In today’s business world it is important for organizations to take steps towards procurement fraud prevention. Procurement fraud costs businesses millions of dollars every year, and the losses can likely be avoided if certain measures are taken to assist in procurement fraud prevention. The diagram below shows the procurement fraud that can be committed by employees, as well as by vendors.
Procurement Fraud Life Cycle
Procurement fraud is often complex to investigate because it can occur at any stage of the procurement life cycle. Whether a business is small, medium or large, procurement fraud may occur. The fraud occurred most often during the invitation of quotes/bids stages, followed by the vendor selection and the payments process stage.
The procurement fraud life cycle may be illustrated as follows:
Strategies to Consider
Most incidents of procurement fraud can be prevented or detected early if the organization possesses a complete understanding of:
• the procurement framework, which is the policies and procedures
• the risks involved in the procurement life cycle
• how controls and review mechanisms will reduce risks
Invitation of Quotes and Bids Process
Procurement decision making is centralized and standardized or there are centralized management and supervision of procurement decisions. The procurement policy reflects the scale and risk of procurement, for example how to decide to go to tender, the number of quotes required for each purchase or whether a sole provider is appropriate.
The procurement process is clearly mapped to identify the key controls and risks in the process. The tender and selection policy is communicated to all relevant staff. There are review mechanisms to ensure that approved vendors are used, and procurement policy is followed. Evaluation criteria are also confirmed before starting the tender process and the evaluation criteria allow like-for-like comparison.
An independent panel assesses the tenders, e.g., the project manager may advise the panel but should not vote on the decision. Staff involved in procurement and who have procurement and payment delegations have appropriate and regular training on procurement policies and procedures.
Vendor due diligence is conducted for major suppliers, including financial (credit position, financial capacity, insurance) and qualitative considerations (reputation, associated entities). Vendors must provide declarations of ethical conduct and/or compliance with the code of conduct guidelines. An independent officer, in consultation with the project manager, is involved in any direct negotiations with the vendor. There are controls in place to ensure that the value of the proposed contract is not split or reduced to circumvent any thresholds regarding going to tender.
Vendor Contracting and Maintenance
Order prices are compared to tender documents, vendor contracts, purchase orders or agreed price lists. Contract variations as to delivery, service, and pricing are reviewed and the need to retender is considered. Approved vendors are established, and goods can only be ordered from these suppliers.
Organizations can promote procurement fraud prevention is by segregating duties. In any business transaction, more than one individual should play a role. For example, the person who starts the purchase order process should not be the same person who will approve the payment. The duties of individuals ordering goods and those receipting goods are clearly segregated. There is an established process for emergency procurement, and any purchases made through this channel are reviewed by senior management to ensure that minimal purchases are made in this manner and adequate records have been maintained.
One of the underlying enablers of procurement fraud is a lack of separation of job responsibilities. For example, you can’t have the same person approving contracts and doing the audits. There are no checks and balances in place in that kind of a situation. In companies undergoing mergers and acquisitions or accelerated growth, these checks and balances are particularly likely to fall by the wayside, leaving the organizations vulnerable.
Training is conducted regularly to ensure staff is aware of procurement fraud risks and the red flags to look out for. This may be a combination of a code of conduct training for all staff and tailored procurement fraud training for procurement staff.
Gifts and entertainment register are maintained to monitor potential supplier influence. Staff will need to submit a “Gift Declaration” form to the Human Resources department for recording purpose. Annual conflict of interest declarations, particularly for procurement staff, is required under the company’s code of conduct/ethics. Staff is required to declare secondary employment. Managers conduct random monitoring. Reviews and testing of procurement are included in the internal audit plan. Problems relating to quality are documented and followed through with heightened monitoring: often quality issues are only discussed informally and let go until randomly identified in the future.
Delegations of authority are established and monitored for compliance. Invoices are matched to authorized purchase orders. Proof of delivery has been confirmed.
Vendor invoices are reviewed against internal supporting documentation for correct:
• labor hours (against timesheets or contract estimates), skills and costs (including margins, allowances and per diems)
• materials costs (on-costs and GST), delivery (confirming receipt), quality (inspection of goods to meet contact specifications)
• overhead calculations (as per vendor contracts)
Segregation of Duties with Conflicts
In addition, the person who takes the payment should not be the same person who handles bookkeeping matters. Some smaller businesses fail to segregate duties for their employees, either because they are too short-staffed to do so or because they are simply too short-sighted to do so. Procurement fraud can start off on a very small scale, but the costs truly add up and if individuals see that they are getting away with it they may continue to do so for years and on a much larger scale.
Ensure that all staff who can make or are involved in financial decisions are trained on how to identify procurement fraud. Do not dismiss minor red flags indicating possible fraud such as a perceived close relationship with a supplier that may be closer than you think. Ensure a three-way match is carried out, example whether the amounts documented on the requisition, purchase order and invoice are all aligned. Remember to check the delivery note and against the contract schedule.
Staff members often move to other departments within an organization. If a staff member moves departments, remove all their current accesses and authorities and add the permissions applicable to their new role.
Segregation of duties is a recognized procurement fraud barrier but is not always enforced. In addition, a two-person system should be implemented to define who can either add or delete a supplier from the approved supplier list or change a supplier’s bank account number.
Procurement is by far the greatest fraud risk in the organizations. Organizations are encouraged to actively review and challenge their processes and controls, undertake a risk assessment, and review and update their detection mechanisms.
Of course, all these measures taken together can’t make your organization bulletproof. There are always going to be smart people who are going to find ways of getting in under the radar. But if the recent defrauded organizations had adopted the above safeguards, they all would’ve had a far better chance of dodging the bullet.
Identifying Procurement Fraud.
Baselinemag. (2006). “Six Steps to Prevent Procurement Fraud”. Retrieved from http://www.baselinemag.com/c/a/Projects-Security/Six-Steps-to-Prevent-Procurement-Fraud, accessed on 22/06/2019.
Bellwether. (2012). “How to prevent Procurement Fraud”. Retrieved from https://www.bellwethercorp.com/how-to-prevent-procurement-fraud-part-1/, accessed on 22/06/2019.
Clarence Tein, DPSM. (2017). “Critical Issues to Avoid Procurement Fraud”. Retrieved from SIPMM: https://sipmm.edu.sg/critical-issues-avoid-procurement-fraud/, accessed 22/06/2019.
Ivy Ng LianLeck, DPSM. (2018). “Six Key Strategies to Avoid Procurement Fraud”. Retrieved from SIPMM: https://sipmm.edu.sg/six-key-strategies-avoid-procurement-fraud/, accessed 22/06/2019.
Paul Guile (2013). “10 ways to control procurement fraud”. Retrieved from https://www.cips.org/en-SG/supply-management/opinion/2013/december/10-ways-to-control-procurement-fraud/, accessed on 22/06/2019.
Paul Rock (2015). “Procurement Fraud”. Retrieved from https://www.cips.org/Documents/Membership/Branch%20Speaker%20Presentations/Procurement%20Fraud.pdf, accessed on 22/06/2019.