Finding Text
Reference Number: 2023-001
Federal Program: All Programs
Type of Finding: Significant Deficiency over Financial Reporting
Repeat Finding: Yes – 2022-001
Criteria
Entities should maintain an adequate system of internal controls over financial reporting in order to initiate, authorize, record, process, and report financial data reliably in accordance with accounting principles generally accepted in the United States of America.
Condition
In fiscal year 2022, our credit card transaction testing resulted in the following findings: (1) 17 out of 25 credit card sections did not have documentation of a valid business purpose; (2) 6 out of 25 credit card selections did not have vendor receipts; and (3) 15 out of 25 credit card selections had no evidence of approval.
Based on our discussions with management, the new credit card policy was not fully implemented in fiscal year 2023 and management acknowledged that exceptions to the credit card policy still existed during fiscal year 2023. As such, we did not perform additional testing during fiscal year 2023, and this finding remains as previously documented.
Cause
Management did not consistently follow its formal credit card policy in place during all of fiscal year 2023 to document requirements for credit card usage and retention of supporting documents for credit card transactions (i.e. vendor invoices, approval of expenditures, proof of valid business purpose, etc.).
Effect
A fraud risk exists that credit card purchases are unauthorized and are not used for valid business purposes.
Questioned Costs
Unknown
Recommendation
Management should enforce its formal credit card policy through-out the year. Management should also consider electronic methods to track credit card purchases, approvals, and receipts. The Grand Chapter should maintain all credit card receipts with business purpose documentation.
Management Response and Corrective Action Plan
Management agrees with the finding. See schedule of corrective actions.