Establishing and Modifying Revenue Producing Activities (RPA)
This policy will aid Indiana University (“IU”) in managing risks associated with revenue producing activities and applies to all University units engaging in internal and external revenue producing activities, whether or not revenue is processed on campus or off. It establishes revenue processing requirements and makes references to existing financial, e-business, technology, and purchasing policies, as well as relevant externally imposed regulations including, but not limited to, those originating from state, federal and taxing agencies. This policy also covers revenue generated from reportable program income on Contract and Grant accounts. The revenue processing provisions covered in the Intellectual Property Policy, UA-05, which defines the rights of the University and the creators of intellectual property, supersede this policy.
This policy applies to any unit or person processing revenue through IU accounts or through IU technology systems/ resources, including external agencies and affiliates. It does not apply to outside entity student organizations’ revenue producing activities, unless the student organization processes the revenue activity through a University account or through IU technology systems. Activities with less than $1000 of annual revenue will not need to be reviewed under this policy; however, these activities should be directed to Treasury Operations for a consultation to determine how to handle revenue per policy Processing Revenue, FIN-TRE-VI-120.
A Revenue Producing Activity (“RPA”) is established when revenue is generated from the sale of products and/or services provided by the University and/or University employees. All new activities must be approved prior to accepting revenue. Existing activities with changes or expansions to business practices must be reviewed and approved before the changes are implemented.
All requests for RPAs will be reviewed by the Revenue Producing Activity Committee (RPAC). Requests must be submitted from the campus business officer and be compliant with defined RPA standards. Prior to submission to the RPAC, RPAs must be approved by the Fiscal Officer and campus business officer. Any sale of products and/or services to internal and/or external customers must be consistent with the mission of the University (education, research, or public service), as well as the mission of the specific organization. Units with sales to internal customers are expected to break even while sales to external customers may generate a profit.
Subsequent to approval by the RPAC, the Office of the Treasurer (“Treasury”) will provide an approved method(s) to process revenue per IU policy Processing Revenue, FIN-TRE-VI-120. Revenue must be deposited in an approved university bank account(s) and recorded with the appropriate general ledger account(s) and object code(s).
This policy is intended to provide procedures and guidelines for the establishment of revenue producing activities by IU departments, units, and individuals, consistent with the University mission and that of the unit generating the revenue. The purpose of this policy is to determine alignment with the mission and to standardize revenue processing within IU across similar functions with solutions characterized by strong controls to reduce the risk of fraud and/or loss while increasing the efficiency of its cash.
To establish a new RPA or make changes to an existing activity, the department must:
The RPAC will meet every other week to review pending requests and approve/disapprove these requests. Reviews will include, but not be limited to compliance with University mission, compliance with existing external requirements and University policy, efficiency of request, redundancy and risk.
The committee will communicate its decision, in writing, to the requesting unit within 48 hours of the RPAC meeting.
The RPAC will be composed of members from the following functional areas:
Treasury will provide instructions on the approved payment method(s) based on substantiated business needs. Responsibilities include a review of all information to determine if the activity involves any banking, credit card, check processing or cash handling.
FMS will provide a review for impact on financial reporting and fiscal operations issues. This includes review for potential tax issues.
Purchasing will ensure that all appropriate contracts are established and IU procurement policies are being followed to obtain goods or services related to the activity, including those related to licensing and trademarks issues.
UITS will review those activities which involve IU information technology such as data networking, computer accounts and data security for compliance with all applicable policies.
University Budget Office will confirm that the activity and its funding sources are appropriate and consistent with fiscal policies.
Other areas including but not limited to University Counsel, University Architect, Risk Management, or Public Affairs and Government Relations may be brought in to review specific requests as appropriate.
Conflict of Interest Disclosure Statement - Under Indiana State law and reiterated under the university Conflict of Interest Policy, University employees and their dependents are prohibited from having an aggregate financial interest of $250 or more per year in, or deriving an aggregate profit of $250 or more per year from, any contract(s) or purchase(s) connected with the University. If the employee is not a member or on the staff of the governing body empowered to purchase or contract, and the functions and the duties performed by the employee for the University are unrelated to the purchase or contract, employees and their dependents may have an interest in, or derive an aggregate profit from, a purchase or contract with the University of $250 or more if:
Contract and Grant Account – Award funds supervised through the IU Office of Research Administration. This includes any grants, contracts, and cooperative agreements awarded to Indiana University researchers. Because Indiana University (not the school, department, center, or individual faculty member) is the legal entity for all awards, each agreement must support IU's mission and protect the rights of the researchers.
Data Security - this is a top priority at IU and it covered by several policies and procedures along with numerous Federal and State laws and contractual requirements (i.e. PCI DSS).
External Sales - defined as an exchange by the university of tangible or intangible products and/or services with external customers for monetary consideration. For the purposes of this policy, an external customer is anyone not paying for the goods or services from an IU account. Transactions handled for technology transfer, license and trademark agreements are excluded from this definition.
Internal Sales - defined as the sale of goods or services by one university department to another department within the university and to sales within a department. Transactions are completed using an Internal/Service Billing form or the batch processing process that recognizes income and expense between university accounts. If it is considered necessary or efficient for an IU organization or department to sell to another university organization or department in order to accomplish university objectives, then a recharge (or internal service) center must be established in compliance with university policies. All sales activity must be conducted in accordance with university policy and procedures to ensure adequate compliance with federal and state regulations and to minimize legal, insurance, and tax risks. Rates set by recharge centers are subject to review by Financial Management Services (FMS) for compliance with federal cost principles and regulations as well as IU policies and guidelines as set forth in the policy reference section below.
Payment Card Industry Data Security Standards (PCI DSS) - a set of comprehensive requirements for enhancing payment account data security, developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.
The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.
Revenue – any incoming funds generated from the sale of products and/or services provided by the university or university employees.
Revenue Producing Activity - A revenue producing activity (RPA) is established when revenue is generated from the sale of products and/or services provided by the university or university employees. This definition shall exclude all Sponsored Programs.
Revenue Producing Activity Committee – University level group organized to aid the University in managing the risks associated with sales activities. Representative members are from the Office of the Treasurer, Purchasing, Financial Management Systems, University Counsel, University Information Technology Services, and other areas as needed to consider specific requests. Completed RPA requests are considered twice monthly.
Sponsored Programs - Sponsored programs shall not be considered a Revenue Producing Activity (RPA) under this policy. As a general rule, sponsored programs are differentiated by RPA’s by the following criteria:
Any questions as to whether an activity should be considered a sponsored program should be referred to Office for the Vice President for Research.
When planning or approving business activities, deans, department heads, and other appropriate administrators should ensure that revenue producing activities comply with this policy. Units that do not follow the guidelines set forth in this policy will at a minimum be held responsible for any fines or penalties. Generating and processing revenue imposes responsibilities on both IU and the department. Failure to follow defined and approved procedures will minimally result in interruption of revenue processes and may result in immediate termination of the activity.