17 December 2013 | Paul Guile
2013 has been an interesting year and I have travelled from one side of the globe to the other talking about procurement fraud-related issues to a range of companies in various sectors. I would like to thank all the people I have met who have been helping CIPS promote the global anti-procurement fraud message.
To close out 2013, I have put together a 10-point procurement fraud control plan to help your organisation reduce the risk of procurement fraud.
1. Ensure the risk of procurement fraud is acknowledged on your company risk register, and there is a risk owner who has overall responsibility in the organisation.
2. Ensure all staff who are able to make or are involved in financial decisions are trained how to identify procurement fraud. Don’t dismiss minor red flags indicating possible fraud such as a perceived close relationship with a supplier that may be closer than you think.
3. Ensure a three-way match is carried out. So, do the amounts documented on the requisition, purchase order and invoice all align? Don’t forget the delivery note and also check against the contract schedule.
4. Staff members often move to other departments within an organisation. If a staff member moves departments, remove all of their current permissions and authorities and add the permissions applicable to their new role.
5. Ensure the procurement process is followed and is enforced. Has an order been placed before the procurement paperwork has been raised? If so, why?
6. Segregation of duties is a recognised procurement fraud barrier but is not always enforced. In addition, a two-person system should be implemented to define who can either add or delete a supplier from the approved supplier list or change a supplier’s bank account number.
7. When auditing suppliers (both framework and non-framework suppliers), identify the sub-contractors. Do your contracts stipulate that sub-contractors must be agreed to by your organisation before they are engaged?
8. Implement a variation limit for costs on both contracts and on projects. If the costs go over an agreed limit, the reasoning can be explained and investigated before it is too late.
9. Is your organisation proactive in preventing procurement fraud? It is worthwhile carrying out proactive data set matches of your staff against suppliers looking for shared bank accounts, address and telephone numbers. There is other information that can be gleaned from this data apart from conflicts of interest such as suppliers sharing office buildings that you didn’t know about.
10. Analysing your spend patterns with your suppliers will ensure you are spending what you think you are. Check that your procurement thresholds are being followed and there isn’t evidence of splitting orders to circumvent tender thresholds.
Have a good Christmas and see you in 2014.
☛ Paul Guile is CIPS global procurement fraud advisor.