In this article
You might like
No items found.
See the latest spending trends for 25k+ companies on Ramp

Benchmark your company's expenses with Ramp's data.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Spending made smarter
Easy-to-use cards, spend limits, approval flows, vendor payments —plus an average savings of 5%.1
|
4.8 Rating 4.8 rating
Error Message
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Get fresh finance insights, monthly
Time and money-saving tips,
straight to your inbox
|
4.8 Rating 4.8 rating
Thanks for signing up
Oops! Something went wrong while submitting the form.
Ready to partner with Ramp?
Time is money. Save both.
Ready to partner with Ramp?
Time is money. Save both.
Ready to partner with Ramp?
Time is money. Save both.
Table of contents

Many companies think that by limiting the number of corporate cards they issue that they have more control over their finances. However, the exact opposite is true.


Imagine your typical department head: they likely have a single corporate card and probably 15–20 employees that work under them. What happens when these employees need to make a purchase? Ideally, the manager reviews the request and purchases the item with their corporate card. However, it is more likely that the manager doesn’t want to deal with the hassle and lets the employee borrow their corporate card. At this moment, corporate financial control is lost.


This scenario plays out more often than any organization would like to think or acknowledge. And, unfortunately, each time it happens, the company is exposed to security risks that can result in significant financial losses.


The 3 keys to organizational security

image

Source

Your company’s security hinges on something we call the “CIA triad” in infosec: 

  • Confidentiality - Is data accessible only by authorized users? 
  • Integrity - Is the data and information entered into your systems accurate? Is the data being altered or misused?
  • Availability - Are employees able to access the information they need when they need it?

You may be limiting the number of cards you issue to address these very issues, but ironically this actually exposes you to risk in every one of these areas. 

Confidentiality: Limiting cards exposes sensitive information

A corporate card is like the password to your email—it gives access to sensitive data. These days, we all know better than to share our passwords. So why aren’t we more vigilant about securing our corporate cards? 

When a card is out of view of the cardholder, being used by an unauthorized person, spending is out of their control and there is an opportunity for fraud. 

And this risk isn’t limited to the physical card being out of view. If cardholders share card information via email or other unsecured digital means, they don’t know where that card information is stored or how it is used. For example, an employee may share credit card information with a vendor via email, and that vendor can take the information and make fraudulent charges.

Integrity: Limiting cards creates a lack of visibility into spend

Here’s the thing about limiting the number of cards you issue:

In 99% of cases, you’re just limiting your visibility into your employees’ spending, not preventing overspending itself.


This is especially true if you use traditional corporate cards, like Amex, that aren’t backed by finance software to track real-time spending and automate receipt collection. There’s no easy way for you to track who’s spending company dollars, for what purpose, and get the documentation you need to close your books.  

Availability: Limiting cards creates friction and wastes time

Without their own card, many employees simply borrow a card or resort to spending out of pocket and filing for reimbursement. The manual process of submitting expense requests, waiting on approval, and submitting all of the required documentation creates a huge time drag for everyone.  


Manual expense processes don’t just create friction in terms of the acquisition of goods and services; they also create friction between controllers and employees.

Many employees get frustrated feeling like their organization will trust them to do their job but not spend the money necessary to do it.

Manual processes often feel like a hurdle rather than a safeguard.


On the flip side, controllers are put in an awkward position trying to headhunt people for missing documentation or spending that is outside of the corporate credit card policy. Due to lack of visibility, this often happens after the fact, creating even more strain on the relationship.

How to increase financial security without losing efficiency   

The idea of issuing corporate cards to all of your employees may sound like a catastrophe waiting to happen. And it certainly is—if it isn’t supported by the right controls and workflows.


But these days advanced corporate cards come with built-in automation that allows you to maintain financial security without sacrificing employee efficiency. That should be music to the ears of anyone working in infosec or finance!


Here’s how you can incorporate them into your security best practices. 

1. Issue virtual cards for specific business needs 

Automation makes it possible for finance teams to issue virtual cards in seconds. By issuing individual cards as business needs arise, you eliminate the need for people to share cards with unauthorized users. No more confidentiality issues. 


Spot an issue with how a card is being used? Simply disable it with a single click via your card software or easily implement controls to restrict its usage.  

image

2. Approve spending before it happens 

I don’t simply mean approving budgets every quarter. You can use automation to route card requests for approval before they get issued to ensure that company funds are being used for valid reasons. It also allows finance teams to track spending in real time, giving them the visibility they need.

image

3. Implement personalized card controls to prevent misuse

Once approved, set controls on cards to ensure they’re being used properly. For example, you can assign a virtual card for each software vendor and set a recurring spend limit for the amount that the employee expects to spend. Not only does this prevent employees from misusing cards but it also prevents vendors from stealing card details or overcharging. This best practice along with the one above covers you on the integrity front.

image


4. Get real-time alerts on suspicious transactions 

Another important aspect of organizational security is the ability to catch and act on issues in real time. We call this the “OODA loop”: observe, orient, decide, act. 


Most finance teams don’t have the time to inspect every minute transaction for fraudulent activity. Automation that triggers alerts for transactions over a certain amount helps finance teams close the “OODA loop.”

image

5. Allow all of your employees to request cards

Yes, really. With cards that prevent out-of-policy spending and real-time monitoring, you can finally issue company cards to all of your employees with confidence. People can do their work faster and more efficiently because they’re able to access the company budget they need for their projects, when they need it. Empower your employees.

image


Evolve your finance operations

The practice of sharing corporate cards has long been seen as a necessary evil because organizations want to move fast. But moving fast while putting your security at risk ultimately slows you down. Thankfully, finance automation removes the need to choose between control and convenience within your finance operations. Employees’ need for speed no longer has to come at the expense of your organization’s security.

Try Ramp for free
Error Message
 
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Information Security Lead, Ramp
Jonathan has served as a subject matter expert for security programs at a number of companies, specializing in cybersecurity risk and strategy.
Ramp is dedicated to helping businesses of all sizes make informed decisions. We adhere to strict editorial guidelines to ensure that our content meets and maintains our high standards.

FAQs

Why Abode's CEO, Tyler Bliha, chose Ramp over Brex

"The reason I've been such a super fan of Ramp is the product velocity. Not only is it incredibly beneficial to the user, it’s also something that gives me confidence in your ability to continue to pull away from other products."
Tyler Bliha, CEO, Abode

“Just do it:” How Bratjen Construction Modernized Processes, Saved Time, and Improved Accuracy with Ramp

“Prior to Ramp, we had a handful of cards that our owners and leadership had access to, but it was more of a trust based system. Ramp has allowed us to give cards to more people, but the controls in Ramp ensure that the cards are used properly.”
Michael Irvin, Director of Operations, Bratjen Construction

How MAGNA-TILES® implemented a corporate card program, reduced stress, and prepared to build with Ramp

"In my day-to-day, Ramp helps me resolve things quickly and expedite month-end close. From an overall holistic business standpoint, we now have the ability to quickly scale as we add new users. It’s kind of crazy how quickly things have grown here, and Ramp has been a great partner for us in that growth.”
Tim Borse, Assistant Controller, MAGNA-TILES

How Eventbrite streamlined processes and improved UX with Ramp

"The Ramp dashboard easily shows how many cardholders are paying for the same subscription. Now the procurement team has the information they need to negotiate a corporate package.”
Laura Moreno, Sr. Manager, Global AP, Eventbrite

How Boys & Girls Clubs of America improved efficiency, gained visibility over spend, and regained lost time with Ramp

How Evans Hotels saved time and gained spend visibility with Ramp

“Ramp has been a big win for us when it comes to transparency and visibility. If the executive team wants to dig into spend at a property or review purchases the teams are making, we can have that information really quickly and are confident it’s accurate.”
Caryn Fink, Director of Accounting, Evans Hotels

How Ramp became KIPP Nashville’s biggest financial win

"There was no fire drill for the beginning of the school year this year, because the schools had a process. Ramp will ingest the line items automatically, so no more manual import. It’s made the process so much easier."
Carey Peek, CFO, KIPP Nashville Public Schools