C102: College Revenue and Cash

2. POLICY

The Policy Sponsor develops, maintains and implements standards and procedures designed to ensure that funds received by the College are documented, collected, deposited to College bank accounts, recorded accurately in the appropriate general ledger account, all in a consistent, timely manner, and that cash floats and petty cash funds are operated in an approved manner and are protected against loss.

3. REFERENCES

None.

4. ADDENDA

• Guideline A: COLLECTION, SAFEKEEPING AND RECORDING OF REVENUE
• Guideline B: CASH FLOATS
• Guideline C: PETTY CASH
• Guideline D: COMPLIANCE WITH PCI SECURITY STANDARDS AND SAFEGUARDING CREDIT CARDHOLDER DATA

---

Addendum: Guideline A: COLLECTION, SAFEKEEPING AND RECORDING OF REVENUE

Issued by: Manager, Financial Services

Effective: 2015-11-12

1. PURPOSE

The purpose of this document is to provide standards and guidelines for the collection, safekeeping and recording of College revenue in a consistent, timely manner resulting in accurate revenue records in appropriate general ledger accounts.

2. DEFINITIONS

College revenue: All revenue funds handled by employees in performing their duties at the College, including (by way of example) the following:

• Tuition fees,
• Bookstore sales,
• Proceeds for services including rentals,
• Proceeds from sale of assets,
• Restaurant sales,
• Admissions for special events

3. STANDARDS AND GUIDELINES

3.1. While the collection of revenue is the responsibility of Financial Services, many areas of the college will generate revenue through the sale of College goods and services. These sales may result in the immediate collection of proceeds and in other situations, customers are invoiced.

3.2. For invoiced tuition and tuition-related revenue, the Office of the Registrar processes payments to the student's accounts receivable balance. For invoiced non-tuition revenue, Financial Services processes payments to the customer's accounts receivable balance. In each application, the Office of the Registrar and Financial Services prepare the revenue for subsequent deposit to the College's bank account(s).

3.3. Non-invoiced revenue is prepared for deposit by the area receiving the revenue. Financial Services issues written procedures for the collection and recording of non-invoiced revenue to each revenue-generating unit. Two employees in each unit are familiar with this policy and procedures for collecting revenue. The supervisor of a revenue-collecting unit is responsible for ensuring that new employees performing revenue collection duties are aware of the relevant policies and procedures. Changes in procedures are not implemented without the written permission of Financial Services.

3.4. For invoiced revenue, the Office of the Registrar or Financial Services may issue a College receipt from the College financial system. For non-invoiced revenue, the revenue-generating unit may issue an approved College receipt. Approved College receipts are available from Financial Services.

3.5. Cash and cheques received by revenue generating units is stored in a secure location or locked cash-box during working hours and placed in a locked safe or cabinet for overnight safekeeping. Employees assigned to revenue collection duties are responsible for ensuring that funds received are stored in the appropriate location.

3.6. All funds collected will be submitted to Financial Services or, when located at an area campus, deposited in the College bank account(s) no later than:

• The following business day if the amount exceeds $500, or $1,000 for area campuses;
• No later than the last business day of the week; or
• When the revenue cannot be appropriately stored in a secure location, regardless the amount, the following day.

3.7. Funds are not forwarded through either the internal College mail system or Canada Post.

3.8. Cash collected is not used for the purchase of goods or services; the approved purchasing and payroll policies and procedures are followed for all purchases and payments.

3.9. Every transaction must involve College business; therefore, the personal cheques of staff or students are not cashed from funds collected.

3.10. To ensure that the appropriate general ledger account is promptly and accurately updated, Revenue collected by units for non-invoiced services is recorded in a Revenue Summary Deposit (RSD). An RSD is prepared on the same day as the revenue is submitted to Financial Services or deposited to the College's bank account(s). A separate RSD is prepared for each bank deposit.

3.11. Each revenue-collecting unit reviews their general ledger line account listings to verify that all funds received have been credited to the appropriate general ledger account. Errors are immediately corrected through an adjusting General Journal Entry or brought to the attention of Financial Services for corrective action.

3.12. Payment card transactions processed by the College, and any subsequent storage or deletion of payment card data by the College, complies with the current Data Security Standards established by the Payment Card Industry (PCI-DSS). See Guideline D: COMPLIANCE WITH PCI SECURITY STANDARDS AND SAFEGUARDING CREDIT CARDHOLDER DATA.

The budget manager of a College area that processes payment card transactions or that stores or deletes payment card data, is responsible (with support from Financial Services, Campus Security Services and Information Technology Services) for ensuring PCI-DSS compliance. These requirements extend to analogous forms of payment technology that exists today or may be developed (e.g., smart phone payment applications).

---

Addendum: Guideline B: CASH FLOATS

Issued by: Manager, Financial Services

Effective: 2015-11-12

1. PURPOSE

The purpose of this document is to provide standards and guidelines for the operation of College cash floats in an approved manner that is protected against loss.

2. DEFINITIONS

Cash float: An amount of cash advanced to an authorized College employee or agent employed in a retail department or cash-handling area of the College. A Cash float facilitates cash transactions that typically require that customers receive change.

3. STANDARDS AND GUIDELINES

3.1. A Cash float may be established upon written request from a budget manager to the Manager, Financial Services. The request includes the amount required, the purpose of the float, and the name of the custodian of the float. The Manager, Financial Services investigates the need for a float and may authorize an appropriate amount. A similar written request is required to change the amount of an established float.

3.2. Where currency (bank notes and coin) is received directly from customers in varying amounts with ongoing frequency, a cash register or point of sale system is used.

3.3. Cash floats are stored in a cash register or point of sale system during working hours and placed in a locked cabinet, vault or safe for overnight safekeeping. It is the responsibility of the Cash float custodian to ensure that the float is stored in an appropriate, secure location.

3.4. Cash floats at all times contain the authorized and issued amount of cash; only the currency denominations can change. Funds derived from other sources are not added to the float and are deposited as revenue.

3.5. Each Cash float transaction involves College business, and is not used for salaries, wages or honorariums. In addition, the float is not used as a source of temporary personal loans, for cashing personal cheques, personal purchases, or any other non-College purpose. Cash surpluses or shortages are reported immediately in writing, including any relevant details, to the Manager, Financial Services.

3.6. The float is accounted for on a daily basis as part of the daily cash register balancing and closing processes.

3.7. The Cash float custodian, or budget manager, upon termination of employment or internal job transfer of the custodian, informs Financial Services either of the name of the new custodian or that the float will be collapsed and returned to Financial Services.

3.8. Cash floats are subject to audit at any time by the College Internal Auditor, the Manager, Financial Services or other authorized members of Financial Services, and by the College External Auditors.

3.9. Both the Cash float custodian and the budget manager confirm the value of the float in writing to Financial Services as at March 31st of each year.

---

Addendum: Guideline C: PETTY CASH

Issued by: Manager, Financial Services

Effective: 2015-11-12

1. PURPOSE

The purpose of this document is to provide standards and guidelines for the operation of College petty cash funds in an approved manner that is protected against loss.

2. DEFINITIONS

Petty cash fund: A small amount of cash advanced to an authorized College employee or agent for the purchase or payment of minor items, usually less than $50, where a cash transaction is required or is more efficient than a purchase order or cheque.

3. STANDARDS AND GUIDELINES

3.1. A petty cash fund may be established upon written request from a budget manager to the Manager, Financial Services. The request includes the amount required, the purpose of the fund, and the name of custodian of the fund. The Manager, Financial Services investigates the need for a fund and may authorize an appropriate amount. A similar written request is required to change the amount of an established fund.

3.2. Financial Services provides written procedures for the reimbursement of petty cash funds. Petty cash reimbursement forms are available from Payment Services. Petty cash funds are to be maintained on an imprest system, that is, reimbursement claims together with receipts for all payments are submitted for the amount of disbursements from the fund. Reimbursement claims are initiated by the petty cash fund custodian and require approval by the budget manager before submission on a timely basis to Payment Services. Petty cash fund custodians are required to submit a reimbursement claim within three working days of the end of the College fiscal year or as otherwise instructed through Year End Guidelines. Payment Services audits each petty cash reimbursement claim before processing a cheque to replenish a fund.

3.3. Petty cash funds are stored in a locked cash box during working hours and placed in a locked cabinet, vault or safe for overnight safekeeping. It is the responsibility of the petty cash custodian to ensure that the funds are stored in an appropriate, secure location.

3.4. Each petty cash transaction involves College business, and is not used for salaries, wages or honorariums. In addition, the funds are not used as a source of temporary personal loans, for cashing personal cheques, personal purchases, or any other non-College purpose. Cash surpluses or shortages are reported immediately in writing, including relevant details, to the Manager, Financial Services.

3.5. The petty cash custodian, or budget manager, upon termination of employment or internal job transfer of the custodian, informs Financial Services of the name of the new custodian or if the fund will be collapsed and returned to Financial Services.

3.6. Petty cash funds are subject to audit at any time by the College Internal Auditor, the Manager, Financial Services or other authorized members of Financial Services, and by the College External Auditors.

3.7. Both the petty cash custodian and the budget manager confirm the value of the fund in writing to Financial Services as at March 31st of each year.

---

Addendum: Guideline D: COMPLIANCE WITH PCI SECURITY STANDARDS AND SAFEGUARDING CREDIT CARDHOLDER DATA

Issued by: Manager, Financial Services

Effective: 2015-11-12

1. OVERVIEW

The PCI (Payment Card Industry) Security Standards Council is an open global forum, launched in 2006, that is responsible for the development, management, education, and awareness of the PCI Security Standards that relate to merchant collection, processing and storage of cardholder data. As a Level 3 merchant, the College is obliged to meet the standards set by this body.

2. SCOPE

This procedure applies to any area within the College that collects, processes, transmits or stores credit card information.

3. ACCEPTANCE OF CARDHOLDER INFORMATION

3.1. Cardholder is Present

3.1.1. Card information is presented directly into merchant service provider approved POS terminals or swiped into the College Financial system.

3.1.2. Cardholder data is not electronically stored.

3.2. Cardholder is not Present

3.2.1. It is not common business practice to accept credit card payments over the telephone. However, if cardholder information is given over the telephone, the recording of the conversation, if any, is immediately erased.

3.2.2. It is not common business practice to accept credit card payments via email. However, if cardholder information is received via email, the IT department is contacted immediately so that all traces of the email can be removed from the College system.

3.2.3. A fax machine that receives hard copy cardholder data is kept in a secure location, access to which is limited to those who require it for processing purposes. A fax machine receiving virtual cardholder data is password protected.

3.2.4. Cardholder data is processed upon receipt.

3.2.5. If there is no valid business reason to retain the information, cardholder data is promptly destroyed.

3.2.6. If there is a valid business reason for maintaining cardholder data, the following storage and retention guidelines are followed:

• Sensitive Authentication Data (full magnetic stripe data, CVV/CVC, PIN) is never stored.
• Cardholder data (primary account number, cardholder name, expiration date) may be kept if the number is masked so no more than the first six or last four numbers are displayed. This includes cardholder data maintained in document management software.
• Cardholder information is available only to those employees who require access for business reasons. It is never shared with anyone else either within or outside the College.
• Cardholder data stored is destroyed after 12 months.

4. SAFEGUARDING CREDIT CARDHOLDER DATA

Managers of employees involved in the collection, processing, transacting or storage of cardholder data ensure such employees are familiar with and comply with the terms of this policy and procedure.