Category Archives: Fraud

The Public Sector is Giving Procurement Integrity A Bad Name … Can the Private Sector Fix It?

A recent article over on Global Government Forum on Procurement Integrity: A Big Problem That’s Worse Than Most Organizations Think, pointed out that errors, fraud and abuse in procurement cost governments and organizations millions of dollars every year, and even though recent headlines in the US (TriMark, Booz Allen Hamilton), UK (NHS, Royal Mail), and Canada (ArriveCan) are starting to shine the light on the extent of (public sector) procurement fraud, the problem is still bigger than you think. Much bigger.

Current estimates are that organizations, across the public and private sectors, lose 5% per year due to procurement errors, abuse, and fraud. Given that Global GDP is about 85 Trillion dollars, at 5%, that’s 4 TRILLION dollars estimated to be lost annually to errors, abuse, and fraud. And that’s probably a low-ball estimate due to the fact that we just calculated that Over One TRILLION dollars will be wasted on IT software and services due, primarily, to lack of knowledge and/or outright stupidity (and not malicious intent, but if it’s easy for consultancies and third parties to considerably over bill for legitimate goods and services that you need, imagine how much they are fleecing you for goods and services that you don’t need and may not even receive).

It’s highly likely that the true cost of errors, abuse, and fraud (internal, collusion, and external) is closer to 10% of total GDP, or close to EIGHT TRILLION. That’s at least twice the GDP of every country on the planet except China and the United States. That’s a BIG PROBLEM, which is definitely not being helped by the 100M to Multi Billion Procurement Frauds being reported almost monthly across major western economies — and multi-million dollar fines don’t repair the damage. (They don’t even come close.)

This is damage which Procurement needs to repair — because Procurement is the only department that has any hope of putting proper procedures, processes, and platforms in place to minimize the errors; training the organizational employees on proper procedures and monitoring the implementations to prevent abuse; and putting in place proper detection systems to detect, and prevent, potential fraud and quickly identify and track it when it happens.

Unless all the bucks go through, and stop at, a modern Procurement department run by a CPO who puts in place proper people, processes, and platforms, loss is going to continue to run rampant. Which means that while the public sector is failing us daily, the Private sector has to step up and restore the integrity of Procurement. It can start by utilizing some of the the techniques in the linked article, and continue by continually learning and implementing the best technology and processes it finds to not only uncover significant savings in inflationary times, but return integrity and trust into big business, and give governments who have lost their way a model to follow.

And for more details on Bad Buying to avoid, and how to achieve Procurement with Purpose, the doctor suggests you start by following the great public procurement defender, Peter Smith.

Fraud and Waste are Not the Same Thing — And You Cannot Overcome them Equally

A recent article in BusinessDailyAfrica on how firms can overcome fraud and wastage in technology procurement had some good advice, but it missed some key points, especially since you can’t treat fraud and wastage equally if you want to truly combat fraud and wastage in real time.

The article notes that when it comes to the adoption of new technologies, organizations allocate substantial budgets that provide fertile ground for funds to be siphoned through fraud, which is sort of true, but usually what happens is a plethora of change orders and upsells at multiples of what the organization should be paying, which is not fraud when the vendor delivers, but severe wastage.

A bigger concern is, as the article notes, manipulation of procurement processes encompasses practices such as bid rigging or collusion with service providers, kickbacks and bribery, false invoicing, misrepresenting specifications and capabilities of products and services, channelling payments through shell companies solely to facilitate bribery, conflict of interest, and disguising procurements to bypass processes, which has nothing to do with the tech budget, and which happens whether or not the company implements new tech or not, whether the decisions are ill-considered or not, whether the decisions are rushed or not, etc.

The reality is this: if a company has a lot of money and fraudsters believe it, or its processes, can be exploited for fraud, they’ll try. And while adequate planning, centralization of tech decisions, robust implementation of strategies, and controls can curb fraud and wastage, that’s not always enough.

The only way to minimize and prevent fraud is

  1. identify each type of fraud attempt that your organization is likely to get hit with
  2. for each type of fraud,
    1. identify processes that can be exploited, and change them to minimize exploitation
    2. implement specialized technology or algorithms to look for it and alert people to the potential — in real time (before money changes hands)
    3. educate your people on what valid payment requests look like, what typical fraud looks like, and when to ask questions and/or escalate it up the chain (possibly all the way to the CFO if necessary)
    4. anytime a fraud slips through, besides trying to immediately stop-payment, immediately do a post-mortem to figure out the root cause and update the process, technology, or detection methodology; fraudsters are always upping their game, so you need to always be upping yours

And when the doctor says you have to identify and target each type of fraud (scheme/scam) separately, he means it. There’s no one-size-fits-all for fraud, but there are technologies, techniques, and targeted theorem tabulations that can rather reliably progressively prevent frequent frauds.

Nor is it as simple as just throwing a bunch of analytics at the problem, as this recent article that purports to prevent procurement fraud with analytics that was published as a think tank article in SupplyChainBrain (which, as you can guess, really upset the doctor when think tank articles in Supply Chain Brain should be the best of the best and this was barely acceptable). Apparently the doctor will have to include Procurement fraud in his list of topics for his Source-to-Pay+ series because the state of information being provided to you is, for the most part, sorry and sad.

But waste is entirely different. As we alluded above, that typically takes the following forms:

  • frequent change orders during implementation, usually billed at excessively high day rates as they have to “divert resources” or “work overtime”
  • unnecessary customizations or real-time integrations that are an extensive amount of work (and cost) when out-of-the-box or daily flat-file synchs are more than sufficient
  • extensive “process evaluation” or “process transformation” processes that are well beyond what you need to eat up consulting hours
  • extensive “best practice” education when your practices are good enough for now and/or those best practices are already encoded in the system and just following the default process gives you the same education
  • additional seats or licenses you really don’t need (but you are convinced somehow that you do) (which don’t get used and just sit on the v-shelf)
  • etc.

Basically, you go in for a penny, and they take you on a joyride that costs a pound. They deliver the minimum at each step of the way so you can’t technically accuse them of fraud, but they end up making sleazy used car salesmen look good!

Roughly Half a Trillion Dollars Will Be Wasted on SaaS Spend This Year and up to One Trillion Dollars on IT Services. How Much Will You Waste?

Before we continue, yes, that is TRILLION, numerically represented as 1,000,000,000,000, repeated twice in the title and yes we mean US (as in United States of America) dollars!

Gartner projects that IT spend will surpass 5 Trillion this year. When you consider that 30% of IT spend is usually for software, and that one third (or more) of software spend is wasted (for unused licenses, which is why we have a whole category of IT and SaaS specialists that analyze your out-of-control SaaS and software spend and typically find 30% to 40% overspend in a few days), that means that roughly half a trillion dollars will be wasted on software this year.

Even worse, Gartner projects that spending on IT Services will reach 1.5 Trillion. And the waste here could be two thirds! Now, we all know that you need IT services to implement, integrate, and maintain those IT systems you buy. But how much do you need? And how much should you pay? Consider that an intermediate software developer should be making 150K a year (or 75/hour), that says that an intermediate implementation specialist shouldn’t be making any more than that, and not billed at more than 3 times that (or 225/hour). But how much are you being billed for relatively inexperienced implementation consultant, with maybe a few years of overall experience and maybe six months on the system that you are installing? the doctor knows that rates of $300 to $500 are not uncommon for these resources that are oversold and overcharged for.

But this isn’t the worst of it. As per our upcoming article Fraud And Waste Are Not The Same Thing, many implementation “partners” will try to get all they can get and make sure that when you go in for a penny, you go in for a pound and they will push for:

  • frequent change orders during implementation, usually billed at excessively high day rates as they have to “divert resources” or “work overtime”
  • unnecessary customizations or real-time integrations that are an extensive amount of work (and cost) when out-of-the-box or daily flat-file synchs are more than sufficient
  • extensive “process evaluation” or “process transformation” processes that are well beyond what you need to eat up consulting hours
  • extensive “best practice” education when your practices are good enough for now and/or those best practices are already encoded in the system you just bought and paid a pretty penny for and just following the default process gives you the same education

That will often double to triple the cost. But that’s not the worst of it. As per comments the doctor has made on LinkedIn, he regularly hears stories of niche providers losing 200K deals because customers said their quote was too low because all the Big X companies quoted over 1,000K for 100K worth of work. Literally. This is because, as the doctor has noted in previous posts and comments on LinkedIn:

  • they don’t have the talent in advanced tech (and even The Prophet has noted their lack of talent in areas of advanced tech in multiple LinkedIn posts, though he has been much more diplomatic than the doctor in discussing their lack thereof; but he did note in a 2024 advice post that consultancies are going to have a hard time attracting talent this year) — for every area, they’ll have a team leader who’s a superstar, two or three handpicked lieutenants who are above average, and then 20 to 40 benchwarmers who are junior and not worth the rate they are charging)
  • they have an incredible overhead — posh offices to house the partners making more than top lawyers who have a lifestyle to maintain
  • they don’t have the knowledge of, or experience in, modern tools — some of which are ten times more powerful than last generation tools; this, of course, means the Big X benchwarmers are using last generation tools which take ten times the manual labour to extract value from
  • etc.

There’s a reason the doctor said that if you want to get analytics and AI right, DON’T HIRE A F6CKW@D FROM A BIG X! and stands by it! Unless you want to pay 1K an hour, you’re not getting that one superstar resource trying to be the front end to two dozen projects that his three lieutenants are trying to manage, all of which are staffed by junior to intermediate individuals who can barely follow the three to five year old playbook.

There’s a reason that The Prophet predicted in his 9th prediction that SaaS Management Solutions [will] Start to Eat Services Procurement Tech and that many companies will go in house if they have tech expertise. Because he realizes that these consultancies will have a hard time not only hiring, but retaining, tech talent when they have hiring freezes, salary freezes, and reduced engagements as more and more companies can’t afford the ridiculous rates they’ve been charging recently. (Companies may not have had a choice during COVID where it was implement on-line collaboration and B2B tech or perish, but now they do.)

But there are still many companies who will, when they encounter a (perceived) tech need, immediately pick up the phone and call Accenture, CapGemini, Deloitte, McKinsey, etc. and bring them in to help them understand who to bring in for an engagement, instead of widening the net to niche providers who are 3 to 5 times cheaper, and who will deliver results at least as good, if not better.

Now, again, the doctor would like to stress that, despite how much he insists they are usually not the right solution for advanced tech implementation, that Big X are not all bad, and sometimes worth more than the high fees they charge. Most of these companies started off as management/operational/finance/strategy consultants and grew big because they were one of the best, and in certain domains, each of these companies still are. But being good at a few things doesn’t mean they are good at everything, and that’s very important to remember.

And while there will be exceptions to the rule (as every one of these companies has some tech geniuses), the reality is that when you need more bodies than there are talented bodies in an entire industry, you’re not going to get them and, because consultancies are not cool when you want to be a tech superstar (and join a startup that becomes a unicorn), the ratio of superstar to above average to average to below average talent in these organizations is much worse than in multinational tech companies (like Alphabet, Apple, Meta, Microsoft, etc.) where you know the majority of their employees are not the best of the best. (Because if they were the best of the best, there’s no way they’d lay off 10,000 employees at a time every time the market jitters.)

In short, manage that IT services spend carefully, or you’ll be double paying, triple paying, or worse and providing a big chunk of the roughly ONE TRILLION DOLLARS in IT services overspend that the doctor predicts will happen (again) this year. (Unless, of course, you agree with Doctor Evil who says, why make trillions when we could make … billions. Because that’s exactly what happens when you overpay for software and services. Don’t expect the Big X to say anything as they get the majority that overspend, and that’s how they stay so [insanely] profitable.)

Detecting that Fraud Permeating Your Supply Chain! Part II

As per a recent post, fraud is permeating your supply chain and your current iZombie platform needs to take a lot of the blame as it lulls you into a false sense of security when it should be sounding all the warning bells and sirens at its disposal.

So what kind of platform do you need?

As per our last post, simply put, a platform with good market intelligence, encoded expert intelligence, (hybrid) AI algorithms, and other modern features that can detect common types of fraud and stop it dead in its tracks. To give you a better idea of what these platforms look like, we’re going to address more types of fraud an organization may encounter and what a platform would need to detect it.

Abnormal Vendor Selection

In our last post we talked about how a good platform can detect unacceptable cost inflation via metric inflation designed to target a certain supplier. This could be done for many reasons — direct or indirect kickbacks to the buyer, financial gain to the immediate or extended family of the buyer, a tit-for-tat arrangement (where the supplier agrees to select a vendor chosen by the buyer that will directly or indirectly benefit the buyer).

But not all abnormal vendor selection is done by way of metric inflation. Some is done by way of weighting a particular geography, a particular type of responsibility or compliance program, a particular association, or something else unusual that will choose a particular vendor that would not normally be used.

A good platform with good analytics and machine learning can detect when unusual characteristics are applied to vendor selection.

Unusual Payment Patterns

Just because there is an invoice that is accepted against a (blanket) PO or for a category / amount that does not require a PO, that is approved by a senior manager or direct, that doesn’t mean that the payment is okay. But a single payment is hard to detect. However, if similar payments show up over and over again and they are not for regular recurring payments like rent, utilities, predictable support services, it might be an indicator of fraud. A good platform will be able to classify and detect repeating payments of this type that are not expected.

This requires good trend analysis applied to non-PO categories not identified as having regular payments of a specific type.

Too Frequent (Automatic) Order Triggers

When a contract for a category is cut, there is an expected demand against an expected order schedule. As a result, there are expected (re) order schedules that shouldn’t vary too much. If they do, either someone is adjusting minimum stock on hand levels or a POS is submitting sales numbers that are higher than actuals to cause too frequent re-orders. But since a good system can compare planned schedules to expected schedules based on market conditions to actuals, this can be detected.

Again, good analytics with dynamic trend analysis against plans and modified plans based on market conditions derived from market data.

Lost Returns

If a higher than usual number of products get marked as defective but a considerable percentage of these don’t make it back to the supplier for credit, that’s typically indicative of fraud. Typically, someone, somewhere is marking good products bad, marking them to be returned, but then insuring they go missing somewhere along the line. Usually a case of high-value product at a time.

But a platform that maintains a record of average defect rates by category (and supplier), average return success by category (and supplier), and average return success for the organization can compute when theft is very likely.

Analysis of rates against expected rates and identification of unusual deviations.

Fixed Asset Fraud

If the platform contains complete service history, industry metrics for average service requirements for the platform by hour of use, and average upkeep and overhead costs, and all of a sudden the service requirements and upkeep costs double for recorded hours of use, then there is a good chance that the asset is being used for non-sanctioned purposes. This is still fraud and theft from the company.

Analysis of costs and life-spans against expected costs and life-spans and identifications of costly deviations.


And again, while platforms aren’t the entire answer, as they might not be able to pinpoint whether it is a warehouse worker, a carrier (driver), or collusion between the two in “lost” return theft, they can certainly detect quickly when the fraud is happening, and then the organization can take steps to identify the perpetuator(s).

Detecting that Fraud Permeating Your Supply Chain!

As per our last post, fraud is permeating your supply chain and your current iZombie platform needs to take a lot of the blame as it lulls you into a false sense of security when it should be sounding all the warning bells and sirens at its disposal.

So what kind of platform do you need?

Simply put, a platform with good market intelligence, encoded expert intelligence, (hybrid) AI algorithms, and other modern features that can detect common types of fraud and stop it dead in its tracks. To give you a better idea of what these platforms look like, we’re going to address each type of fraud an organization may encounter and what a platform would need to detect it.

Unacceptable Cost Inflation via Metric Inflation

If the platform monitors all historical performance metrics and computes trends, it will be able to detect when a quality or reliability metric is out of whack.

If the platform also monitors market costs for the product or raw material according at different volume tiers, it will be able to detect when a cost is most likely more than percentage point above average.

If the platform uses smart algorithms, it will be able to compute a high probability of something being off when the two factors coincide on a category being sourced and alert a senior manager or executive to explore and verify the situation before a buy is made.

Double Fuel Surcharges

A good platform will also integrate with fuel price indices and transportation exchanges and know the average surcharge on fuel for any given region as well as the limits imposed by the organizational contract and immediately detect when a surcharge is out-of-whack, unjustified, or against the contract and prevent a buyer or AP professional from paying the invoice until it is corrected.

Duplicate Invoices

When an invoice comes in, a smart platform will not only insure there is a corresponding PO before it is accepted, but that the total sum of invoices against the PO doesn’t exceed the total value of the PO (and the total number of any unit invoiced doesn’t exceed the maximum authorized amount). Furthermore, it will not allow payment until the total sum of unpaid goods received at least equals the amount invoiced. This will not only make it easy for a human to identify duplicate invoices (where only the invoice number is changed) but duplicate billings, where similar invoices (for unshipped goods) are submitted with only minor changes.

T&E Fraud

You need a T&E system that can enforce spending limits, match establishments with blacklists, find duplicate charges for similar expenses on the same day, pull in expected airline fares in the proper bracket to identify policy violations, and other capabilities that can detect policy violation or over spend.

Distribution Theft

Now, if your organization is large enough, it’s pretty much a guarantee there is going to be theft somewhere along the chain. And if its external theft, that’s not something your system is going to be able to predict. But internal theft, that’s something it should be able to detect.

The fact of the matter is that if there is repeated internal theft, it will follow a patter. Similar types of inventory, coming from similar suppliers, on a small set of routes used by a smaller set of carriers — usually with a small set of common drivers involved. With enough data and data mining, a good platform can identify patterns indicative of inside jobs that can be investigated, identified, and stopped.

 

While platforms aren’t the entire answer, as they can’t detect, for example, true inside jobs by an employee cutting a camera feed or power feed (in a blind spot) on the way out, they are a very large part of the answer.