Full List of Resources

• PO Terms and Conditions

Purpose: To provide Purchase Order terms and conditions.

Last Updated: January 11, 2021

• Purchasing agent assignments by ORG Code

Purpose: This file contains a table of purchasing agents by level 5 organizational code.

Contact Email: purchasing@charlotte.edu

Last Updated: See date in workbook tab

• New Purchasing Card eForm
• Edit Purchasing Card eForm
• Close Purchasing Card eForm

Purpose: The Purchasing Card (p-card) electronic forms (eForm) manage p-card accounts, including requesting new cards, updating account details and closing existing cards to ensure compliance with university policies.

• New p-card: Use this eForm to request a new p-card, e.g., if you are a new employee or transfer to a different department and your new position requires the use of a p-card.
• Edit p-card: Use this eForm to report p-card account changes, e.g., legal name change, change organization and fund codes assigned to the card, change spend control profiles, or change the reconciler or approver.
• Close p-card: Use this eForm to close an existing p-card account, e.g., if an employee transfers to another department, has terminated employment, the card is no longer used, or if card use is not in compliance with policy and supporting procedures.

Access: Use your UNC Charlotte login credentials to access this eForm.

Additional Resources: View the p-card eForm FAQs for more information.

Contact Email: purchasingcard@charlotte.edu

Last Updated: October 1, 2024

• Purchasing Card Manual

Purpose: Provides general Information and detailed procedures for card issuance and card processes, purchasing guidelines and documentation requirements.

Last Updated: January 8, 2025

Purpose: To provide information on the required training for the University’s Purchasing Card (P-card) Program.

Important Training Update, effective Wednesday, April 9, 2025:

• A new on-demand P-card user and biannual accountholder training is now available in the University’s Learning and Development Portal.
• Action Required: All P-card accountholders are required to complete this training to comply with the UNC System Office’s mandatory bi-annual P-card training requirement.
• Refer to this article on the Financial Services website for more details.
• Please note that the instructor-led P-card user training has been discontinued. 

Reference the P-card Manual for general information and detailed procedures for card issuance and card processes, purchasing guidelines and documentation requirements.

Contact Email: purchasingcard@charlotte.edu

Last Updated: April 11, 2025

• Purchasing Card Reference Guide (PCRG)

Purpose: This guide is meant to serve as a one-stop reference for purchasing card (p-card) users and combines multiple resources into one document.

Last Updated: August 8, 2024

• UNC Charlotte Purchasing Manual

Purpose: The purchasing manual is an official guide for the departments, schools, divisions, offices, and other organizational entities of UNC Charlotte. These policies should be used for the procurement and handling of supplies, materials, equipment, and services as directed by the General Statutes of the State of North Carolina and as stated in University Policy 601.11, Purchasing Policy.

Please contact Purchasing office if your specific question is not covered.

As purchasing policies or procedures change, this webpage will be updated. Please bookmark this site and refer to it often.

Scott Brechtel, Director of Materials Management

Contact Email: purchasing@charlotte.edu

Last Updated: March 10, 2025

Red Flag Detection Form

Purpose: Please complete and submit this form when an identity theft Red Flag is detected in the course of University operations.

Last Updated: October 26, 2023

Overview

The Red Flags Rule (Rule) was issued in 2007 by the Federal Trade Commission (FTC) after the Fair and Accurate Credit Transactions Act (FACTA) added provisions to the Fair Credit Reporting Act (FCRA) designed to improve the accuracy of consumers’ credit-related records and directed the FTC to issue guidelines for financial institutions and creditors regarding identity theft with respect to their account holders and customers. The Rule is actually three different but related rules, two of which apply to the University.

The Rule requires financial institutions and creditors that offer or maintain one or more covered accounts to implement a written Identity Theft Prevention Program (ITPP) designed to detect, prevent, and mitigate identity theft. Red Flags are suspicious patterns or practices or specific activities that indicate the possibility that identity theft may occur. The University’s ITPP was initially approved by the University’s Board of Trustees in 2009, and last revised in 2022. All departments, colleges, and units who are involved with handling Personally Identifiable Information (PII) in connection with the opening of covered accounts and with respect to existing covered accounts must comply with the University’s ITPP and develop reasonable processes and procedures to verify the identity of persons for whom services are being provided and to detect, prevent, and mitigate any instances of identity theft.

The Rule also requires a user of a consumer report to employ reasonable policies and procedures when the user receives a notice of address discrepancy. Therefore, to prevent identity theft regarding an employment or volunteer position for which a credit or background report is sought, University personnel shall take the following steps to assist in identifying address discrepancies:

• Require written verification from any applicant that the address provided by the applicant is accurate at the time the request for the credit report is made to the consumer reporting agency; and

• If notice of an address discrepancy is received, verify that the credit report pertains to the applicant for whom the requested report was made and report to the consumer reporting agency an address for the applicant that the University has reasonably confirmed is accurate.

Other links of interest

• Full text of the FTC’s Fair Credit Reporting Act FCRA 15 U.S.C. §§ 1681-1681x, as amended by the Fair and Accurate Transaction Act of 2003 (effective Sep. 1, 2011)
• Full text of the FTC’s Red Flags Rule FTC 16 CFR Part 681, as amended by the Red Flag Program Clarification Act of 2010 (effective Jan. 1, 2011)
• SEC and CFTC’s final Identity Theft Red Flags Rule rule (effective May 20, 2013)
• Other FTC resources:
  • Fighting Identity Theft with the Red Flags Rule: A How-To Guide for Business
  • Consumer Information on Identity Theft
  • Protecting Personal Information: A Guide for Business
• NACUBO Red Flags Rule resources
• IRS site on Identity Protection
• NC Identity Theft Protection Act of 2005, via S1048
• UNC System Guidance (Feb. 2009)

---

UNC Charlotte Procedures and Forms

Red Flags Rule Annual Survey, to be completed by Key Areas (as defined in Procedures).

Red Flag Detection Form, to be completed if Red Flags are detected in the course of University operations.

Note that, while Key Areas must comply with the University’s ITPP, from a Red Flags Rule risk management perspective, all employees who are involved with handling PII must comply with the following procedures related to information security and fraud prevention.

Protection of Personally Identifiable Information

To further prevent the likelihood of identity theft occurring during the conduct of University business, the University will take the following steps with respect to its internal operating procedures to protect PII:

• Ensure that its website is secure or provide clear notice that the website is not secure;
• Ensure complete and secure destruction of paper documents and computer files containing individual account information when a decision has been made to no longer maintain such information;
• Ensure that office computers with access to PII are password protected;
• Ensure that laptops are password protected and encrypted;
• Avoid use of social security numbers when possible;
• Ensure the security of physical facilities that contain PII;
• Ensure that transmission of PII is limited and encrypted when necessary;
• Ensure computer virus protection is up to date; and
• Require and keep only the kinds of individual information that are necessary for University purposes.

Hard Copy Distribution

Each employee and contractor performing work for the University will comply with the following security measures related to hard copy files with PII:

• File cabinets, desk drawers, overhead cabinets, and any other storage space containing documents with PII will be locked when not in use, when unsupervised, and at the end of each workday.
• Clear desks, workstations, work areas, printers and fax machines, and common shared work areas of all documents containing PII when not in use.
• Whiteboards, dry-erase boards, writing tablets, and other writing surfaces in common shared work areas with PII will be erased, removed, or shredded when not in use.
• When documents containing PII are discarded, they will be placed inside a locked shred bin or immediately shredded using a mechanical crosscut or Department of Defense-approved shredding device. Label locked shred bins as “Confidential paper shredding and recycling.”

The following can be used to educate your staff regarding the Red Flags Rule and University’s ITPP:

• UNC Charlotte’s Red Flags Rule – ITPP Procedures include definitions and specific actionable items on how to prevent and mitigate identity theft, including a “Red Flag Identification and Detection Grid.”
• For information about data classification and handling, visit the Standard for Information Classification.

Last Updated: September 30, 2024

• Return Goods Form

Purpose: This form should be used to notify Purchasing that goods need to be returned to a vendor.

Last Updated: June 6, 2015

Origins

Campus divisions and departments are ultimately responsible for the accuracy and timely submission of personnel action forms including Personnel Distribution forms (PD7) and time records. Failure to do so may result in overpayments to employees, creating an unnecessary financial burden on the department.

Payroll Calendar & Due Dates: Each year, Payroll provides monthly and bi-weekly schedules for the upcoming year, including deadlines for receiving personnel action forms and time records. The Payroll Calendar is readily available on Payroll’s website.

Supervisors: All supervisors must communicate information about search postings, hiring recommendations, terminations, leaves of absence, pay rate changes, etc. to their department’s Business Officers in a timely manner. The supervisor is then responsible for ensuring that the information is submitted through the proper approval process (e.g., through the Graduate School, Office of Academic Budget & Personnel, Human Resources and/or Payroll) prior to the “Paperwork Due to Payroll” date (in Payroll Calendar). Since some of the personnel action documents must have multiple approvals before delivery to Payroll for processing, departments may need to anticipate review time or simply monitor the status of the personnel action to help prevent potential overpayments and ensure new/current employees are paid timely.

Overpayment & Collection Process

If the employing department becomes aware of a potential overpayment, Payroll should be contacted immediately, and this overpayment form must be completed. Upon notification, Payroll will:

• Gather the supporting documents and calculate the overpayment on a gross-to-net basis. The employee is only required to repay the net amount if repayment can be accomplished within the same calendar (tax) year. If repayment crosses the calendar (tax) year, the gross amount must be repaid.
• Send written notification to the employee, with a copy to the employing department, detailing the overpayment and the University’s expectation for collection. This includes notification of North Carolina General Statute 147-86.23 which outlines the University’s right to add interest & penalties to past due accounts. Effective January 1, 2015, the University will assess a one-time 10% late payment penalty and accrue interest charges at 5% annually unless payment is received or a payment plan has been agreed to by both parties within 30 days of the notification date.
• For Repayment Options: Contact Payroll (Note: Current employees will have their overpayment collected through a payroll deduction, unless other payment arrangements are made.)

Most of the time, individuals make repayment arrangements within 30 days of being notified; however,

• If Payroll has not received a response after 30 days, the overpayment is considered past due and a second communication is sent, indicating interest and penalties will begin unless repayment arrangements are made immediately.
• Students with a past due overpayment will have a registration hold placed on their account until payment is made. Once the overpayment is 30 days past due, the student will be denied readmission, transcripts, diploma, etc. until payment is made.
• If no response is received after 60 days past due, then the Controller’s Office notifies the State of North Carolina Attorney General’s (AG) Office of the debt. The AG’s office then sends a final communication to the employee for collection. The Controller’s Office will also refer the debt to the North Carolina Department of Revenue (NCDOR), under North Carolina General Statute 105A-3(b), to have it deducted from the employee’s State income tax refund according to the Set-Off Debt Collections Act (SODCA).
• If no response is received to the AG’s letter within 90 days, then the University may turn the debt over to a state-approved collection agency.

Once full repayment is received, the funds are returned to the department and updates are made to the employee’s gross pay, taxes, deductions, and benefit records. If needed, an amended Form W-2 is issued.

Contact Email: payrolldept@charlotte.edu

Last Updated: June 22, 2021

Salary Overpayments Form

Purpose: Use this form to report an employee salary overpayment. Note that departments are responsible for informing current and former employees that they were overpaid. The department is also expected to let such employees know that Payroll will be in touch with them regarding the balance owed. The employee should be expecting an overpayment invoice BEFORE Payroll makes contact with them.

Contact email: PayrollDept@charlotte.edu

Last Updated: June 22, 2021

• North Carolina Sales and Use Tax Exemption Certificate (2025)

Purpose: To provide the sales and use tax exemption certificates on file with UNC Charlotte’s Tax Office. The University is exempt from North Carolina sales and use tax for qualifying purchases.

Contact Email: taxoffice@charlotte.edu

Last updated: February 27, 2025

Signature Authority Policy

Purpose: Clarifies the source of all University signature authority, the responsibilities of those individuals to whom University signature authority has been delegated, and the consequences of signing Contracts without the appropriate signature authority.

Last Updated: August 18, 2017

Social Security Administration

Social Security website helps individuals get secure access to the information they need.

Last Updated: November 10, 2014

Payment method

The primary method for purchasing computer software is to use 49er Mart, but purchasing card (p-card) use may also be acceptable on a case-by-case basis. However, before moving forward with any software or IT-related purchase, it must be reviewed and approved by OneIT. To begin this process, employees must complete the Software & IT-Related Request Form available in the procedures list below and on the OneIT website. Once the form is submitted, OneIT will immediately begin their review. The Requestor and the Purchasing Office will be notified once their review is complete. If approved, the Purchasing Office will let the campus department know to complete the purchase.

Additionally, guidance is available on paying for mobile communication device (MCD) apps.

Rationale and other considerations

Orders are processed online through a web browser, depending on the type of supplier used. To begin, choose a supplier, select items and place them in your virtual shopping cart. After shopping, your cart proceeds to the checkout, where a requisition draft is created. Enter the appropriate accounting codes (e.g., fund, account) that your department will use for this order.

• Placing the order prompts the workflow process to begin. Approvers are notified via email that an order is pending. The level of approvals required depends on the purchase type and the dollar amount. The final approval generates a purchase order (PO).
• To receive the order, you must log in to 49er Mart. Receiving initiates payment to the vendor.

How to do it

1. Log in to 49er Mart
2. Click on the supplier’s logo (e.g., Dell, etc.)
3. If the vendor is a punch-out supplier, you will be directed to the vendor’s site to shop for your item(s)
4. Add the desired item(s) to your cart and click “Checkout” when finished ordering
5. If the vendor does not have a catalog, you will enter the items as non-catalog and select the appropriate supplier
6. Review the details of your order, and select “Proceed to Checkout”
7. Select the appropriate accounting codes for your college/department
8. Perform a final review and select “Place Order”

Questions?

Email Purchasing at purchasing@charlotte.edu or refer to the list of Purchasing contacts.

Last Updated July 26, 2024

• Sources and Uses of University Funds Presentation (slides)

Sources and Uses of University Funds Recorded Presentation [51-minute video from Oct. 2022 Legal Symposium)

Purpose: The University’s operations and activities are supported by a variety of fund sources, and each of these sources has its own spending characteristics and rules. This presentation covers the broad categories of these funding sources and some of the key considerations for the use of these funds. In addition, several of the key online resources available to departments to guide faculty and staff with their spending practices are highlighted.

Last Updated: May 1, 2023

Purpose

The purpose of this document is to establish requirements for UNC Charlotte employees and other authorized users regarding the acceptance of electronic payments, including  payment (credit/debit) cards and electronic fund transfers (ACH/Wires). Adherence to this standard will help ensure that the University remains compliant with all University, State, National Automated Clearing House Association (NACHA) and Payment Card Industry (PCI) requirements.

Scope

This standard applies to all university employees, affiliates or authorized users who will be accepting electronic payments or interacting with payment card data, functions or systems (e.g., credit and debit cards) as part of their job duties.

Contacts

Direct any general questions about this standard to the Office of the Bursar – Merchant Services at ecommerce@charlotte.edu.

Standard

In accordance with N.C.G.S. 147-86.22, and UNC Charlotte’s Cash Management Plan the University accepts electronic payments to the maximum extent possible and in a manner consistent with sound business practices.

The Vice Chancellor of Business Affairs (VCBA) directs all electronic payment processing activity and related compliance validation at the University.

• The oversight of automated clearing house (ACH) and wire transfer operations is delegated to the Controller’s Office – General Accounting
• The oversight of payment card processing operations is delegated to the Office of the Bursar – Merchant Services

University Advancement must approve the acceptance of gifts, donations, or sponsorships before the collection of those monies. Gifts must be processed through The Foundation of the University of North Carolina at Charlotte, Inc., as described in University Policy 602.2, Solicitation and Acceptance of Gifts.

Any department found accepting electronic payments without prior approval or not in compliance with this standard must discontinue operations until properly vetted and compliant.

Obtain Prior Approval

1. ACH and Wire Transfers: Campus units, organizations, departments or employees  must obtain approval from their division or college/administrative Business Officer and authorization from the VCBA designee, like the Controller’s Office – General Accounting, to accept electronic funds transfers via ACH or Wire. ACH authorization will generally not be given to third parties making a single payment to the University in a fiscal year. ACH deposits must be accompanied with remittance information to properly identify and apply the payment. The department must provide General Accounting with the fund and account information necessary to process the receipts. General Accounting will provide the department with a wire transfer form to be completed by the department and given to the third party with instructions on how to send the payment. A copy of the completed form must be sent to General Accounting so that the wire is applied to the correct fund and account.
2. Payment (Credit/Debit) Cards: Campus units, organizations, departments, or employees must obtain approval from their division or college/administrative unit Business Officer and authorization from the VCBA designee, such as the Office of the Bursar – Merchant Services, to accept credit or debit card payments, or interface with payment card data. This requirement applies regardless of the transaction method used, such as online (eCommerce), point of sale (POS) devices (hardware and/or software used at merchant locations), mobile capture or outsourced through a third party.
   
   All payment card processing functions for the University, including outsourced, must be coordinated through the Office of the Bursar – Merchant Services in conjunction with OneIT, prior to entering into a contract. This includes, but is not limited to:
   1. All University and/or affiliate contract, software and/or equipment purchases or usage, including implementation of technology that impacts the University’s designated payment card processing platform, or OneIT infrastructure, enterprise applications, security and/or staffing. OneIT is responsible for managing the physical security and storage of infrastructure components that control or interface with card processing systems hosted on campus, e.g., servers and other network infrastructure that connect to card processing systems.
   2. All outsourced payment processing agreements with third parties, as set forth in the Guideline for Outsourced Payment Processing.
   3. All third parties conducting business on UNC Charlotte’s campus that utilize payment cards or interface with payment card data, set forth in the Guideline for Third Parties Accepting Electronic Payments on Behalf of the University or on University Property.

Complete Merchant Requirements

All employees and other authorized users that interface with payment card activities, Cardholder Data (CHD), and/or associated reporting or administrative portals must be registered with the Office of the Bursar – Merchant Services, complete Merchant Training and meet requirements detailed within the Payment Card Industry Data Security Standards (PCI DSS) and/or University standards and guidelines before accepting payment (debit/credit) cards.

Only designated personnel, who have completed these requirements for card acceptance, may have access to CHD, interface with customer card transactions and/or obtain access to card reporting or administrative portals. Access to system components and CHD will be limited to only those individuals whose job requires such access. These individuals are subject to University Policy 101.23, Employment-Related Background Checks and Criminal Activity Reporting.

Continuous Compliance and Annual Attestation

UNC Charlotte is a State agency and as such must adhere to the authority of the State of North Carolina General Statutes (G.S.), policies and guidelines below. These policies dictate that all card processing be conducted through the Master Services Agreement (MSA) contracted by NC OSC. To comply with that State policy, refer to the Guideline for Establishing Merchant Accounts and Guideline for Maintaining Merchant Accounts.

All departments or units that receive approval for university card processing activity and have an active merchant account are required to validate their compliance with the PCI DSS, established by the Payment Card Industry Security Standards Council (PCI SSC) and University validation requirements annually. Audits will be performed periodically by the University’s Internal Audit Department to confirm card processing complies with the PCI DSS and University standards and procedures.

Related Resources

• Guideline for Contracting with Integrated Third Party Service Providers
• Guideline for Daily Cash Management
• Guideline for Establishing Merchant Accounts
• Guideline for Maintaining Merchant Accounts
• Guideline for Payment Card Processing Exceptions
• Guideline for Outsourced Payment Processing
• Guideline for Third Parties Accepting Electronic Payments on Behalf of the University or on University Property
• North Carolina (NC) G.S. 147-77 (Daily Deposit Act)
• NC Office of the State Controller (NC OSC) Policy 500.1 (Maximization of Electronic Payment)
• NC OSC 500.2 (Master Services Agreements for Electronic Payments)
• NC OSC 500.11 (Compliance with PCI Data Security Standards)
• NC OSC 500.13 (NC Security and Privacy of Data)
• NC Session Law 99-434, which amended multiple General Statutes related to the acceptance of electronic payments
• University’s Cash Management Plan
• University Policy 101.23, Employment-Related Background Checks and Criminal Activity Reporting
• University Policy 602.12, Revenue Generating Activities
• University Policy 602.2, Solicitation and Acceptance of Gifts
• University Policy 602.4, University Receipts and Deposits

Revision History

• Initially approved by the AVC for Finance on November 25, 2024