Daily Archives: August 10, 2012

Worried About P2P Fraud? Here’s How to Prevent Even More of It!

In yesterday’s post we reviewed Accounts Payable News’ recent piece on the top six ways to carry out P2P fraud that every Supply Management professional should be aware of BEFORE implementing any P2P system. We did this because, as pointed out by Spend Matters UK Procurement Related Fraud [is] On the Rise (or at least more instances are being caught and prosecuted). The post chronicled four recent high-profile cases, of which two involved collusion between a buyer and a supplier (where the buyer purposely overpaid a supplier or helped them win a bid in exchange for cash kickbacks), one was a purely internal fraud conducted by a sole buyer (who set up dummy corporations that issued false invoices that were paid to a an account the buyer controlled), and one was an external fraud in which a criminal convinced accounts payable to change payment information for a genuine supplier to the criminals’ bank account.

In other words, we had a case of social engineering and supplier payment diversion by outsiders, a case of fictitious invoices for goods not actually delivered by an insider, a case of undermining of control by way of buyer-supplier collusion, and a case of tacit approval of unapproved “handling” costs to a supplier, who would pay a kick-back. All of the frauds Accounts Payable News warned us about have recently occurred in big organizations and ended up as high-profile cases before the courts. And at least three of these could have easily been prevented. Having a second party phone the supplier’s AR department to verify banking would have quickly revealed the social engineering fraud, verifying goods were received would have prevented payment of the fictitious invoices, and mandatory approvals for any costs above contract terms or market rates would have prevented the supplier overpayments. The undermining of control would be difficult to stop if it was a single party feeding a preferred supplier confidential information, but note that this is procurement-related fraud, and not pure P2P fraud.

In other words, as mentioned in yesterday’s post, if one solves two of three situations that are common among procurement frauds, fake data and lack of control to be precise, many frauds can be prevented. And while you can never solve the collusion issue, having to accept that the best you can do is discourage it, the reality is that you can minimize it. As pointed out by the Spend Matters UK,
Motive + Opportunity = Bad Things Happen,
and opportunity can certainly be minimized.

However, as implied by Spend Matters UK, what you really have to worry about is motive. The chance of fraud increases substantially when someone has a motive, and, as further pointed out by the post, motive increases greatly when there is:

  • Financial Need
    If someone is deeply in debt, has a gambling problem, or owes the mob money, that someone is going to be driven to get money anyway he can.
  • Psychologically Defective
    If someone has a pathological desire for thrills, and fraud is their fix, sooner or later, he’s going to try.
  • A sense of Entitlement
    This could take the form of greed, or of jealousy if the individual, who works hard, sees superiors getting big rewards for little effort while the individual gets little or no rewards for a lot of effort.

And while you can’t tell what a person is thinking, some people have easy tells that you can use to evaluate your chance of risk, and put additional controls in place if the chance of risk is high. For example, if a credit check shows the person is bordering on bankruptcy, that person could be more susceptible to opportunities for fraud, or at least to bribes. While it’s not necessarily the case, as some people would rather starve than steal a dollar, it should trigger extra precautions at least until you are sure the person is trustworthy.

In addition, basic psychological testing can often reveal a need to over-achieve or an undeserved sense of entitlement. These people could also pose financial risks to your firm and their financial control should be limited until their performance is adequately measured and your trust has been earned.

The simple fact is that people without a want or a need have no motive, and opportunity means very little to them. While it’s not as easy to weed out motive as it is to lock out a system, if millions are on the line, spend a few hundred on a background check, and if we’re talking an executive, a personality assessment wouldn’t hurt either.