Most organisations will have many projects on-going globally at any one time, but are fraud risks and, in particular, procurement fraud risks fully acknowledged?
Projects as a specific activity are huge buying exercises that require the procurement and management of products and services to design, build and implement products or services.
Because projects are often specialised activities, they generally require some form of additional advice and support in the form of consultancy or the use of other temporary staff such as contractors.
There are many procurement fraud risks to consider when implementing a project. Here are a few common issues I see on a regular basis:
- When the project is being designed, fraud controls are often considered, but procurement fraud is not given the visibility it deserves. Often, the procurement process itself is not considered a risk from both the fraud and operational delivery perspective.
- The risk of temporary contractors is often not fully recognised and projects often run without proper and effective procurement fraud controls and mitigation.
- There is no dedicated procurement fraud resource to support the project teams. The project manager and his or her team are too busy actually delivering on the project. Often, they will recognise procurement fraud risks, but in reality won’t have the time or may not have the expertise to deal with what they’ve discovered.
In these scenarios, a best practice approach may be to:
- Ensure procurement fraud is documented on the project risk register with a dedicated risk owner at the beginning of the project. If one person owns the risk, progress and updates can be tracked and reported on.
- Monitor the activities of contractors, consultants and temporary staff and carry out regular time sheet and activity reviews.
- Have a dedicated resource with the sole responsibility of identifying and investigating any procurement fraud risks. A dedicated and trained procurement fraud resource can work alongside the project without causing disruption or delays and will even enhance the effectiveness of the final outcome.
Case study: An international project organisation
This case study relates to time sheet fraud. An investigation was carried out and found there was a loss of £20,000. This related to one project site and identified fraud by overbilling of hours. The project had multiple project sites.
Further investigation found that by applying the same methodology used on one site, time sheet fraud was discovered at multiple sites. Additionally, multiple ‘ghost workers’ were identified.
There were some red flags straight away that made us uneasy:
The timesheets were controlled by one person, the timesheets couldn’t be produced straight away and the signatures used to sign off workers hours were the same on 25 timesheets.
The total loss was identified at around £900,000.
The moral, as always, is plan for the worst, get in early and stop fraud happening in the first place.
☛ Paul Guile is CIPS global procurement fraud advisor.