procurement fraud - are you prepared

8/10/2019 Procurement Fraud - Are You Prepared

1/6

Are You Prepared?

Procurement

Pressures and incentives, opportunity, and

rationalization its the recipe for fraud, any

type of fraud. Abuse within the procurement

cycle is common and can be damaging, from

the magnitude of potential monetary losses to

the reputational damage that can come from a

loss of trust of important stakeholders such as

investors, customers, and other suppliers.

Consider a long time employee who is suddenly

struggling with making ends meet at home.

Through many years of service in the

procurement department, he has gained the

trust of co-workers, established personal

relationships with vendors, and has an intimate

knowledge of the controls system and any gaps

that may exist. Almost effortlessly, he could

approach a vendor to inflate invoices and direct

surplus payments to his personal bank account.

Such collusion is common in procurement frauds

2 | At Risk | Volume 6, No. 1

2012 KPMG LLP, a Canadian limited liability partnership and a member firm of the KPMG network of independentmember firms affiliated with KPMG International Cooperative (KPMG International), a Swiss entity. All rights reserved


2/6

At Risk | Volume 6, No. 1 | 3

is a Manager in KPMGs Forensic practice and holds a Chartered

Accountancy designation. Over the course of her three years with the

practice, Erin has participated in alleged procurement fraud investigations

and has provided proactive fraud risk management services to clients.

Her Forensic experience extends to data analytics, as well as litigation

support, damage quantification, and contract compliance assignments.

In addition to her Forensic experience, Erin has assisted clients with

evaluating their internal controls over financial reporting, including the

evaluation of fraud risk mitigation in the procurement cycle.

Erin Wight

Contact:[email protected](416) 777-3019

The economy these days is in flux. For some

companies, the agenda is recovery while others

are still struggling. Experience shows that

fraud can flourish in times of economic boom

or bust. Change can have a significant impact

on people at all levels in the organization. As

management works through the turbulence,

corners may be cut. Less staff resources may

be available due to earlier cutbacks and the

demands on experienced staffs time may

be split between control responsibilities and

managing the integration of newly acquired

business units.

In either scenario, the offender will justify their

actions: the company wont miss this; its a small

drop in the bucket, or Ill pay it back as soon as I am

able. Perhaps less obvious; but equally alarming,

it becomes increasingly enticing to accept gifts

from a supplier when the demands on staffs time

is expanded and compensation is frozen or not

increasing to the extent of the former glory days

of growth and profitability when the economy was

flourishing. Employees rationalize actions that are

not in the best interest of the company and this

attitude and abuse of opportunity can spread through

the organization if not kept in check throughout the

transitional phase of the business lifecycle.

In the push for short-term results it becomes

more challenging to stay two steps ahead of the

more unethical among us. Could this happen to

you? Are you prepared? How confident are you

with your answer?

2012 KPMG LLP, a Canadian limited liability partnership and a member firm of the KPMG network of independent member firmsaffiliated with KPMG International Cooperative (KPMG International), a Swiss entity. All rights reserved.


3/6


Could This Happen to You?It is very true that most payments tovendors are legitimate; but, consider

what it would mean to your businessif even a small proportion of suchpayments were fraudulent.

Fraud does not discriminate, not bygeography or industry. Globally, KPMGs

Forensic professionals have seen arise in fraud over the past few years as

industries and global economies havefound themselves working to emerge

from financial crises.

In KPMG in the US' 2009 survey,

65% of respondents perceivefraud as a significant risk in their

industry today while 32% expectfraud will continue to increase. Themost significant risk for 31% of

respondents is bribery, corruption,

market rigging, and/or conflicts ofinterest. This perception is morepredominant in government and

healthcare industries (39%) thanconsumer markets and information,

communication, and entertainment(21% and 15% respectively); but an

admitted prevalence of fraud within15% of companies is not somethingto ignore.1

Respondents to KPMGs 2008 fraudsurvey in Australia and New Zealandhave seen a significant increase in

the occurrence of fraud, where 45%of respondents to that survey had

experienced at least one fraud during

the survey period. When reported,the average losses amounted to

AUD$1 million.2

KPMG in Indias 2010 survey alsonotes an increase in the prevalence

of fraud, particularly in supply chainfraud, including the procurementfunction. Seventy-five percent of

respondents to that survey said thatfraud in corporate India is on the rise.

Respondents from the real estateand industrial markets industriesidentified the procurement process

as the most vulnerable to fraud, 57%and 39% of the time respectively.3

Although respondents to the various

KPMG fraud surveys all agree thatfraud is a significant risk that has beenon the rise, it is important to be aware

that the nature of fraud conducted ineach region may differ from that in

your home industry. As businessesseek avenues to streamline productionand reduce associated costs,

supply chains are extending to new,international borders. Even smaller

companies today deal with offshoresuppliers who could have very

different values, controls or businesspractices. Companies must recognizethis and be extra diligent in managing

these relationships.

With this type of experience,

procurement fraud is something thatsimply cannot be ignored. People

contemplating fraud or other actions notin the companys best interest can side-

step those internal controls operatingas your first line of defense. Perhapsthe more pertinent question in todays

environment is why couldntthishappen to me?

Companies should reduce the

opportunity for employees to not actin the companys best interest byincreasing the risk of being caught. This

added risk to the individual can act as arather convincing deterrent.

1 Fraud Survey 2009, KPMG in the US, 20092 Fraud Survey 2008, KPMG in Australia, 20093 India Fraud Survey Report 2010, KPMG in India, 2010



4/6


What Could Happen?The first step in assessing thevulnerability of your procurement cycle

and designing mechanisms to detectand prevent the fraud is to understandthe common fraud schemes.

There are many procurement fraudschemes, with multiple themes

and variations on certain basic fraudapproaches. Some of the more common

schemes are as follows:

Phantom vendors or other

manipulation of the vendor

master file by creating a record in

the vendor master file that directspayment to a fictitious company or

a legitimate company that does notprovide services to the organization,an opportunity is created to generate

a payment record and transfermoney to a recipient that may be

controlled by an employee or a thirdparty in collusion with procurementpersonnel. Detection may be

challenged where the magnitudeof such payments are designed to

fly under the radar of more seniorapproval authorities. A variation

on this basic approach involves

changing address and bank detailsof a legitimate but inactive vendor of

the company, essentially hijacking acompanys identity to facilitate illicit

payments.

Cheque forgery perhaps easilylost in the volume of transactions,a manual cheque can be transacted

through forgery of the designatedapproval authority.

Fictitious invoicing and inflated

billing rates invoices could be

generated for processing throughAccounts Payable that do not relate

to goods received or servicesrendered. Consider that an employee

may generate an invoice payable to

a vendor using their home address.

Alternatively, unannounced toyour diligent procurement staff, a

vendor, even one that is regularlyproviding legitimate services to yourorganization, may submit an invoice

for services that were not providedor at rates that are above those

agreed upon.

Conflicts of interest whereprocurement personnel have afinancial interest in the success of

a supplier entity, their purchasingdecisions may be biased towards

that entity to the detriment of yourorganization.

Vendor kickbacks and briberyalmost innocently, vendors may

send gifts to procurement personnelbecause of long-term relationships.

This can create a conflict where apersonal relationship between thebuyer and vendor is established that

may put pressure on the buyersefforts to act in the companys best

interest.

Less innocently, vendors maycollude with procurement staff in

order to work around establishedprocurement controls and

fraudulently withdraw money fromyour organization. Suppliers maybribe a buyer in your organization

to purchase from them despiteabove-market rates or poor product

quality. In another scenario, bribesor kickbacks may be offered to

procurement personnel to approvefictitious charges.

Bid rigging through collusion

between procurement personnel

involved in the vendor selectionprocess and outside vendors, or

between outside vendors participatingin the bidding process, inflated rates

may be contracted for projects.

Fraud does not discriminate,

not by geography or industry.

Globally, KPMG's Forensicprofessionals have seen a rise in

fraud over the past few years as

industries and global economies

have found themselves working

to emerge from financial crises.



5/6


Are You Prepared?

How to Prevent It

The foundation of any fraud prevention

program is the tone at the top,

the message that management isconveying to guide how business is to

be conducted. If staff see managementabusing authority or promoting unethical

activities, the flood gates are forcedwide open for all staff to demonstrate

the same abuse. Communication ofbehaviour expectations should beformalized in a code of conduct that

addresses such matters as avoidingpotential conflicts of interest and

reporting suspected fraudulent activity.Formalizing the documentation alone is

insufficient. It must be ingrained in theway business is conducted in a clear andunambiguous manner through active

enforcement of its principles.

Fraud awareness training is also an

effective tool in empowering frontlinepersonnel to minimize inappropriate

behaviour; but, it also sends themessage to potential fraudsters thatdetection is a priority and there are

many eyes watching to minimize fraudopportunities.

Finally, invest the appropriate time anddue diligence in performing a detailed

fraud risk assessment surrounding theprocurement process. In your business

and industry today, what are the risksthat pose the most significant threats?The answer to this question is ever

evolving and requires regular evaluation.Focusing the efforts of procurement

personnel on the key controls to mitigatethese fraud risks is critical. Making staff

accountable for the performance of these

controls is also fundamental in ensuringtheir effectiveness. Conducting regular

reviews of the compliance with the fraudprevention control program through

audits is a good approach.

At a very practical level, one of theweaknesses common to many of the

most basic (and easily preventable)schemes is control over a companysvendor listing. Adding vendors or

changing vendor information needs to

be tightly controlled. When activity witha vendor is dormant for a set periodof time, the vendor should be deleted

from the approved vendor list. Otherinternal controls related to commonprocurement processes, approval and

monitoring should be reviewed toensure that they are appropriate and

sufficient to minimize risk in this area.

How to Detect It

Perpetrating these types of frauds

often involves the side stepping oroverriding of controls that are designed todetect inappropriate spending. In these

scenarios, it is important to be aware ofthe red flags that may raise suspicion

before too much loss is suffered [seeRed Flags sidebar]. In KPMG Australias

2008 fraud survey, 22% of fraudsreported by respondents were ultimatelydiscovered after many red flags were

ignored. In efforts to identify fraudearlier, an awareness of potential red

flags and an establishment of reporting

mechanisms to detect these indicatorswill be beneficial.

Many business information systems

contain the facts that can point a fingerat impropriety if the right lens is appliedto the data. Data analytics tools can

be used to focus detection efforts.Whether analyzing spending trends,

irregular transactions, or potential buyerand supplier relationship indicators,

these tools have the capacity to filterlarge volumes of information [see table].

Efforts to implement a continuousmonitoring program with these tools,or response to a suspected fraud are

two avenues for leveraging the vastcapabilities of data analytics.

ProcurementFraud Red Flags Round dollar value invoices

Lack of control around thebidding process including poordocumentation, absence of

appropriate competition

Poor documentation ofexpenditures or failure to

complete a match of invoicesto receiving and orderdocumentation

Consistent use of a vendor

who is delivering poor qualitygoods, particularly where this

issue is concentrated withone buyer

Duplicate invoice payments

Excessive entertaining ofprocurement staff by suppliers

Vendors with a post office boxas the sole address

Absence of a legitimate GST or

HST registration number

Off-hour transactions

Out-of-sequence invoicenumbers for a particular vendor

Payments to inactive vendors

Low initial bids followed byexcessive change orders

Poor cash management

practices (i.e., paying invoicesright away despite theaccepted practice of 30 to

60 day payment terms in aparticular industry)

Cheques set aside for pick-up



6/6


ConclusionThe procurement cycle is fundamentalto the profitability of an organization,especially in times when top line growth

is challenged. Increasing focus onthis cost centre, controls and financial

results can help avoid unnecessary cashflow leakage from fraud. While the cost

of obtaining this business intelligencemay seem to outweigh the probabilityof losses from such a theft, consider

for a moment the other repercussionsof such a breach of trust: loss of

public trust, legal fines or sanctions, ordamaged share price.4

Data Analytics

Irregular Transactions Trends & Summary

Reporting

Relationship Indicators

Duplicate invoices

Unusual invoice sequencing

Inactive vendors receivingpayments

Off-hour transactions

Transactions exceedingapproval authority or invoicesplitting to bypass authority

Vendors with fake GST orHST numbers

Invoices received afterpayments are made

Top vendors by paymenttype

Top vendors with qualityissues (e.g., returns)

Top vendors with thehighest short shipment rate

Vendor address or phonenumbers vs. payroll records

Vendor directors vs.procurement personnel

Multiple vendors withsame contact coordinates(address, phone numbers,PO boxes, etc.)

4 Fraud Survey 2009, KPMG in the US, 2009, page 4, respondents identified these as the most concerning costs of

fraud 71%, 54%, and 34% respectively.


procurement fraud - are you prepared

Documents