Skip to main content

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Smart Bulletin No. 034

Requests for JPMorgan Chase & Co. (JPM) GSA SmartPay 2® (SP2) Data


DateVersion History Action Log - Summary of Action/Changes
August 28, 2020Implementation of Smart Bulletin #34
February 23, 2024Revised for administrative updates

Effective Date

Effective upon issuance and shall remain in force until modified or rescinded.

Business Line(s) Affected

All Business Lines


The purpose of this Smart Bulletin is to detail the process which agencies serviced by JPM under SP2 should follow when requesting historical JPM SP2 data from the GSA Center for Charge Card Management (CCCM). This Smart Bulletin includes information on how to request JPM SP2 data from CCCM, the duration that data will be available, and the expected turnaround time for data requests.


PM was one of the three contractor banks supporting the SP2 program. The JPM SP2 contract was originally scheduled to end on November 30, 2018, but was extended twice. The last contract extension expired in May 2019. Section C.3.4, “Record Retention and Retrieval” of the GSA SP2 master contract, requires JPM to comply with the following record retention and retrieval requirements:

In addition to the record retention requirements of FAR 4.703, the Contractor shall be the Government’s agent for document repository as it relates to all transactions under the card program(s). The Contractor shall maintain electronic records of all transactions that exceed $25,000 for a period of 6 years and 3 months after final payment and for all transactions of less than $25,000 for a period of 3 years after final payment. Final payment is defined as the final payment for the particular charge under each agency’s/organization’s task order. The Contractor shall segregate this transaction information (i.e., transactions exceeding $25,000 and less than $25,000). Upon written request of the GSA Contracting Officer, the ordering Contracting Officer, the A/OPC, or the Internal Revenue Service with A/OPC knowledge and approval, the Contractor shall provide the requested information in an electronic format within 30 calendar days, unless otherwise specified, at no additional cost to the Government. In addition, Contractors shall provide online access to data for a minimum of 18 months after the transaction occurs.

Since JPM SP2 contract performance period ended and there is no longer a valid Authorization to Operate (ATO) in place, JPM was required to take their SP2 Electronic Access System (EAS), also known as “PaymentNet,” offline, resulting in JPM customer agencies under SP2 no longer being able to access PaymentNet data after July 2019. In addition, the Federal Information Security Management Act (FISMA) and GSA’s information technology security requirements impose further restrictions which do not allow the SP2 data to reside in JPM’s system without a valid ATO. As a result, GSA and JPM subsequently agreed that JPM would provide CCCM with relevant GSA SP2 data. Following the transmission of an SP2 data extract to GSA, JPM will move all SP2 data into long-term storage, which can only be accessed pursuant to legal and regulatory requirements. On May 6, 2026, JPM will purge all SP2 data from their systems.

Starting July 29, 2020, all requests for JPM SP2 data will be handled by CCCM. When requesting data from CCCM, agencies shall specify the following:

  • Purpose of the data request
  • Reporting period (e.g., fiscal year(s), quarter(s), month(s), etc.)
  • Desired data elements
  • Preferred file type for delivery (options include: .xlsx/.xls, .csv, or .txt)

When agencies submit proper data requests, CCCM will provide the requested information within 30 calendar days. Agencies can expect the data to be delivered in an email attachment (if the file size is 25MB or less) via the email address. If the file size is larger than 25MB, CCCM will discuss with the requesting agency on alternate delivery method that would be acceptable to both parties. Please note that the data will be encrypted should it contain sensitive information.


Agencies requiring JPM SP2 data should submit requests to CCCM through the following email:

Agencies should review their current card policies and guidance and update based on additional purchase card utilization opportunities available under the GSA MAS program.

An official website of the General Services Administration

Looking for U.S. government information and services?