Entering Gifts on Behalf of a Congregant

last updated 1/12/2021

A church administrator can enter gifts or online registration event payments on the behalf of a congregant using a paper authorization form. Congregants may call your church office or stop by in person to change their giving information, add a new gift, or make an online payment for a registration event -- but there are some things you should know.

Entering credit or debit card data on behalf of a congregant, will increase the scope of your church’s PCI responsibility.

  • A form must be completed any time an online payment is added or edited.
  • Any time you add or update contributions or online event payments, a confirmation email is automatically sent to the congregant.
  • Authorizations taken by phone may only be for one-time gifts or payments.
  • It’s best to not write down any of the card numbers, but NEVER write down or store the 3- or 4-digit security code found on a credit or debit card.

If you have questions, contact Vanco’s Compliance and Risk Management Department at 1-800-675-7430 or pcisupport@pci.vancopayments.com.

Download authorization form

Follow the best practices outlined below when obtaining written authorization for transactions.

Telephone Orders

If using a credit / debit card

  • The administrator should enter the credit card information directly into the system and complete the authorization form without recording the card data.
  • In the signature field, enter "TO" to indicate Telephone Order.
  • Be sure to record the date and the initials of the person who took the Telephone Order.
  • Completed forms must be retained in a locked cabinet and kept on file for at least 3 years.

If using ACH, enter the congregant’s bank account information they provide and be sure to keep the authorization forms on file for 2 years.

In Person Orders

For credit / debit card or ACH

  • The congregant must complete the authorization form.
  • After entering the gift, the administrator must make all but the last four digits of the account number unreadable.
  • Completed forms must be retained in a locked cabinet and kept for at least 3 years for credit / debit cards and 2 years for ACH transactions.

Additional Information

Authorizations may be retained as either paper forms or scanned images.

If you retain paper forms:
  • Limit access to those individuals who require access in order to perform their job duties.
  • Store them in a locked cabinet or safe.
  • Mark them as confidential.
  • Maintain an inventory log of forms on file.
  • Use cross-cut shredding when destroying documents.
If you retain scanned images:
  • Store them in encrypted, password-protected files.
  • Limit access to those individuals who require access in order to perform their job duties.
  • Never store credit/debit card or banking information unless it is encrypted and password protected.
  • Ensure that your computers have up-to-date virus protection programs.
  • Ensure that your organization’s website has a minimum of 128-bit SSL encryption.
  • Never write down or share your MyVanco User ID and/or password.
  • Review all Vanco reports and compare them to your bank statement to ensure transactions are being processed and deposited as expected.