SmartPay TwitterSmartPay FacebookSmartPay Google+SmartPay LinkedIn

MenuSearch

GSA SmartPay Training

Lesson 7 of 8

Risk Mitigation

Printer-friendly versionPrinter-friendly version

This section will provide you with information on how you can minimize the risk of misuse or fraud in your GSA SmartPay purchase program. The most important thing you can do is to be aware of what activity is occurring on the accounts under your purview. Do not be afraid to ask account holders questions if you identify unusual or suspicious transactions or behavior.

GSA SmartPay Purchase Account Misuse/ Abuse can take many different forms, but here are some of the most common examples:

  • Purchases exceed the account holder's authorized limit. Account holders may be limited to a specific spending limit per transaction, per day, or per monthly billing cycle.
  • Purchases for which no funding is available. Federal law requires that funds must be available before any government purchase is made. It is up to the account holder to ensure that the funds are available prior to making any transaction.
  • The account holder allows other people to use his/her purchase account. Account holders must take steps to ensure the security of their account. This means the purchase account must be used only by the account holder and only for official government business. If the account holder allows others to use the purchase account, the account holder will be held personally liable to the Government for any unauthorized transactions.
  • Split Transactions. The FAR limits the dollar threshold for micro-purchases. Any purchase that, as a whole, would exceed the micro-purchase limit but is separated into smaller transactions in order to avoid the micro-purchase limit is considered to be a split transaction.
  • Products or services that do not meet the government's requirements. Account holders must use discretion when making purchases to ensure that they meet the government's requirements. Due to the wide array of products and services available, there may be occasions when account holders may be requested or tempted to buy luxury or deluxe versions of products and services that exceed the government's actual requirements. For instance, it would be questionable for an account holder to buy a $500 designer fountain pen when there are many quality fountain pens available for $50 or less.
  • Purchases for personal consumption. All purchases must be for official government use only. Thus, any purchase made that is for the account holder's personal use rather than for official government purposes is considered to be misuse. For example, an account holder who uses the purchase account to buy himself lunch because he had no cash available that day is misusing the purchase account.
  • Purchases that are not authorized by the agency/organization. Your agency/organization may have additional limits on the use of the purchase account, such as limiting certain categories or types of products or services.

Consequences for misuse/abuse may include:

  • Reprimand;
  • Purchase account cancellation;
  • Counseling;
  • Suspension of employment;
  • Termination of employment; and
  • Criminal prosecution.

Note: Some agencies have agency-specific penalties and consequences for misuse/abuse of the purchase account.

What is fraud?

Fraud is a deception deliberately practiced with the motive of securing unfair or unlawful gain. Fraud can be an attempt to cheat the Federal Government and corrupt its agents by using GSA SmartPay payment solutions for transactions not part of official government business. Like any deception, fraud has its fair share of victims.

Some of the different types of fraud include:

  • Counterfeit Accounts — To make fake cards, criminals use the newest technology to “skim” information contained on magnetic stripes of cards, and also to pass security features (such as holograms).
  • Lost or Stolen Accounts — Often physical cards are stolen from a workplace, gym or unattended vehicle.
  • Card Not Present (CNP) Fraud — Internet fraud occurs whenever account information is stolen and used to make online purchases. Usually, a merchant will ask for the CVC code (located on the back of the card itself) to help prevent this type of fraud.
  • Phishing — Phishing occurs whenever an account holder receives a fake email directing him or her to enter sensitive personal information on a phony website. The false website enables the criminal to steal information from the account holder.
  • Non-Receipt Fraud — This occurs whenever new or replacement cards are mailed and then stolen while in transit.
  • Identity Theft Fraud — Whenever a criminal applies for an account using another person’s identity and information

As a program coordinator, you must inform your account holders to:

  • Be alert to the indicators of fraud (including false charges/ transactions, mischarging, bribes, gratuities, and kickbacks)
  • Report suspected fraud immediately through the proper channels at your agency (AO, A/OPC, Financial Officer, Office of the Inspector General or Office of Special Investigations)

Note: Any intentional use of the GSA SmartPay purchase account for other than official government business is considered an attempt to commit fraud against the U.S. Government and may be cause for disciplinary actions. The account holder is held personally liable to the Government for the amount of any non-Government transaction. Under 18 U.S.C. 287, misuse of the purchase account could result in fines or imprisonment or both. Military members who misuse the purchase account may be subject to court martial under 10 U.S.C. 932, UCMJ Art. 132.

What should I do if I suspect misuse or fraud?

A key responsibility for most program coordinators is to detect and report suspected misuse. If a situation occurs where you must report suspected misuse, make sure you have all the information necessary to assist with a formal inquiry or investigation. Contact the account holder to obtain any information that could explain questionable charges. If the account holder provides documentation or an explanation regarding the charges and you still have questions or concerns about it, compile all the information (e.g., statement, exception report, documented contacts between you and the account holder, copies of receipts, etc.) before you report it. Your agency/organization may ask you to report suspected misuse to one or more of the following personnel:

  • The Approving Official
  • The Finance Officer
  • The Office of Inspector General (via the hotline), OR the Office of Special Investigations (for Defense agencies)

Always follow your agency's policies and procedures when handling cases of suspected misuse.

Program management tools include:

  1. Credit limits - Credit limits restrict single, daily, weekly, or monthly expenditures by the account holder. In accordance with agency/organization policy, an A/OPC may set the limits which best meet the agency's needs. Setting limits that are realistic, but not excessive, will deter account holder misuse. By reviewing account holder spending patterns, you may be able to lower limits without disrupting the agency's mission. A/OPCs also have the authority to raise limits at any time in response to emergency or unforeseen situations.
  2. Merchant Category Code (MCC) Blocks - Merchant Category Codes (MCCs) are established by the associations or contractor banks to identify different types of businesses. Merchants select the codes best describing their business. You may limit the types of businesses where the account will be accepted by limiting the MCCs available to the account holder. The contractor bank has established sample templates that may assist you in determining which MCCs should be restricted. In the event that an account holder needs to make a purchase outside of his/her restricted MCCs, A/OPCs are authorized to override the restriction for a transaction by contacting the contractor bank's Customer Service Representative. Agency/organization policy should specify who is authorized to perform overrides.
  3. Online Reports - A/OPCs have access to many standard and ad hoc reports online through the contractor bank’s EAS.
  4. Account Deactivation - In those instances when the purchase account is not needed on a continuous basis, deactivation of the account may serve as a deterrent to fraud and/or misuse. You may deactivate the account when an account holder is not using or is not planning to use the purchase account. By understanding the account holder's need and use of the account, you can work with the account holder to establish deactivation guidelines. Deactivation and reactivation can be completed through the bank's EAS or by calling the bank's customer service phone number.
  5. Guides - The banks have developed written guides for A/OPCs and account holders, as follows:
  • A/OPC Guide - This guide addresses issues of concern to the A/OPC, including responsibilities of program participants, account setup and maintenance, account suspension/cancellation, disputes, reports and invoicing procedures. The guide is available from the banks in hard copy and/or electronically.
  • Account Holder Guide - This guide addresses authorized uses of the purchase account, disputes and billing.

How do these tools make it easier to audit and manage the use of purchase accounts?

By providing electronic reports and transaction files, auditors and agency/organization program managers have immediate access to information such as merchant name, type of merchant, dollar amount of transaction, and date of transaction. These tools make it easier to identify questionable transactions and follow through to ensure that the transactions were proper. In some instances, merchants also provide line item detail of transactions, including quantities, prices and product descriptions. GSA continues to work with the associations to increase availability of line item detail.

What tools does GSA provide to assist agencies/organizations with preventative measures/program management for the purchase program?

  • GSA developed and hosts an online training course for account holders that discusses the proper use of purchase account
  • The annual GSA SmartPay Training Forum for A/OPCs provides training on the bank’s EAS, best practices, and program management.
  • Free online resources from the GSA SmartPay website to assist purchase A/OPCs in detecting and preventing misuse and fraud.
  • Printable resources such as Helpful Hints for Purchase Account Use is a card-sized brochure that provides information on the purchase account. This brochure can be ordered on online and can be passed out to account holders when they receive their purchase accounts.

© 2018 GSA

This is an official U.S. Government Web site managed by the GSA.

SmartPay TwitterSmartPay FacebookSmartPay Google+SmartPay LinkedIn