HomeMy WebLinkAboutItem No. 21 Credit Card Acceptance PolicyCity Council Agenda Report
City of Lake Elsinore 130 South Main Street
Lake Elsinore, CA 92530
www.lake-elsinore.org
File Number: RES 2019-20
Agenda Date: 6/25/2019 Status: PassedVersion: 1
File Type: Council ResolutionIn Control: City Council / Successor Agency
Agenda Number: 21)
Credit Card Acceptance Policy
adopt A RESOLUTION OF THE CITY COUNCIL OF THE CITY OF LAKE ELSINORE, CALIFORNIA,
ADOPTING THE CREDIT CARD ACCEPTANCE POLICY
Page 1 City of Lake Elsinore Printed on 6/2/2023
REPORT TO CITY COUNCIL
To:Honorable Mayor and Members of the City Council
From:Grant Yates, City Manager
Prepared by:Nancy Lassey, Finance Administrator
Approved by:Jason Simpson, Assistant City Manager
Date:June 25, 2019
Subject:Credit Card Acceptance Policy
Recommendation
Adopt Resolution No. 2019-___ entitled, A RESOLUTION OF THE CITY COUNCIL OF THE CITY
OF LAKE ELSINORE, CALIFORNIA,ADOPTING THE CREDIT CARD ACCEPTANCE POLICY
Background and Discussion
For best practices, the Government Finance Officers Association (GFOA) recommends that
governments formally adopt financial policies that provide guidelines with strategic intent for
financial stewardship. Financial policies should define boundaries, manage risk, clarify intent,
promote governance accountability, and define shared understanding. Though the City follows
internal procedure and policies for accepting credit and debit cards (payment cards)that are in
line with GFOA, a formal policy has not been adopted.
The City began accepting payment cards as a payment method in July 2005 during a time when
checks were the favored method by customers. As technology advanced and the business
environment changed, the use of payment cards has greatly increased. With the acceptance of
payment cards, costs incur by way of merchant fees. For the fiscal year 2005/2006 total annual
fees were roughly $15,000; whereas, today the average annual cost has increased to almost
$40,000 ultimately reducing revenue. The current average cost borne to the City is 2.75% of the
total amount of the payment card transaction.
The California Government Code Section §6159 et seq. (Code) allows government agencies to
accept payment cards and allows the government to recover costs through fees applied to the
cardholder; however, to recover these costs, a policy must be presented to Council.
Thus, the presented Credit Card Acceptance Policy provides direction to employees, contractors,
consultant, or agents who process payment card transactions on behalf of the City. To help
recover costs of processing payment card transactions, the policy initiates the Convenience Fee.
Credit Card Acceptance Policy
June 25, 2019
Page 2
Furthermore, the policy provides for automatic annualadjustments based on merchant cost
increases or decreases. The policy supports accountability,promotes good financial stewardship,
incorporates the Code, and allows the City to recover costs through fees.
Fiscal Impact
The fiscal impact resulting fromadoption of the Credit Card Acceptance Policy will offset costs by
initiating a Convenience Fee; thus, savings to the general fund.
Exhibits
A: Credit Card Acceptance Policy -Resolution
B: Credit Card Acceptance Policy
RESOLUTIONNO.2019-____
A RESOLUTION OFTHE CITY COUNCIL OFTHE CITY OFLAKE ELSINORE,
CALIFORNIA,ADOPTING THE CREDIT CARD ACCEPTANCE POLICY
Whereas,Government Finance Officers Association recommends governments formally adopt
financial policies that define boundaries, manage risk, clarify intent, promote governance
accountability, and define shared understanding;and
Whereas,aformal policy regarding acceptance of credit and debit cards as a method of
payment has never been presented to Council; and
Whereas,the City began accepting credit and debit cards as a payment method to customers in
July 2005 and has significantly increased since then; and
Whereas,payment card processing costs have increased and the average cost borne the City
is 2.75%of the total amount of each payment transaction; and
Whereas,California Government Code Section §6159 allows government agencies to recover
payment card processing costs through fees applied to the cardholder; and
Whereas,the City Council has determined that the Credit Card Acceptance Policy provides
direction to those who process payment card transactions on behalf of the City and is in the best
interest of the City and the communityto initiate the Convenience Fee to recover processing costs;
and
Whereas,the City Council acknowledges that the Credit Card Acceptance Policy provides for
automatic adjustments based on merchant cost increases or decreases; and
Whereas,the City Council desires to adopt the Credit Card Acceptance Policyof the City of
Lake Elsinore.
NOW,THEREFORE,THECITYCOUNCILOFTHECITYOFLAKEELSINORE,
CALIFORNIA,DOESHEREBYRESOLVEASFOLLOWS:
Section1.The attached City of Lake Elsinore Credit Card Acceptance Policy,is hereby
adopted and made a part of this Resolution.
Section2.ThisResolutionshalltake effectfromandafterthedateofitspassageand adoption.
PassedandAdopted onthis25thdayofJune,2019.
Steve Manos,Mayor
City Council Resolution No. 2019-_______
Page 2 of 2
Attest:
Mark Mahan
Deputy City Clerk
STATEOFCALIFORNIA )
COUNTYOFRIVERSIDE ) ss.
CITY OFLAKEELSINORE )
I, Mark Mahan, Deputy City Clerk of the City of Lake Elsinore, California, do hereby certify that
Resolution No. 2019-_____ was adopted by the City Council of the City of Lake Elsinore,
California, at the Regular meeting of June 25, 2019, and that the same was adopted by the
following vote:
AYES:
NOES:
ABSENT:
ABSTAIN:
______________________________
Mark Mahan
Deputy City Clerk
1
CITY OF LAKE ELSINORE
ADMINISTRATIVE POLICIES AND PROCEDURES:
CREDIT CARD ACCEPTANCE POLICY
Effective June 25, 2019
INTRODUCTION:
California Government Code Section §6159 et seq. (Code), permits government agencies to
accept credit cards and debit cards (payment cards) as a medium of payment for purchases and
services rendered by the City of Lake Elsinore (City). Furthermore, the code provides direction
as to procedures to follow and allowed fees to apply to the cardholder. The City supports the
acceptance of credit cards as payment for goods and services to improve customer service,
bring efficiencies to the City’s cash collection process, and increase the sales volume of certain
types of transactions.
In response to increasing incidents of identity theft, the major payment card companies created
the Payment Card Industry Data Security Standard (PCI DSS) to help prevent theft of customer
data. PCI DSS is the result of collaboration between the five major credit card brands to develop
a single approach to safeguard sensitive data. The PCI standard defines a series of best
practices for handling, transmitting, and storing sensitive data. PCI DSS applies to all businesses
that accept payment cards to procure goods or services. Payment card companies enforce
compliance with this standard.
Generally, noncompliance is discovered when an organization experiences a security breach
that includes cardholder data. Security breaches can result in serious consequences for the City,
including release of confidential information, damage to reputation, assessment of substantial
fines, possible legal liability, and the potential loss of the ability to accept payment card and
eCommerce transactions.
PURPOSE:
The Credit Card Acceptance Policy establishes business processes and procedures for accepting
payment cards that will minimize risk and provide the greatest value, security of data, and
availability of services within the rules and regulations established in the PCI DSS. Additionally,
these procedures are intended to ensure that payment card acceptance is appropriately
integrated with the City’s financial and other systems.
POLICY:
Acceptable Payment Cards and Process Methods
The City accepts Visa, MasterCard, Discover, and American Express credit cards as a form of
payment of amounts due, which includes debit cards with Visa or MasterCard logos. The City will
accept transactions through point-of-sale and eCommerce depending on the purchase or service.
Each process method requires a unique set of processes that safeguard against erroneous or
fraudulent transactions.
City of Lake Elsinore
Credit Card Acceptance Policy
June 25, 2019
2
Point of Sale Transactions
1. Credit card machines, Square Devises, Connect & Go Devises, and any other payment
processing devise used are to be secured and inaccessible to the public. However, a
customer's payment card should be visible to the customer at all times during the
transaction.
2. Prior to swiping the credit card:
a. Ensure that the payment card’s expiration date has not passed. Expired
payment cards must not be accepted.
b. Compare the name on the payment card to the cardholder's photo
identification. If the names do not match, the credit card must not be accepted.
3. Ensure that the amount charged to the payment card matches the transaction.
4. Signature must be obtained on the paper charge receipt or device. Compare signature to
the cardholder’s photo identification or signature on back of card. In the event of
unmatched signatures, the credit card transaction must be voided and the credit card
returned to the customer.
5. If the credit card's magnetic strip cannot be read, the card number may be keyed into the
credit card terminal. To reduce the risk of access to confidential credit card data, manual
imprints of the card must not be made.
6. If the customer is unable to make a point-of-sale transaction for a service that is not
available on the web, the customer may complete the Credit Card Customer Approval
Form in which the customer fills out and signs the form. After the payment is processed,
all but the last four digits of the card must be redacted or removed from the record.
7. If the authorization network (via the credit card machine or the Address Verification
Service) sends a "decline" or "no match" response, the credit card must not be accepted.
8. In all circumstances of declined or unaccepted transactions, return the credit card to the
customer and offer to accept another method of payment. Customers disputing the decline
or non-acceptance of the credit card should be referred to their bank.
Prohibited Payment Card Activities
The City prohibits certain credit card activities that include, but are not limited to the following:
1. accepting payment cards for cash advances
2. discounting a good or service based on the method of payment
3. adding a surcharge or additional fee to payment card transactions not identified in this
policy
4. using a paper imprinting system
5. maintaining the customers full hand written account number on file
City of Lake Elsinore
Credit Card Acceptance Policy
June 25, 2019
3
Large Transactions
Customers with transactions of $10,000 or more should be encouraged to pay by check rather
than by payment card to limit merchant fees the City pays. If the payer insists on using a
payment card for the transaction, the City is obligated to accept the payment card.
Refunds
When a good or service is purchased using a payment card and a refund is necessary, the
refund should be credited back to the credit card account that was originally charged. Under no
circumstances can the refund exceed the original purchase or amount of charge. Cash refunds
are prohibited.
In certain circumstances, a refund check may be issued with approval from the Finance
Division. Approval will be based the discretion of the Finance Division and the following
supplied documentation:
1. Written letter or email from the customer requesting the refund
2. Proof that the requestor is the owner of the card
3. Proof of mailing address with a utility bill or other such document
4. Original documentation of the purchase the customer requests the refund for
Chargebacks
The Code provides that if a transaction paid with a payment card is charged back to the City for
any reason, any record of payment made by the agency processing the transaction shall be
void. A receipt issued in acknowledgment shall also be void. The obligation of the cardholder
or account holder shall continue as an outstanding obligation as if no payment had been made.
Occasionally a customer will dispute a payment card transaction, ultimately leading to a
chargeback by the payment card bank. In a disputed case, the Finance Division will contact the
Department that initiated the original transaction to obtain additional information that
substantiates the disagreement or agreement of the chargeback. The Finance Division’s
System Administrator will follow through with a dispute or write-off depending on the findings.
Payment Card Imposed Fees
Per the Code, the City may impose a fee for the use of a payment card that is not to exceed the
costs incurred by the agency in providing payment card services. Costs may include, but shall
not be limited to, the payment of merchant fees or discounts. The governing body must approve
such fees imposed by a public agency.
A Convenience Fee will be charged on each payment card transaction based on a nominal
percentage of the total transaction. The Cardholder will be required to agree to the convenience
fee prior to completion of the sale on the terminal or website.
Merchant fees incurred by the City are a percentage of total amounts of payments processed.
To maintain the convenience fee at a level sufficient to cover ongoing costs, merchant fees shall
City of Lake Elsinore
Credit Card Acceptance Policy
June 25, 2019
4
be reviewed annually. The policy allows for automatic annual adjustments of increases or
decreases to the convenience fee on July 1 of each year.
Third-Party Payment Processors
The City currently contracts with third-party payment processers to accept credit card payments
on behalf of the City. The Administrative Service Department will work with the provider to ensure
that a complete and accurate recording of transactions, fees and deposit of monies takes place
in a timely manner. All third-party processors are expected to comply with PCI DSS.
Safeguarding of Confidential Data
1. Payment card records, including but not limited to , receipts , imprints, credit card
numbers , expiration date, card type, bank information, etc. are exempt from public
disclosure and shall not be disclosed by the City unless required via Court subpoena
or in writing by the City Attorney.
2. If processing of credit card data is provided by a third party on the City's behalf, the
service provider must be capable of maintaining the appropriate safeguards.
3. To the extent required by law, the City will attempt to notify payment card customers of
any breach of security, which has placed their confidential payment card information at
risk.
4. Cashiers and staff accepting payment cards on behalf of the City are subject to the PCI
DSS compliancy.
5. The City prohibits the transmission of cardholder data or sensitive authentication data via
email or unsealed envelopes through interoffice mail as these are not secure. Fax or
sealed envelope is acceptable.
6. The City requires that all external service providers that handle payment card information
be PCI DSS compliant.
7. The City restricts access to cardholder data to those with the business of “need to know.”
8. Full payment card information must not be recorded, maintained or viewable in any
computer system.
9. For paper media, cardholder data shall not be stored unless approved for legitimate
business purposes. When approved, paper media must be stored in a locked environment
within the Finance Division Office with access restricted to those with the business of
“need to know.”
Applicability
The policy applies to all City of Lake Elsinore employees, contractors, consultants, or agents
who, in the course of doing business on behalf of the City, accept, process, transmit, or otherwise
handle cardholder information in any format.