auditing it procurement fraud schemes - philippines chapter

AUDITING IT PROCUREMENT FRAUD

SCHEMES

MARIO B. DEMARILLAS

PRESIDENT – ISACA MANILA CHAPTER

IT SPENDING STATISTICS

PHILIPPINES IT SPENDING

• 2015 – $7.30B

• 2016 - $7.88B

• 2017 - $8.52B

• 2018 - $9.20B

• 2019 - $9.93B

• 2020 – $10.73B

Php 6.8B

DEBUNKING MYTHS AND BELIEFS

MYTHS & BELIEFS

MYTHS & BELIEFS

OPPOSING FORCES

FRAUDWILLINGNESS TO

UNCOVERABILITY TO CONCEAL

COMMON FRAUD SCHEMES IN THE

PROCUREMENT PROCESS

Pre-Solicitation Phase

Pre-solicitation phase

Need recognition Bid tailoring

Narrow specifications

Broad specifications

Vague specification

Bid splitting Unjustified method of procurement

Change order abuse

Solicitation Phase

Solicitation phase

Bid manipulation Leaking bid dataCollusion among

contractors

Complementary bids / Bid rotation / Bid

suppression / Market division

Defective pricing schemes

Inflating labour costs

Inflating material costs

Bid Award and Evaluation Phase

Bid evaluation and award phase

Bid manipulation Leaking bid data

Post-Award & Administration Phase

Post-award and administration phase

Non-conforming

goods/services

Change order abuse

Cost mischarging

Accounting mischarges Material mischarge Labor mischarges

RISKY BUSINESS OF FRAUD

• Monitor – 24 inch LCD, 1080p

• Sixth Intel Generation Core

• Graphics –Nvidia GTX 950

• Microsoft Office

• RAM – 16GB

• Hard Drive – 256 GB

• Optical Mouse and Keyboard

Miss Universe – Q&A

• Monitor – 24 inch LCD, 1080p

• Sixth Intel Generation Core I5

• Graphics –Nvidia GTX 950

• Microsoft Office 2016

• RAM – 16GB

• Operating System – Windows 10

• Hard Drive – 256 GB SSD

• Optical Mouse and Keyboard

SwitchBoarding

• Purchased 200 laptops

• Purchase Price – less 5% discount

• 30 days delivery lead time

• 3 years warranty

• Same supplier for 10 years

Harry Potter’s Invisibility Cloak

• Purchase 150 laptops – P480K

• Delivery – 30 days

• Vendor – Company X

• Purchase 130 laptops – P480K

• Delivery – 5 days

• Vendor – Company X

Siamese Twins

Snail Mail Internet

Bandwidth

Traffic

Employee

License to Kill

USER CALs

DEVICE CALs

MS SQL VERSION???

Substituted Filing

• Project Manager

• System/Business Analyst

• Team Leader

• Programmer

• Designer

• Monitor – 24 inch LCD, 1080p

• Sixth Intel Generation Core I5 (I7)

• Graphics –Nvidia GTX 950

• Windows 7 Ultimate (Win 8)

• Microsoft Office

• RAM – 16GB (32GB)

• Hard Drive SATA – 256 GB (SSD)

• Optical Mouse and Keyboard

Change is Constant

Regulatory Compliance

Enterprise and

Operational Risk

Audit Management

IT & Security Risk

ERM is key to Sustainability

• Audit

Management

• Enterprise and

Operational Risk

• Regulatory

Compliance

• IT & Security Risk

• Company 1 (P 50M)

• Company 2 (P 55M)

• Company 3 (P 60M)

• Company 4 (P 52M)

• Company 5 (P 63M)

FFTW

Technical Specs Revised Price

P 50M

P 55M

P 49M

P 48M

P 68M

SEEING THROUGH THE LENS

SELF COLLEAGUES

CULTUREPROCESS

AWARENESS

DETERRENCE IS KEY

LEARN TO STUDY PATTERNS

SUBSTANTIATE MORE

QUESTIONS???