TVA Corporate Card Audit

The OIG audited corporate card transactions totaling $17.3 million for the period March 1, 2014, through August 31, 2014, to determine if appropriate policies and controls were in place to mitigate the risk of charge card fraud and abuse. We found policies could be strengthened and appropriate controls put in place to mitigate the risk of charge card fraud and abuse. We also found there was no documentation to explain the various database tables or the contents of corporate card data fields in the Employee Reimbursement System (ERS). Additionally, potential cost savings may not be achieved due to insufficient tax-related data and confusion within the organization and among vendors regarding TVA's tax status. Our recommendations to TVA management included: (1) requiring annual training for approvers, (2) implementing multiple ERS modifications to strengthen automated controls and enhance compliance with policies, (3) reviewing potentially duplicate and ineligible transactions identified to determine if TVA was due reimbursement, (4) performing periodic review of ERS data to identify potentially ineligible charges, (5) evaluating the appropriateness of delegation of supervisory approval, (6) formally documenting ERS, and (7) determining which corporate card transactions are exempt from state and local taxes. TVA management agreed to or has taken actions to address some, but not all of our recommendations to mitigate the risk of charge card fraud and abuse.