Our objective was to assess the effectiveness of internal controls over Voyager fleet cards used in delivery operations in the Great Lakes Area.
U.S. Bank manages the Voyager Fleet Systems credit card program for the U.S. Postal Service, and actively monitors transactions to identify potentially fraudulent use of credit cards. Every Postal Service-owned vehicle is assigned a Voyager card to pay for fuel, oil, and routine vehicle maintenance. Monthly, site managers are responsible for reconciling card transactions identified as high-risk, such as purchases that exceed the fuel purchase limit.
The Great Lakes Area has 1,411 sites with 32,808 Voyager cards. The total amount charged to these cards in fiscal year (FY) 2016 was $67,005,537; transactions totaling $3,506,684 were flagged as high risk, requiring reconciliation. We selected the Great Lakes Area for audit based on the high fleet card costs and number of exception transactions.
What the OIG Found
Controls over Voyager fleet cards in the Great Lakes Area were not always effective. Our review and analysis of a proportional sample of 207 of the 94,044 exception transactions in FY 2016 and visits to 54 sites identified:
■ Site managers did not properly perform Voyager Fleet card reconciliations for 114 of 207 (55 percent) randomly selected high-risk transactions.
■ At 54 selected sites, 579 of 2,549 (23 percent) fleet cards were missing.
■ Site managers at 48 of 54 visited sites (89 percent) did not conduct a semiannual formal review of the employee Personal Identification Number (PIN) lists in the Voyager Fleet Commander Online (FCO) website. Additionally, during our fieldwork we identified:
■ 962 of 3,837 (25 percent) active PINs were assigned to employees that were either fired, retired or transferred to another unit;
■ 92 of the 3,837 (2 percent) drivers had multiple PINs assigned;
■ Supervisors shared their PINs with employees;
■ 344 of the 3,837 (9 percent) drivers did not have a current PIN assigned for their duty station and either used their old PIN or another driver’s PIN.
We made referrals to our Office of Investigations, as appropriate.
These issues occurred due to insufficient management oversight. Specifically, district management did not always ensure Voyager card monthly reconciliations were completed and certified for high-risk transactions listed on the Reconciliation Exception Report. Also, at 22 of the 54 selected sites, there were numerous temporary/detailed managers with little to no training or access to the Fuel Asset Management System (FAMS) to perform reconciliations and certify these transactions. Further, site managers were unaware of the required security controls to manage and secure fleet cards and employee PIN lists. We estimated the Great Lakes Area incurred $1.9 million in questioned costs for unsupported high-risk transactions in fiscal year 2016.
What the OIG Recommended
We recommended management ensure Site Managers/Reconcilers follow the Voyager Standard Operating Procedures for monthly reconciliations and provide access to FAMS. We also recommended management require site managers to report all missing Voyager fleet cards to Voyager/US Bank, and provide site managers with eFleet Card and Voyager Fleet Commander Online training in delivery units where needed.