Protecting Your Procurement Process -Prevalent Fraud Schemes and MitigationStrategiesInstitute of Chartered Accountants ofTrinidad & Tobago

October 15, 2014

Page 1

Agenda

► Introduction► Common fraud schemes, including

procurement► Common data sources and tests to identify

various fraud schemes► Applications of analytics in Investigations,

Compliance Programs and Internal Audit► New innovations in analytics

Page 2

Introduction

Page 3

What drives fraud?

Page 4

Common areas for fraudWhat’s happening in the business environment?

InternalControls

Internal and ExternalPressure

Layoffs areincreasing

Stock prices aredeclining

Opportunity toCommit Fraud

Credit crisis andother external

factors areincreasing

Budgets aredecreasing.

Companies andorganizations aredoing more with

less.

Companies andorganizations are

downsizing,which has an

immediate effecton internal

controls

With Increasedpressure and

decreasedinternal controls –

People willexplore more

opportunities tocommit fraud

Pressure

Opportunity

Rationalization

Increased use ofgovernment funds

Page 5

The Fraud Tree

Fraud Tree

AssetMisappropriation

RevenueRecognition

NonFinancial

Cash Larceny Theft of OtherAssets –

Inventory/AR/Fixed Assets

Fake Vendor

Conflicts ofInterest

Bribery/Corruption/

FCPA

Payroll Fraud T&E Fraud

IllegalGratuities

Bid-Rigging/Procurement

Theft of Data

FraudulentStatementsCorruption

GAAP Reserves

Page 6

Common Fraud schemes

Page 7

Top fraud risk concerns – EY Global Survey

20%

16%

26%

23%

24%

33%

12%

18%

17%

26%

36%

32%

Money laundering

Mergers andacquisitions

Financial statementfraud

Capital projects

Asset misappropriation

Bribery and corruptionrisk

Of major concern Of some concern

38%

33%

62%

53%

75%

74%

% of respondents using dataanalytics to combat the risk

Page 8

Fraud risks for Procurement

► Potential kickbacks accepted by employees for releasingpurchase orders / selecting vendors

► Materials purchased at significantly higher rates as compareto market

► Manipulations of bidding / tendering process to suit a specificvendor

► Possible involvement of relatives of employees as vendors► Duplicate / excess payments made to vendors

► Potential kickbacks accepted by employees for releasingpurchase orders / selecting vendors

► Materials purchased at significantly higher rates as compareto market

► Manipulations of bidding / tendering process to suit a specificvendor

► Possible involvement of relatives of employees as vendors► Duplicate / excess payments made to vendors

PurchasesPurchases

► Labor contract awarded to related party of any employee /sister company of existing any vendors

► Potential kickbacks accepted by employees for giving outcontract / selecting vendors

► Payment made to vendors without obtaining service ofsuch labor

► Labor contract awarded to related party of any employee /sister company of existing any vendors

► Potential kickbacks accepted by employees for giving outcontract / selecting vendors

► Payment made to vendors without obtaining service ofsuch labor

Labor CostLabor Cost

► Disposal / write off inventory without adequate approvalsor in unauthorized manner

► Illegal / unauthorized scrap disposal► Acceptance of low / bad quality material form vendors in

lieu of kickbacks

► Disposal / write off inventory without adequate approvalsor in unauthorized manner

► Illegal / unauthorized scrap disposal► Acceptance of low / bad quality material form vendors in

lieu of kickbacks

Inventory ManagementInventory Management

► Service contracts awarded to related party of any employee /sister company of existing any vendors

► Potential kickbacks accepted by employees for giving outcontract / selecting vendors

► Manipulation of tendering bidding process for selection

► Service contracts awarded to related party of any employee /sister company of existing any vendors

► Potential kickbacks accepted by employees for giving outcontract / selecting vendors

► Manipulation of tendering bidding process for selection

Service contractsService contracts

► Unauthorized expenses incurred at project site► Fictitious supporting attached for expenses► Inflation of purchases bill by employees / vendors► Manipulations in expense of transportation / fuel cost► Duplicate payments / unauthorized funds transfer /

transfer of payment to fictitious vendor accounts

► Unauthorized expenses incurred at project site► Fictitious supporting attached for expenses► Inflation of purchases bill by employees / vendors► Manipulations in expense of transportation / fuel cost► Duplicate payments / unauthorized funds transfer /

transfer of payment to fictitious vendor accounts

Other ExpensesOther Expenses

► Land deals entered with related party / purchased atsignificantly higher rates as compared to market

► Possibilities of cash components and kick backs by employeesmanaging deals

► Potential facilitation payments► Expenses incurred in “cash” for land acquisition► Fictitious expenses incurred for land development

► Land deals entered with related party / purchased atsignificantly higher rates as compared to market

► Possibilities of cash components and kick backs by employeesmanaging deals

► Potential facilitation payments► Expenses incurred in “cash” for land acquisition► Fictitious expenses incurred for land development

LandLand

Page 9

Capital projects are a growing concern

ProjectBoundary

Project Costs

Organizational Design

ContractChanges

Cumulative Change Costs, Agreed vs. Pending08/01/99-12/23/99

$0$10$20$30$40$50$60$70$80

Aug-99 Sep-99 Oct-99 Nov-99 Dec-99 Jan-00

$M

Agreed Change $

Pending Change $

Schedule /Progress

ComplexDesign

Fast TrackScheduling

Multiple ContractTypes / Strategies

AggressiveCost / Scope

Targets

• Skilled laboravailability –Talent Gap

• ProcurementChallenges:Long leadtimes, materialcostuncertainty,and globalcompetition

• Changing industry regulations• Compliance with legal

requirements• Maintaining a positive public image

• Cash flowrequirementsalignment withthe scheduletargets

• Portfoliomanagement –internal rate ofreturn

• Increasing globalcompetition formaterials, equipmentand labor

• Compressed andaggressive timeframes

ResourceConstraints

Access to, andRequirements ofCapital Markets

RegulatoryCompliance

AggressiveCompetition

Fraudulent disbursements

§ Shell company

§ Non accomplice vendor

§ Personal purchases

§ Expense reimbursements

Payroll and commissions

§ Falsified wages

§ Diverting payroll andwithholding

§ Workers compensationschemes

§ Revenue or sales

§ Accounts receivables

§ Refunds and credits

§ Inventory and other fixed assets

§ Leakages in revenue/ collection

§ Impersonation of userauthentications andauthorizations

§ Excessive and/or conflictinguser access and roles

§ Physical security weaknesses

Corruption

§ Conflicts of interest

§ Bribery (Kickbacks)

§ Economic extortion

§ Illegal gratuity

§ Theft of equipment

Cash skimming Segregation of duties

Fraudulent statements

§ Improper timing differences

§ Fictitious revenues

§ Improper asset valuations

§ Concealed or misclassifiedliabilities and expenses

§ Improper disclosures

Fraud schemesRisk factors

Page 10

Combat the risk – Fraud data analytics

Page 11

Data SourcesStructured vs. Unstructured Data

While considering enterprise risk, all sources of data should be addressed.

► Unstructured Data► Email► Instant Messages► Text/Mobile Device Messages► Phone Records► Social Media► Trade Press and Commentary

► Structured Data► Financial Records► T&E► Claims Data► Purchase Orders► Inventory Records► Employee and Vendor Lists► Public Databases

20% 80%20% 80%

80% UnstructuredData

Text

Graphics

Email

Presentations & Spreadsheets

CRM

Databases

Accounting Systems

80% UnstructuredData

Text

Graphics

Email

Presentations & Spreadsheets

CRM

Databases

Accounting Systems

20% 80%20% 80%

80% UnstructuredData

Text

Graphics

Email

Presentations & Spreadsheets

CRM

Databases

Accounting Systems

80% UnstructuredData

Text

Graphics

Email

Presentations & Spreadsheets

CRM

Databases

Accounting SystemsStructureddata

Unstructureddata

ü Most company analysis focuses on the 20% structureddata, although 80% of enterprise data is unstructured innature.

ü Few organizations have the methodologies or technologiesto efficiently address structured and unstructured datatogether

Source: Gartner Research

Page 12

Total

Spreadsheet tools such as Microsoft Excel 65%

Database tools such as Microsoft Access or Microsoft SQL Server 43%

Continuous monitoring tools, which may include governance risk andcompliance (GRC) tools (SAP, SAI Global, Oracle)

29%

Text analytics tools or keyword searching 26%

Forensic analytics software (ACL, iDEA) 26%

Social media/web monitoring tools 21%

Visualization and reporting tools (Tableau, Spotfire, QlikView) 12%

Statistical analysis and data mining packages (SPSS, SAS, R, Stata) 11%

Big Data technologies (Hadoop, Map Reduce) 2%

Voice searching and analysis (NEXIDIA, NICE) 2%

Data sources are rich, yet the technology deployedare typically less sophisticated

Q: From the tools mentioned, which, if any, are you currently using in your organization? Base (422)

Bas

eLe

vel

Mor

eSo

phis

ticat

ed

Page 13

Total Mining Oil & Gas Power &Utilities

FinancialServices

LifeSciences

OtherSectors

Spread Sheet Tools Such As Microsoft Excel 65% 57% 53% 73% 55% 55% 76%

Database Tools Such As Microsoft Access OrMicrosoft SQL Server 43% 13% 38% 46% 44% 43% 48%

Continuous Monitoring Tools, Which May IncludeGovernance Risk And Compliance Tools 29% 35% 30% 41% 26% 36% 25%

Text Analytics Tools Or Keyword Searching 26% 22% 17% 34% 21% 28% 29%

Forensic Analytics Software (ACL, Idea) 26% 26% 23% 32% 24% 36% 23%

Social Media/Web Monitoring Tools 21% 4% 15% 20% 23% 21% 23%

Visualisation And Reporting Tools 12% 4% 11% 10% 11% 13% 14%

Statistical Analysis And Data Mining Packages 11% 4% 6% 20% 14% 15% 9%

‘Big Data’ Technologies 2% 0% 2% 2% 3% 4% 1%

Voice Searching And Analysis 2% 0% 2% 0% 3% 4% 2%

I Am Not Aware Of Any Such Tools. 0% 0% 0% 0% 0% 0% 0%

Tools currently used in organization – sectorbreakdown

Q: From the tools mentioned, which, if any, are you currently using in your organization? Base (422)

Page 14

FDA uses - Sector discussion

Q: In which of these risk areas or types of fraud does your company use FDAs when investigating fraud and bribery? Base: (466)

Transportation Financialservices Life sciences Oil and gas Manufacturing

Consumerproducts/

retail/wholesale

Technology,communications

andentertainment

Mining Power andutilities

Bribery andcorruption risk 82% 66% 80% 76% 74% 74% 61% 90% 77%

Moneylaundering 30% 80% 24% 29% 23% 31% 17% 24% 17%

Assetmisappropriation 82% 56% 78% 86% 71% 85% 70% 90% 74%

Financialstatement fraud 79% 54% 67% 63% 71% 68% 52% 62% 51%

Mergers &acquisitions 42% 25% 43% 29% 48% 30% 26% 41% 32%

Capital projects 45% 34% 50% 65% 58% 53% 48% 72% 83%

Other 6% 16% 11% 8% 10% 4% 13% 0% 13%

Page 15

Data Mining: Techniques

► Structured Data Analytics► Fraud Scenario Tests

► Temporal Analysis

► Anomaly Detection

► Cluster Analysis

► Unstructured Data Analytics► Emotive Tone Analysis

► Document Classification

► Topic Modeling

► Concept Induction

► Fact Pattern Analysis

► Social Network and Actor Analysis

► Predictive Modeling

Page 16

Case example

Page 17

Risk factor - Material ProcurementOur Experience – A leading cement manufacturer

Allegation letter containing suspectedirregularities in packing materialsprocurement:

► Manipulations in tendering process► Vendor nepotism► Kickbacks from vendors► Involvement of ex-employees in

driving tendering process

Allegation letter containing suspectedirregularities in packing materialsprocurement:

► Manipulations in tendering process► Vendor nepotism► Kickbacks from vendors► Involvement of ex-employees in

driving tendering process

Whistle-blower allegationWhistle-blower allegation

documents

Documentsreview• In-depth review ofTendering,Quality, Vendorperformanceranking (VPE) ,RFQ and otherrelateddocuments

on nexus andkickbacks

MarketIntelligence•Discreetinterview ofsuspectedvendors

•Collectedintelligenceon nexus andkickbacks

DiskImaging•Emails anddocumentsreview

•Communications withsuspiciousvendors

DataAnalytics•AP and GLanalytics

•VendorAudits

► Transaction analytics

► Traditional Shared element testing and advanced analytics establishing Actor proximity, family/friendship relationship etc

► Document review and establish confidential information passed to vendor

► Suspicious email communication with vendors

► Evidence of disproportionate assets and living beyond means

► Dashboard reporting answering the 5W and H principle

► Transaction analytics

► Traditional Shared element testing and advanced analytics establishing Actor proximity, family/friendship relationship etc

► Document review and establish confidential information passed to vendor

► Suspicious email communication with vendors

► Evidence of disproportionate assets and living beyond means

► Dashboard reporting answering the 5W and H principle

What we did…What we did…

Page 18

Sample tests

BID RIGGINGCorruption: Bid Rigging Compare inventory levels and turnover rates on a by project or by product basis, by region

Corruption: Bid RiggingInventory written-off and then new purchase made (total write-offs and quantities purchased byproduct)

Corruption: Bid Rigging Compare contract awards by vendor (number of contracts won compared to bids submitted)Corruption: Bid Rigging Sole sourced contracts - number of bids per contract

Corruption: Bid Rigging

Check for vague contract specifications: (i) amendments, extension, increases in contractvalues, (ii) total number of amendments, (iii) original delivery date and final delivery date, (iv)original contract value and final contract value

Corruption: Bid Rigging Check for split contract (same vendor, same day)Corruption: Bid Rigging Bids submitted after bid closing dateCorruption: Bid Rigging Last bid wins

Corruption: Bid RiggingLow bidder drops out, and subcontracts to higher bidder (compare contractor with invoicepayee)

Corruption: Bid Rigging Fictitious bids - verify bidders and prices

Page 19

Sample tests

CONTRACT ANALYSIS & ILLEGAL GRATUITIESCorruption: Contract Analysis Non-standard agent agreementsCorruption: Contract Analysis Contracts not signedCorruption: Contract Analysis Contract signed after payment dateCorruption: Contract Analysis Missing contracts/gaps/missing pages in contractCorruption: Contract Analysis Multiple amendments/appendices to contract vs. other contractsCorruption: Contract Analysis Fixed payments (no commission basis)

Corruption: Contract AnalysisHigh commission percentages paid as compared to other regions or agents (i.e. greater than10%)

Corruption: Contract Analysis Unusually low commissions as compared to other contractsCorruption: Contract Analysis Unusual commission structure as compared to other contracts (i.e. x% + y%)Corruption: Contract Analysis Fixed payment plus a commission % when other contracts are pure commissionCorruption: Contract Analysis Commission payment prior to sale or delivery to customer (advances paid)Corruption: Contract Analysis Payment inconsistent with contractCorruption: Contract Analysis Contract does not contain FCPA language

Page 20

Sample tests

BRIBERY & KICKBACKSCorruption: Kickbacks Agent has a past criminal history or media allegations of corruptionCorruption: Kickbacks Check for large expense reimbursements or petty cash increases prior to obtaining a large contractCorruption: Kickbacks Compare order quantity to optional reorder quantityCorruption: Kickbacks Check business volume by agent by vendorCorruption: Kickbacks Compare quantities ordered and receivedCorruption: Kickbacks Check for inferior goods (number of returns by vendor)Corruption: Kickbacks Check for purchasing more expensive inventory than required (compare purchase prices)Corruption: Kickbacks Check for one time vendor payments or inactive vendors who suddenly or sporadically become activeCorruption: Kickbacks Analyze credits and free goods as a percentage of total sales by customer or distributorCorruption: Kickbacks Analyze credits and free goods as a percentage of total sales by region or divisionCorruption: Kickbacks Payment made in cashCorruption: Kickbacks Cash disbursement journal has inconsistent vague business purposes or no tangible work performedCorruption: Kickbacks Payment not associated with any customer or customer POCorruption: Kickbacks Payment inconsistent with customer PO payments

Corruption: KickbacksAnalysis of donations to charitable organizations. How are charitable donations approved and tracked inthe GL? Can gifts or donations be processed through employee expense reports?

Page 21

Other innovations for mitigating fraud risk

Page 22

► 72% of respondents believe that emerging big data technologies can play a keyrole in fraud prevention and detection.

► Yet only 7% of respondents are aware of any specific big data technologies, andonly 2% of respondents are actually using them.

► For those survey respondents integrating more advanced FDA technologies, wesee notable differences in FDA results and recoveries, among otherobservations.

► Language variations

Big data has big potential – Globalisation!

Page 23

Social Media Analytics – high risk vendors,customers or employees (live feeds from Twitter and other sources)

Page 24

Customized rogue trader and insider trading, library of pressure, opportunity and rationalizationkeyword terms leveraging EY’s existing library of over 3,000 keywords co-developed by theACFE , financial services professionals and PhD linguists.

Fraud triangle analyticsBased on terms around pressure, opportunity and rationalization*

*Pressure, opportunity and rationalization based on Cressey’s Fraud Triangle Theory

Page 25

Scott Clary, CFE, ERMMPrincipal, EYFraud Investigation & Dispute ServicesHouston713-750-1593scott.clary@ey.com

Q&A

EY | Assurance | Tax | Transactions | Advisory

About EYEY is a global leader in assurance, tax, transaction andadvisory services. The insights and quality services wedeliver help build trust and confidence in the capitalmarkets and in economies the world over. We developoutstanding leaders who team to deliver on ourpromises to all of our stakeholders. In so doing, we playa critical role in building a better working world for ourpeople, for our clients and for our communities.

EY refers to the global organization, and may refer toone or more, of the member firms of Ernst & YoungGlobal Limited, each of which is a separate legal entity.Ernst & Young Global Limited, a UK company limited byguarantee, does not provide services to clients. For moreinformation about our organization, please visit ey.com.

Ernst & Young LLP is a client-serving member firm ofErnst & Young Global Limited operating in the US.

© 2014 Ernst & Young LLP.All Rights Reserved.

1406-1268091ED none

This material has been prepared for general informational purposesonly and is not intended to be relied upon as accounting, tax, or otherprofessional advice. Please refer to your advisors for specific advice.

ey.com