Many churches and other non-profit organizations now accept online and credit card contributions. Typically, the credit card transactions can be made through the organization’s website or through a kiosk located within the organization’s facilities. In recent months the availability of mobile pay devices has become more widely available. These devices allow the organization to use smart phones, tablets, or other devices for accepting payments. The most common providers of this technology are PayPal Here and Square. Typically, after signing an agreement with the company, the appropriate hardware will be provided to the organization, giving them the ability to accept mobile payments. There may be a charge for the hardware. And, the organization does charge a fee based on the dollar amounts that are processed.
While one’s first thoughts with mobile payments is the acceptance of contributions, mobile pay devices are more applicable for accepting payments for ticketed events, concessions, or other activities in “remote” locations. It is beneficial to the organization to have the ability to accept such payments as people today do not carry large amounts of cash with them. Although it is possible to accept contributions within the organization’s buildings using a mobile pay device, this is not recommended as there are better solutions for making credit card payments on site.
The organization should be aware that in accepting credit card payments they should make use of the “chip” technology that is becoming more readily available. Due to changes in how the credit card processing organizations operate, merchants not using the chip technology are subjecting themselves to an unnecessary level of liability in the event there are problems with the credit card.
When accepting mobile payments, the primary concern for the organization is security. The primary issue is the risk that the payments will not make it to the organization. In order to combat this risk, the organization should only allow official organization devices to be used. These devices should be conspicuously identified as organization devices. Secondly, the organization should control access to its account. Those using the devices, as well as anyone in the organization’s accounting department should not have access to the account.
The organization should post a notices stating that the charge will appear on their credit/debit card statement as “XXXXX.” This has the potential to alert the customer that the purchase was not credited to the proper merchant.
There should be a process in place to allow the organizers of the event to determine if the correct amount of money had been collected. For example, numbered tickets to the event are a good control device. If the ticket numbers began at “1” and the first remaining ticket is number “251”, then you should have collected revenue for 250 tickets. Checking the receipts for can help determine that all sold tickets are properly accounted for. Finally, use the technique of ‘management by walking around.” Oversight and supervision are useful in helping combat fraudulent activities.
Mobile pay technology is in its infancy and changes are likely to occur in the future. However, the basics of good internal control will remain.