Resources

Please use the attached COI form as indicated in the policy.

 

University faculty and staff are subject to a variety of conflict of interest laws, regulations, and requirements depending on their official duties for the University and external financial relationships.  This website provides general information, references, and resources to assist you in meeting your personal obligations to comply with conflict of interest requirements as they related to procurement activities; it is not intended as legal advice and should not be construed as such.  Any questions regarding interpretation and application of laws and regulations should be dire

This procedure covers the deposit of cash (checks, currency, and coin) when the receipts are credits or reimbursements deriving from previous disbursements for University business, where some portion of the payment is returned by the original recipient. In this case, the credit must be made to the original Worktag incurring the expense using a unique Credit Expenditure Type.
Financial Planning & Analysis Summary Reports for Fiscal Year 2022
A PowerPoint presentation on understanding F&A rates.

See Policy FIN-001: Determining if an Award is a Gift or Sponsored Project

A Gift is defined as: an irrevocable transfer of assets (cash, stock, gifts, etc.) to the done such that the donor can exercise no further control over it and does not have expectation of any contractual requirements or potential benefits. To be tax deductible it must be donated to an organization recognized as charitable by the IRS (a 501(c) (3) corp).

University Foundations can use UVA Fund’s services to collect and process gifts and donations as the funds do not belong to the University, they are deposited into Foundation bank accounts. If the monies the event is collecting are University funds, deposited into University revenue projects, then UVA Fund cannot function as a processor for your event (see Policy FIN-016: Receiving and Depositing Cash and Other Monetary Instruments) as the funds are required to be deposited directly into University Bank Accounts.

The Payment Card Industry has addressed access to cardholder data through the Standards and identify what screening that potential employees must pass in order to gain access to cardholder data including reports. This standard is required for EMPLOYEES and recommended even if the employee is a cashier and exposed to one card at a time.


12.7 Screen potential personnel prior to hire to minimize the risk of attacks from internal sources. (Examples of background checks include previous employment history, criminal record, credit history, and reference checks.)

An introductory guide to access and reporting for all University Payment Card Systems.

PCI stands for Payment Card Industry. PCI Data Security Standards are national standards issued by the Payment Card Security Standards Council and apply to all entities involved in payment card processing – including merchants, processors, acquirers, issuers, and service providers. PCI also applies to all other entities that store, process or transmit cardholder data or may have an impact on the security of the cardholder data environment.

The University of Virginia recognizes that individual credit card information is confidential. Failure to maintain strict controls over this information could result in unauthorized use of a credit card numbers and create serious problems for the consumer, the unit, and the University. Credit card information is treated as carefully as other confidential information.

These services may include a registration form, manipulating the data into the reports, managing a conference, etc. If the vendor does not also collect credit card payment information or refer your customer to a third-party for payment card processing, then using these vendors do not bring your process under PCI compliance rules.

The card brands and credit card processors can assess significant fines (currently starting at $25,000 for each card type) for failure to comply with the standards and can revoke the University’s ability to accept payment cards if we are breached.

With PCI 3.0 (effective December, 2013) the University became responsible for annually verifying the payment card data flow and PCI compliance for all third- party contracted vendors and their external service providers (either AOC (Attestation of Compliance or ROC (Report of Compliance) for each vendor who touches payment card data). As the units renew agreements with vendors, and as we are made aware of their relationship with the University, we are then bound to verify compliance.

EPay is primarily a payment card process, not a registration process where payment may or may not be collected so payment of some type must be collected for each registrant. eStore will allow for a combination of $0.00 registrations and paid. (see question 10 below) There are options available for registration only events. Contact the Payment Card Services for more information. See other options, ITS Eventbrite

  1. There are short-term, one-time only web processing options available. Please contact the PCPC.
  2. You can apply for web processing through the Payment Card Services using E- Pay at UVA through Commerce Manager. A departmental website may be required. Depending on your needs, we may be able to manage your registration page and collect payment information for no additional fee.
  • CACS: ITS Custom Applications & Consulting Services
    • End-to-end website platform solutions, custom web, application development and project management services at a reasonable cost.
  • Housing Conference Services:
    • Full service event planning from start to finish including hotel, meals and side trips.