PCARD AND T&E POLICY COMPLIANCE - ACLinfo.acl.com/rs/497-RXE-029/images/Webinar_T&E_Slides.pdf ·...
Transcript of PCARD AND T&E POLICY COMPLIANCE - ACLinfo.acl.com/rs/497-RXE-029/images/Webinar_T&E_Slides.pdf ·...
AUGUST 2015
PCARD AND T&E POLICY COMPLIANCE
YOUR HOSTS
• We hate long introductions: just get to know our voices.
• Now, get ready!
WHAT WE WILL COVER TODAY
Bon Secours Health
Systems
Pcard
Visa Commercial Format
EquinixT&E
Oracle iExpense
Showcase
Common tests
Continuous monitoring
Cardholder questionnaires
Where to go from
here
Resources
Q&A
BON SECOURS HEALTH SYSTEM
Case Study: PCard
Bon Secours Health
Systems
Equinix
Showcase
Where to go from
here
BON SECOURS HEALTH SYSTEM
• Cyndi Rodas, Manager of Central AP
• About Bon Secours
– Non-profit healthcare provider
• 20 hospitals,
• 5 nursing home facilities
• 4 assisted living facilities
• 14 home care and hospice facilities
– 850 PCards, ~$2M spend/mo
• Senior leadership concerned with PCard program
• Previous continuous monitoring vendor went defunct
THE SOLUTION
• AP Director learned about ACL through IA– Conversation between AP Director and Internal Audit
– Discovered IA already had AX
• 11 data analytic tests “Audit Rules”– Implemented in 2012 Jun - Oct
• Key Data Sources:– Visa/Bank of America
– BoA WORKS card program management
– Lawson HR
THE PCARD TESTS
PC03 – Invalid Employees Ensure all cards are for employees who are also “active” in the employee Human Resources File.
PC04 – Invalid Active Cards Identify cards used by terminated staff. Identify any PCARD transactions that occur after the employee's effective termination date.
PC12 – Blocked Merchant Category Codes Identify all transactions with blocked MCC or restricted MCC.
PC13/14 – Debarred Merchants Identify transactions with merchants found on the GSA list of debarred merchants.
PC16 – Split Transactions Identify cases where there is more than one transaction from the same cardholder to the same merchant within <<number days apart>>
PC17 – Single Transaction Limit Flag transactions exceeding (or just below) the card’s single purchase limit. Transactions that are below but within the limit by percentage threshold would be reported.
PC18 – Monthly Transaction Limit Flag cardholders exceeding their monthly purchase limit.
PC19 – Restricted Items Flag transactions where the transaction description includes a restricted word indicative of an inappropriate purchase. Analyze transactions after Transaction Approval date.
PC22 – Weekend and Holiday Transactions Identify purchases made on weekends or holidays.
PC23 – Even Dollar Transactions Identify cardholders making multiple purchases with unusual evenly divisible amounts. (Based on even divisor parameter). Exclude employees with fewer than <<minimum employee exception count>> exceptions.
PC26 – Duplicate Transactions – Same Merchant Same Amount
Identify two or more transactions where the card, merchant, and amount are the same within the investigation period.
THE IMPACT
• IA now reviews the PCard data and exception responses prior to an audit of a location
• Senior Leadership have comfort over use of Pcards
• Changes in policy: “birthday” rewards
• Determined that local administrators were telling cardholders to “split” transactions
• Fraudulent activity raised before even the bank knew
THE LEARNING
• Triple check with data providers that sample data file formats will match production
• IA can be a good partner
• Best tests– Split payments
– Duplicate charges
– Weekend and holiday charges
– Keyword matches
VISA COMMERCIAL FORMAT
• Standard for transferring procurement card data– Level 1,2,3 data
• Work with your Pcard vendor on determining your version– VCF V4.0 Revision 2B
• Multiple record types– 27+ record types
– Record Type 4 = ‘Cardholder’
– T5 = ‘Card Transaction’
ACL IMPORT APPROACH
• Place all VCF files in same directory
• Use DIRECTORY command to determine all files
• Loop through each file– Multiple record types
– Split each record type to its own table
VCF Files
Card Account
Data
Cardholder Data
Transaction Data
Company Data
Organization Data
ACL IMPORT APPROACH
Card Account
Data
Cardholder Data
Transaction Data
Company Data
Organization Data
EQUINIX
Case Study: T&E
Bon Secours Health
Systems
Equinix
Showcase
Where to go from
here
EQUINIX
• Luana Anderson– T&E Corporate Card Program Manager
• About Equinix– World's largest IBX data center & colocation provider
– 2500 US Employees
– US T&E Spend 2014: Air travel $7M, up 50% from previous year ($20M total T&E)
THE PROBLEM
• Monthly T&E reporting– Collecting data from AMEX, Oracle iExpense
– Excel vlookups, pivot tables, etc.
• Took 50 hours of effort over 7-10 days– No time for review of actual results
• Only for US, going global
• Director of Finance learned of ACL through IA
T&E ANALYTICS
T&E 01 – Total T&E By Expense Category T&E 13 – AMEX Top 10 Hotels by City: Domestic, International
T&E 02 – AMEX KPI’s Trend T&E 14 – AMEX Hotel Expense Trend
T&E 03 – Policy Exceptions Trend T&E 15 – AMEX Car Rental by Vendor
T&E 04 – Trend: Monthly T&E Expense by Month T&E 16 – AMEX Car Rental by City (extra output to flag exceptions)
T&E 05 – Top 15 Spenders: Corporate and Americas T&E 17 – Airfare Out of Policy Exception
T&E 06 – Top 15 Air Expense by Employees T&E 18 – Airfare Class Exception
T&E 07 – Trend: Monthly T&E Expense by Region T&E 19 – Hotel Out of Policy Exception
T&E 08 – T&E Analytics by Functions T&E 20 – iExpense Submission Exception
T&E 09 – AMEX Advance Purchase Compliance: Domestic, International T&E 21 – T&E Monthly Trend by Functions
T&E 10 – AMEX Class of Airfare: Domestic, International T&E 22 – Data Integrity check of AMEX source
T&E 11 – AMEX Top 10 Destinations: Domestic and International T&E 23 – ABC Keyword Search
T&E 12 – AMEX Airline Market Share
T&E KEYWORDS
Miscellaneous House hunting
Other Appliance purchase
Gift Computer purchase
Flowers Dog sitter
Facilitation Dog sitting
Cash Lawn care
Liquor Compensation
Upgrade Fitness
Consultation Massage
Consulting Charity
Babysitting Donation
Health club Award
Pet sitting Recognition
Kennel Clothing
Traffic violations Membership
Child care Security
Financial planning Boarding
Income tax preparation Donation
Travel insurance Clear registered
Relocation Dues
Househunting Childcare
TOP DESTINATIONS REPORT
Tables that will
be linked to the
PowerPoint
Template use to
lookup the
Airport city name
Pivot Table
SOLUTION ARCHITECTURE
ORACLE IEXPENSE DATA
Oracle Table Key Fields Function Comments
AP_Expense_Report_Lines Workflow_Approve_Flag
A-Approve
Need all txns under A or Y.
Mgr approved only
Y-Yes approved by mgr
and AP team
AP_Expense_Report_Headers_All Shows all summary info
Per_All_People_DEmployee info
Per_All_People_F
AP_Cards Contains CC info
FND_USER Contains useful user info
GL_Code_Combinations_VLGL exp codes – pull everything
starting with 5*
R12 Exp Acct – Cost
Center
GL code assignment to each expense
category. association to expense item
description
GL codes mportant to perform Expense
Grouping necessary for results
table/reporting
THE RESULT
• Effort reduced for monthly process– 7-10 days down to minutes
• Accuracy, completeness, consistency, comfort, way up– Pivot tables can remove duplicate lines
– Manual steps were prone to error
• Centralized exceptions– Ability to track repeat offenders
– Ability to ask for justification
– Ability to analyze T&E more effectively
• AMEX and iExpense data combined effortlessly
THE LEARNING AND WHAT’S NEXT
• Keep data pristine
• Importance of quality assurance testing
• Next– Global launch of process for T&E
– PCARD
SHOWCASE
Common testsContinuous monitoringInvestigation and follow-upQuestionnaires
Bon Secours Health
Systems
Equinix
Showcase
Where to go from
here
SOLUTION ARCHITECTURE
DEMONSTRATION
WHAT’S NEXT
Resources
Q&A
Bon Secours Health
Systems
Equinix
Showcase
Where to go from
here
Resources
Q&A
T&E APPLICATION SHEETS
• 47 Profiling, Policy, and Potential for fraud analytics
• Examples provided
• Work with us to identify considerations, data elements required, common parameters, etc.
ACADEMY
• academy.aclgrc.com
• Recommend the learning series
• You’ll get
– Sample data
– Hands-on activities
– Upon completion, satisfaction that you’re growing as a person
SCRIPTHUB
• scripts.aclgrc.com– Way cool stuff here
• Data import scripts
– SAM list
– Import Concur SAE
• Keyword searches, and hundreds more