Procurement Fraud: Are you vulnerable?

Abstract

Introduction: The Increasing Risk of Procurement Fraud

The Bribery Act 2010 and Its Implications for Businesses

Procurement fraud, bribery, and corruption have moved beyond a perceived risk and become a real issue for many organizations. This paper highlights the need for organizations to put the necessary processes in place to protect against procurement fraud. It also serves as a warning that the absence of any visible instances of bribery, fraud, and corruption should be no cause for complacency as instances of successful perpetration may remain hidden for long periods of time.

The paper also demonstrates that diligence around procurement processes is not just about mitigating the risk of prosecution. It also shows that having measures in place to prevent procurement fraud can lead to reduced costs and greater overall profitability.

Kroll and PwC estimate that 19 and 29 percent of organizations respectively have been victims of procurement fraud. The issue is increasingly recognized as a global problem and not unique to any particular sector. Kroll's Global Fraud Report 2013/14 estimates a seven

[1]percentage point increase in instances of procurement fraud over the preceding year . According to PwC's Global Crime Survey 2014, [2]procurement fraud is the second most frequently reported economic crime .

These statistics are just the tip of the iceberg, as successful cases of procurement fraud will remain undetected. Organizations that have been victims of fraud will naturally be reluctant to openly discuss their experience.

Corruption is not cost neutral. The cost of such fraud has to be recouped from the market. As a result, the prices paid for goods and services have to be higher than those in a corruption-free market. Aside from direct costs, allegations of fraud have a detrimental effect on the morale of innocent staff members. Fraud will often have other detrimental effects on the quality of products and services and may also have health, safety, and environmental implications.

And then there is the reputational damage caused by fraudulent activity. Media reports on procurement fraud, whether it is falsifying invoices, staff fraudulently obtaining goods for their own use, or food procurement fraud, all cause reputational damage. This makes it harder to demonstrate to stakeholders that effective systems are in place to mitigate procurement fraud.

Advanced procurement techniques such as early supplier involvement and partnerships can only be effectively adopted in an environment where the risk of procurement fraud is managed. The lack of such a framework constrains procurement maturity.

Ironically, “most organizations tend to focus only on external fraud as it is difficult for them to conceive that their own managers and [3]employees may be in on the act” . This denial creates a potential blindness to the risk of procurement fraud and increases the risk that a

company will fall victim to procurement fraud.

[4]The UK's Bribery Act 2010 represents a significant change to the procurement fraud regulatory environment . The Act covers both the giving and receiving of bribes; this is a criminal offence punishable by up to ten years in prison. The Act applies regardless of where the company is registered, where it does most of its business, or in which jurisdiction the improper act or inducement occurred.

Most significantly, the Act stipulates that all organizations are expected to take steps to prevent procurement bribery. In order to demonstrate their commitment to preventing bribery organizations must have the necessary preventive frameworks in place. The framework must be based on the six guiding principles of:

A Point of View

[1] Kroll, Significant Surge in Corporate Fraud, 21 October 2013, accessed 12 March 2014, http://fraud.kroll.com/press-release/

[2] Supply Chain Management, 20 February 2014, accessed 4 June 2014, http://www.supplymanagement.com/news/2014/procurement-fraud-second-most-common-economic-crime-globally

[3] Davies, D. (1995), 'Purchasing and Procurement Fraud', Journal of Financial Crime, Vol. 2, No.4, pp. 322-330

[4] Bribery Act (2010), accessed 12 March 2014, http://www.legislation.gov.uk/ukpga/2010/23/introduction

2

n

n

n

n

n

n

Proportionality

Top level commitment

Risk assessment

Due diligence

Communication

Monitoring and review

The Bribery Act marks a significant change in the regulatory environment surrounding procurement fraud. This kind of fraud can no longer be assumed to be just a potential risk. The risk of procurement fraud now has to be proactively assessed and prevented. Organizations need to adopt a due diligence approach to their procurement processes.

The first step of this process to minimize vulnerability to procurement fraud is to carry out a review of organizational procurement processes. This can be done by interviewing staff who are involved in procurement. This should be followed by a complete analysis of relevant documents that define the roles and responsibilities, governance structure, risk register, and procurement processes. The findings from such an analysis should expose any area of vulnerability to procurement fraud, bribery, and corruption.

The following could expose an organization to fraud:

1. Lack of clarity on ownership of anti-fraud procurement processes

Often there is no clear owner of the procurement process and its risks. Without clear ownership there is confusion about who is directly responsible and accountable for anti-fraud measures. Lack of awareness of processes leads to inconsistencies, which leave the organization vulnerable to irregularities.

2. Over-reliance on interim staff

Too much dependence on interim staff with no long-term connection to the organization may significantly increase the risk of fraud. They are unlikely to invest time in understanding the correct procurement processes. Due to their short-term relationship with the organization, these staff have limited loyalty and may lack the incentive to report bribes.

3. Low awareness of corporate policy commitments

In addition to requiring employees to sign a corporate code of conduct, their understanding of the processes should be thoroughly assessed through structured tests. This ensures all employees are aware of what constitutes fraud, bribery, and other irregularities.

4. Legacy processes and lack of procurement training

Often, long-term employees performing procurement functions have no relevant background or training and learn on the job. They merely replicate, in blind faith, what they believe 'the process' is. In many cases, these employees are unaware what good procurement processes would look like. As a result, they often engage in practices that leave them personally vulnerable to allegations of impropriety. This could include irregularities such as sharing prices from request for quotation (RFQ) responses with others while the competitive process is ongoing.

5. Lack of segregation of duties

Segregation of duties significantly reduces the opportunity for procurement fraud. Splitting up tasks among employees who, for example, prepare the specifications, determine the number of bids to be invited, invite the bids, receive the bids, evaluate the bids, and confirm delivery of the work, can help achieve this. In many organizations, the RFQ process presents a low cost opportunity for automation. eAuctions are potentially a suitable way to secure purchases and will help improve transparency.

6. Single source procurement

Many procurements are of a proprietary nature and thought to be only available from a single source. Although this is not unusual, it increases vulnerability to procurement fraud. Organizations can end up paying inflated prices and not seeking alternative sources. This can be remedied by benchmarking prices across various departments within your organization or, externally, against a benchmarking group.

7. Single trusted advisor on a range of alternative options

Having a single employee responsible for recommending an organization-wide standardization of products and solutions leaves the employee, as well as the organization, vulnerable. In such a case, the advisor should produce an options appraisal for subsequent sign-off by the Chief Procurement Officer. This will help ensure that the due process is followed and the best solution is selected for the organization.

Minimizing Vulnerability to Procurement Fraud: the Due Diligence Approach

3

Recommendations for Minimizing the Risk of Procurement Fraud

Case in Point: Improved procurement processes to help client save over £8 million

To safeguard itself against procurement fraud, every organization should follow these practices:

Allocate and communicate responsibilities

Allocate responsibility and accountability for all procurement processes to one senior employee. Establish, effectively communicate, and manage a policy on procurement bribery, fraud, and corruption, including whistleblowing and conflicts of interest.

Include risks of procurement fraud, bribery, and corruption within the corporate risk register. This should be regularly reviewed by the organization's leadership and should be the responsibility of the relevant single point of contact (SPOC).

Define and introduce segregation of duties within the RFQ process. Also segregate duties in work authorization, confirmation of completion, and payment of invoices.

Conduct a Training Needs Analysis for all staff involved in procurement processes. Then design and deliver a training program that addresses those training needs.

Improve processes, policies, and documentation

Introduce a register of hospitality and gifts, and proactively manage issuance and use of corporate credit cards

Introduce non-collusive bidding declarations and supplier whistle-blowing policies

Put in place a comprehensive contracts register and ensure robust processes are in place to justify contract extensions and renewal

Introduce tolerance limits for contract variations

Put in place processes to ensure that adding new suppliers to the accounts payable system requires approval from both procurement and finance teams

Ensure protocols are in place to manage changes in supplier addresses and bank accounts and avoid fraudulent changes

Increase visibility and analysis

Establish a benchmarking group for proprietary goods and services

Implement technology solutions such as eSourcing, P2P, and eAuctions for greater transparency

Any procurement policy must be regularly reviewed to test for vulnerability to procurement bribery, fraud, and corruption.

We were invited to carry out a due diligence review of procurement processes for a client to minimize vulnerability to procurement fraud. We interviewed several staff members of the client organization in addition to completing an analysis of the procurement records, roles, and responsibilities, governance structure, risk register, and procurement processes.

n

n

n

n

n

n

n

n

n

n

n

n

Figure 1: Procurement Fraud Vulnerability Assessment Approach

Document analysis

Process mapping

Interviews Workshops

TARGET OPERATING MODELGovernance

Policy & StrategyStructureProcessesSystems

SkillsBenefits

4

Forty-one areas of vulnerability to procurement fraud were identified, of which 27 presented significant risks. These included a lack of clarity or ownership of anti-fraud procurement processes; too much reliance on interim staff; low awareness of policy commitments; legacy processes and lack of procurement training; a lack of segregation of duties; and a dominance of single source procurement without benchmarking costs.

This six-week engagement helped identify ways to reduce vulnerability to procurement fraud. In addition, the organization expected to save more than £8 million over a ten-year period by implementing the procurement processes we recommended.

As recent reports have demonstrated, procurement fraud is on the rise and is considered a major threat to organizational competitiveness. It is a drain on valuable resources and has an adverse effect on overall profitability. Despite an increased awareness of the risks and financial pitfalls of procurement fraud, there is still a hesitancy to tackle this kind of fraud head on. Organizations often fail to acknowledge the internal and external risk such fraud poses.

The Bribery Act in the UK marks a significant change to this landscape. Organizations now need to proactively address procurement fraud and ensure preventative measures. Noncompliance could lead to fines and imprisonment. In addition, organizations face significant financial and reputational damage by not addressing procurement fraud.

The simple measures outlined in this paper can help organizations avoid costs resulting from inferior quality of services and products, both procured and produced. This could prevent long-term financial, reputational and health and safety-related ramifications.

Dr. Gordon Murray

Gordon is a strategic procurement specialist with more than 28 years of experience as an award winning procurement practitioner. In 14 years of working in procurement advisory, he has written several peer-reviewed academic papers on strategic procurement improvement. He is SC Security Cleared.

Gordon holds a PhD in Strategic Procurement Improvement and an MSc with distinction in Purchasing and Supply Management. He holds a corporate membership of the Chartered Institute of Purchasing and Supply (MCIPS) and has a CIPS Ethical Procurement and Supply Certificate of Achievement.

Conclusion

About the Author

TC

S D

esig

n Se

rvic

es

M

06

14I

II

About Tata Consultancy Services Ltd (TCS)

www.tcs.com

Tata Consultancy Services is an IT services, consulting and business solutions organization that delivers real results to global business, ensuring a level of certainty no other firm can match.TCS offers a consulting-led, integrated portfolio of IT and IT-enabled infrastructure, engineering

TMand assurance services. This is delivered through its unique Global Network Delivery Model , recognized as the benchmark of excellence in software development. A part of the Tata Group, India’s largest industrial conglomerate, TCS has a global footprint and is listed on the National Stock Exchange and Bombay Stock Exchange in India.

For more information, visit us at

IT ServicesBusiness SolutionsConsulting

All content / information present here is the exclusive property of Tata Consultancy Services Limited (TCS). The content / information contained here is correct at the time of publishing. No material from here may be copied, modified, reproduced, republished, uploaded, transmitted, posted or distributed in any form without prior written permission from TCS. Unauthorized use of the content / information appearing here may violate copyright, trademark and

other applicable laws, and could result in criminal or civil penalties. Copyright © 2014 Tata Consultancy Services Limited

ContactFor more information about TCS' consulting services, email us at global.consulting@tcs.com

About TCS' Global Consulting Practice

TCS’ Global Consulting Practice (GCP) is a key component in how TCS delivers additional value to clients. Using our collective industry insight, technology expertise, and consulting know-how, we partner with enterprises worldwide to deliver integrated end-to-end IT enabled business transformation services.

By tapping our worldwide pool of resources – onsite, offshore, and near-shore – our high caliber consultants leverage solution accelerators and practice capabilities, balanced with our knowledge of local market demands, to enable enterprises to effectively meet their business goals.

GCP spearheads TCS' consulting capacity with consultants located in North America, UK, Europe, Asia Pacific, India, Ibero-America, and Australia.