• +263 242 306 315

Blog Description


Controls over the use of cards by NPOs

Posted on 04 February, 2019 at 13:11

By Epaphras Chinyakuza

Monetary authorities have been battling the shortage of cash within the economy for the better part of the multiple-currency regime which was introduced in 2009. Bond coins and notes were introduced as measures to fend off the problem but they have proved to be unsustainable as banks around the country have lowered the daily withdrawals by corporates by more than 50% since the turn of the year 2018. Households and organisations have been compelled to resort to using plastic and electronic money. From the 2nd quarter update report by the RBZ, plastic and electronic money now accounts for over 70% of the payments in Zimbabwe. Now that plastic and mobile money usage continues to grow, cards have proved to offer a transparent, flexible and efficient way for organisations to obtain goods or services to meet business needs. These cards are an important part of modern purchasing systems, offering significant benefits such as streamlined business processes, better risk management and financial inclusion.

However, for organisations, there are potential risks of wastage and improper or unauthorised use of purchasing cards which need to be well managed. Instances of misuse and weaknesses in relevant entity controls attract considerable donor and public attention and can cause reputational damage to affected entities. Non-profit organisations (NPOs) therefore, need to ensure appropriate controls are in place and be continually vigilant against risks to facilitate payments that are properly authorised, valid, and for appropriate business expenses.

There are certain controls a company can implement to facilitate better accounting for the use of these cards.

Debit card policy

A written card policy serves as the foundation of a good debit card expense control system. This policy document should clearly specify requirements for all key purchasing card processes and establish guidelines regarding the use of the cards for any transaction for the organisation. The policies and guidance should cover matters such as limiting the issue of  cards to designated officials, setting card transaction limit appropriate to the organisation, appropriate approval of the card issue and obtaining appropriate agreement and acknowledgement from the cardholder that they understand and will abide by the entity’s requirements. Additionally, the responsibilities of cardholders should be clearly specified and the cardholders should sign-off cardholder agreements and acknowledgement forms in agreement to the rules therein.

Most card abuses result from charging personal items to the organisation.  There are some primary internal controls that will help organisations ensure that card payments and reimbursements are made for authentic organisational transactions.  In addition to a debit card policy, the following controls might help reduce the risk for waste, improper or unauthorised use of these cards for NPOs.


Bank Cards Safekeeping

Each bank account should only have one active debit card. All the cards for the separate bank should be kept in the safe and only issued to users where necessary. The accountant/finance officer should be the custodian of the cards who issues it for use by all the authorised staff. A register should be kept to control the issuance of cards.


Control the issuance and revocation of the cards.

There should be a record/register for individuals to whom these cards have been issued. This register should be well designed to capture all necessary information required. The information might include the name of the employee, the national or employee number, date of issue, purchase limits, the period s/he will hold the card and the signature to acknowledge the receiving of the card. The same information can also be completed when the card has been revoked.


Set monthly expenditure limits.

Monthly expenditure limits can be set for individuals who would have been issued cards. The limits will depend on positions held by these individuals. For example, linking the transactions for the month to the monthly budgets, a card might have a limit of $50 000 depending on the budgeted expenditure for that month. These cards can also be programmed in a way that once the limit for that month has been exhausted it will not transact until the next reset.

It is also essential to control the maximum debit card purchase amount. For example, a maximum purchase can be set at $100. All purchases exceeding the limit will immediately be denied. This can help to stay within the budget. The petty cash imprest system can also be modified where a card is used for small daily expenses and the monthly card usage and maximum purchase per transaction can be programmed to be in sync with the petty cash policy.


Card Usage

The number of debit card users should be kept minimal. Only the persons authorised to use debit cards should use them. There should be criteria in place to determine who can use the card for organisational transactions.


Transaction alerts

These alerts will help to notify the custodian of the card (Accountant/finance officer) of any transactions that would have taken place using the card. If the custodian receives an alert they do not recognise, they can immediately deactivate the card and investigate.


On/off control

Now with rate at which the technological environment is changing, one can activate or deactivate a card using electronic gadgets. When off, it can’t be used for anything. Once turned back on, it can be used within seconds. This can help if the card has been stolen or lost you can quickly deactivate and it will not be possible to use the card for any transaction, this can also reduce the chance of fraud.


Review of the card statements

A supervisor or an employee with first-hand knowledge of the various undertakings of the organization should review all credit/ debit card statements and the supporting receipts to determine if the expense is bona fide and related to the organization’s activities. No employee should be able to approve his or her own purchases. All purchases should be individually itemized and substantiated. Therefore, require that only original receipts should be submitted for each item on which the card would have been used.

Expense reports and credit card receipts should be submitted for processing on a timely basis to allow for proper review and reconciliation of expense items.


Regular changes on the passwords.

Passwords on the cards should be changed regularly. This is necessary because people close to the cardholder might end up knowing the password and can take advantage to abuse the cards without the cardholders’ consent.


Now that plastic and mobile money usage continues to grow, expenses paid by these methods of payment are now being put under a magnifying glass.  The number of card transactions makes it an area conducive to fraud. Additional oversight and controls in this area will result in a better accounting of these expenses.

NMap Technologies