OFFICE
OF
THE INSPECTOR GENERAL
SOCIAL SECURITY ADMINISTRATION
THE SOCIAL SECURITY ADMINISTRATION’S
GOVERNMENT PURCHASE CARD PROGRAM
March
2010
A-13-09-29027
AUDIT REPORT
Mission
By conducting independent and objective audits, evaluations and investigations, we inspire public confidence in the integrity and security of SSA’s programs and operations and protect them against fraud, waste and abuse. We provide timely, useful and reliable information and advice to Administration officials, Congress and the public.
Authority
The Inspector General Act created independent audit and investigative units, called the Office of Inspector General (OIG). The mission of the OIG, as spelled out in the Act, is to:
Conduct and supervise independent and objective audits and investigations relating to agency programs and operations.
Promote economy, effectiveness, and efficiency within the agency.
Prevent and detect fraud, waste, and abuse in agency programs and operations.
Review and make recommendations regarding existing and proposed legislation and regulations relating to agency programs and operations.
Keep the agency head and the Congress fully and currently informed of problems in agency programs and operations.
To ensure objectivity, the IG Act empowers the IG with:
Independence to determine what reviews to perform.
Access to all information necessary for the reviews.
Authority to publish findings and recommendations based on the reviews.
Vision
We strive for continual improvement in SSA’s programs, operations and management by proactively seeking new ways to prevent and deter fraud, waste and abuse. We commit to integrity and excellence by supporting an environment that provides a valuable public service while encouraging employee development and retention and fostering diversity and innovation.
MEMORANDUM
Date: March 25, 2010 Refer To:
To: The Commissioner
From: Inspector General
Subject: The Social Security Administration’s Government Purchase Card Program
(A-13-09-29027)
OBJECTIVE
Our objective was to determine whether the Social Security Administration's (SSA) oversight of its Government Purchase Card (PCard) Program was effective.
BACKGROUND
The Government PCard Program was created as a way for agencies to streamline the acquisition process and reduce paperwork and administrative costs for simplified acquisitions. SSA began participating in the Government PCard Program in 1988.
The Department of Commerce initially implemented the Program and awarded a contract to U.S. Bank for 10 years. In 1998, the General Services Administration (GSA) awarded Master Contracts to five banks under its GSA SmartPay Program for another 10 years. These Contracts require that each bank provide commercial electronic access products and services to all Federal agencies that issue them orders. In November 1998, SSA issued a task order to Citibank that covers SSA’s PCard Program. In 2007, GSA awarded three new Master Contracts under the SmartPay2 Program. SSA issued a new task order to Citibank for the Agency’s PCard Program in May 2008.
SSA reported PCard use increased from $47.3 million in Fiscal Year (FY) 1999 to $84.3 million in FY 2009 (see Chart 1). While the number of purchases has
significantly increased, the ratio of purchase dollars to SSA administrative expenses has remained about the same. The number of cardholders ranged between 2,800 and 3,000 at any given time during these FYs.
Chart 1: PCard Use
FYs 1999 - 2009
In March 2008, the Government Accountability Office (GAO) published a report, Governmentwide Purchase Cards – Actions Needed to Strengthen Internal Controls to Reduce Fraudulent, Improper, and Abusive Purchases (GAO-08-333). GAO found internal control weaknesses that exposed the Government to fraud, waste, abuse, and loss of assets. Agencies could not demonstrate that 48 percent of large purchases met the standard of proper authorization and independent receipt and acceptance. Breakdowns in internal controls, including authorization and independent receipt and acceptance, resulted in numerous examples of fraudulent, improper, and abusive purchase card use at various agencies reviewed. During its audit, GAO reviewed seven SSA transactions and found no problems. Although GAO found no problems with these seven transactions, the small number of sampled transactions reviewed was not sufficient to conclude that SSA’s overall PCard Program was low risk for fraud or abuse.
To assess SSA’s PCard Program, we began with a general understanding of the purchase card flow.
Chart 2: PCard Flow
To assess SSA’s controls over its PCard Program, we obtained a data extract of all SSA PCard transactions for FY 2007. The data extract contained 164,548 transactions, totaling about $77.5 million. Of the 164,548 transactions, 156,339 were less than $3,000 each. Transactions that are equal to or less than $3,000 are considered micro-purchases. Purchases exceeding the micro-purchase threshold must be made by warranted contracting officers. Warranted contracting officers may choose to use their PCards for such purchases, provided such purchase is within the contracting officer’s delegation of acquisition authority. Such transactions must be processed using purchase methods other than a Government PCard. We examined a random sample of 50 micro-purchases to determine whether they were pre-approved and were independently received and accepted. To determine whether these purchases were pre-approved, we accepted as reasonable evidence various types of documentation, such as purchase requests, and other documentation that identified pre-approval from a responsible official.
In addition, we analyzed 50 of 646 possible split purchases, which we defined as multiple purchase transactions—totaling over the $3,000 micro-purchase dollar threshold—made by the same PCard holder with the same vendor on the same day. We also examined possible duplicate transactions, the 25 smallest transactions, the 25 largest dollar transactions greater than $3,000, negative dollar transactions, cardholders who had the highest number of transactions, and irregular merchant category codes. See Appendix B for our Scope and Methodology and Appendix C for our Sampling Methodology and Results.
RESULTS OF REVIEW
SSA’s oversight of its Government PCard Program needs improvement. We found that cardholders did not comply with SSA’s policies and procedures. Our testing of PCard transactions found that 36 (72 percent) of 50 transactions reviewed (a) did not have adequate pre-approval documentation; (b) had no evidence that the goods were received and accepted; and/or (c) had no documentation provided. These transactions totaled about $8,300. In addition, for 12 (24 percent) of 50 possible split purchases we examined, the cardholders circumvented their $3,000 single-purchase limit. These purchases totaled about $61,000. Table 1 summarizes the results of our review.
Table 1: Summary of Government PCard Problematic Purchases
Type of Purchase Number of Purchases Examined Problematic Purchases Percent of Problematic Purchases
Less Than $3,000 50 Randomly Selected Transactions 36 72
Possible Split Purchases 50 Purchases Identified By Data Analysis 12 24
Compliance with Policy and Procedures
Compliance with policy and procedures in the Agency’s Government PCard Program needs improvement. Of the 50 micro-purchases reviewed, we found 36 transactions (72 percent), totaling about $8,300, did not have
• adequate pre-approval documentation (28 transactions); and/or
• evidence the goods were received and accepted (8 transactions); or
• any documentation provided (6 transactions). ,
We tested those internal controls that we considered important to prevent and detect fraudulent, improper, and abusive PCard activity. We examined documentation to determine whether the micro-purchases had pre-approval authorization, as required by SSA policy. As evidence of pre-approval authorization, we accepted various types of documentation. For example, we considered micro-purchase requests and other documentation indicating purchases were pre-approved by an appropriate official to be adequate evidence the micro-purchases were pre-approved, as required.
Of the 50 micro-purchase transactions reviewed, 28 did not have adequate pre-approval documentation. The PCard holder either did not prepare, or failed to maintain, sufficient pre-approval documentation for micro-purchases. Although SSA policy requires pre-approval and retention of documents of purchases, the cardholders did not comply with policy and procedures.
In addition, we reviewed transactions to determine whether the micro-purchases had independent documentation of receipt and acceptance of goods, as required. Of the 50 transactions reviewed, 8 did not have adequate documentation of independent receipt and acceptance of goods. As reasonable evidence of independent receipt and acceptance, we accepted signatures or initials of someone other than the cardholder on the sales invoice, packing slip, bill of lading, or any other shipping or receiving document.
The Agency needs to improve its compliance with PCard policy and procedures to ensure receipt and acceptance of goods are documented. Independent receipt and acceptance help provide assurance that purchased items are acquired for a legitimate Government need and not for personal use. Noncompliance increases the possibility cardholders could make purchases for personal use rather than making the purchase for a Government need.
Finally, six cardholders did not provide requested documentation for purchases. Of the six cardholders, only one responded to our request and indicated documentation for the requested transaction could not be located. SSA’s policy requires the retention of documentation for 3 years after the final payment has been made. The lack of appropriate documentation increases the risk the Agency’s Government PCard Program could be subject to fraudulent, improper, or abusive activity.
Split Purchase Transactions
We analyzed $77.5 million in FY 2007 Government PCard Program transactions to detect common characteristics among them. We found 646 potential split purchases. Split purchases circumvent the cardholder’s single-purchase limit and avoid the requirement to obtain competition on purchases over the $3,000 micro-purchase threshold. The single-purchase limit was increased from $2,500 to $3,000 in September 2006. Before 2006, the limit had been $2,500 since 1996. When a purchase exceeds the micro-purchase dollar threshold, the component should process the purchase through the contracting office under SSA’s procedures for competitive purchases.
For example, we found a PCard holder submitted a purchase requisition for supplies totaling over $5,000. The vendor acknowledged this purchase request by sending the cardholder an email. The cardholder’s purchase log also showed the purchase for that amount to that vendor. However, the purchase was split into three separate transactions on the Government PCard. This action circumvented the $3,000 single purchase limit. The cardholder should have submitted the purchase to the contracting office for appropriate processing.
We examined 50 of the 646 possible split purchases and believe 12, totaling over $61,000, were split purchases. Of the 12 purchases we identified, Agency staff confirmed 8 purchases were split purchases based on available documentation. The staff indicated the remaining transactions may also have been split purchases. However, without adequate documentation, the officials explained they could not be certain whether the transactions were split purchases. The four purchases did not have purchase requisitions, which would indicate whether the items were purchased on the same day. However, other documentation for these transactions showed the purchases were made by the same purchase cardholder with the same vendor and processed on the same day. Therefore, we believe these were split purchases. The goods, based on the description of the item purchased, appear to be for Government purposes.
The Agency needs to improve its management oversight of its Government PCard Program to prevent split purchases and therefore reduce the risk of improper purchase transactions. Contracting officers were not involved in the 12 purchases we identified.
According to staff from the Office of Acquisition and Grants, the Agency analyzed Pcard data to identify split purchases when resources were available. Staff informed us of two times when such data were analyzed—once in 2006 and once in 2007. Staff indicated PCard data for 2009 are also being analyzed for potential split purchases. Office of Acquisition and Grants staff plan to conduct these reviews monthly.
CONCLUSION AND RECOMMENDATIONS
SSA’s oversight of its Government PCard Program needs improvement. We found cardholders did not comply with SSA’s policies and procedures. Based on our review of micro-purchase card transactions, we found cardholders either did not prepare or failed to maintain, adequate documentation, as required, for 36 of the 50 transactions examined. In addition, we found 12 of 50 transactions we examined were split purchases. Noncompliance with policy and procedures increases the possibility of fraudulent, abusive, or improper purchase card activity.
We recommend that SSA:
1. Ensure cardholders comply with SSA policy and procedures on obtaining and maintaining adequate pre-approval documentation.
2. Remind cardholders to comply with SSA policy and procedures on obtaining and maintaining adequate receipt and acceptance of goods documentation.
3. Instruct cardholders to comply with SSA policy and procedures to prevent making split purchases.
4. Analyze Pcard data routinely to identify possible split purchases and take steps to ensure cardholders follow Agency policy.
AGENCY COMMENTS
The Agency agreed with our recommendations (see Appendix D).
/s/
Patrick P. O’Carroll, Jr.
Appendices
APPENDIX A – Acronyms
APPENDIX B – Scope and Methodology
APPENDIX C – Sampling Methodology and Results
APPENDIX D – Agency Comments
APPENDIX E – OIG Contacts and Staff Acknowledgments
Appendix A
Acronyms
AIMS Administrative Instructions Manual System
CAN Common Accounting Number
FY Fiscal Year
GAO Government Accountability Office
GSA General Services Administration
LAE Limitation on Administrative Expenses
MP Micro-Purchaser
PCard Purchase Card
SOC Sub-Object Classification
SSA Social Security Administration
Appendix B
Scope and Methodology
To accomplish our objective, we:
• Reviewed applicable Federal laws and sections of the Social Security Administration’s (SSA) regulations, policies, and procedures.
• Identified and reviewed prior relevant audits.
• Corresponded with SSA officials familiar with the Agency’s Government Purchase Card (PCard) Program and Agency personnel who were PCard holders.
• Obtained a data extract of all PCard transactions for Fiscal Year 2007. The data extract included 164,548 transactions, totaling about $77.5 million. Of the 164,548 transactions, 156,339 were less than $3,000 each. These transactions are considered micro-purchases. Based on our analysis of this data file, we:
Randomly selected 50 of the 156,339 micro-purchases to determine whether SSA complied with its policies and procedures for the approval and receipt of purchases. We determined whether the transactions were pre-approved and were independently received and accepted. For pre-approval authorization, we accepted as reasonable evidence various types of documentation, such as purchase requests and other documentation that identified pre-approval from a responsible official.
Randomly selected 50 of the 646 items (2,074 separate transactions) we believed were possible split purchases.
Randomly selected 30 possible duplicate purchases.
Reviewed the 25 lowest dollar transactions.
Reviewed the 25 highest dollar transactions greater than $3,000.
Reviewed the 25 largest negative dollar transactions.
Analyzed 10 cardholders who had the highest number of transactions and 10 cardholders who had the highest dollar amounts.
Reviewed unusual merchant category codes and frequently used merchant category codes.
We determined the computer-processed data used for this audit were sufficiently reliable for their intended use. Further, any data limitations were minor in the context of this assignment, and the use of the data should not lead to an incorrect or unintentional conclusion. The electronic data used in our audit were primarily extracted from the CitiDirect Card Management System. Nothing came to our attention that indicated the PCard transactions we reviewed involved fraud or abuse.
We performed our review at SSA Headquarters in Baltimore, Maryland, from January through September 2009. We conducted this performance audit in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives.
Appendix C
Sampling Methodology and Results
We obtained a data extract of purchase card transactions for Fiscal Year 2007. The data extract contained a total of 164,548 transactions totaling $77.5 million. Of the 164,548, we analyzed:
50 randomly selected from 156,339 transactions that were less than $3,000 each. We tested these transactions to ensure the purchases had pre-approved authorization and were independently received and accepted.
50 randomly selected from 646 possible split purchase transactions. We defined split purchases as multiple purchase transactions, totaling over the $3,000 micro-purchase threshold, made by the same cardholder with the same vendor on the same day.
30 possible duplicate transactions.
25 smallest dollar transactions.
25 largest dollar transactions greater than $3,000 each.
25 largest negative dollar transactions (credits).
Table C-1: FY 2007 Government Purchase Card Transactions
Type of Purchase Sample Sample
Amount Population Population
Amount , Number of Errors Percent of Sample Amount of Errors
1. $0 - $3,000 50 $19,294 156,339 $56,713,189 36 72 $8,312
2. Split Purchases 50 $412,258 2,074 $5,412,950 12 24 $61,310
3. Duplicates 30 $20,501 314 $29,152 0 0 $0
4. Transactions with Smallest Dollar Amount
25
$1.26
25
$1.26
0
0
$0
5. Transactions with Highest Dollar Amount > $3,000
25
$2,264,635
1,005
$13,968,601
0
0
$0
6. Transactions with Largest Negative Dollar Amount
25
$326,872
4,791
$1,338,483
0
0
$0
Total 205 $3,043,561 164,548 $77,462,376 48 $69,622
Appendix D
Agency Comments
SOCIAL SECURITY
MEMORANDUM
Date: March 11, 2010 Refer
Refer To: S1J-3
To: Patrick P. O'Carroll, Jr.
Inspector General
From: James A. Winn /s/
Executive Counselor
to the Commissioner
Subject: Office of the Inspector General (OIG) Draft Report, “The Social Security Administration’s Government Purchase Card Program” (A-13-09-29027)--INFORMATION
Thank you for the opportunity to review and comment on the draft report. We appreciate OIG’s efforts in conducting this review. Attached is our response to the report recommendations.
Please let me know if we can be of further assistance. Please direct staff inquiries to
Candace Skurnik, Director, Audit Management and Liaison Staff, at (410) 965-4636.
Attachment
COMMENTS ON THE OFFICE OF THE INSPECTOR GENERAL (OIG) DRAFT REPORT, “THE SOCIAL SECURITY ADMINISTRATION’S (SSA) GOVERNMENT PURCHASE CARD PROGRAM” (A-13-09-29027)
We reviewed the draft report and our responses to the specific recommendations follow.
Recommendation 1
Ensure cardholders comply with SSA policy and procedures on preparing and maintaining adequate pre-approval documentation.
Comment
We agree. We will issue an Acquisition Alert reminding micro-purchasers and approving officials of their obligation to obtain and maintain the appropriate pre-approval documentation in micro purchaser’s files. Additionally, we will require this documentation during all of our Acquisition Management Reviews (AMR), where we review a micro-purchaser’s acquisition activities to ensure compliance with acquisition rules, regulations, and policies. We conduct AMRs throughout the year. Our reviews may involve analyzing a micro-purchaser’s activity over a certain time or a specific questionable transaction we identify in the CitiDirect system.
Recommendation 2
Remind cardholders to comply with SSA policy and procedures on preparing and maintaining adequate receipt and acceptance of goods documentation.
Comment
We agree. We will remind micro-purchasers and approving officials in our Acquisition Alert of their obligation to obtain and maintain adequate documentation of independent receipt and acceptance of goods in the micro-purchaser’s files. Additionally, we will require this documentation during all of our AMRs.
Recommendation 3
Instruct cardholders to comply with SSA policy and procedures to prevent making split purchases.
Comment
We agree. In our Acquisition Alert, we will remind micro-purchasers and approving officials about their responsibility to: 1) reject any obvious split purchase; 2) refuse to conduct a split purchase; and 3) use due diligence to detect potential split purchases.
Recommendation 4
Analyze PCard (Government Purchase Card) data routinely to identify possible split purchases and take steps to ensure cardholders follow Agency policy.
Comment
We agree. We conduct reviews of possible split purchases and intend to continue this practice. When we discover a split purchase, we analyze the circumstances and take appropriate action. This action may include a warning to the micro-purchaser and approving official not to split purchases in the future or, if appropriate, suspension or revocation of the employee’s micro-purchasing or approving authority. Repeated failure to follow our split purchase policy and procedures may result in administrative or disciplinary action.
In addition, we are exploring a new Citibank tool to conduct these reviews in less time and with greater efficiency.
Appendix E
OIG Contacts and Staff Acknowledgments
OIG Contacts
Shirley Todd, Director, Evaluation Division
Randy Townsley, Audit Manager
Acknowledgments
In addition to those named above:
Alan Carr, Auditor-in-Charge
For additional copies of this report, please visit our web site at www.socialsecurity.gov/oig or contact the Office of the Inspector General’s Public Affairs Staff Assistant at (410) 965-4518. Refer to Common Identification Number
A-13-09-29027
DISTRIBUTION SCHEDULE
Commissioner of Social Security
Office of Management and Budget, Income Maintenance Branch
Chairman and Ranking Member, Committee on Ways and Means
Chief of Staff, Committee on Ways and Means
Chairman and Ranking Minority Member, Subcommittee on Social Security
Majority and Minority Staff Director, Subcommittee on Social Security
Chairman and Ranking Minority Member, Committee on the Budget, House of Representatives
Chairman and Ranking Minority Member, Committee on Oversight and Government Reform
Chairman and Ranking Minority Member, Committee on Appropriations, House of Representatives
Chairman and Ranking Minority, Subcommittee on Labor, Health and Human Services, Education and Related Agencies, Committee on Appropriations,
House of Representatives
Chairman and Ranking Minority Member, Committee on Appropriations, U.S. Senate
Chairman and Ranking Minority Member, Subcommittee on Labor, Health and Human Services, Education and Related Agencies, Committee on Appropriations, U.S. Senate
Chairman and Ranking Minority Member, Committee on Finance
Chairman and Ranking Minority Member, Subcommittee on Social Security Pensions and Family Policy
Chairman and Ranking Minority Member, Senate Special Committee on Aging
Social Security Advisory Board
Overview of the Office of the Inspector General
The Office of the Inspector General (OIG) is comprised of an Office of Audit (OA), Office of Investigations (OI), Office of the Counsel to the Inspector General (OCIG), Office of External Relations (OER), and Office of Technology and Resource Management (OTRM). To ensure compliance with policies and procedures, internal controls, and professional standards, the OIG also has a comprehensive Professional Responsibility and Quality Assurance program.
Office of Audit
OA conducts financial and performance audits of the Social Security Administration’s (SSA) programs and operations and makes recommendations to ensure program objectives are achieved effectively and efficiently. Financial audits assess whether SSA’s financial statements fairly present SSA’s financial position, results of operations, and cash flow. Performance audits review the economy, efficiency, and effectiveness of SSA’s programs and operations. OA also conducts short-term management reviews and program evaluations on issues of concern to SSA, Congress, and the general public.
Office of Investigations
OI conducts investigations related to fraud, waste, abuse, and mismanagement in SSA programs and operations. This includes wrongdoing by applicants, beneficiaries, contractors, third parties, or SSA employees performing their official duties. This office serves as liaison to the Department of Justice on all matters relating to the investigation of SSA programs and personnel. OI also conducts joint investigations with other Federal, State, and local law enforcement agencies.
Office of the Counsel to the Inspector General
OCIG provides independent legal advice and counsel to the IG on various matters, including statutes, regulations, legislation, and policy directives. OCIG also advises the IG on investigative procedures and techniques, as well as on legal implications and conclusions to be drawn from audit and investigative material. Also, OCIG administers the Civil Monetary Penalty program.
Office of External Relations
OER manages OIG’s external and public affairs programs, and serves as the principal advisor on news releases and in providing information to the various news reporting services. OER develops OIG’s media and public information policies, directs OIG’s external and public affairs programs, and serves as the primary contact for those seeking information about OIG. OER prepares OIG publications, speeches, and presentations to internal and external organizations, and responds to Congressional correspondence.
Office of Technology and Resource Management
OTRM supports OIG by providing information management and systems security. OTRM also coordinates OIG’s budget, procurement, telecommunications, facilities, and human resources. In addition, OTRM is the focal point for OIG’s strategic planning function, and the development and monitoring of performance measures. In addition, OTRM receives and assigns for action allegations of criminal and administrative violations of Social Security laws, identifies fugitives receiving benefit payments from SSA, and provides technological assistance to investigations.