By Janis Christensen, Managing Director, Mercury Associates, Inc.
[Editor’s Note: Fuel card fraud is a constant and growing threat that costs fleets hundreds of millions of dollars a year. Below, Ms. Christensen, a long-time fleet industry veteran and an executive with one of the nation’s leading fleet consulting firms, lists the ways in which fleets can investigate cases of fuel card fraud, the ways drivers try get around fuel spending controls, and what fleet managers can do to combat the threat.]
How Fleets Investigate Fleet Card Abuse
While the driver is typically “the cardholder,” in some cases, other fleet and non-fleet personnel may control multiple cards and, thus, be the cardholder. Investigations for abuse of retail purchases or consumption, in the case of on-site fueling, are through use of control limits (data) and measures to enforce proper cardholder behavior.
Control Limits
- Maximum number of transaction frequency per day or other cycle
- Maximum number of gallons for vehicle specification
- Limit hours to fuel
- Limit dollar amount of purchase
- Identify, but permit, fuel versus non-fuel items
- Limit fuel-only purchases at retail merchants
Enforcement Measures
- Policies, procedures, training, and education
- Signed cardholder agreement
- Written warning to cardholder of control limit violation
- Void card and notice to cardholder for control limit violation(s)
- Exception report management using control limits
- Internal and external audits
- Cardholder’s supervisor involvement
- PIN assignment (random, cannot be “guessed”)
- PIN security (no sharing, restricted access by others)
- Security cameras
- Involve security investigation personnel when appropriate
- Utilize undercover and/or camera surveillance when appropriate
Ways Drivers Attempt to Bypass Security Measures
Drivers circumvent security measures knowingly or unknowingly. The reasons are most often due to a lack of training or education, but also may be nefarious.
Driver Problem List
- Enter incorrect odometer
- Use card assigned to another vehicle
- Claim unawareness of proper procedure
- Mistaken use of fleet card (use for personal vehicle)
- Purchase unauthorized non-fuel items
- Fuel personal vehicles
- Resell fuel
- Collusion with merchant employee
What Fleet Managers Can Do
To maintain security, fleet managers must first develop, keep current, communicate, and enforce sound written policies and procedures that clearly define cardholder responsibilities. Next, fleet managers and cardholder supervisors need to identify the causes contributing to the security deficit in order to determine whether the cardholder 1) needs instructions or education; 2) requires remedial training; or 3) necessitates punishment for nefarious behavior. The training model shown in Exhibit 1 is often used by management trainers to distinguish between competent and incompetent behaviors and to determine appropriate and necessary actions to fix the deficit.
Exhibit 1 – Conscious-Competence Training Model
[Editor’s note: Ms. Christensen notes that famed psychologist Abraham Maslow makes two kinds of distinctions in human behavior: whether it reflects that a person knows the right thing to do or does not (is competent or incompetent);and whether it’s done deliberately or not (conscious or unconsciously) and According to this four-square grid, fuel card overspending can be a deliberate choice or the result of a lack of knowledge or failure to follow the proper procedures.]
Incompetent Behavior | Competent Behavior |
Conscious Incompetence (has awareness of the security deficit, but does it anyway) | Conscious Competence (making progress in fixing the security deficit) |
Unconscious Incompetence (ignorance of the nature of the security deficit) | Unconscious Competence (success, fully trained, no longer a security deficit) |
Regular reviews of cardholder activity using exception report data provides another level of security. This level of security requires use of a card that provides line item detail data and pump authorizations as shown in Exhibit 2. Exception irregularities should be shared with the cardholder’s supervisor in order for the fleet manager to determine the nature of the security issue.
Exhibit 2 – Fuel Data Required for Management of Vehicle Fleets
Authorizations Required at Pump
- Vehicle ID to authorize and track the vehicle fueled, total dollar purchase total, the date, time and location of the purchase, and the fuel type, grade and unit price.
- Driver ID to identify the driver, the type, name and location of the merchant, the fuel unit, quantity, retail amount and sales tax.
- Odometer reading requiring driver entry to enable managing cost per mile, miles per gallon and identify exceptions.
Another method that fleet managers may use to maintain security is through regular audits of fuel card practices and invoice payment processes. As a side note, fuel card fraud does not only occur at the cardholder level. Fuel card providers may overcharge for fees and transaction charges that are not in the agreement and/or may underpay fuel discounts. Vendor invoices should be checked on a regular basis.
Fleet managers who have on-site fuel facilities can also install security cameras to monitor cardholder behavior.