It’s always the ones you know: The key to understanding and mitigating procurement fraud risks

Procurement fraud affects organisations across a broad range of industries in both the public and private sector. It is critical that organisations fully understand the risks they face in order to mitigate them and implement measures to detect procurement fraud.

The key to understanding these risks is, firstly, to understand the organisation’s procurement cycle in order to identify the various risk areas. Secondly, it is important to understand the various types of procurement fraud and the methods used by fraudsters. This will place an organisation in a better position to implement appropriate measures to mitigate these risks.

When assessing an organisation’s procurement cycle, all of the processes and procedures involved in procuring goods/services for the relevant organisation should be considered. These processes will start right from the identification of the organisation’s need for goods/services all the way to the processing of payments to the relevant vendors. When performing this assessment, all control weaknesses should be identified so that these can be strengthened. Simplistically, an organisation’s procurement cycle typically involves the following stages:

 

Each of the role players involved in the procurement cycle should also be identified. An organisation is usually at risk of falling victim to procurement fraud by one or more of the following role players:

• suppliers/service providers
• procurement employees
• tender committee members
• finance personnel
• quality/product assurance representatives

Red flags to look out for in the procurement cycle include the lack of segregation of duties in procurement and payment processes, employees living beyond their means, lack of supporting documentation accompanying vendor payments, payment of round amounts, invoices with brief descriptions of goods/services rendered, price changes after a tender has been awarded, unjustifiable sole-source contracting as well as excessive entertainment of employees by vendors.

Once all of the risks have been identified, adequate controls should be implemented in order mitigate these risks. These controls should be designed to effectively detect and prevent an incident of fraud occurring. While one can never completely eradicate the risk of a fraud occurring, having proper, well-thought out controls will go a long way in substantially mitigating procurement fraud risks. 

Preventative measures that can be implemented include having appropriate checks and balances throughout the procurement cycle, ensuring supporting documents are attached to all payment packs, detailed vendor vetting, regular monitoring of vendor behaviour, having a centralised vendor database as well as regularly reviewing and cleaning up of the vendor database to ensure that there are no dormant vendors on the database. It is also important to ensure that all processes and procedures are documented in detailed policies. Employees should be trained on these policies regularly. The tone at the top is also critical and senior management should ensure that the message throughout the organisation is clear: zero tolerance to any irregular or fraudulent conduct. 

Taking the time to review an organisation’s procurement cycle to identify all risks and then implementing appropriate measures to mitigate those risks will go a long way in protecting an organisation from the devastating consequences the organisation could endure if it fell victim to fraudulent or corrupt conduct. In the war against fraud and corruption, it is better to stand prepared then get caught off-guard.