offices, which would enable them to make such purchases directly. E.O. 12931 also directed agency heads to streamline procurement policies and practices that were not mandated by statute, and to ensure that their agencies were maximizing their use of the new simplified acquisition procedures. In addition, the FAR was amended in 1994 to designate the purchase card as the "preferred method" for making micro-purchases, and to encourage agencies to use the card for purchases of greater dollar amounts.
Card use increased sharply as agencies implemented these reforms. The dollar value of goods and services acquired with purchase cards increased from $527 million in FY1993 to $18.7 billion in FY2007. During that same time span, the number of cardholders tripled to nearly 300,000, and the number of purchase card transactions increased from 1.5 million to just under 24.7 million in FY2007. The flexibility of the purchase card may have also contributed to its growth: it could be used for in-store purchases, which allowed the cardholder to take immediate possession of needed goods, or it could be used to place orders by phone or over the internet and have goods delivered. According to GSA, the use of purchase cards now saves the government $1.3 billion a year in administrative costs.
Purchase Card Program Weaknesses
Audits of agency purchase card programs conducted by the Government Accountability Office (GAO) and agency inspectors general (IGs) have attracted congressional attention with their revelations of abusive purchases made by government employees. Among the many cases of abuse cited by auditors are a Department of Agriculture employee who, over a period of six years, used her purchase card to funnel $642,000 to her boyfriend; a Forest Service employee who charged $31,342 to his purchase card for personal items, including Sony Playstations, cameras, and jewelry; and a Coast Guard cardholder who used his purchase card to buy a beer brewing kit–and then brewed alcohol while on duty. Congress has held several hearings to address purchase card misuse and the underlying internal control weaknesses that auditors say allowed it to occur. The following paragraphs discuss these weaknesses identified in audit reports published between 2002 and 2008.
Ineffective Transaction Review and Approval Processes
One of the primary safeguards against improper use of government purchase cards is the review and approval of cardholder transactions by someone other than the cardholder. As noted, purchase card AOs are usually responsible for reviewing the cardholder’s monthly statement. Given that the AO is often the only person other than the cardholder to assess the validity of a purchase before payment is made to the purchase card vendor, the review and approval process is considered one of the most critical components of an agency’s purchase card control environment. Steven Kutz, GAO’s Managing Director of Forensic Audits and Special Investigations, stated in testimony before the Senate,
Basic fraud prevention concepts and our previous audits of purchase card programs have shown that opportunities for fraud and abuse arise if cardholders know that their purchases are not being properly reviewed.
Despite the importance of the AO’s role in preventing and detecting improper purchases, some agencies have failed to ensure that cardholder statements were carefully reviewed prior to their approval. At the Department of Education, auditors estimated that 37% of monthly cardholder statements they reviewed had not been approved by the AO. Most recently, GAO reported that nearly one of every six purchase card transactions government-wide had not been properly authorized.
Even when AOs did conduct reviews, they often failed to meet government standards. Agencies are required by OMB to ensure that cardholder statements are compared with supporting documentation, such as invoices and receipts, as part of the review process. This is necessary because purchase card statements are rarely itemized; they usually provide only the store or contractor name and the amount charged. For AOs, receipts and invoices are the principal means of verifying what items were purchased and determining whether those items were for legitimate program purposes. Many agencies have not ensured that supporting documentation is available and examined as part of the review and approval process, according to GAO. An audit of HUD’s purchase card program found that the agency did not have adequate documentation for 47% of transactions auditors deemed questionable–purchases from merchants that are not normally expected to do business with HUD–which meant auditors "were unable to determine what was purchased, for whom, and why." Similarly, a 2004 audit of the Veterans Health Administration’s (VHA’s) purchase card program estimated that $313 million of its transactions lacked key supporting documentation.
One consequence of these weaknesses is that fraudulent and abusive transactions may slip through the review process unnoticed. For instance, GAO found that AOs at agencies across the government have approved cardholder statements that included transactions that should have been questioned, such as purchases of jewelry, home furnishings, cruise tickets, electronics, and other consumer goods. At the Forest Service, one employee used her purchase card over a period of years to accumulate more than $31,000 in jewelry and electronics. Similarly, HUD cardholders spent $27,000 at department stores like Macy’s and JCPenney in a single year. In one egregious case, an FAA employee had his statement approved even though it showed he violated agency policy by charging cash advances to his purchase card–while at a casino.
The want of adequate oversight is also evident where AOs have approved duplicate transactions–vendors charging the government twice for the same goods or services–and purchases made by someone other than the cardholder. One audit identified an estimated $177,187 in duplicate charges at one agency. An audit at the Federal Aviation Administration (FAA) discovered that a cardholder had allowed unauthorized individuals to charge over $160,000 to her purchase card account. When unauthorized and duplicate transactions are identified by the AO, they should be disputed under the process described in the SmartPay master contract. When AOs fail to identify and dispute fraudulent charges, the government often pays them in full or fails to obtain a refund from the purchase card vendor.
Inconsistent Program Monitoring
GAO further found that many agencies fail to monitor and evaluate the effectiveness of their purchase card controls, a responsibility that is often assigned to the APC. Monitoring and evaluation may include sampling purchase card transactions for potentially improper purchases, ensuring purchase card policies are being properly implemented across the agency or component, and assessing program results. These duties are often unfulfilled. At FAA, for example, an audit found that APCs "generally were not" utilizing available reports to detect misuse and fraud, nor was the headquarters APC taking steps to assess the overall program. Similarly, an audit of the Forest Service purchase card program found that the agency’s APCs failed to review sampled transactions for erroneous or abusive purchases, as required by U.S. Department of Agriculture regulations.
Lack of Separation of Duties
Agencies are required to ensure that key procurement functions are handled by different individuals. When having goods shipped, for example, the same person should not both approve and place the order, or both place the order and receive the goods. At many agencies, however, the cardholder may perform two functions that should be separated, which increases the possibility that items may be purchased for personal use, lost, or stolen. In March 2008, GAO estimated that agencies were unable to document separation of duties for one of every three purchase card transactions. Three Navy cardholders ordered and received $500,000 of goods for themselves with their purchase cards before getting caught. In this way, inadequate separation of duties may contribute to millions of dollars of items that agencies have purchased which cannot be located. Items that are easily converted to personal use–commonly referred to as "pilferable property"–are particularly vulnerable to loss and theft. The Department of Education, for example, could not account for 241 personal computers bought with purchase cards at a cost of $261,500. An audit of FEMA’s spending on items related to hurricane recovery found that $170,000 worth of electronics equipment acquired with purchase cards had not been recorded in FEMA’s property records and could not be found.
Given the complexities of federal procurement policies and procedures, training on the proper use and management of purchase cards is considered an important component of an agency’s internal control environment. It is through this training that cardholders, approving officials, and program managers learn their roles in ensuring compliance with applicable regulations and statutes, and in reducing the risk of improper card use. To that end, OMB requires all agencies to train everyone who participates in a purchase card program. Cardholders are to be trained on federal procurement laws and regulations, agency policies, and proper card use. Approving officials are required to receive the same training as cardholders, in addition to training in their duties as AOs. Program managers are required to be trained in cardholder and AO responsibilities, as well as management, control, and oversight tools and techniques. In addition, all purchase card program participants are supposed to take their initial training prior to appointment (e.g., becoming a cardholder, or being designated as an AO or program manager) and receive refresher training at least every three years.
A number of agencies have not fully implemented OMB’s training requirements. A report by the inspector general at the Department of the Interior, for example, noted that the Department of the Interior had not provided any training to its AOs, and concluded that many of those officials were not performing adequate reviews. The AOs themselves reportedly said that they did not know how to conduct a proper review of purchase card transactions, or how and why to review supporting documentation–both subjects that are normally included in AO training.
Similarly, an audit at FAA concluded that the agency’s failure to provide refresher training for cardholders and AOs may have contributed to violations of statutory sourcing requirements. The failure to comply with sourcing statutes, which require agencies to purchase certain goods and services from specified vendor categories, may undermine congressional procurement objectives. The Javits-Wagner-O’Day Act (JWOD), for example, requires the government to buy office supplies and services from non-profits that employ blind and disabled Americans. Cardholder failure to comply with the provisions of JWOD and other sourcing statutes is widespread enough that GAO has estimated that tens of millions of dollars of purchase card transactions may have been conducted with vendors other than the ones Congress intended.
Excessive Number of Cards Issued and High Credit Limits
The number of cardholders grew from under 100,000 in FY1993 to 680,000 in FY2000. After auditors expressed concerns that the government had issued too many credit cards and provided excessive credit limits–factors that raised the risk of card misuse–OMB issued a memorandum in April 2002, that required agencies to examine the number of purchase cards they issued and to consider deactivating all cards that were not a "demonstrated necessity." That same year, provisions in the Bob Stump National Defense Authorization Act for FY2003 (P.L. 107-314) required the Department of Defense (DOD) to establish policies limiting both the number of purchase cards it issued and the credit available to cardholders. These reforms contributed to a net decrease of 380,000 government purchase cards between FY2000 and FY2006.
Despite this decrease in the total number of purchase card users, audits indicate that a number of agencies, including some with relatively large purchase card programs, have yet to establish appropriate controls over card issuance and credit limits. A 2006 GAO report on purchase cards at the Department of Homeland Security (DHS), for example, identified 2,468 cardholders–about 20% of all DHS cardholders–who had not made any purchases in over a year. Similarly, a congressionally directed audit of the Veterans Health Administration’s (VHA’s) $1.4 billion purchase card program found that VHA had issued cards with credit limits up to 11 times greater than the cardholders’ historical spending levels, thereby exposing its program to unnecessary risk. It is not known how many other agencies have not developed and implemented appropriate internal controls over card issuance and credit limits, so the extent of the government’s financial exposure is also unknown.
Former OMB Director Jim Nussle, in response to a March 2008 audit report that detailed incidences of purchase card abuse at several agencies, issued a memorandum on April 15, 2008, that outlined steps agencies must take to strengthen their internal controls. The requirements included developing more specific guidelines for (1) documenting independent receipt of items obtained with purchase cards, (2) inventorying items bought with purchase cards that are easily stolen, and (3) imposing disciplinary actions for purchase card misuse. Agencies also had to develop policies that require cardholders to obtain approval or subsequent review of purchase card activity below the micro-purchase threshold. The memorandum further stated that OMB was in the process of revising its charge card guidance in Appendix B of Circular A-123.
Recent Legislative Proposals
Several bills were introduced in the 110th Congress that addressed purchase card misuse. The most comprehensive of these bills, the Government Credit Card Abuse Prevention Act of 2007, was introduced in both the Senate (S. 789) and the House (H.R. 1395) on March 7, 2007. The bill was drafted to implement the recommendations of GAO regarding internal control weaknesses in both purchase and travel card programs. The bill would have required all federal agencies, except the Department of Defense, to implement more than a dozen internal controls over their purchase card programs. Specifically, the bill would have required agencies to ensure that:
adequate records of cardholder credit limits and purchase activity are maintained;
cardholder statements and supporting documentation are regularly reviewed and reconciled;
cardholders and officials are provided with proper training;
agencies use available technology to monitor activity and identify fraud;
the number of cards issued and their credit limits are appropriate; and
payment, dispute, and cost recovery procedures are effective.
The bill would have also mandated that non-DOD agencies develop penalties for card misuse, and require IGs to conduct periodic risk assessments and audits of agency purchase card programs to identify waste, fraud, and abuse. Provisions specific to DOD would have required increased use of technology to prevent and identify fraudulent purchases, expanded risk assessment and audit practices, and development of more specific rules regarding card deactivation of former DOD employees.
Other purchase card legislation introduced in the 110th Congress included two bills that focused on micropurchases: S. 2300, the Small Business Contracting Revitalization Act of 2007, which sought to measure and promote the participation of small businesses in micropurchases made with purchase cards; and S. 680, the Accountability in Government Contracting Act of 2007, which would have required the Director of OMB and the GSA Administrator to work with vendors and program agencies to achieve savings when using purchase cards for making micropurchases. In addition, Section 1005 of H.R. 5658, the Duncan Hunter National Defense Authorization Act for Fiscal Year 2009, would have required the Secretary of Defense to implement policies that ensured inventory and property systems were updated "promptly" after pilferable property is bought with a purchase card.