Receipting and Banking Guidelines


Application


These guidelines apply to all staff that receive cash, eftpos, credit card or online payments on behalf of the University or have responsibility for banking.

For guidance specifically related to receipting of tuition fees refer to the Student Services Online Training Guide and the Tuition Fees Processes: Policy-Receipting & Banking Procedures.

Purpose


These guidelines operate in conjunction with the Receipting and Banking Policy and describe the associated business processes. These processes are designed to ensure that appropriate financial controls are applied to the receipting of cash, eftpos, credit card and online payments to the University.

Contents


ONLINE RECEIPTS

  • Background
  • Business process
  • Recommended e-Commerce solutions
  • Costs
  • Responsibilities

OTHER RECEIPTS

  • Security
  • Segregation of duties
  • Cash
  • Cheques
  • Daily banking of deposits
  • Eftpos and credit card receipts
  • Daily balancing of departmental banking
  • Receipting methods
  • Refunds
  • Journal import to PeopleSoft Financials

Guidelines


ONLINE RECEIPTS

Background

  • The University uses DPS (Direct Payment Solutions) to receive online credit card payments.  DPS is a fully integrated, secure, online receipting portal.  It provides a secure environment for capturing credit card information that resides on a secure server owned and operated by DPS rather than being stored on the University’s server.

Business process

  • Any department wishing to receive credit card payments online (including establishment of a web page with shopping cart and access to DPS functionality)  must first complete a Receipting Online Credit Card Payments Application Form which must be approved by Financial Services.
  • Applications approved by Financial Services will be registered with ITS who will be responsible for certifying that all web pages established for online receipting of credit card payments have been created in accordance with the University’s Web Standards.
  • Financial Services will provide advice about the appropriate e-commerce solution (see recommended e-commerce solutions section).
  • System-generated receipts are produced for  each  online  payment  transaction,  based  on  a combination  of  the  specific  payment  details  and  the  pre-defined  data  contained  within  a particular 'shopping cart'.  Receipts can be printed by the cardholder at the time of payment, or re-printed by the department at any time.
  • Payments received are credited to the University's main bank account each night. The following morning, an allocation journal is prepared by Financial Services in accordance with the GL codes provided by each Department for their shopping cart(s).
  • Departments are responsible for running their sales reports and reconciling the data in this report to the journal created by Financial Services.
  • Refunds will be processed by the shop administrator of each department shop. All refunds need to be approved by the Shop Manager.

Recommended e-Commerce solutions

  • The following are the recommended E-Commerce solutions:

Service

Solution(s)

Selling physical or downloadable products

Big Commerce platform

Event (without numbered seating)

RightNow, SharePoint, Big Commerce platform

Event (with numbered seating)

Event management package, bespoke solution

Collecting library fines

Custom development to integrate with Payment Service Provider

Donations

Custom development to integrate with DPS, RightNow

Short courses

Course management package, Big Commerce Platform

Conference registrations

RightNow, SharePoint, Big Commerce platform

Fee collections

Custom development to integrate with DPS

  • If Big Commerce is chosen as the solution, Financial Services will help the department to set up the shop
  • If custom development or a special solution is required, the department must contact the Solution Architect Team in ITS for evaluation before engagement. The department must also contact the Security Team in ITS for Payment Card Industry Data Security Standard (PCI-DSS) compliance checking
  • Web pages may be customised for particular departmental activities but will be based on the standard jointly developed by Financial Services and ITS. Extra cost may be incurred for special customisation

Costs

  • There are a number of costs involved in the creation and operation of an online receipting website.
  • A standard Big Commerce shop is free to customise for UOA departments
    Extra customisation may incur extra costs with ITS
  • Initial set up costs will be charged back to the relevant department as follows:
    • setting up a DPS account $100
  • Ongoing costs will be charged to the relevant department as follows:
    • DPS transactional charges
    • merchant line fee $13 plus GST per month
    • merchant Fees (determined by each credit card company)
    • monthly fee (determined by each e-commerce solution)

Responsibilities

  • Departments - are responsible for complying with this policy and the related business process:
    • initiates implementation by completing the Ecommerce Shop Application form
    • discusses with Financial Services and ITS to decide the appropriate solution
    • watches online support video if Big Commerce has been chosen as the solution
    • reconciles sales reports with the journal prepared by Financial Services
    • approves and processes refunds
    • reprints and distributes receipts if necessary
    • maintain the shop - customer information, product updates etc.
  • ITS - actions only application forms approved by Financial Services, maintain a register of all official websites and certifies compliance with the Web Standards and PCI-DSS Compliance:
    • evaluates the best e-commerce solution
    • customises the shop to UOA default format
    • provides upload product template
    • customises the invoice format
    • installs SSL certificate
    • creates new URL for the shop
    • maintains a complete record of online receipting websites
    • maintains and promulgates Web Standards
  • Financial Services - owns the business process associated with online receipting and is responsible for maintaining the User Manual and associated documentation:
    • checks and approves application forms
    • configures the shop with departments
    • liaises with ITS for the customisation of the shop by raising remedy calls
    • liaises with ANZ for creation of merchant numbers
    • liaises with DPS for creation of sub UOA accounts
    • creates allocation journals for payments received
    • retains copies of completed application forms
  • Credit card holder – makes payment online for non-tuition fee related goods and services purchased from the University:
    • logs on to the University website
    • selects item(s) to purchase
    • enters personal details and credit card information
    • prints out copy of receipt for own records

Other Receipts


Security

  • Wherever possible, the University prefers to accept payment via credit card or eftpos rather than cash or cheques
  • Credit card information must not be stored electronically or in paper records in accordance with PCI-DSS requirements
  • Credit card information must not be sent or received through insecure channels such as emai,l instant messaging or social media. However, if credit card information is received by insecure channels then it must be deleted as soon as the payment has been processed and before replying or forwarding that message
  • Credit card information received by paper record such as fax, post or written down over the telephone must be blacked out with a marker pen, the document photocopied and the original shredded or disposed of
  • Departments receiving payments by fax must have a dedicated fax machine for receiving credit card information that requires a pin code to print the faxes to prevent unauthorised access to credit card information by staff and third parties 
  • Official monies must not be used to cash personal cheques
  • Official monies may not be loaned or borrowed
  • Access to cashiering functions in Student Services Online (SSO) and other electronic receipting systems must be controlled by individual operator passwords

Segregation of duties

  • There is a need for segregation of duties within the cash receipting function. A senior member of staff is to check that tills and eftpos terminals are balanced each day and that bank deposits are accurate
  • All payments are to be reconciled to the University’s bank account on a daily basis. Bank reconciliations are to be undertaken by someone other than the Cashier and must be signed off by a senior staff member
  • Access to safes and tills must be controlled and restricted to staff who are directly involved in processing remittances or the preparation of banking

Cash

  • Cash remittances will be accepted but must be separately identified as such when processing receipts
  • The total amount of cash to be banked on any given day must be balanced to the cash takings and recorded on the bank deposit slip (available from Financial Services)

Cheques

  • Cheques must be printed or stamped or crossed and marked ‘not transferable - pay The University of Auckland only’. The word ‘Bearer’ must be deleted
  • Cheques should not be accepted across the counter unless the address and contact telephone number of the payer is provided
  • A list of all cheques received must be attached to the bank deposit slip

Daily banking of deposits

  • Deposits are to be receipted and banked daily
  • A serialised bank deposit slip must be prepared for all cash and cheque deposits. Books of bank deposit slips are to be ordered through the Revenue Collection team in Financial Services
  • Financial Services has engaged a security company to collect University banking for depositing with ANZ each day
  • The security company’s customer receipts for each bag must be retained at each Cashiers’ Office to ensure that there is a complete audit trail from the point-of-sale to the General Ledger

Eftpos and credit card receipts

  • Eftpos equipment may only be installed at the University in consultation with Financial Services who will liaise with the bank regarding the allocation of merchant codes
  • Eftpos transactions must be identified by card type and balanced to the eftpos total each day
  • Credit card receipts must be made in accordance with PCI-DSS requirements as outlined in the Security section of these guidelines

Daily balancing of departmental banking

  • The username of the staff member who completes the daily banking must be entered onto the Cashiers’ Office balancing sheet
  • A copy of the Cashiers’ Office balancing sheet is to be forwarded to Credit and Collections via email at collections@auckland.ac.nz by noon of the next working day
  • These balancing sheets will be used by the Credit and Collections Administrator to reconcile to the bank statement
  • Any variances must be recorded accurately and reviewed by the Assistant Accountant – Shared Financial Services responsible for each Cashiers’ Office at least monthly. Exception reporting on variances is available from SSO

Receipting methods

  • Receipts for all student-related payments are to be processed in SSO
  • Any payments relating to invoices generated in Peoplesoft Financials must be forwarded to the Revenue Collection team in Financial Services for processing. These types of debtor payments are not to be processed by other departments

Refunds

  • No refunds are to be made unless the original receipt is produced by the claimant
  • Refunds can be made from the Cashiers’ Office however they must be made using the same tender type as the original payment. If the original payment was made by cheque, the refund can be in cash but ONLY after the bank has confirmed that the cheque has been cleared. Where the payment is for tuition fees then the refund is processed by PC banking
  • Refunds and voids are to be carefully monitored by the accountant responsible for each Cashiers’ Office. Exception reporting in SSO is to be used for this purpose

Journal import to PeopleSoft Financials

  • A separate cashier journal is generated for each of the cashier offices. These journals are imported into Peoplesoft Financials overnight
  • The journal created overnight from Student Financials is to be imported to the General Ledger before early morning on the next working day and posted before month end
  • Journal entries for cashier receipts are:
    • Reviewed by the cashier office and submitted for approval by Faculty Accountant/Finance officer
    • Cashier receipts are also reconciled daily to bank account by Shared Services and variances followed up with the relevant cashier office
    • If cashier receipt/bank account variance still exists when month-end bank reconciliation is done by Shared Services, the cashier office is followed up again until resolved

Definitions


The following definitions apply to this document:

Credit card information means all of the credit card numbers except the first 6 digits and the last 4 digits and the CV2 number (if applicable)

Eftpos means electronic funds transfer at point of sale

Payment Card Industry Data Industry Security Standard (PCI-DSS) is a standard the University must comply with because it accepts credit card payments. The standard was established by the payment card industry to define an appropriate set of security standards expected to be maintained by organisations receiving credit card payments

University means the University of Auckland including all subsidiaries

Key relevant documents


  • ECommerce User Application Form
  • Online Credit Card Payments - Request for Refund Form
  • Online Receipting User Manual
  • Receipting and Banking Policy
  • Receipting Online Credit Card Payments Application Form
  • Student Services Online Training Guide
  • Tuition Fees Processes: Policy -Receipting & Banking Procedures
  • Web Standards ECommerce Shop Application Form

Document management and control


Owner: Director of Finance

Prepared by: Financial Services

Approved by: Vice-Chancellor and Director of Administration

Date approved: 3 September 2014

Review date: 3 September 2016