OMB Memorandum M-13-21 and Charge Card Compliance Summary

GSA SmartPay® Smart Bulletin No. 021

UPDATE:

Effective Date

From Issuance through August 23, 2023

Business Line(s) Affected

Purchase, Travel, and Integrated

Introduction

The purpose of this Smart Bulletin is to provide a summary of the requirements contained in OMB Memorandum M-13-21 and to provide agency/organization program coordinators with a copy of the compliance summary document addressed in the memorandum.

Summary

On October 5, 2012, Public Law (P.L.) 112-194 ¹, entitled the Government Charge Card Abuse Prevention Act of 2012 was signed into law. The Act reinforces Administration efforts to improve the management of government charge card programs. The Act also requires that the Office of Management and Budget (OMB) review existing guidance and, as necessary, prescribe additional guidance governing the implementation of requirements contained in the Act.

On September 6, 2013, OMB issued Memorandum M-13-21, which provides supplemental guidance to OMB Circular A-123, Appendix B in the following areas: required safeguards and internal controls; reports on purchase card¹ and integrated card violations (purchase transactions only); and Inspector General (IG) risk assessments and audits. The chart below outlines the reporting requirements reflected in P.L. 112-194 and in OMB Circular A-123, Appendix B:

Implementation of the Charge Card Abuse Prevention Act of 2012 PL 112-194 and OMB M-13-21

The memorandum directs agencies to use the attached “Compliance Summary Matrix” to help ensure the required safeguards and internal controls are in place. The matrix details the internal control requirements stated in P.L. 112-194. Agencies are not required to submit the matrix to OMB. Agencies/organizations should review these requirements and compare them to existing internal controls within their implementation charge card program in order to document the operational effectiveness of current control activities. Instances of non-compliance should be documented as well as a summary of corrective actions to be taken to address shortcomings.

Executive agencies should maintain this compliance summary on-file along with related supporting documentation, as evidence of adequate control assurances. This compliance summary should also be available for IG reviews. Agencies should summarize the overall results in their completed compliance summary and internal control assurance assessments in their annual charge card management plans, beginning with their January 31, 2014, submission to OMB.

Note that the compliance matrix is designed to assist agencies in employing an effective charge card internal control program which is in balance with the need to maintain card flexibility and ease of use in support of agency mission activities. As a result, compliance with individual matrix criteria in and of itself is not as important as the effectiveness of an agency’s charge card internal control program overall.

Action

Agencies shall review OMB Memorandum M-13-21 and the attached “Compliance Summary Matrix” in order to assess and document compliance with P.L. 112-194 mandated internal controls as well as gaps and corrective actions.

¹ The Department of Defense is excluded from requirements contained in Sec. 2. “Management of Purchase Cards” of P.L. 112-194. The Department of Defense shall follow the requirements for purchase card management contained in Section 2784 of Title 10, United States Code, as amended by P.L. 112-194. The Department of Defense shall comply with all other Sections contained in P.L. 112-194, to include Sec. 3. “Management of Travel Cards,” and Sec.4. “Management of Centrally Billed Accounts.”