Category Archives: Fraud

Detecting that Fraud Permeating Your Supply Chain! Part II

As per a recent post, fraud is permeating your supply chain and your current iZombie platform needs to take a lot of the blame as it lulls you into a false sense of security when it should be sounding all the warning bells and sirens at its disposal.

So what kind of platform do you need?

As per our last post, simply put, a platform with good market intelligence, encoded expert intelligence, (hybrid) AI algorithms, and other modern features that can detect common types of fraud and stop it dead in its tracks. To give you a better idea of what these platforms look like, we’re going to address more types of fraud an organization may encounter and what a platform would need to detect it.

Abnormal Vendor Selection

In our last post we talked about how a good platform can detect unacceptable cost inflation via metric inflation designed to target a certain supplier. This could be done for many reasons — direct or indirect kickbacks to the buyer, financial gain to the immediate or extended family of the buyer, a tit-for-tat arrangement (where the supplier agrees to select a vendor chosen by the buyer that will directly or indirectly benefit the buyer).

But not all abnormal vendor selection is done by way of metric inflation. Some is done by way of weighting a particular geography, a particular type of responsibility or compliance program, a particular association, or something else unusual that will choose a particular vendor that would not normally be used.

A good platform with good analytics and machine learning can detect when unusual characteristics are applied to vendor selection.

Unusual Payment Patterns

Just because there is an invoice that is accepted against a (blanket) PO or for a category / amount that does not require a PO, that is approved by a senior manager or direct, that doesn’t mean that the payment is okay. But a single payment is hard to detect. However, if similar payments show up over and over again and they are not for regular recurring payments like rent, utilities, predictable support services, it might be an indicator of fraud. A good platform will be able to classify and detect repeating payments of this type that are not expected.

This requires good trend analysis applied to non-PO categories not identified as having regular payments of a specific type.

Too Frequent (Automatic) Order Triggers

When a contract for a category is cut, there is an expected demand against an expected order schedule. As a result, there are expected (re) order schedules that shouldn’t vary too much. If they do, either someone is adjusting minimum stock on hand levels or a POS is submitting sales numbers that are higher than actuals to cause too frequent re-orders. But since a good system can compare planned schedules to expected schedules based on market conditions to actuals, this can be detected.

Again, good analytics with dynamic trend analysis against plans and modified plans based on market conditions derived from market data.

Lost Returns

If a higher than usual number of products get marked as defective but a considerable percentage of these don’t make it back to the supplier for credit, that’s typically indicative of fraud. Typically, someone, somewhere is marking good products bad, marking them to be returned, but then insuring they go missing somewhere along the line. Usually a case of high-value product at a time.

But a platform that maintains a record of average defect rates by category (and supplier), average return success by category (and supplier), and average return success for the organization can compute when theft is very likely.

Analysis of rates against expected rates and identification of unusual deviations.

Fixed Asset Fraud

If the platform contains complete service history, industry metrics for average service requirements for the platform by hour of use, and average upkeep and overhead costs, and all of a sudden the service requirements and upkeep costs double for recorded hours of use, then there is a good chance that the asset is being used for non-sanctioned purposes. This is still fraud and theft from the company.

Analysis of costs and life-spans against expected costs and life-spans and identifications of costly deviations.


And again, while platforms aren’t the entire answer, as they might not be able to pinpoint whether it is a warehouse worker, a carrier (driver), or collusion between the two in “lost” return theft, they can certainly detect quickly when the fraud is happening, and then the organization can take steps to identify the perpetuator(s).

Detecting that Fraud Permeating Your Supply Chain!

As per our last post, fraud is permeating your supply chain and your current iZombie platform needs to take a lot of the blame as it lulls you into a false sense of security when it should be sounding all the warning bells and sirens at its disposal.

So what kind of platform do you need?

Simply put, a platform with good market intelligence, encoded expert intelligence, (hybrid) AI algorithms, and other modern features that can detect common types of fraud and stop it dead in its tracks. To give you a better idea of what these platforms look like, we’re going to address each type of fraud an organization may encounter and what a platform would need to detect it.

Unacceptable Cost Inflation via Metric Inflation

If the platform monitors all historical performance metrics and computes trends, it will be able to detect when a quality or reliability metric is out of whack.

If the platform also monitors market costs for the product or raw material according at different volume tiers, it will be able to detect when a cost is most likely more than percentage point above average.

If the platform uses smart algorithms, it will be able to compute a high probability of something being off when the two factors coincide on a category being sourced and alert a senior manager or executive to explore and verify the situation before a buy is made.

Double Fuel Surcharges

A good platform will also integrate with fuel price indices and transportation exchanges and know the average surcharge on fuel for any given region as well as the limits imposed by the organizational contract and immediately detect when a surcharge is out-of-whack, unjustified, or against the contract and prevent a buyer or AP professional from paying the invoice until it is corrected.

Duplicate Invoices

When an invoice comes in, a smart platform will not only insure there is a corresponding PO before it is accepted, but that the total sum of invoices against the PO doesn’t exceed the total value of the PO (and the total number of any unit invoiced doesn’t exceed the maximum authorized amount). Furthermore, it will not allow payment until the total sum of unpaid goods received at least equals the amount invoiced. This will not only make it easy for a human to identify duplicate invoices (where only the invoice number is changed) but duplicate billings, where similar invoices (for unshipped goods) are submitted with only minor changes.

T&E Fraud

You need a T&E system that can enforce spending limits, match establishments with blacklists, find duplicate charges for similar expenses on the same day, pull in expected airline fares in the proper bracket to identify policy violations, and other capabilities that can detect policy violation or over spend.

Distribution Theft

Now, if your organization is large enough, it’s pretty much a guarantee there is going to be theft somewhere along the chain. And if its external theft, that’s not something your system is going to be able to predict. But internal theft, that’s something it should be able to detect.

The fact of the matter is that if there is repeated internal theft, it will follow a patter. Similar types of inventory, coming from similar suppliers, on a small set of routes used by a smaller set of carriers — usually with a small set of common drivers involved. With enough data and data mining, a good platform can identify patterns indicative of inside jobs that can be investigated, identified, and stopped.

 

While platforms aren’t the entire answer, as they can’t detect, for example, true inside jobs by an employee cutting a camera feed or power feed (in a blind spot) on the way out, they are a very large part of the answer.

Fraud Permeates Your Supply Chain …

As per yesterday’s post, chances are that fraud is running rampant throughout your supply chain. It might not be all that significant in the grand scheme of things — a few points here, a few K there, a few items go missing from the stock room — and might be costing the organization less than an effort to stop the fraud would cost. Or, the organization might be losing 5% of its total revenue, which could be 5M annually if the organization does 100M annually, or 50M annually if the organization does 1B annually. And it’s very likely that you have no clue which end of the spectrum the fraud occupies.

You might be thinking that there’s no way we’re losing 50M a year — all of my categories over 5M are contracted, we monitor inventory and invoices, and all spend over 5K is tied to an invoice or a PO and the rest of the spend is so minuscule that the most we could be losing is 1M or 2M a year but, as we tried to point out yesterday, just because things look good, that doesn’t mean that they are.

For example, your buyer could be colluding with your primary supplier in your 100M category to inflate the quality and reliability metrics to the point that the overall weighting scheme chooses the supplier despite a 3% markup that is going 100% into the seller’s commission, with a 10% kickback to the less-than-honest buyer who inflated the scores. There’s 3M on one category. It’s a far cry from 50M, but let’s say that your organization also lost 20M this year from a “theft” on your main warehouse that was pinned on an organized crime ring. Was it an organized crime? Or an inside job where an employee cut the power on the way out for a big wad of cash and a local band of unorganized yahoos stole the goods? There’s 23M. Then you have carriers charging double fuel surcharges on 100M of freight and another 4M goes down the drain. Then you have the supplier of 20M worth of inventory that submits the same invoice twice with different invoice numbers 50% of the time, which the system doesn’t catch because it matches a PO and/or goods receipt and you overspend another 5M. There’s 28M. And then there’s the high-powered elite sales team that likes to charge “champagne” at the strip club for their “clients”; the marketing elite that thinks high-end dog kennels are “hotel” charges; and the C-Suite that only flies first class, against policy that flights under 4 hours must be business. And all of a sudden that’s another 2M of employee fraud that is slipping through the cracks and we’re at 30M. And we haven’t looked hard yet.

Get the point?

So why is your supply chain rampant with fraud? Simply put, because you don’t detect it.

Why not?

Platform iZombie.

Your platform blinds you to it. Your outdated, last decade platform that barely gets you through an average sourcing event that hasn’t kept up with the time, hasn’t made you smarter, and, in fact, takes you down the same old, beaten, dying path that you’ve been down before again and again.

So what do you do?

Get a better, more modern, platform.

What do you look for?

Stay tuned!

Does Trouble-Free Mean Fraud-Free?

Of course not!

Sourcing Innovation has been informing you for years about how fraud can permeate a seemingly trouble-free supply chain and how the following, seemingly mundane, situations can hide serious fraud.

  • Abnormal Vendor Selection
    especially if the vendor has poor quality ratings or significantly higher costs compared to peers
  • Payments Outside the Normal Accounting System
    when it should be easy to ACH or wire the supplier a payment
  • Unusual Payment Patterns
    when most suppliers in the category get paid monthly and one supplier is getting paid bi-weekly
  • Rates Out of Line with Your Company’s Standing in the Market
    when you typically pay 5% less than market average but instead you are paying 5% more
  • Unexplained Lifestyle Improvement in an Employee or Manager
    who used to drive a beaat-up 10-year old Chevy Aveo but now drives a shiny beamer
  • Complaints or Tips
    from whistle-blowers who notice unusual activity beyond the norm

But the following can also indicate fraud:

  • automatic order triggers in a VMI system
    a vendor can manipulate stock levels to indicate a re-order prematurely to increase their revenue
  • more purchase orders than usual
    although it looks like your team is doing a good job by getting more purchases through the system, this could represent collusion between your buyer and a seller to inflate either the sales person commission or the buyer’s bonus by submitting false orders that will just be cancelled or returned at a later date
  • an unusual number of returns
    your buyer could be colluding with an individual at a shipper’s facility to create orders for unwanted goods which will be filled incorrectly; the buyer will then demand a refund and the goods will get lost during the return process
  • more defective returns than usual
    your quality assurance personnel might be accepting inferior products for bribes

The reality is that the supply chain is ripe with opportunities for fraud. These include:

  • Fixed Asset Fraud
    Fixed assets might be used for purposes other than what they are designated for, or used more than they are supposed to be. This misuse can damage the asset or reduce its useful life-cycle.
  • Inventory Fraud
    Your employees help themselves to your inventory and falsify records so that you don’t notice the loss until weeks or months later. They might even falsify good receipts to indicate less was received than actually was.
  • Manufacturing Fraud
    Your supplier might send you a high quality product (from another supplier) during the evaluation process for testing, but then send you inferior products made from inferior materials after the contract is signed that look the exact same – and you don’t notice the problem until you get an extraordinary number of returns due to defects or inferior quality.
  • Picking and Return Frauds
    Your order pickers in your warehouse might be picking extra items during shipment preparation and pocketing them for private off-the-books sales.
  • Distribution Fraud
    One or more boxes of your shipment will not be loaded by the shipper who will falsify records and blame the third party carrier for the loss.

And this is just the tip of the iceberg. So what do you do?

The implications of Crying Thief!

Today’s guest post is from Tony Bridger of Assymetrix Consulting. Got a spending, process, or change management problem? Tony has a solution.

There is an old Nigerian Proverb that runs a little like: “One cry of “Thief!” and the whole marketplace is on the lookout.

However, crying “thief” has serious implications for many business, particularly those public organisations with shareholders who would quickly perceive financial crime as a systemic business process failure.     It is easier for management teams to internally manage fraud than to prosecute. Detection of large fraud is also an admission that both controls and deterrence are failing.   In a recent article, It’s Hard to Find Fraud in Big Spend Stacks …   the advent of AI could provide that vital detection of internal fraud.   It’s a sophisticated solution.

Whilst we are on the subject of proverbs, a key element in fraud management is “prevention is better than cure”. Companies that detect fraud have clearly not created the cultural norms that others take for granted that deter staff from committing fraud.   There are many cultural and technological capabilities that can reduce the incidence of fraudulent activity that are well within the grasp of many businesses.   Deterrence – or risk of detection is a critical cultural message.

With some careful risk analysis, it is quite easy to map out where company fraud is likely to originate. Finance, Procurement and staff expenses are usually the key internal risk areas.   Culturally, one of the first steps is to ensure that there is adequate separation of duties.   In finance, this is simply ensuring that a finance staff member does not have the capacity to both create a supplier vendor master entry – and pay an invoice.   This is a system administration role setting. The creation of “dummy vendors” and subsequent payments is often down to this simple failure.   Making all data elements (Business Number, address, contact details) as mandatory data items also reinforces the message on data integrity.   Many mid to high end systems will also allow user audit trail analysis if required. This simply captures the user-id of the employee accessing the key finance system forms.

For smaller companies, separation of duties can be an issue – but keeping a register of new supplier entries and reviewing this regularly is a key move.   In the procurement space, the person who creates the contract and then manages the winning vendor should also not be one and the same person if possible.   Again, hard to mobilize with limited staff and expertise – but a very clear signal around why is a powerful deterrent.   The idea is not to create a draconian working environment – it is simply ensuring that employees understand that this is designed to protect them – as well as the company.

Where possible, organizations should also use the power of their accounting system to the full.   Many of the low-end accounting systems have decent quality automation for transactions like staff expenses.   From experience, there are some subtle employee mindset changes generated with increased automation.   Almost all of us realize that entering data in to a system creates a record.   Once submitted, unless a request is made to vary the claim – the electronic evidence exists.   Paper can be lost, shredded or misinterpreted.

Almost all staff will recognize that these transactions can be retrieved many years later.   A very good business practice is to engage a vendor that provides duplicate invoice analysis services periodically.   This service can also detect anomalies and “odd” transactions.   A multiple repeated “same value” claim by an employee will almost certainly be found and analyzed. As many of these services are contingent based, they are quite affordable.   Regular auditing can also send clear signals on fraud risk assurance.

However, the combination of separation of duties, increased electronic transaction processing and periodic data analysis should send very clear cultural signals about what is acceptable. Staff will work out the “why?” comparatively quickly.

Organizations cannot effectively function if trust is lacking.   The notion of the cry of thief! Is far more acceptable if good management controls are in place and any subsequent fraud is detected. In effect, it’s a best effort approach to fraud prevention.

Thanks, Tony.