The Office of Inspector General has found that although the Department of Homeland Security (DHS) and its components implemented internal controls to ensure Bankcard Program spending limits are established based on procurement needs, components did not always adhere to internal control policies and procedures.
DHS reported a total of 21,6363 purchase cards and 83,1944 fleet cards for FY 2021. Of the 787 bankcard cardholder accounts reviewed by OIG, all purchase and fleet cardholder accounts had issues in one or more key internal control areas, such as documenting the determination of procurement needs, decision authority, and oversight activities.
OIG said the issues occurred because of various changes in key management roles, outdated policies, component-level interpretation of guidance, and non-retention and inconsistent storage of supporting documents.
For example, the Coast Guard Fleet Card Program independently uses the DHS Fleet Card Change Request Form to document card activation; to report a card lost or stolen; for card replacement, card cancellation, or card updates; and to request or set up a personal identification number. Although this form serves as a valuable tracking tool, OIG identified cases of forms missing signatures and/or officials signing forms in dual capacities. Inspectors also identified cases in which an Approving Official submitted and signed a change request prior to nomination.
Overall, across the components reviewed, OIG found that 727 of the 787 bankcard accounts reviewed (93 percent) did not document varied levels of decision authority required to ensure spending limits are established based on procurement need.
In addition, OIG found for 446 of the 787 (57 percent) bankcard accounts reviewed, components did not conduct monitoring activities such as monthly spending limit reviews, inactive account reviews and reporting, check for timely closure of accounts specified for cancellation, and assessments of cardholder spending patterns (including “Unusual Spending Activity” reporting).
Without adherence to established policies and procedures, OIG is concerned that there is an increased risk of material loss and vulnerability to fraud. Overall, the watchdog says the Department may have less assurance that the controls in place are effective in meeting its Bankcard Program goals and requirements, resulting in weakened program management and less informed decisions. Consequently, OIG has made three recommendations with which DHS has agreed and aims to meet by the end of this calendar year. Measures to be undertaken include training and policy updates.
