Audit of Acquisition Card Transactions

Background

The audit of the acquisition cards has emerged from the Continual Auditing process which was approved at the May 23, 2003 Departmental Audit and Evaluation Committee (DAEC) meeting.  The process calls for a review and, as necessary, audit of automated transactions and associated functions at regular intervals, using an appropriate mix of Computer Assisted Audit Tools and Techniques (CAATT) and supplemented by manual procedures as necessary.

The strategy on continual auditing developed in 2002-2003, recommended that the Accounts Payable expenditures be one of the initial areas for implementation.  Based on this, Audit and Evaluation Branch (AEB) decided to review acquisition cards transactions for the period of October 2002 to September 2003 using the continual auditing approach. 

The acquisition card program was officially launched in December 1991 by Treasury Board Secretariat who promoted the acquisition card as an innovation with ‘’the basic aim of reducing administrative costs and enabling employees to purchase certain goods and services more directly’’.  Since the introduction of the acquisition card, Environment Canada is using the acquisition card for the purchasing of goods and services of less than $9,999.99.

The Financial Services Directorate has functional authority over the Acquisition Card program. The implementation of the National Directive for Acquisition Cards is the responsibility of the Financial Policy, Systems and Accounting Branch in the National Capital Region and of Finance and Administration Branches in the regions.  The Director General of Financial Services has designated a Departmental coordinator of acquisition cards and every region has a Regional Coordinator for this program.  The Regional Coordinators are responsible for authorizing and issuing cards in their regions.  They serve as the intermediary between the region and the issuing financial institution on all questions regarding the issuance of cards, the selection of their supplier and control procedures. 

Objective

The objective of the audit was to ensure that purchases made through the acquisition cards program were in compliance with Treasury Board Secretariat Policy on acquisition cards and Environment Canada National Directive on Acquisition Cards. 

Scope and Limitation

The audit focussed on transactions that took place between October 2002 and September 2003.  All regions and services were included in this review.  The scope of the audit did not include the overall management of the acquisition card program because a separate corporate initiative that included a comprehensive review of the accountability and control framework for acquisition cards, procurement and contracting and Financial Signing Authority was being conducted at the time of the audit.  The results of this initiative were presented to management in the spring of 2004.

Audit Methodology

The audit was conducted using Computer Assisted Audit Tools and Techniques (CAATT). The approach consisted in downloading the transactions from the Bank of Montreal (BMO) web site into our Audit Command Language Software (ACL). 

A statistical analysis was conducted (refer to section 2) and a series of tests was run against the database identifying anomalies such as cardholders exceeding card limits or transactions limits, possible contract splitting or duplicate purchases, cardholders with multiple cards, etc.  A listing of the ‘Merchant Category Description’ comprised of 275 different categories was also examined.  The exercise allowed the audit team to identify attractive purchases, unusual vendors, purchases requiring special approval, etc.

Based on these results a judgemental sample of 396 transactions was selected for detailed testing.  The judgemental sampling means that only transactions with a potential problem were selected.  Therefore, the results of the audit (refer to section 3) provide the Department with a higher level of assurance than the results obtained with a random sampling.  However, this methodology does not allow us to draw statistical conclusion.  The testing involved reviewing the supporting documentation for all transactions to assess compliance against policies and directives.  We reviewed supporting receipts and the purchase logs to determine whether each transaction was properly authorized and processed.   The methodology also included interviews with individuals when necessary.

Annex 1 provides additional details on the audit methodology and sample selection.