Policy 3-070 Payment Card Processing

Executive Summary

An ongoing phenomenon taking place on the University campus is the increasing proliferation of departments and units accepting credit cards for goods and services provided to students, staff, and the public at large. The increased acceptance and usage of these cards on campus has been accompanied over the past few years by significant initiatives within the payment card industry to address the safety and security of card information. These initiatives have given rise to a set of standards that require strict adherence by anyone accepting these cards, along with severe sanctions for anyone not adhering to these standards. Failure to comply in one area of campus could jeopardize that area’s ability to accept payment cards in the future, and would cause damage to the University’s reputation as a whole. Consequently, the University has increased resources within Financial & Business Services and the Office of Information Technology to monitor payment card activity more closely.

In addition to these changing environmental factors, the Internal Audit department recently performed an audit of this area, with the objective of evaluating policies, procedures, and internal controls related to the acceptance of payment cards on campus. One of the main recommendations coming out of that audit was to update and strengthen our own payment card policies. Because of the changing environment in the payment card industry, and the historically somewhat uneven implementation process of bringing on line new areas of credit card acceptance, the University must have a substantive policy statement to govern the administration of this critical business practice on campus. This new policy 3-070 attempts to address these needs.