P-Card Compliance with OMB A-123 Appendix B

Published January 24, 2023

Compliance is the second topic in our 3-part series highlighting guidelines pertaining to Accountability, Compliance, and Transparency as contained in OMB Circular A-123 Appendix B, a Risk Management Framework for Government Charge Card Programs.

The newly-consolidated guidance for P-Card Program Management in OMB Circular A-123 Appendix B encapsulates compliance requirements beyond OMB, including unfunded mandates such as paperless government, cloud computing, and the Improper Payments Elimination and Recovery Act of 2010 (IPERA). The myriad of compliance guidelines necessitate P-Card administrative officers to make critical decisions on maintaining compliance and eliminating fraud, waste, and abuse in the use of purchase cards.

Risk Management Controls

Every agency is required to implement risk management controls on P-Card. Internal Controls are the first line of defense for a compliant P-Card Program, providing administrative officers a safeguard against the risks inherent in the program. Maintaining the integrity of the card program insulates from negative consequences such as IG and GAO findings, congressional inquiry, and fraud/waste/abuse in the public news cycles. Controls reduce risk by including compliance measures such as policies and procedures enforcement, document creation and review, separation of duties, and oversight activity.

Proactive Automations

Internal Controls can be automated with readily available SaaS solutions to turn compliance from a defensive activity to a proactive one. Automations reduce burdens and enhance the capability of P-Card Programs to seamlessly encapsulate all policy and guidance. Automation removes program risk while simultaneously streamlining micro-purchase activity by eliminating the opportunity for unintended violations or even worse, collusion – thus safeguarding federal assets.

The P-Card Transaction Process requires controls to promptly detect improper transactions and payments such as tax charges, split purchases, unauthorized purchases, spending above authorized limits, and purchasing prohibited goods and services. Automated controls in the transaction process have been developed and are available in an agile COTS SaaS solution. P-Card program administrators have the opportunity to greatly enhance their ability to ensure proper documentation of receipt and to track credit issuance on disputed purchases within such an encapsulated system.

It’s All in the Process

Review and Approval Process controls, when automated, ensure all cardholders reconcile transactions according to agency policy and prevent program findings that may require expensive remediation. Supporting documentation requirements can be enforced to prevent reconciliation prior to all documents being attached to each individual purchase record.

Agencies concerned about compliance can take a look at Actus in the FedRAMP Marketplace, a proven agile SaaS solution for Purchase Card Program Automation and Management.