The Financial Cost of Fraud and Anti-Procurement Fraud Principles – Part 2

In Part 1 we talked about the six key principles for reducing the risk of procurement fraud in organisations. Let’s go into more detail on the first three today.

  1. It must be clear who is entitled to spend money in the organisation

A basic principle, yet one that often isn’t followed. Only certain people in an organisation should be allowed to commit the organisation’s money to third parties. That doesn’t mean of course that they will do it well or properly, but by restricting the number we do at least reduce the overall field of potential fraudsters. Clarity in this area also makes it more difficult for the fraudster who is discovered to say  “I didn’t know I wasn’t allowed to do it like this.”

Some firms restrict this number, others may have thousands who are authorised to spend. The key point is the clarity though, whatever the chosen policy. It is also important to clarify the difference between a budget holder – who has accountability for expenditure generally – and a procurement authority – someone who can agree contracts with third parties. They may be one and the same person, but that is not necessarily so.

 

  1. Any expenditure committed must be authorised properly

The first and most basic precaution against fraud should be the check on what is being committed to a third party. Does the commitment look appropriate? Are the goods or services the sort of things we would expect to see the organisation ordering? Does the supplier look genuine? Is the commitment within the individuals authority levels? These are the sorts of questions that should be considered by the authoriser of the expenditure.

We often see a temptation to allow more senior managers to place orders without any further authorisation. Apart from very low-value orders, we do not consider this good practice. Evidence suggests that it is often middle and senior executives who commit fraud, which is simply a case of those being the people who have the opportunity to do so. It is not an insult to ask a Director to have their expenditure authorised; it is good practice at any level of the organisation.

 

  1. All entities to which money is paid must be verified and authorised

The principle above gives a basic sense-check of an order. But how do we know that order isn’t going to a dummy company, controlled by the order placer (the fraudster) or their associates? That “supplier” may still supply the goods and services required, or something approximating to them, with the fraud being the nature / quality or quantity of what is provided. Or they may supply nothing, relying on no-one other than the fraudster realising this, or on a time-lag which gives everyone including the internal fraudster the chance to safely disappear before anyone says, “where are those 5000 laptops that we ordered (and paid for)?”

So checking that the entity to whom orders are placed and / or money is paid are genuine is key. Are they a genuine company with a trading history? Do they have a track record? Who are the Directors? Without getting into specifics here, this is clearly an area where appropriate supplier information management processes, systems and tools absolutely come into their own.

Discuss this:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.