A critical appraisal of procurement fraud, including the investigation of such fraud and its prevention.

Procurement Fraud

According to the Annual Fraud Barometer prepared by KPMG (2020), the total value of fraud cases in 2019 that reached UK courts increased to over ￡1 billion. Amongst these cases, procurement fraud increased six fold to ￡16 million within the period with Roy Waligora (KPMG Partner) alluding that “procurement fraud is a key area that businesses need to have robust controls around”.

To begin with, procurement as discussed by the UK National Fraud Authority (2011) is the process of acquiring goods or services to satisfy an individual, group or organisation’s needs. It then defined procurement fraud as a deliberate deception intended to influence any stage of the procure-to-pay lifecycle in order to make a financial gain or cause a loss. Other authors like Vona (2011) contributed by explaining procurement fraud to be the acts of corrupting the purchase decision-making process to ensure that a specific vendor is awarded the contract. Vona’s definition, however, is fractional and only speaks to a component of procurement fraud. The allusion of contracts being awarded to specific vendors via corruptive ways is a section of what procurement fraud entails. The only commonality evident in the definitions by Vona and the NFA is the reference to procurement as a cycle.

The Procurement Cycle

To highlight the cycle of acquiring the best of goods and services at the lowest cost, an assessment of a simple procurement process has been illustrated below. 

Stage 1 commences with the selection of the supplier and subsequently making an order for the required product or service. Stages 2 and 3 deal with the receipt of the order from the supplier and recording the supplier’s invoice into the company’s accounting system respectively. Stage 4 leads to the payment of the supplier’s invoice. A typical procurement fraud in Stage 1 will involve the release of confidential information to particular suppliers to favour their bids in return for kickbacks or suppliers demanding some fee in advance but then disappearing completely without providing the service or goods. Stage 2 frauds include goods or services provided are used for private purposes, and the delivery of sub-standard goods / services to the company by the supplier. In Stage 3, most schemes here will involve fake invoices submitted for payments or original invoices with dubious prices and quantities, creation of dummy suppliers, and the use of connected companies for receiving payments. In stage 4, payment could be transferred to wrong companies.

In light of the discussions above, procurement fraud can therefore be explained as the use of illegal, deceptive and deliberate means to gain an unfair advantage over others in any stage of the procurement cycle.

Donald Cressey’s fraud triangle has always been the foundation used by fraud authorities to explain occupational fraud. Cressey’s theory suggests that a fraudster presented with an opportunity is motivated by pressures to commit fraudulent acts and rationalize the dishonest behaviour (Vona, 2011). Similarly, the elements of rationalisation, opportunity and pressure must be present for procurement fraud to crystallize. In support, Tabuena (2010) details that at any stage of the procurement process, anyone with the knowledge, opportunity, and need can exploit to commit fraud. Additionally, Burchett & Morrow (2017) concur to this linkage when they affirm that, procurement fraud only occurs when an individual has reasons to commit fraud, gets into the right state of mind to do so and recognises an opportunity within the organisation to undertake the exercise. It is for this reason that procurement fraud is normally an inside job that involves collusion between employees and vendors (Tabuena, 2010).

Perpetrators of Procurement Fraud

PwC (2011) and Tabuena (2010) threw light on the issue by asserting that procurement fraud is committed by employees colluding with vendors. Thus, procurement fraud is perpetrated by suppliers external to the organisation, as well as staff within the organisation. This effectively means that procurement fraud can be internally or externally architected. Vulnerability of organisations to this fraud is high because the objective of every good procurement strategy is to acquire the best of goods or services at the lowest possible price with the number of people aspiring to achieve this goal often dependent on the organisation’s size.

Why Procurement Fraud is a problem

First and foremost, procurement fraud is difficult to detect. According to Davies (1995), all other types of frauds result in a loss to the victim. However, procurement fraud often reveals no such loss. For instance, when an employee divulges confidential information to a contract bidder in return for some kind of kickback, the 'loss' in this type of fraud is the difference between the price paid to the supplier and the price which the company would have paid if the information had not been disclosed. In this circumstance, it may be very difficult to detect 'the loss' (Davies, 1995). The argument by Davies is concurred by Murray (2014) and Olsen (2010) who both assert that procurement fraud often goes undetected because it is invisible. According to the National Fraud Authority (2011), most procurement fraud schemes were detected through non-automated means such as behaviour anomalies, reporting suspicions and whistleblowing.

Furthermore, Davies (1995) argues that procurement fraud is a challenge because companies often focus on core business risks. For example, banks focus mainly on banking risks neglecting other areas of the business such as procurement. Others’ focus lie with external frauds and often find it difficult to conceive that employees from within will defraud the organisation. It is the ‘attack’ from within that leads Caulfied and Steckler (2017) to conclude that procurement fraud saddles public and private sector institutions with reputational damage which undermines public confidence in organisational structures and their management.

Lastly, its affiliation with corruption and bribery makes procurement fraud very challenging (Chugunov, 2017). This assumption seems reasonable to make considering bribery and corruption are key elements in all procurement fraud cases (Vona, 2011). Again, the Bribery Act 2010 requires that organisations must take steps to prevent bribery, which invariably can mean that organisations must also take steps to prevent the many forms of procurement fraud.

Methods adopted by procurement fraudsters

Different authors have explored varying methods adopted by procurement fraudsters. For instance, Murray (2014) identified three categories of procurement fraud: buyer/seller confusion, fraudulent activities by the seller, and fraudulent activities by the buyer. Guile (2013) and Deloitte (2014) discussed frauds as circulating between two stages of the procurement cycle; pre-contract award and post-contract award which includes premature opening and altering of bids, unjustifiable extension of time limits, bid-rigging schemes and disclosure of information to specific vendors. Other writers like Wells (2018) have classified it as either internal or external depending on who is fronting the fraud more. What is prevalent in the classifications highlighted by these authors is the fact that procurement fraud can be initiated and executed either by the buyer or the supplier or a collusion between both.

Typical examples therefore include bid rigging, single source procurement, fraudulent invoicing (United States Department of Justice, 2016), vendor kickbacks, invoicing through fictitious vendors, overbilling through existing vendors, personal purchases with company funds. Others include submitting invoices for goods and services not provided or inflated or duplicate bills submitted for payments, bribing company employees to gain or keep the business, delivering goods and services that do not meet specified requirements, colluding with other vendors and colluding with company employees (Wells, 2018). Given the numerous methods, the focus of this section will primarily be on two of these methods: vendor kickbacks and the use of fictitious companies.

Vendor kickbacks and collusion

Kickbacks are given to influence the purchase decision maker (Wells, 2018). Kickbacks range between cash, favours, influence or some other form of bribery and can include the vendor promising a percentage of sales generated from the successful bid to the insider (Burchett & Morrow, 2017). This type of fraud occurs in Stage 1 of the procurement cycle and cuts across all business types. For instance, in 2008, French pharmaceutical company Sanofi was sanctioned for giving kickbacks to government procurement officials and healthcare providers in order to be awarded tenders and increase prescription of its products (Agnew, 2018). 

This originates from the procuring officer having an undisclosed relationship with the vendor providing the service. By virtue of this relationship, the supplier is resolved to benefit from the most advantageous deal offered by the buyer and in return, something must part way.

Exploiting the use of Fictitious Companies

Fictitious or Shell companies can be set up or used to bid for tenders and, where contracts are won, payments are demanded up-front before services are provided. The goods or services may either not be provided or only partially supplied. Websites can be created to support the appearance of the legitimacy of this fictitious company.

A company can also be set up with a name similar to a well-known company and used to bid for work. Here, fictitious vendors are placed on the supplier’s list and false invoices are created and used to facilitate the theft of monies from the organization (BSI, 2014; Biedron, 2018).

Detection signals and tools

Culprits hide evidence with the hope that no one will find them and so red flags must be observed. Red flags associated with vendor kickbacks include lucrative contracts awarded to specific vendors, lavish lifestyle of procurement staff, staff insistence to work on particular bids and single source procurement for specific contracts. Those associated with shell companies include hastened payments of particular invoices, duplicate or irregular invoices, duplicate names as well as invoices towards end of month. Identifying these red flags early may assist in detecting these fraudulent procurement practices. It can also assist to narrow investigations.

Large corporations who undertake a lot of procurements can detect fraud using shell companies by investing into advanced analytics software (Colombant, 2019). This will help to pre-empt fraud and detect red flags rather than simply discover it after the event has occurred. For instance, the difficulty in manually sorting out large quantity of data in an organisation’s information system will be easily carried out with data analytics software which can easily identify red flags such as duplicate invoices, duplicate names and companies whose names are not on the master vendor list. This data analytics processing will prevent the processing of invoices belonging to shell companies thus mitigating against the fraud. The downside to this is the capital expenditure involved in obtaining such tools and considering the impact fraud has on a company’s bottom line, it stands to reason that an investment will be worthwhile. Subsequently, an appreciation of the procurement process will aid in detecting the control failures existent within the organisation.

Issues arising from Investigations

Procurement fraud investigations like other investigations involve the stages of collection and analyses of data, interviewing witnesses and suspects and finally, reporting the case (Wells, 2018). The efficiency and effectiveness with which these tasks are handled will determine the success or failure of the exercise. This section will focus on the investigation matters that must be considered in the two procurement frauds highlighted previously.

Collecting and analysing data

Wells (2018) says that the reliability associated with information and evidence collection, preservation and storage determines the usefulness of the investigative process. The investigator’s objective therefore is to validate that the fraud actually happened. Investigation is a discreet activity and must be carried out as such, otherwise suspects will frustrate the investigative process by hiding information.

Vendors who offer kickbacks often inflate prices to make up for the bribes. The inflated prices further lead to an overstatement in the contract expenses of the buyer. The use of financial data analysis can be adopted to determine expense growth. The analysis will determine whether the trend observed is in line with expectations or gives room for suspicion. If it is the latter, then answers must be sought to validate the inconsistency. Skepticism and curiosity are essential if reasons will be obtained for the trend inconsistency.

The type of information needed and where to obtain them is crucial during investigations. Investigators must obtain copies of documents like vendor master files, account payable records, purchase orders and invoices, third party contracts, purchase contracts, inventory records, purchase requisitions and electronic documents such as emails, call logs as well as payments made to the suspicious supplier. These should be reviewed to ascertain the credibility of the suspicions. Background information about the supplier /fictitious company could be gathered from Companies House filings, the company’s website or the internet to check consistency, accuracy and credibility. Fictitious companies have particulars of owners and so a trace may need to be done whether they are related to any member of staff. Records of such staff who may be implicated at this stage will have to be reviewed.

Interviewing witnesses and suspects

Wells (2018) agrees that interviews should lead to gathering of additional information; corroboration of physical evidence and to obtain a written confession. However, whether to maintain a record of the interviews or not must be decided before the interview commences, especially if the company intends to prosecute. Wells (2018) suggests that neutral or third party witnesses like vendors, co-workers from other departments should be interviewed first because the necessary information to corroborate the fraud will have been obtained prior to the main suspect’s interview. Questions asked should be clear and must be designed to suggest to interviewees as an intention to make the system better. Wells (2018) further suggests that the suspect’s interview should commence with evidence obtained to encourage confession quicker. 

Reporting the case

The case must be reported concisely and accurately because the report will be used by management and prosecutors for decision making and should include all the evidence obtained and the confession if obtained.

Preventive controls

Implementing controls mechanisms that are sufficient around the procurement cycle is a step in the right direction towards battling this type of fraud (Clements, 2014). Based on the premise that procurement fraud is an inside job, implementing preventive measures are as crucial as the detective and investigative measures outlined previously. Writers like Guile (2013) believe that, procurement fraud is allowed to happen because of lack of awareness and understanding of the risks. Although this is true, Chugunov (2017) disagrees by saying that procurement fraud occurs because controls are too rigid to adapt to red flag patterns exhibited by the fraud. Irrespective of the reasons why it is allowed to happen, the adoption of the following controls can mitigate crystallisation of cases involving vendor kickbacks and the use of shell companies.

Reviews, Reconciliations and Monitoring

Chugunov (2017) argues that perpetrators must be made alert through regular reviews of procurement practices. From previous highlights, vendor kickbacks and use of fictitious companies are perpetuated at stages 1 and 3 respectively of the procurement process by anyone and as such there should be multi-level reviewers scrutinising requisitions, purchase orders, delivery orders and invoices. There should be reconciliation of received goods and services with purchase orders and contracts to ensure they meet stated requirements. Wells (2018) suggests that an exhaustive process for approving new vendors, including address, phone number, and tax identification number verification; review of company websites; contacting references; requiring audited financial statements; and other similar checks are good review schemes to tackle shell companies exploiting the system.

Authorisation controls

In the famous 2004 Boeing controversy with the US Air Force, it was revealed that Darleen Druyun got away with her fraudulent acts because she had a great deal of authorisations with no supervision (May, 2006). Authorisations ensure that there are limits as to what individuals can do Vendor kickbacks is often associated with staffs who have a lot of authorisations and as such one way is to set limits as to authorisation levels for employees within the procurement process.. Authorisations include removing all current permissions and authorities should staff members move departments. This can help in checking the use of shell companies (Guile, 2013).

Physical controls

Organisations must institutionalise physical controls such as regular checking of inventory and services rendered to ascertain they meet the required standards. Organisations must physically check contracts and agreements in place for all unfamiliar and new suppliers prior to payment of invoices. The lack of a centralised master vendor file often leads to shell companies being used to perpetrate fraud and as such a list of approved vendors should be maintained always (Tabuena, 2010).

Segregation of duties

Segregation of duties is an effective control mechanism and a solution proposed by most writers including Guile, Burchett & Morrow and Davies. All the processes within the procurement cycle such as the preparation of the order, approval, delivery confirmation, invoice processing and payments of invoices should be segregated. This goes a long way toward discouraging vendor kickbacks (Wiersema, 2002).

Other controls

Other mechanisms such as whistleblowing, taking concerns seriously, examining long term supplier relationships, educating and creating an awareness of the risks associated with procurement fraud, and anti-bribery and corruption are also effective preventive mechanisms towards tackling vendor kickbacks and the use of shell companies. Finally, the lifestyle of procurement staff must be observed closely and organisations should not hesitate to prosecute fraudsters to serve as deterrents (Olsen, 2010) – an activity which seems to be rising considering that procurement fraud increased six folds in 2019 (KPMG, 2020).

Conclusion

Procurement fraud is one of the most widespread fraudulent practices in the UK accounting for over ￡16 million pounds of cases presented to UK courts in 2019. It is perpetrated through collusion between procurement staffs and suppliers. However, because procurement is a cycle, any party with knowledge, opportunity and need can take advantage to practice this illegality at any stage of the cycle. Unlike other fraudulent acts, however, procurement fraud is considered a major challenge because of the difficulty in detection as well as its close connection with anti-bribery and corruption.

Also, because most procurement frauds involve elements of bribery, organisations must develop mechanisms to detect and prevent procurement fraud. It is reasonable to assume this because the Bribery Act 2010 prescribes that organisations must take steps to prevent bribery, hence, the conclusion that organisations need to develop mechanisms to prevent procurement fraud as well. Vendor kickbacks and the use of fictitious companies are forms of procurement frauds implemented in Stages 1 and 3 of the procurement cycle. Signals that can lead to detecting these include lifestyle changes of procurement officer, submission of invoices towards end of month and particular contractors being awarded specific contracts always. In investigating these frauds, obtaining and adducing evidence is essential. Interview of witnesses and suspect must be carefully performed to corroborate the evidence in hand and to obtain confession. Although detective and investigative mechanisms are important towards fighting this illegality, it is more efficient for organisations to set up preventive mechanisms such as segregation of duties, setting authorisation limits for staff, effective monitoring and review as well as strengthening other internal controls in place.

References

Agnew, H. (2018). Sanofi to pay $25m to settle corruption, bribery charges. The Financial Times. Retrieved from https://www.ft.com/content/c552705c-b062-11e8-99ca-68cf89602132

Biedron, R. (2018). Procurement Fraud and How to prevent it. Retrieved from https://www.purchasecontrol.com/uk/blog/procurement-fraud/

BSI. (2014). BSI Standards Publication. Guide to implementing procurement fraud controls. Retrieved from https://bsol-bsigroup-com.hallam.idm.oclc.org/PdfViewer/Viewer?pid=000000000030282473

Burchett, S. T. & Morrow, L. W. (2017). Fighting the “Fraud Plague” in purchasing and procurement. Petroleum Accounting and Financial Management Journal. 36(2), 72-79. Retrieved from https://search-proquest-com.hallam.idm.oclc.org/docview/1937833418?accountid=13827&rfr_id=info%3Axri%2Fsid%3Aprimo

Caulfield, T. & Steckler, S. (2017). ACFE. Five personality faces of procurement fraud risk. Retrieved from https://www.fraud-magazine.com/article.aspx?id=4294999744.

Caulfield, T. & Steckler, S. (2017). ACFE. Procurement predicament: ‘veils of trust’ hinder detection. Retrieved from https://www.fraud-magazine.com/article.aspx?id=4294996720.

Chugunov, V. (2017). Finding procurement fraud red flags. ACFE. Retrieved from https://www.fraud-magazine.com/article.aspx?id=4294997326.

Clements, D. (2014). Deloitte. Procurement Fraud, should the Middle East be concerned? Retrieved from https://www2.deloitte.com/content/dam/Deloitte/xe/Documents/About-Deloitte/mepovdocuments/mepov13/dtme_mepov13_Procurement%20fraud.pdf.

Colombant, L. (2019). Could your company be victim of procurement fraud? Retrieved from https://www.dhirubhai.net/pulse/could-you-company-victim-procurement-fraud-laurent-colombant/

Davies, D. (1995). Purchasing and Procurement Fraud. Journal of Financial Crime. 2(4). 322-330. Retrieved from https://www-emerald-com.hallam.idm.oclc.org/insight/content/doi/10.1108/eb025658/full/html

Guile, P. (2013). Supply Management. 10 ways to control procurement fraud. Retrieved from https://www.cips.org/supply-management/opinion/2013/december/10-ways-to-control-procurement-fraud/

KPMG (2020). KPMG Fraud Barometer 2019. A snapshot of Fraud in the UK. Retrieved from https://assets.kpmg/content/dam/kpmg/uk/pdf/2020/01/fraud-barometer-2019.pdf

May, C. (2006). Acquisition fraudster lessons learned from Darleen Druyun. Procurement Fraud. Retrieved from https://www.fraud-magazine.com/article.aspx?id=4294967646

National Fraud Authority. (2011). Procurement Fraud in the Public Sector. Retrieved from https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/118460/procurement-fraud-public-sector.pdf.

PwC (2011). Procurement fraud. Chartered Institute of Purchasing and Supply. Retrieved from https://www.cips.org/Documents/Membership/Branch%20Event%20uploads/Ian%20McConnell%20presentation.pdf

Murray, J. G. (2014). Procurement Fraud Vulnerability: A Case Study. Retrieved from https://www-tandfonline-com.hallam.idm.oclc.org/doi/full/10.1080/07366981.2014.920669

Olsen, P. W. (2010). The Anti-Corruption Handbook: How to protect your business in the Global Marketplace. Retrieved from https://ebookcentral.proquest.com/lib/shu/reader.action?docID=487699

The Bribery Act. (2010). Retrieved from https://www.legislation.gov.uk/ukpga/2010/23/section/1

United States Department of Justice (2016). Former Samsung America Director sentenced to 75 months in prison for embezzling more than $1 million. Retrieved from https://www.justice.gov/usao-nj/pr/former-samsung-america-director-sentenced-75-months-prison-embezzling-more-1-million

United States Department of Justice (2016). Prison term and nearly $1 million in judgement ordered against Midamar Founder, Midamar, and ISA. Retrieved from https://www.justice.gov/usao-ndia/pr/prison-term-and-nearly-1-million-judgments-ordered-against-midamar-founder-midamar-and

Tabuena, J. (2010). Techniques to stamp out Procurement Fraud. Compliance Week. Retrieved from https://search-proquest-com.hallam.idm.oclc.org/docview/205408555/5BD6A68BFE664404PQ/3?accountid=13827

Vona, L. (2011). The Fraud Audit: Responding to the risk of fraud in core business systems. (1st edn) Retrieved from https://learning.oreilly.com/library/view/the-fraud-audit/9781118093726/chapter01.html.

Wells, J. (2018). International Fraud Handbook. Retrieved from https://learning.oreilly.com/library/view/international-fraud-handbook/9781118728505/c01.xhtml

Wiersema, W. H. (2002). Preventing fraud in the procurement department. Retrieved from https://search-proquest-com.hallam.idm.oclc.org/docview/200462470?accountid=13827&rfr_id=info%3Axri%2Fsid%3Aprimo