TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

 

 

Travel Card Controls Are Generally Effective, but More Aggressive Actions to Address Misuse Are Needed

 

 

 

April 18, 2013

 

Reference Number:  2013-10-032

 

 

This report has cleared the Treasury Inspector General for Tax Administration disclosure review process and information determined to be restricted from public release has been redacted from this document.

 

 

Phone Number  /  202-622-6500

E-mail Address /  TIGTACommunications@tigta.treas.gov

Website           /  http://www.treasury.gov/tigta

 

 

HIGHLIGHTS

Travel Card Controls Are Generally Effective, but More Aggressive Actions to address Misuse Are Needed

Highlights

Final Report issued on April 18, 2013

Highlights of Reference Number:  2013-10-032 to the Internal Revenue Service Deputy Commissioner for Operations Support.

IMPACT ON TAXPAYERS

In Fiscal Year 2011, the IRS travel card program had approximately 52,000 individually billed Government-issued travel card accounts and $121 million in related charges.  The lack of aggressive steps to address travel card misuse and reevaluate the security clearance and suitability for employment of employees with indications of financial problems present a risk to taxpayers, especially when these IRS employees have access to sensitive taxpayer information.

WHY TIGTA DID THE AUDIT

This audit was initiated to assess the IRS’s controls intended to identify potentially fraudulent or abusive use of individually billed travel cards.  With the millions of dollars spent annually by cardholders on official travel, it is essential that the IRS has effective controls in place to prevent and detect misuse.  In addition, it is also imperative that identified misuse is responded to with appropriate disciplinary action in order to maintain the integrity of the program.

WHAT TIGTA FOUND

The IRS’s travel card program controls are generally effective and delinquency rates are below 1 percent; however, disciplinary actions imposed by IRS management for confirmed travel card misuse are sometimes overly lenient.  The design and implementation of travel card controls intended to identify transactions occurring outside of official travel are generally effective.  However, current controls do not include any steps designed to detect inappropriate or personal use while employees are on official travel.

While the vast majority of cardholders used their travel cards in an appropriate manner and paid their bills on time, the IRS identified more than 1,000 cardholders who misused their travel cards during Fiscal Years 2010 and 2011.  The disciplinary actions taken by IRS management in response to the confirmed misuse were less severe than those suggested in the IRS penalty guidelines in approximately half of the 30 cases TIGTA reviewed.  Further, hundreds of cardholders with evidence of significant financial problems, including non-sufficient funds checks or suspended and charged-off accounts, were not referred for reevaluation of national security clearances and background checks.  The majority of those cardholders remained employed by the IRS as of September 2012.  Because the IRS’s mission includes requiring taxpayers to pay taxes owed on time and voluntarily, the IRS should take further steps to address employees who do not voluntarily pay their travel card bills on time.

WHAT TIGTA RECOMMENDED

TIGTA recommended that the IRS improve controls in several areas, including designing controls to detect personal use of the travel card while employees are on official travel.  TIGTA also recommended that the IRS develop a process for referring cardholders with evidence of financial problems to personnel security officials for reevaluation of the employees’ security clearances and suitability for their positions.

In their response, IRS management agreed with the recommendations and plans to implement several corrective actions to address them, including developing and implementing a process to identify personal use of the travel card while employees are on official travel and developing a policy for reevaluating security clearances and suitability for employment for employees with evidence of significant financial problems associated with travel card misuse.  In addition, the IRS noted that some of the corrective actions have already been implemented.

 

April 18, 2013

 

 

MEMORANDUM FOR DEPUTY COMMISSIONER FOR OPERATIONS SUPPORT

 

FROM:                       Michael E. McKenney /s/ Michael E. McKenney

Acting Deputy Inspector General for Audit

 

SUBJECT:                  Final Audit Report – Travel Card Controls Are Generally Effective, but More Aggressive Actions to Address Misuse Are Needed (Audit # 201210006)

 

This report presents the results of our review to assess the Internal Revenue Service’s controls to identify potentially fraudulent or abusive use of individually billed Government-issued travel cards.  This review was conducted as part of the Treasury Inspector General for Tax Administration’s Fiscal Year[1] 2012 Annual Audit Plan and addresses the major management challenges of Fraudulent Claims and Improper Payments and Security for Taxpayer Data and Employees.

Management’s complete response to the draft report is included as Appendix V.

Copies of this report are also being sent to the Internal Revenue Service managers affected by the report recommendations.  If you have any questions, please contact me or Gregory D. Kutz, Assistant Inspector General for Audit (Management Services and Exempt Organizations).

 

 

Table of Contents

 

Background

Results of Review

Controls Are Designed Effectively but Do Not Include a Control to Identify Personal Use of Travel Cards While Employees Are on Official Travel

Recommendation 1:

Implementation of Travel Card Controls Detected Misuse, but Improvements Can Be Made

Recommendations 2 and 3:

Recommendations 4 through 6:

Disciplinary Actions for Travel Card Misuse Were Often Lenient and Did Not Result in a Reevaluation of Background Clearances

Recommendations 7 and 8:

Appendices

Appendix I – Detailed Objective, Scope, and Methodology

Appendix II – Major Contributors to This Report

Appendix III – Report Distribution List

Appendix IV – The Internal Revenue Service and Governmentwide Travel Card Delinquency Rates for Fiscal Years 2010 and 2011

Appendix V – Management’s Response to the Draft Report

 

 

Abbreviations

 

ATM

Automated Teller Machine

CCS

Credit Card Services

FY

Fiscal Year

IBA

Individually Billed Account

IRM

Internal Revenue Manual

IRS

Internal Revenue Service

NSF

Non-Sufficient Funds

 

 

Background

 

The Travel and Transportation Reform Act of 1998[2] and Federal Travel Regulations[3] mandate the use of a Government-issued travel charge card (hereafter referred to as a travel card), except where specifically exempted,[4] and stipulate that the travel card shall be used by all U.S. Government personnel to pay for official Government travel and travel-related expenses.[5]  The Travel and Transportation Reform Act of 1998 also states that personnel who misuse or abuse[6] the travel card may be subject to administrative or disciplinary actions up to and including removal from Federal service.  In order to further clarify the requirements of the Act and to provide Internal Revenue Service (IRS) employees with specific guidance, the IRS developed the Travel Card Program Handbook[7] and the Chief Financial Officer issued a Policy Statement[8] to implement mandatory use of the travel card.  The IRS also developed and issued the IRS Manager’s Guide to Penalty Determinations[9] that provides managers and business organizations with guidelines for identifying, reporting, and resolving inappropriate use of a travel card.

The Department of the Treasury selected Citibank to provide travel card services for all of its bureaus and offices.  The IRS has established two types of travel card accounts:  1) individually billed accounts (IBA) and 2) centrally billed accounts.  Individually billed cards are issued to employees who perform travel at least twice a year to pay for official travel and travel-related expenses.  The Government reimburses employees for authorized expenses and the employee is responsible for making payment to Citibank.[10]  To receive an individually billed travel card from Citibank, eligible IRS employees must complete required training and sign an application.  By accepting the travel card, employees agree to use it only for official travel and related expenses while away from their official duty station for which they will submit a travel voucher for reimbursement.  In Fiscal Year (FY)[11] 2011, the IRS had approximately 52,000 individually billed travel card accounts[12] and about $121 million in related travel card charges.

Centrally billed accounts are corporate accounts issued to an agency business unit and may be used only to pay for common carrier transportation when an employee is authorized to perform official travel but did not receive an IBA (e.g., new employees who have not been issued a travel card or infrequent travelers).  Centrally billed accounts are paid directly by the Government to Citibank.  We did not include centrally billed accounts as part of this review.  This review was focused on the controls over IBA transactions incurred by employees for the purpose of identifying potentially fraudulent or abusive uses of an IRS travel card.

Office of Management and Budget Circular A-123, Appendix B, Improving the Management of Government Charge Card Programs, hereafter referred to as the Circular, prescribes policies and procedures to agencies regarding how to maintain internal controls that reduce the risk of fraud, waste, and error in Government charge card programs.  Appendix B, Chapter 6, of the Circular defines charge card misuse[13] and requires all agencies to perform the following:

·       Prior to issuing a travel card, all agencies must perform a credit worthiness review on new IBA travel card applicants.

·       Applicant must have a credit score of 660 or higher to receive a standard travel card; otherwise, travel card privileges[14] should be restricted.  

·       New travel card applicants must complete the required training prior to being issued a travel card.

·       Agencies must periodically evaluate the effectiveness of the controls put in place to mitigate the risks of payment delinquencies and charge card misuse.

·       Develop and impose disciplinary actions deemed appropriate by the agency in cases of charge card misuse. 

·       Initiate administrative and/or disciplinary actions for each occurrence of charge card misuse. 

·       Impose disciplinary action for charge card infractions, including removal for serious or repeated infractions.  Appropriate agency personnel may impose, but are not limited to, the following administrative and/or disciplinary actions for negligence, misuse, abuse, or fraud:  verbally counsel and issue a letter of counseling/reprimand to the employee; deactivate, suspend, or cancel employee travel card accounts; and impose additional disciplinary actions deemed appropriate by the agency.  Circumstances surrounding each case should be considered when determining the proper type of corrective, disciplinary/adverse action, if any, to be imposed.

Delinquency is the result of an employee’s failure to pay the charges incurred on his or her individually billed travel card in accordance with the terms and conditions of the issuing bank’s cardholder account agreement.  The travel card contractor will suspend an account once an undisputed transaction remains unpaid for 61 calendar days or more from the billing/closing date on the statement in which the unpaid charges first appeared.  The contractor will cancel an account once undisputed transactions remain unpaid for 120 calendar days or more from the closing date on the statement in which the unpaid charges first appeared.[15]  An account may also be canceled if it has been suspended twice during the preceding 12 months and becomes past due again.  The Travel and Transportation Reform Act of 1998 authorizes Federal agencies to offset up to 15 percent of an employee’s disposable pay at the request of the travel card contractor to collect delinquent balances.[16]  

In addition to Office of Management and Budget guidelines, Federal law states that the use of a scheme or artifice either to defraud a Federally chartered or insured financial institution or to obtain any of the monies, funds, credits, assets, securities, or other property owned by, or under the control of, such an institution may be prosecuted as criminal violations.  In addition, whoever knowingly executes, or attempts to execute, a scheme or artifice shall be fined not more than $1 million or imprisoned not more than 30 years, or both.[17]  Failure to timely pay travel card charges may also constitute a violation of the Standards of Ethical Conduct for Employees of the Executive Branch (5 CFR 2635).

IRS employees are required to have background investigations to determine their suitability for employment.  Employees must undergo investigative processing commensurate with the risk‑level designation associated with the work to be performed.  Human Capital Office staff review the work to be performed and use the Office of Management and Budget Position Designation Automated Tool to assign risk designations (low, moderate, or high) to positions of employees in accordance with the related criteria requirements.  The position risk levels are based upon potential impact on and/or damage to the efficiency of the IRS’s operations.  Typically, IRS employees have their background check and clearance reevaluated every five years.

The IRS assigned the Office of the Chief Financial Officer the responsibility of travel card program policy development.  The IRS Credit Card Services (CCS) Branch (part of Employee Support Services in the Agency-Wide Shared Services organization) has administrative oversight and program responsibilities for the IRS charge card programs.  These responsibilities include acting as the IRS liaison with Citibank and the Department of the Treasury for all aspects of its charge card programs, monitoring account activity, updating and testing internal controls and procedures, and providing training.  In addition, the CCS Branch is responsible for initiating appropriate action to notify Labor and Employee Relations (hereafter referred to as Labor Relations) of delinquent accounts and inappropriate travel card use.[18]  IRS managers are responsible for consulting with their servicing Labor Relations staff before meeting with a travel cardholder who is delinquent in payment of a travel card or who may have inappropriately used a travel card.  Disciplinary actions for unauthorized use are listed in the IRM and range from written reprimands to suspension without pay and removal from Federal service.  Each business unit determines the level of supervisory authority required for taking disciplinary or adverse actions in accordance with the IRS disciplinary action policies included in the IRS Manager’s Guide to Penalty Determinations.

This review was performed at the CCS Branch of the IRS Agency-Wide Shared Services organization in Nashville, Tennessee, during the period November 2011 through November 2012.  This review focused on individually billed travel card transactions and management controls in place during FYs 2010 and 2011.  The review assessed the design of travel card program controls, the effectiveness of the implementation of six key controls, and the adequacy of disciplinary actions by the IRS in response to identified travel card misuse.  We did not review controls over travel card delinquencies or rebate calculations as part of this audit.  We conducted this performance audit in accordance with generally accepted government auditing standards.  Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objective.  We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objective.  Detailed information on our audit objective, scope, and methodology is presented in Appendix I.  Major contributors to the report are listed in Appendix II.

 

Results of Review

 

Controls Are Designed Effectively but Do Not Include a Control to Identify Personal Use of Travel Cards While Employees Are on Official Travel

The CCS Branch established preventive and detective reviews to manage, monitor, and verify that cardholders are adhering to agency travel card policies and procedures when using their individually billed travel cards.  These controls are, in general, designed to verify that charges are made during official travel, to verify that cardholders’ business and personal data are current on Citibank reports, and to increase timely payment of individually billed travel card accounts.  Timely payment is important because late payment or nonpayment of travel card account balances due by IRS employees triggers contractual provisions allowing the bank to reduce rebates, causing the IRS to forfeit revenue in lost rebates.  However, the focus of the CCS Branch’s oversight reviews is to detect travel card transactions made outside of official travel.  Current oversight reviews are not designed to detect inappropriate personal use of the cards while employees are on official travel.  The lack of controls designed to detect personal use while employees are on official travel could result in undetected misuse of the travel cards.

Generally, controls over travel card accounts and transactions were effectively designed

IRS travel card controls are separated into two main categories, preventive and detective.  Preventive controls are designed to prevent misuse before it occurs and to verify that travel cards are functioning as intended.  Detective controls are designed to monitor transactions to detect noncompliance with travel card policies and regulations. 

Major preventive controls include requiring new applicants to complete travel card training and undergo a credit check, establishing travel card credit limits, assigning authorized merchant codes, and limiting cash withdrawal amounts from automated teller machines (ATMs).  IRS managers also indicated that cardholders are required to complete refresher training every two years, approximately three months prior to the expiration date of their travel card.  The standard credit limit for most cardholders is $5,000, and higher limits are provided for special circumstances, such as an extended period of travel or relocation.  A restricted travel card that does not allow cash withdrawals and limits certain miscellaneous expenses is initiated for cardholders where the credit rating did not meet the required score.  By setting appropriate credit limits on travel cards, the CCS Branch effectively reduces the amount of additional credit a cardholder has beyond what is required for official travel, which can reduce the risk of abuse.  The CCS Branch also identifies and assigns to each cardholder the necessary merchant codes that a traveler may need during official travel, such as lodging, restaurants, airlines, and car rentals, and blocks codes for purchases at inappropriate merchants such as liquor stores, vehicle repair shops, and jewelry stores.  Restricting purchases to merchants that are associated with normal travel expenses helps to prevent personal use for expenses not related to official travel.  The CCS Branch also limits cash withdrawals by a cardholder to $110 per day and $1,100 per billing cycle.[19]  By limiting the amount of cash available to a cardholder, the CCS Branch can effectively reduce the likelihood that cash could be used for expenses not related to official travel.

During FYs 2010 and 2011, the CCS Branch used a number of detective controls designed to identify travel card misuse.  The CCS Branch reviewed specific transaction types and date ranges to identify personal use of travel cards.  For example, the CCS Branch performed a review of ATM transactions on a quarterly basis from October 2009 through March 2011 and on a monthly basis from April 2011 through the end of FY 2011.  The quarterly reviews involved matching a random sample of the travel card ATM transactions to the travel voucher data to determine if the cardholder was on official travel.  In addition, in February and October 2010, the CCS Branch reviewed a random sample of all travel card transactions in those months to determine if cardholders were on official travel.  The CCS Branch also reviewed all transactions that occurred near the Christmas and New Year holidays in FYs 2010 and 2011 to determine if cardholder transactions occurred outside the period in which the employee was on official travel.  The combination of preventive and detective controls in place appeared to be designed effectively for preventing and identifying personal use of travel cards by employees while not on official travel.

Travel card controls are not specifically designed to detect misuse while on official travel

While preventive controls such as merchant code restrictions and credit limits may reduce the risk of personal use, the CCS Branch does not examine transactions that were incurred during official travel to identify those that appear to be inappropriate or for personal use.  Personal use of a travel card, regardless of whether the cardholder is on official travel, is misuse and should be identified and timely responded to by the IRS. 

During FYs 2010 and 2011, the CCS Branch detective controls focused primarily on verifying that transactions occurred during or near the official travel dates of cardholders.  These detective control reviews were performed periodically and on a sample basis.  The CCS Branch explained that, prior to FY 2012, they performed the transaction reviews based on a statistical random sample due to resource limitations and the volume of monthly card transactions extracted from Citibank’s online system.  However, the CCS Branch indicated that as of FY 2012, they have improved the travel card detective controls by implementing a 100 percent match of all travel card transactions to travel voucher and authorization data.  If this detective control is effectively implemented, it should identify transactions that did not reconcile to a voucher.  While this improvement may result in better coverage of transactions, the detective controls still primarily focus on identifying transactions that occurred while a cardholder was not in an official travel status, thus leaving the IRS vulnerable to inappropriate or personal use of travel cards by employees who are on official travel.  Effective controls must include reviews to detect personal use of travel cards while employees are on official travel.

Recommendation

Recommendation 1:  The Chief, Agency-Wide Shared Services, should develop and implement detective travel card controls designed to identify inappropriate or personal use travel card transactions that occur when cardholders are on official travel.

Management’s ResponseThe IRS agreed with the recommendation and will develop and implement a process to identify potential inappropriate or personal use of the travel card while the employee is in official travel status. 

Implementation of Travel Card Controls Detected Misuse, but Improvements Can Be Made

We found that the IRS was generally effective in implementing travel card controls.  However, in some instances controls were not implemented effectively, which increased the risk for misuse and resulted in some travel card misuse going undetected.  In order to determine the effectiveness of the IRS’s implementation of travel card controls during FYs 2010 and 2011, we selected six controls to review and reperform.[20]  Figure 1 provides details on each of the six controls reviewed.

Figure 1:  List of Controls Reviewed and Reperformed
by the Treasury Inspector General for Tax Administration

Control

Purpose of Control

ATM Withdrawal Limits

Preventive control designed to limit employees from exceeding a daily cash withdrawal of $110 per day and $1,100 per billing cycle.[21] 

Cancellation of Accounts for Separated Employees

Preventive control designed to verify that travel card accounts are closed for separating employees and to reduce the credit limit of travel cards to $5 for employees going into a temporary nonpay status.[22]

Non-Sufficient Funds (NSF) Check Identification

Detective control designed to identify instances of NSF checks sent by employees to Citibank for payment of their travel card statement. 

Identification of Large Personal Payments

Detective control designed to determine whether employees are inappropriately using the travel card and then making payments from their personal funds of over $1,000 to Citibank. 

Holiday Transaction Review

Detective control designed to identify personal use of the travel cards while employees are not on official travel during the holiday periods in FYs 2010 and 2011.[23]

Transaction Sample Review

Detective control designed to identify personal use of the travel card while employees are not on official travel on a sample basis for one month in FY 2010 and one month in FY 2011.[24]

Source:  Analysis of FYs 2010 and 2011 controls implemented by the IRS.

ATM withdrawal limits

We found that the IRS effectively limited ATM withdrawals by cardholders in general, but also found a few instances where controls were not effective due to the need for CCS Branch personnel to manually update account profiles or due to system failures.  The ATM control limits employees to a cash withdrawal of $110 per day and $1,100 per billing cycle.  During FYs 2010 and 2011, IRS travel cardholders made over 50,000 ATM withdrawals that complied with these limits.  However, we identified 133 instances, or less than 1 percent,[25] of cash advances for more than $110 per day and 92 instances,[26] or less than 1 percent, of ATM cash advances for more than $1,100 per cycle.  For the advances that exceeded daily limits, we found that the CCS Branch had failed to manually update account profiles to limit daily ATM withdrawals when account credit limits had increased.  Daily ATM limits are generally set as a percentage of the total credit limit.  For example, a card with a $5,000 credit limit would have a daily ATM limit of 2.2 percent, or $110.  However, if the credit limit is later increased to $10,000 due to frequent travel, the daily limit would then increase to $220 dollars per day, or 2.2 percent, unless the ATM limit percentage was manually adjusted.  The need for manual adjustments resulted in a breakdown of this control.  For the advances that exceeded monthly limits, we found that if employees made payments to their account in the middle of a billing cycle, the monthly ATM limit would then be reset.  When we brought this issue to the attention of the CCS Branch, they took immediate action to begin manually adding the restriction of $1,100 in monthly ATM withdrawals to each employee’s account profile regardless of when payments are made within the billing cycle.

Cancellation of accounts for separated employees

We found that the IRS effectively closed travel card accounts for cardholders separating from the IRS and reduced the limits for cardholders going into a temporary nonpay status.  For our review of the control over closing accounts for separated employees, we identified 2,246 employees [27] and found that the IRS effectively closed or reduced the limits on the travel cards for 2,242, or 99 percent, of the employees who separated or who went into a temporary nonpay status.[28]  The IRS was able to effectively close the travel card account or reduce the travel card credit limit to $5 because it effectively performed the control on a daily basis.  Timely cancelling the travel card for separating employees or reducing the credit limit from $5,000 to $5 for employees who go into a temporary nonpay status reduces the risk for misuse because employees do not have the ability to misuse the travel card.

NSF check identification

The IRS was moderately effective in identifying cases where cardholders wrote NSF checks against balances owed to the travel card vendor.  Our analysis of the NSF check control review for FY 2011 found that the IRS identified 110 (99 percent) of 111 of the NSF checks that we identified during our review.  However, during the FY 2010 NSF check control review, we found that the IRS did not identify 77 (36 percent) of 214 NSF checks due to errors in extraction.  This occurred because the IRS did not select the correct NSF code in the Citibank transaction data.  The errors caused misuse to go undetected and resulted in cardholders who wrote NSF checks not being referred to Labor Relations. 

Identification of large personal payments

We found that the IRS was somewhat effective in identifying instances of large personal payments made by cardholders.  During one billing cycle in FY 2011, the IRS reviewed payments greater than $1,000 on travel card balances made by cardholders from their personal bank accounts.  The review was performed to determine if the personal payments were necessary due to personal use of the travel card.  In most instances, personal payments are not necessary because travel card accounts receive payments for transportation and lodging expenses directly from the IRS when an employee files a travel voucher.  We found that there were 102 payments of more than $1,000 made by cardholders during the period reviewed, but the IRS failed to identify and investigate 45 of the payments.  The IRS failed to identify the payments because the process used for extracting the payments did not capture personal payments made through the vendor’s website.  As a result, the IRS did not have the opportunity to review the purchases associated with those payments to determine if personal use of the travel card occurred. 

Holiday transaction review

The IRS was only moderately effective in reviewing travel card transactions that occurred during the holiday time period for FYs 2010 and 2011.  The holiday transaction review is designed to detect transactions, including ATM and fuel purchases, which were made outside of official travel dates.  While the IRS correctly identified most of the transactions occurring during or near the Christmas and New Year holidays, the IRS failed to identify 114 transactions totaling $30,844.[29]  This occurred because the IRS extracted data off a Citibank report that uses the “posting date” instead of the “transaction date,” which prevented the IRS from extracting all of the transactions for the review.  Because transactions do not post on weekends, Christmas Day, or New Year’s Day, the IRS failed to identify and review a significant number of transactions that occurred on the dates they were attempting to review. 

In addition, the IRS also failed to refer a small number of transactions to Labor Relations for disciplinary action.  Our analysis found that the IRS travel card policy lacked specific guidance related to fuel purchases and ATM withdrawals.  During our review, we found that 13 fuel purchases and three ATM withdrawals should have been referred to Labor Relations because the charges did not fall during or near official travel dates.  For example, we found an employee who purchased fuel on December 24, 2009, and their closest dates of official travel ended six calendar days before, on December 18, 2009.  In addition, we found another employee who had an ATM withdrawal on December 31, 2009, but did not go on official travel until January 4, 2010.  Current IRS policies do not specifically address the advance purchase of fuel or withdrawal of cash, other than to say that travel cards are to be used only while on official travel.  However, an IRS “Frequently Asked Questions” guide did state that an employee can use the travel card to withdraw cash one day prior to the first day of official travel.  CCS Branch personnel agreed that there is a lack of understanding by employees as to when the travel card can be used to purchase fuel, and that they did not have an official policy on the matter.  The CCS Branch also stated that a time period of five calendar days prior to official travel is a reasonable period to obtain an advance from an ATM, but agreed that there was no official policy stating that time period was acceptable.  As a result of the lack of official policy for fuel and ATM use, we found that the controls did not effectively identify this potential misuse on a consistent basis. 

Transaction sample review

The IRS was also generally effective in reviewing a sample of transactions that occurred during two months in FYs 2010 and 2011.  The IRS performed the review by sampling transactions and comparing them to travel voucher data in order to determine if purchases occurred during, or were related to, official travel.  Of the 783 transactions reviewed by the IRS as part of this control, we found 19 transactions that were not handled appropriately.  Of these transactions, nine were related to fuel and ATM purchases similar to the problems noted above in the holiday transaction review.  The majority of the other exceptions were related to human error in the identification of potential misuse.  In these instances, the CCS Branch agreed that the transactions should have been referred to Labor Relations.

Recommendations

The Chief, Agency-Wide Shared Services, should:

Recommendation 2:  Work with the Chief Financial Officer to revise current policies and procedures to include steps to verify that daily ATM limits are maintained whenever credit limits are adjusted.

Management’s Response:  The IRS agreed with this recommendation and stated that it has already developed and implemented an internal procedure to ensure that the ATM percentage is changed appropriately at the same time the card limit amount is changed, effective March 5, 2013.  The IRS also stated that the procedure includes a weekly review of travel card controls in place to ensure that the ATM percentage is appropriate.

Recommendation 3:  Refer to Labor Relations any instances of travel card misuse identified by this audit (e.g., NSF checks written) that were not previously referred due to control failures.

Management’s Response:  The IRS agreed with this recommendation and will refer to Labor Relations the travel card misuse cases we identified that were not previously referred provided that the subjects of the misuse remain IRS employees.

Recommendation 4:  Review current detective control processes over holiday transaction reviews to determine whether current data extraction methods identify all transactions during the target time period and update the related procedures accordingly to reflect any control enhancement needs identified.

Management’s Response:  The IRS agreed with this recommendation and stated that it has already incorporated the review of holiday transactions into the 100 percent Travel Card Transaction Match process effective January 2012.  The date of report extraction has been corrected and identifies all transactions posted during the review period.

Recommendation 5:  Work with the Chief Financial Officer to develop policies that clearly state when employees are authorized to make ATM withdrawals and that provide a specific period in advance of or immediately following official travel dates when withdrawals are permitted.

Management’s Response:  The IRS agreed with this recommendation.  The Chief, Agency-Wide Shared Services, will collaborate with the Chief Financial Officer to develop a travel card use policy that includes the time period when employees are authorized to withdraw cash from an ATM.

Recommendation 6:  Work with the Chief Financial Officer to develop policies that clearly state when employees are authorized to purchase fuel with their travel card.

Management’s Response:  The IRS agreed with this recommendation.  The Chief, Agency-Wide Shared Services, will collaborate with the Chief Financial Officer to develop a travel card use policy that includes the time period when employees are authorized to purchase fuel with their travel card.

Disciplinary Actions for Travel Card Misuse Were Often Lenient and Did Not Result in a Reevaluation of Background Clearances

The vast majority of cardholders used their travel cards in an appropriate manner and paid their bills on time, which was evidenced by low IRS travel card delinquency rates.[30]  However, the CCS Branch identified over 1,000 cases of travel card misuse during FYs 2010 and 2011.  While the CCS Branch correctly referred misuse cases to Labor Relations, disciplinary actions against the employees were typically less severe than those recommended by the IRS’s penalty guidelines in approximately half of the 30 cases[31] reviewed.  In addition, the IRS lacked standard policies for referring employees who misused their travel cards to security personnel to determine if background checks, security clearances, and suitability for employment determinations required reevaluation.  As a result, employees who wrote NSF checks or had suspended and charged-off accounts received little or no disciplinary action in response to their misuse and did not have their background clearances reevaluated for suitability for employment.  The IRS’s penalty guide provides a range of disciplinary actions that can be applied for each offense.  On a case-by-case basis, there may be a level of variation in the disciplinary actions administered, depending on other aggravating or mitigating factors (e.g., past work performance, prior disciplinary record, or whether the misconduct is a first offense).  However, we determined that an overly lenient approach was taken in approximately half of the 30 cases we reviewed.  The lack of aggressive steps to address travel card misuse and the lack of a subsequent reevaluation of employee background checks and clearances reduces the overall effectiveness of controls over the travel card program and provides a reduced deterrent factor for travel card misuse.  In addition, employees with significant financial issues may present a security risk to the IRS.  Of particular concern is the fact that the IRS asks taxpayers to voluntarily pay taxes owed in a timely manner and yet was more tolerant when its employees became delinquent and defaulted on outstanding payments, violated the terms of the Citibank contract, abused a Government-provided resource (travel funding), and compromised the integrity of the IRS.  

Disciplinary actions in response to misuse of travel cards were not consistently within penalty guidelines

Sixteen of the 30 referrals of travel card misuse we reviewed showed that disciplinary actions by IRS managers did not fall within suggested guidelines listed in the IRS Managers Guide to Penalty Determinations.  In FYs 2010 and 2011, CCS Branch personnel referred over 1,000 cases of travel card misuse to Labor Relations personnel for disciplinary action.  Upon receiving a case from the CCS Branch, Labor Relations personnel review the referral to determine the facts of a case and whether there has been a prior disciplinary action for the employee.  They provide the responsible IRS manager with this information along with the prescribed disciplinary range as noted in the penalty guide and appropriate information from a review of case law and similar cases.  The manager then has the opportunity to discuss all of this information with Labor Relations.  Labor Relations personnel note that each case is evaluated on an individual basis, and case-specific circumstances will determine what disciplinary action is appropriate.  The IRM[32] states that it is the manager’s responsibility to determine if, and what type of, corrective discipline is warranted.  Managers are directed to consult with Labor Relations personnel for advice.  In addition, the IRM states that progressive levels of discipline should be used in cases of repeated abuse to help correct employee behavior.  Figure 2 below shows the progressive levels of disciplinary action recommended for travel card misuse.

Figure 2:  Suggested Penalties for Travel Card Misuse

Type of Misuse

First Offense

Second Offense

Third Offense

Making Unauthorized Purchases

Written Reprimand to Five-Day Suspension

Six- to 14-Day Suspension

15-Day Suspension to Removal

Failure to Pay Timely All Charges

Written Reprimand to Five-Day Suspension

Six- to 14-Day Suspension

15-Day Suspension to Removal

Source:  The IRS Manager’s Guide to Penalty Determinations.

The guidelines ultimately give managers the flexibility to deviate from suggested disciplinary actions depending on the facts and circumstances of each case.  As a result, we found that 16 of the 30 cases reviewed had disciplinary actions imposed on employees that were much more lenient than suggested in the IRS Manager’s Guide to Penalty Determinations

The 30 cases we reviewed included instances where a cardholder wrote three or more NSF checks, where cardholder accounts became delinquent and suspended, where accounts were placed into salary offset, and where accounts had single and multiple personal use transactions.  Cardholders received disciplinary actions that were not noted in their permanent personnel files, and others repeatedly abused their travel cards and received only a minimal level of discipline from managers.  For example, in one case, a cardholder wrote seven NSF checks within three months.  In response, the IRS manager proposed a one-day suspension but offered the employee the option of donating eight hours of leave and attending two credit counseling classes as the disciplinary action.  Neither of these responses was consistent with the recommended discipline of a minimum 15-day suspension.  In another case, a cardholder’s initial abuse of the travel card was only responded to with counseling and, subsequently, the same cardholder wrote an NSF check against the travel card account and continued to misuse the travel card.  As a result of the lenient disciplinary practices by IRS managers, cardholders were allowed to misuse their travel cards without serious consequences in some cases and thus may not have been deterred from future misuse.  Figure 3 provides examples from among the 30 cases we reviewed where travel card misuse was responded to with disciplinary actions less severe than the recommendations in the IRS’s own guidelines.

Figure 3:  Examples of Travel Card Misuse,
Recommended Penalties, and Actions Taken by the IRS

Travel Card Misuse
(Employee Grade and Position)

Recommended Penalty

Actions Taken by the IRS

Multiple Offenses – Seven NSF checks written against travel card account in FY 2011 (General Schedule-9 Tax Compliance Officer).

15-Day Suspension to Removal

Alternative discipline of donation of eight hours leave and attendance at two credit counseling classes.

Third Offense – Personal use of the travel card in FY 2010, delinquent and suspended travel card account in FY 2010, additional personal use in FY 2011, and additional delinquency in FY 2011 (General Schedule-13 Lead Information Technology Specialist).

15-Day Suspension to Removal

Suspension of less than 14 business days for the personal use and delinquency in FY 2011.

Multiple Offenses – Account delinquency in FY 2005, delinquency in FY 2008, NSF checks in FY 2011 (General Schedule‑14 Program Analyst).

15-Day Suspension to Removal

Written reprimand in response to two NSF checks and an account delinquency.

Second Offense – Delinquency in FY 2008 and NSF check in FY 2010 (General Schedule-13 Financial Program Consultant).

Six- to 14-Day Suspension

Written counseling in response to the FY 2010 delinquency and the NSF check.

First Offense – Single instance of personal use in FY 2010 (General Schedule‑13 Internal Revenue Agent).

Written Reprimand to Five‑Day Suspension

Letter closing the issue without action.  Letter not kept in employee personnel file.

Source:  Our analysis of CCS Branch’s misuse referrals and the IRS’s subsequent disciplinary actions.

Cardholders who misused their travel cards did not have background checks and national security clearances reevaluated

Of the over 1,000 referrals made during FYs 2010 and 2011 by the CCS Branch to Labor Relations personnel for travel card misuse, at least 785 cardholders had their accounts suspended or placed into the salary offset program due to significantly past due balances and NSF check payments to Citibank or had their accounts charged off.  Examples of some of the more senior positions occupied by these employees include:

·       Executive – Executive Schedule-00.

·       General Attorney – General Schedule-15.

·       Contract Specialist – General Schedule-14.

·       Internal Revenue Agent – General Schedule-13.

·       Criminal Investigator – General Schedule-13.

The IRS stated that it does not have a standard policy or process for either the CCS Branch or Labor Relations personnel to notify the IRS’s personnel security officials when these significant personal financial problems occur.  Instead, the financial issues would be identified during scheduled periodic reevaluations of background checks and security clearances that occur every five years.  As a result, we identified numerous instances where cardholders misused their cards and demonstrated the existence of significant personal financial problems yet retained their security clearances and were typically still employed by the IRS as of September 2012.  Employees in positions of responsibility who have accrued considerable debts or have other financial issues that may indicate the presence of other related problems are at increased risk of failing suitability standards for their positions.  As a result, delays in the reevaluations of employees’ background checks leave the IRS vulnerable to potential security risks.

We found that 15 cardholders with either secret or top-secret clearances had their travel card accounts suspended due to their failure to pay outstanding balances.  Two other cardholders with secret and top-secret clearances presented NSF checks to Citibank for payment of their travel card balance.  In addition, 94 cardholders serving in public trust positions requiring moderate and high-level background checks wrote one or more NSF checks, and 36 had their accounts charged off due to their failure to pay outstanding balances.  For example, a tax compliance officer wrote seven NSF checks in FY 2011 while occupying a position that required a moderate-risk background investigation.  In another case, an IRS revenue agent had his or her travel card account charged off in FY 2011 and has not had their moderate-level background check reevaluated since it was issued in FY 2006.  The fact that IRS employees occupy positions of public trust requiring national security clearances or moderate- to high-risk background checks while demonstrating the existence of significant personal financial problems is of concern.  When personnel are experiencing financial problems, they inherently present a greater risk to the IRS, especially when occupying positions that provide them access to sensitive information and taxpayer data.

We also found that the IRS did not attempt to recoup, through salary offset procedures, charged‑off account balances of former IRS employees who may have been receiving Federal payments through salaries at other agencies or through retirement benefits.  Collection of charged‑off account balances could help deter future abuse and strengthen the control environment over the IRS travel card program.[33]

Recommendations

The Chief, Agency-Wide Shared Services, should:

Recommendation 7:  Work with the Chief Financial Officer and IRS Human Capital Officer to develop and implement a policy where cardholders with evidence of significant personal financial problems associated with travel card misuse, including suspended accounts, issuance of NSF checks, and charged‑off accounts, are referred to the IRS Human Capital Officer for a reevaluation of background investigations, security clearances, and suitability for employment.

Management’s Response:  The IRS agreed with this recommendation.  The Chief, Agency-Wide Shared Services, will collaborate with the Chief Human Capital Officer and with the Chief Financial Officer to develop and implement a policy for reevaluation of background investigations, security clearances, and suitability for employment for cardholders with evidence of significant personal financial problems associated with travel card misuse.

Recommendation 8:  Coordinate with the other Federal agencies and the General Services Administration to collect charged‑off account balances from separated employees.

Management’s Response:  The IRS partially agreed with this recommendation.  The IRS currently utilizes all remedies available to support Citibank in the collection of outstanding debt before an employee separates from the IRS.  However, the IRS stated that it does not have the authority or responsibility to collect charged‑off credit card account balances from separated employees.

 

Appendix I

 

Detailed Objective, Scope, and Methodology

 

The overall objective of this audit was to assess the IRS’s controls to identify potentially fraudulent or abusive use of individually billed Government-issued travel cards.  To accomplish this objective, we:

I.                 Determined the account and transaction controls the IRS established to prevent and detect travel card misuse. 

A.    Reviewed the travel card regulations, policies, and procedures that govern the use of the travel card.

B.    Interviewed IRS personnel in the Office of the Chief Financial Officer and the CCS Branch, identified relevant audit criteria, and documented the policies, procedures, and practices used in regulating the travel card program for IBAs. 

C.    Documented how the communication of travel card policies and procedures to the appropriate IRS business unit managers and cardholders occurs, including any required training or travel card agreements, and what steps are taken to verify compliance with such policies.[34]

D.    Identified selected preventive and detective controls over these processes that may be pertinent to the deterrence of travel card fraud or abuse.

E.     Determined the CCS Branch’s roles and responsibilities in identifying and referring potentially fraudulent or abusive travel card use to Labor Relations or the Treasury Inspector General for Tax Administration Office of Investigations, and determined what administrative or disciplinary actions were taken when instances of travel card abuse or potential fraud were identified. 

II.               Identified, obtained, and performed reliability tests on electronic travel card transaction data and electronic data from other sources to use in the independent validation of travel card transactions.

A.    Obtained individually billed travel card transactions maintained by Citibank for October 1, 2009, through October 31, 2011.

B.    Obtained travel voucher data for all vouchers associated with travel beginning on September 1, 2009, through October 31, 2011.

C.    Obtained Automated Labor and Employee Relations Tracking System[35] data for October 1, 2009, through October 31, 2011.

D.    Performed data reliability tests on the data by conducting reasonableness checks to determine the completeness and accuracy of the data.  We determined that the data were sufficiently reliable for the purposes of this report.

III.             Determined if selected IRS preventive and detective controls over travel cards were working as intended and were effective in deterring travel card fraud or abuse. 

A.    Selected six preventive and detective controls to verify that the controls were working as intended.

B.    Reperformed selected CCS Branch oversight reviews of travel card usage and transactions and compared IRS results to our results.

1.     Reviewed ATM and Manual Cash Disbursements/ATM limits to determine if the CCS Branch controls effectively prevented travel cardholders from exceeding daily or monthly dollar thresholds for cash advances.

2.     Reviewed separated cardholder accounts to identify if the CCS Branch controls effectively closed accounts of separated employees.

3.     Reviewed cardholders with NSF payments to determine if the CCS Branch identified cardholders who had incidences of NSF checks for payments to their travel card account.

4.     Reviewed large personal payments (more than $1,000) to determine if the CCS Branch identified all cases.

5.     Reviewed holiday transactions to determine if the CCS Branch identified all holiday transactions and appropriately determined if cardholders were using their cards during the holidays while on official travel.  The holiday transaction review is designed to detect transactions, including ATM and fuel purchases, which were made outside of official travel dates.

6.     Reviewed two months of transactions to determine if the CCS Branch identified all transactions not associated with a matching travel voucher through their sampling process.

C.    Determined and documented potential travel card misuse and abuse:

1.     Documented instances where cardholders wrote NSF checks against their travel card balances.

2.     Documented whether cardholders who had their accounts suspended, charged off, placed into salary offset or who wrote NSF checks had a security clearance.

3.     When matching two months of transactions to travel vouchers, identified any additional transactions that did not match to voucher data that were not noted by the CCS Branch because of its use of sampling instead of 100 percent reviews of all transactions in the selected months.

D.    Identified weaknesses in the design or implementation of the controls tested and identified any additional controls that could be implemented to improve the IRS’s prevention and detection processes.

E.     Determined if the IRS’s responses to cases identified and referred by the CCS Branch are within the guidelines set forth in the IRS penalty guide.

1.     Within our audit period, identified all cases referred by the CCS Branch to Labor Relations for action.

2.     Selected a judgmental sample of 30 cases from the areas of travel card misuse (personal use), travel card delinquencies (delinquencies, suspensions, and salary offsets), and NSF checks.  A judgmental sample was used due to the volume of travel card cases referred to Labor Relations and the audit resources available.  A judgmental sample is a nonstatistical sample, the results of which cannot be used to project to the population of all travel card misuse cases referred by the CCS Branch to Labor Relations.

3.     Reviewed the actions taken by IRS management and Labor Relations and compared them to the IRS penalty guide.

4.     Identified if there are any trends or consistent variances between punishments and the penalty guidelines issued by the IRS.

5.     Identified examples, if available, where less severe responses to travel card misuse may have contributed to escalated abuse.

6.     Determined the impact of travel card misuse on employee security clearances and background checks.

Internal controls methodology

Internal controls relate to management’s plans, methods, and procedures used to meet their mission, goals, and objectives.  Internal controls include the processes and procedures for planning, organizing, directing, and controlling program operations.  They include the systems for measuring, reporting, and monitoring program performance.  We determined the following internal controls were relevant to our audit objective:  the IRS’s travel card policies and procedures that govern the use of the travel card and implementation of the controls to prevent and detect travel card misuse, the controls over disciplinary actions in response to identified misuse, and the related impact on security clearances and background checks.  We evaluated these controls by:  1) interviewing management and other employees involved in performing travel card reviews, 2) reperforming selected controls to verify that the controls are working as intended, 3) analyzing travel card transactions, and 4) reviewing disciplinary actions in response to identified travel card misuse.

 

Appendix II

 

Major Contributors to This Report

 

Gregory Kutz, Assistant Inspector General for Audit (Management Services and Exempt Organizations)

Nancy Nakamura, Assistant Inspector General for Audit (Management Services and Exempt Organizations)

Russell Martin, Acting Assistant Inspector General for Audit (Management Services and Exempt Organizations)

Alicia Mrozowski, Director

John Ledford, Audit Manager

Jonathan Meyer, Audit Manager

Heather Hill, Acting Audit Manager

Ahmed Tobaa, Lead Auditor

Tom Cypert, Senior Auditor

Deanna Lee, Senior Audit Evaluator

Melvin Lindsey, Auditor

Jeffrey Stieritz, Auditor

 

Appendix III

 

Report Distribution List

 

Acting Commissioner  C

Office of the Commissioner – Attn:  Chief of Staff  C

Deputy Commissioner for Services and Enforcement  SE

Chief, Agency-Wide Shared Services  OS:A

Chief Financial Officer  OS:CFO

IRS Human Capital Officer  OS:HC

Director, Employee Support Services  OS:A:ESS

Chief Counsel  CC

National Taxpayer Advocate  TA

Director, Office of Legislative Affairs  CL:LA

Director, Office of Program Evaluation and Risk Analysis  RAS:O

Office of Internal Control  OS:CFO:CPIC:IC

Audit Liaisons:

Deputy Commissioner for Operations Support  OS

Deputy Commissioner for Services and Enforcement  SE

Chief, Agency-Wide Shared Services  OS:A

Chief Financial Officer  OS:CFO

IRS Chief Human Capital Officer  OS:DC

 

Appendix IV

 

The Internal Revenue Service and Governmentwide Travel Card Delinquency Rates for Fiscal Years 2010 and 2011

 

The chart was removed due to its size.  To see the chart, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

Source:  Our analysis of the General Services Administration’s and the CCS Branch’s delinquency data.

 

Appendix V

 

Management’s Response to the Draft Report

 

DEPARTMENT OF THE TREASURY

INTERNAL REVENUE SERVICE

WASHINGTON, D.C. 20224

 

              CHIEF

     AGENCY-WIDE

SHARED SERVICES

 

March 29, 2013

 

MEMORANDUM FOR MICHAEL MCKENNEY

           ACTING DEPUTY INSPECTOR GENERAL FOR AUDIT

 

FROM:                            David A. Grant /s/ David A. Grant 

            Chief, Agency-Wide Shared Services

 

SUBJECT:                       Draft Audit Report - Travel Card Controls Are Generally Effective, but More Aggressive Actions to Address Misuse Are Needed (Audit# 201210006)

 

Thank you for the opportunity to respond to the draft audit report.  The overall objective was to assess the Internal Revenue Service's (IRS) controls to identify potentially fraudulent or abusive use of individually billed, Government-issued travel cards.  This review was conducted as part of the Treasury Inspector General for Tax Administration's Fiscal Year 2012 Annual Audit Plan and addresses the major management challenges of Fraudulent Claims and Improper Payments and Security for Taxpayer Data and Employees.

 

After reviewing the draft report, we generally agree with the recommendations and will develop and implement the corrective actions detailed in our attached responses to your eight recommendations.  Please note that some of the proposed corrective actions have already been implemented.

 

We appreciate the continued support and assistance provided by your office.  If you have questions, please contact me at (202) 622-7500.  If there are any technical questions, a member of your staff may contact Mary Beth Murphy, Director, Employee Support Services, at (202) 283-7784.  For matters concerning audit procedural follow­ up, please contact Larry Pugh, Office of Strategy and Finance, Agency-Wide Shared Services, at (202) 622-4541.

 

Attachment

 

Attachment

 

RECOMMENDATION #1The Chief, Agency-Wide Shared Services, should develop and implement detective travel card controls designed to identify inappropriate or personal use travel card transactions that occur when cardholders are on official travel.

 

CORRECTIVE ACTIONWe agree with this recommendation.  The Chief, Agency­Wide Shared Services (AWSS), will develop and implement a process to identify potential inappropriate or personal use of the Travel Card while the employee is in official travel status.

 

IMPLEMENTATION DATEAugust 1, 2013

 

RESPONSIBLE OFFICIALDirector, Employee Support Services, Agency-Wide Shared Services

 

CORRECTIVE ACTION MONITORING PLANEmployee Support Services (ESS) will enter accepted corrective actions into the Joint Audit Management Enterprise System (JAMES).  These corrective actions are monitored on a monthly basis until completion.

 

RECOMMENDATION #2:  The Chief, Agency-Wide Shared Services, should work with the Chief Financial Officer to revise current policies and procedures to include steps to verify that daily ATM limits are maintained whenever credit limits are adjusted.

 

CORRECTIVE ACTIONWe agree with this recommendation.  We have already developed and implemented an internal procedure to ensure the ATM percentage is changed appropriately at the same time the card limit amount is changed, effective March 5, 2013.  The procedure also includes a weekly review of Travel Card controls in place to ensure ATM percentage is appropriate.

 

IMPLEMENTATION DATECompleted

 

RESPONSIBLE OFFICIALDirector, Employee Support Services, Agency-Wide Shared Services

 

CORRECTIVE ACTION MONITORING PLANEmployee Support Services (ESS) will enter accepted corrective actions into the Joint Audit Management Enterprise System (JAMES).  These corrective actions are monitored on a monthly basis until completion.

 

RECOMMENDATION #3The Chief, Agency-Wide Shared Services, should refer to Labor Relations any instances of travel card misuse identified by this audit (e.g., NSF checks written) that were not previously referred due to control failures.

 

CORRECTIVE ACTIONWe agree with this recommendation.  The Chief, AWSS, will refer to Labor Relations the Travel Card misuse identified by TIGTA that were not previously referred provided that the subject of the misuses remains an IRS employee.

 

IMPLEMENTATION DATEMay 1, 2013

 

RESPONSIBLE OFFICIALDirector, Employee Support Services, Agency-Wide Shared Services

 

CORRECTIVE ACTION MONITORING PLANEmployee Support Services (ESS) will enter accepted corrective actions into the Joint Audit Management Enterprise System (JAMES).  These corrective actions are monitored on a monthly basis until completion.

 

RECOMMENDATION #4The Chief, Agency-Wide Shared Services, should review current detective control processes over holiday transaction reviews to determine whether current data extraction methods identify all transactions during the target time period and update the related procedures accordingly to reflect any control enhancement needs identified.

 

CORRECTIVE ACTIONWe agree with this recommendation.  We have already incorporated the review of holiday transactions into the 100% Travel Card Transaction Match process effective January 2012.  The date of report extraction has been corrected and identifies all transactions posted during the review period.

 

IMPLEMENTATION DATECompleted

 

RESPONSIBLE OFFICIALDirector, Employee Support Services, Agency-Wide Shared Services

 

CORRECTIVE ACTION MONITORING PLANEmployee Support Services (ESS) will enter accepted corrective actions into the Joint Audit Management Enterprise System (JAMES).  These corrective actions are monitored on a monthly basis until completion.

 

RECOMMENDATION #5The Chief, Agency-Wide Shared Services, should work with the Chief Financial Officer to develop policies that clearly state when employees are authorized to make ATM withdrawals and that provide a specific period in advance of or immediately following official travel dates when withdrawals are permitted.

 

CORRECTIVE ACTIONWe agree with this recommendation.  The Chief, AWSS, will collaborate with the Chief Financial Officer (CFO) to develop a Travel Card use policy that includes the timeframe when employees are authorized to withdraw cash from the ATM.

 

IMPLEMENTATION DATEJune 1, 2014

 

RESPONSIBLE OFFICIALDirector, Employee Support Services, Agency-Wide Shared Services

 

CORRECTIVE ACTION MONITORING PLANEmployee Support Services (ESS) will enter accepted corrective actions into the Joint Audit Management Enterprise System (JAMES).  These corrective actions are monitored on a monthly basis until completion.

 

RECOMMENDATION # 6The Chief, Agency-Wide Shared Services, should work with the Chief Financial Officer to develop policies that clearly state when employees are authorized to purchase fuel with their travel card.

 

CORRECTIVE ACTIONWe agree with this recommendation.  The Chief, AWSS, will collaborate with the CFO to develop a Travel Card use policy that includes the timeframe when employees are authorized to purchase fuel with their travel card.

 

IMPLEMENTATION DATEJune 1, 2014

 

RESPONSIBLE OFFICIALDirector, Employee Support Services, Agency-Wide Shared Services

 

CORRECTIVE ACTION MONITORING PLANEmployee Support Services (ESS) will enter accepted corrective actions into the Joint Audit Management Enterprise System (JAMES).  These corrective actions are monitored on a monthly basis until completion.

 

RECOMMENDATION #7The Chief of Agency-Wide Shared Services should work with the Chief Financial Officer and IRS Human Capital Officer to develop and implement a policy where cardholders with evidence of significant personal financial problems associated with travel card misuse, including suspended accounts, issuance of NSF checks, and charged off accounts, are referred to the IRS Human Capital Officer for a reevaluation of background investigations, security clearances, and suitability for employment.

 

CORRECTIVE ACTIONWe agree with this recommendation.  The Chief, AWSS, will collaborate with the Chief Human Capital Officer and with the CFO to develop and implement a policy for reevaluation of background investigations, security clearances, and suitability for employment for cardholders with evidence of significant personal financial problems associated with travel card misuse.

 

IMPLEMENTATION DATESeptember 30, 2014

 

RESPONSIBLE OFFICIALDirector, Employment, Talent & Security, Human Capital Office

 

CORRECTIVE ACTION MONITORING PLANHuman Capital Office (HCO) will enter accepted corrective actions into the Joint Audit Management Enterprise System (JAMES).  These corrective actions are monitored on a monthly basis until completion.

 

RECOMMENDATION #8The Chief of Agency-Wide Shared Services should coordinate with the other Federal agencies and the General Services Administration to collect charged off account balances from separated employees.

 

CORRECTIVE ACTIONWe partially agree with this recommendation.  The IRS currently utilizes all remedies available to support Citibank in the collection of outstanding debt before an employee separates from IRS.  IRS does not have the authority or responsibility to collect charged off credit card account balances from separated employees.

 

IMPLEMENTATION DATEN/A- Current Practice

 

RESPONSIBLE OFFICIALDirector, Employee Support Services, Agency-Wide Shared Services

 

CORRECTIVE ACTION MONITORING PLANN/A



[1] A 12-consecutive-month period ending on the last day of any month, except December.  The Federal Government’s fiscal year begins on October 1 and ends on September 30.

[2] Pub. L. No. 105-264.

[3] The Federal Travel Regulations, 41 CFR chapter 301-51.112, issued by the Administrator of General Services, governs travel and transportation allowances and relocation allowances for Federal civilian employees.

[4] The Internal Revenue Manual (IRM), 1.32.1.7.4 (2) (Feb. 2, 2012), states that official travel expenses exempted from mandatory travel card use are:  a) vendors who do not accept the travel card; b) laundry/dry cleaning;

c) parking; d) local transportation; e) taxis and tips; f) income tax reimbursement allowances related to long-term taxable travel; g) real estate transactions; h) relocation income tax allowances; i) meals; and j) other expenses that may be exempted but require written approval.

[5] IRS Delegation Order 1-49 grants authority to the Associate Director, Credit Card Services, to grant exemptions to frequent non-international travelers (two or more trips per year) if they believe they would incur a hardship if required to obtain and use the travel card.  The IRS Large Business and International Division approve exemption requests for international travelers.

[6] Examples of misuse/abuse may include:  personal use; use of the travel card for someone other than the specific cardholder; use while not on official Government travel; use in the cardholder’s local commuting area, if not in official Government travel status under a travel order/authorization; purchases from an unauthorized merchant; failure to pay undisputed amounts on time; failure to pay accounts with sufficient funds; and failure to properly use Government voucher reimbursements to repay travel expenses.

[7] IRM 1.32.4 (Oct. 17, 2012).

[8] CFO-IFM-03-07, effective April 15, 2003.

[9] Doc. 1500 (Rev. 08-2012) for use with IRM 6.751.1 (Nov. 4, 2008).

[10] Cardholders are offered the split disbursement option which allows a portion of their travel reimbursement from the IRS to be sent directly to Citibank to pay for travel-related expenses.

[11] A 12-consecutive-month period ending on the last day of any month, except December.  The Federal Government’s fiscal year begins on October 1 and ends on September 30.

[12] As of September 30, 2009, the IRS had 51,301 IBA travel cardholders, and as of September 30, 2011, the IRS had 51,974 IBA travel cardholders.

[13] Charge card misuse is use of a Federal charge card for other than the official Government purpose(s) for which it is intended.

[14] A restricted travel card does not allow cash withdrawals from automated teller machines and limits certain miscellaneous expenses.

[15] A charge-off is the removal of an account from a credit card issuer’s books as an asset after it has been delinquent for a period of time, usually 180 calendar days.  When an account is charged off, the credit card issuer absorbs the outstanding balance as a loss.

[16] The IRS’s travel card delinquency rates are well below Governmentwide averages.  See Appendix IV for details.

[17] 18 U.S.C. §1344 (Oct. 12, 1984).

[18] Labor and Employee Relations is a function in the Human Capital Office within the Workforce Relations Division.

[19] The billing cycle is usually between 25 to 30 calendar days.

[20] For the purposes of this report, we reperformed the IRS oversight reviews and compared our results to the IRS’s results.

[21] Citibank’s billing cycle begins on the fourth day of the month and ends on the third day of the following month. 

[22] This includes seasonal employees in nonpay status, employees in Leave Without Pay status for more than 60 calendar days, and employees in Leave Without Pay status for less than 61calendar days. 

[23] The IRS reviewed transactions occurring on Christmas Eve, Christmas Day, New Year’s Eve, and New Year’s Day.

[24] February and October 2010 were the two months selected. 

[25] The population of cash advances was 52,360 for FYs 2010 and 2011. 

[26] Of the 92 instances, 87 had no restriction in place and the remaining five had their credit limit increased without a corresponding decrease in the cash advance percent. 

[27] We selected two pay periods to review, December 20–31, 2009, and December 19–31, 2010.

[28] The remaining four accounts were not closed in a timely manner; however, no additional transactions occurred after the employees’ separation.

[29] In FY 2010, 108 transactions totaling $29,618 were not identified, and in FY 2011, six transactions totaling $1,226 were not identified.

[30] See Appendix IV for details on the IRS’s delinquency rates for FYs 2010 and 2011.

[31] The 30 cases were judgmentally selected and included 10 cases of travel card misuse, 10 cases of cardholders writing NSF checks, and 10 cases of cardholders with delinquent accounts, suspended accounts, or accounts placed into salary offset.  A judgmental sample is a nonstatistical sample, the results of which cannot be used to project to the population of all travel card misuse cases referred by the CCS Branch to Labor Relations.

[32] IRM 6.751.1 (Nov. 4, 2008).

[33] Salary offset procedures are prohibited in cases where a balance was included in a bankruptcy or a settlement agreement with a collection agency.

[34] IRM 1.32.4, (Aug. 1, 2007). 

[35] The Automated Labor and Employee Relations Tracking System contains information on employee actions referred to Labor Relations.