Category Archives: Fraud

Fraud and Waste are Not the Same Thing — And You Cannot Overcome them Equally

A recent article in BusinessDailyAfrica on how firms can overcome fraud and wastage in technology procurement had some good advice, but it missed some key points, especially since you can’t treat fraud and wastage equally if you want to truly combat fraud and wastage in real time.

The article notes that when it comes to the adoption of new technologies, organizations allocate substantial budgets that provide fertile ground for funds to be siphoned through fraud, which is sort of true, but usually what happens is a plethora of change orders and upsells at multiples of what the organization should be paying, which is not fraud when the vendor delivers, but severe wastage.

A bigger concern is, as the article notes, manipulation of procurement processes encompasses practices such as bid rigging or collusion with service providers, kickbacks and bribery, false invoicing, misrepresenting specifications and capabilities of products and services, channelling payments through shell companies solely to facilitate bribery, conflict of interest, and disguising procurements to bypass processes, which has nothing to do with the tech budget, and which happens whether or not the company implements new tech or not, whether the decisions are ill-considered or not, whether the decisions are rushed or not, etc.

The reality is this: if a company has a lot of money and fraudsters believe it, or its processes, can be exploited for fraud, they’ll try. And while adequate planning, centralization of tech decisions, robust implementation of strategies, and controls can curb fraud and wastage, that’s not always enough.

The only way to minimize and prevent fraud is

  1. identify each type of fraud attempt that your organization is likely to get hit with
  2. for each type of fraud,
    1. identify processes that can be exploited, and change them to minimize exploitation
    2. implement specialized technology or algorithms to look for it and alert people to the potential — in real time (before money changes hands)
    3. educate your people on what valid payment requests look like, what typical fraud looks like, and when to ask questions and/or escalate it up the chain (possibly all the way to the CFO if necessary)
    4. anytime a fraud slips through, besides trying to immediately stop-payment, immediately do a post-mortem to figure out the root cause and update the process, technology, or detection methodology; fraudsters are always upping their game, so you need to always be upping yours

And when the doctor says you have to identify and target each type of fraud (scheme/scam) separately, he means it. There’s no one-size-fits-all for fraud, but there are technologies, techniques, and targeted theorem tabulations that can rather reliably progressively prevent frequent frauds.

Nor is it as simple as just throwing a bunch of analytics at the problem, as this recent article that purports to prevent procurement fraud with analytics that was published as a think tank article in SupplyChainBrain (which, as you can guess, really upset the doctor when think tank articles in Supply Chain Brain should be the best of the best and this was barely acceptable). Apparently the doctor will have to include Procurement fraud in his list of topics for his Source-to-Pay+ series because the state of information being provided to you is, for the most part, sorry and sad.

But waste is entirely different. As we alluded above, that typically takes the following forms:

  • frequent change orders during implementation, usually billed at excessively high day rates as they have to “divert resources” or “work overtime”
  • unnecessary customizations or real-time integrations that are an extensive amount of work (and cost) when out-of-the-box or daily flat-file synchs are more than sufficient
  • extensive “process evaluation” or “process transformation” processes that are well beyond what you need to eat up consulting hours
  • extensive “best practice” education when your practices are good enough for now and/or those best practices are already encoded in the system and just following the default process gives you the same education
  • additional seats or licenses you really don’t need (but you are convinced somehow that you do) (which don’t get used and just sit on the v-shelf)
  • etc.

Basically, you go in for a penny, and they take you on a joyride that costs a pound. They deliver the minimum at each step of the way so you can’t technically accuse them of fraud, but they end up making sleazy used car salesmen look good!

Roughly Half a Trillion Dollars Will Be Wasted on SaaS Spend This Year and up to One Trillion Dollars on IT Services. How Much Will You Waste?

Before we continue, yes, that is TRILLION, numerically represented as 1,000,000,000,000, repeated twice in the title and yes we mean US (as in United States of America) dollars!

Gartner projects that IT spend will surpass 5 Trillion this year. When you consider that 30% of IT spend is usually for software, and that one third (or more) of software spend is wasted (for unused licenses, which is why we have a whole category of IT and SaaS specialists that analyze your out-of-control SaaS and software spend and typically find 30% to 40% overspend in a few days), that means that roughly half a trillion dollars will be wasted on software this year.

Even worse, Gartner projects that spending on IT Services will reach 1.5 Trillion. And the waste here could be two thirds! Now, we all know that you need IT services to implement, integrate, and maintain those IT systems you buy. But how much do you need? And how much should you pay? Consider that an intermediate software developer should be making 150K a year (or 75/hour), that says that an intermediate implementation specialist shouldn’t be making any more than that, and not billed at more than 3 times that (or 225/hour). But how much are you being billed for relatively inexperienced implementation consultant, with maybe a few years of overall experience and maybe six months on the system that you are installing? the doctor knows that rates of $300 to $500 are not uncommon for these resources that are oversold and overcharged for.

But this isn’t the worst of it. As per our upcoming article Fraud And Waste Are Not The Same Thing, many implementation “partners” will try to get all they can get and make sure that when you go in for a penny, you go in for a pound and they will push for:

  • frequent change orders during implementation, usually billed at excessively high day rates as they have to “divert resources” or “work overtime”
  • unnecessary customizations or real-time integrations that are an extensive amount of work (and cost) when out-of-the-box or daily flat-file synchs are more than sufficient
  • extensive “process evaluation” or “process transformation” processes that are well beyond what you need to eat up consulting hours
  • extensive “best practice” education when your practices are good enough for now and/or those best practices are already encoded in the system you just bought and paid a pretty penny for and just following the default process gives you the same education

That will often double to triple the cost. But that’s not the worst of it. As per comments the doctor has made on LinkedIn, he regularly hears stories of niche providers losing 200K deals because customers said their quote was too low because all the Big X companies quoted over 1,000K for what should be 100K worth of work in their view (and, right or wrong, if a niche firm comes in less with a detailed proposal, they should be evaluated — maybe the Big X, with a very general request, over estimated your requirements and the effort, or maybe the niche firm completely underestimated it — how will you know if you don’t evaluate all the responses?). Literally. This is because, as the doctor has noted in previous posts and comments on LinkedIn:

  • they don’t have always have the talent in advanced tech (and even The Prophet has noted their lack of talent in areas of advanced tech in multiple LinkedIn posts, though he has been much more diplomatic than the doctor in discussing their lack thereof; but he did note in a 2024 advice post that consultancies are going to have a hard time attracting talent this year) — for every area, an average firm will have a team leader who’s a superstar, two or three handpicked lieutenants who are above average, and then 20 to 40 benchwarmers who are junior and not always worth the rate they are charging);  now, as with every general observation, there are exceptions (with some Big X recently acquiring a number of best-in-class technology, analytics, and AI vendors that give them top-notch world class talent, and others actively recruiting top talent form the best tech firms, but every firm is different, and, most importantly, every need is different — it’s up to you to fully qualify your need, review the proposal carefully, and vet the proposed talent, otherwise, it’s your fault if you overpay, fail miserably, and don’t get value
  • some of these firms have an incredible overhead — they got big in good times and built posh offices to house the partners making more than top lawyers who have a lifestyle to maintain (or, in some cases, they just acquired expensive real estate in premiere locations)
  • they don’t always have the knowledge of, or experience in, modern tools — some of which are ten times more powerful than last generation tools; this, of course, means that, in these situations, Big X benchwarmers are using last generation tools which take ten times the manual labour to extract value from
  • etc.

Unless you want to pay 1K an hour, at some of these firms, you’re not guaranteed getting that one superstar resource trying to be the front end to two dozen projects that his three lieutenants are trying to manage, all of which are staffed by junior to intermediate individuals who can barely follow the three to five year old playbook.   (While if you chose a different Big X firm that just acquired a whole consultancy with dozens of top analysts, it’s a different story.)

There’s a reason that The Prophet predicted in his 9th prediction that SaaS Management Solutions [will] Start to Eat Services Procurement Tech and that many companies will go in house if they have tech expertise. Because he realizes that these consultancies will have a hard time not only hiring, but retaining, tech talent when they have hiring freezes, salary freezes, and reduced engagements as more and more companies can’t afford the ridiculous rates they’ve been charging recently. (Companies may not have had a choice during COVID where it was implement on-line collaboration and B2B tech or perish, but now they do.)

But there are still many companies who will, when they encounter a (perceived) tech need, immediately pick up the phone and call their favorite Big X firm and bring them in to help them understand who to bring in for an engagement, instead of widening the net to niche providers who might be 3 to 5 times cheaper, and who will deliver results at least as good, if not better, or, if their proposals won’t cut it, will validate when that multi-million proposal is a great value and will deliver the expected ROI.

Now, again, the doctor would like to stress that, despite how much he insists they are usually not the right solution for specialist advanced tech implementations that aren’t the enterprise systems and suites they usually implement, that Big X are not all bad, and sometimes worth many times more than the high fees they charge. [See when should you use Big X?] Most of these companies started off as management/operational/finance/strategy consultants and grew big because they were one of the best, and in certain domains, each of these companies still are. As they grew, they added more areas and became experts in those.  But no company can, and should, be expected to be an expert in everything!

And while there will be exceptions to the rule (as every one of these companies has some tech geniuses), the reality is that when you need more bodies than there are talented bodies in an entire industry, you’re not going to get them and, because consultancies are not cool when you want to be a tech superstar (and join a startup that becomes a unicorn), the ratio of superstar to above average to average to below average talent in these organizations is much thinner than in multinational tech companies (like Alphabet, Apple, Meta, Microsoft, etc.)  (Because if they were the best of the best, there’s no way they’d lay off 10,000 employees at a time every time the market jitters.)

In short, manage that IT services spend carefully, or you’ll be double paying, triple paying, or worse and providing a big chunk of the roughly ONE TRILLION DOLLARS in IT services overspend that the doctor predicts will happen (again) this year. (Unless, of course, you agree with Doctor Evil who says, why make trillions when we could make … billions. Because that’s exactly what happens when you overpay for software and services. Don’t expect the Big X or Mid-Market to say anything as they get the majority that overspend, and that’s how they stay so profitable.  Plus, they usually need those revenues to deliver what you’re asking for, as ill-defined projects mean they need to make a lot of assumptions and often over engineer to decrease the chance you will be disappointed in the result!  In other words, if you overpay due to your lack of research and preparation, it’s on you. )

Detecting that Fraud Permeating Your Supply Chain! Part II

As per a recent post, fraud is permeating your supply chain and your current iZombie platform needs to take a lot of the blame as it lulls you into a false sense of security when it should be sounding all the warning bells and sirens at its disposal.

So what kind of platform do you need?

As per our last post, simply put, a platform with good market intelligence, encoded expert intelligence, (hybrid) AI algorithms, and other modern features that can detect common types of fraud and stop it dead in its tracks. To give you a better idea of what these platforms look like, we’re going to address more types of fraud an organization may encounter and what a platform would need to detect it.

Abnormal Vendor Selection

In our last post we talked about how a good platform can detect unacceptable cost inflation via metric inflation designed to target a certain supplier. This could be done for many reasons — direct or indirect kickbacks to the buyer, financial gain to the immediate or extended family of the buyer, a tit-for-tat arrangement (where the supplier agrees to select a vendor chosen by the buyer that will directly or indirectly benefit the buyer).

But not all abnormal vendor selection is done by way of metric inflation. Some is done by way of weighting a particular geography, a particular type of responsibility or compliance program, a particular association, or something else unusual that will choose a particular vendor that would not normally be used.

A good platform with good analytics and machine learning can detect when unusual characteristics are applied to vendor selection.

Unusual Payment Patterns

Just because there is an invoice that is accepted against a (blanket) PO or for a category / amount that does not require a PO, that is approved by a senior manager or direct, that doesn’t mean that the payment is okay. But a single payment is hard to detect. However, if similar payments show up over and over again and they are not for regular recurring payments like rent, utilities, predictable support services, it might be an indicator of fraud. A good platform will be able to classify and detect repeating payments of this type that are not expected.

This requires good trend analysis applied to non-PO categories not identified as having regular payments of a specific type.

Too Frequent (Automatic) Order Triggers

When a contract for a category is cut, there is an expected demand against an expected order schedule. As a result, there are expected (re) order schedules that shouldn’t vary too much. If they do, either someone is adjusting minimum stock on hand levels or a POS is submitting sales numbers that are higher than actuals to cause too frequent re-orders. But since a good system can compare planned schedules to expected schedules based on market conditions to actuals, this can be detected.

Again, good analytics with dynamic trend analysis against plans and modified plans based on market conditions derived from market data.

Lost Returns

If a higher than usual number of products get marked as defective but a considerable percentage of these don’t make it back to the supplier for credit, that’s typically indicative of fraud. Typically, someone, somewhere is marking good products bad, marking them to be returned, but then insuring they go missing somewhere along the line. Usually a case of high-value product at a time.

But a platform that maintains a record of average defect rates by category (and supplier), average return success by category (and supplier), and average return success for the organization can compute when theft is very likely.

Analysis of rates against expected rates and identification of unusual deviations.

Fixed Asset Fraud

If the platform contains complete service history, industry metrics for average service requirements for the platform by hour of use, and average upkeep and overhead costs, and all of a sudden the service requirements and upkeep costs double for recorded hours of use, then there is a good chance that the asset is being used for non-sanctioned purposes. This is still fraud and theft from the company.

Analysis of costs and life-spans against expected costs and life-spans and identifications of costly deviations.


And again, while platforms aren’t the entire answer, as they might not be able to pinpoint whether it is a warehouse worker, a carrier (driver), or collusion between the two in “lost” return theft, they can certainly detect quickly when the fraud is happening, and then the organization can take steps to identify the perpetuator(s).

Detecting that Fraud Permeating Your Supply Chain!

As per our last post, fraud is permeating your supply chain and your current iZombie platform needs to take a lot of the blame as it lulls you into a false sense of security when it should be sounding all the warning bells and sirens at its disposal.

So what kind of platform do you need?

Simply put, a platform with good market intelligence, encoded expert intelligence, (hybrid) AI algorithms, and other modern features that can detect common types of fraud and stop it dead in its tracks. To give you a better idea of what these platforms look like, we’re going to address each type of fraud an organization may encounter and what a platform would need to detect it.

Unacceptable Cost Inflation via Metric Inflation

If the platform monitors all historical performance metrics and computes trends, it will be able to detect when a quality or reliability metric is out of whack.

If the platform also monitors market costs for the product or raw material according at different volume tiers, it will be able to detect when a cost is most likely more than percentage point above average.

If the platform uses smart algorithms, it will be able to compute a high probability of something being off when the two factors coincide on a category being sourced and alert a senior manager or executive to explore and verify the situation before a buy is made.

Double Fuel Surcharges

A good platform will also integrate with fuel price indices and transportation exchanges and know the average surcharge on fuel for any given region as well as the limits imposed by the organizational contract and immediately detect when a surcharge is out-of-whack, unjustified, or against the contract and prevent a buyer or AP professional from paying the invoice until it is corrected.

Duplicate Invoices

When an invoice comes in, a smart platform will not only insure there is a corresponding PO before it is accepted, but that the total sum of invoices against the PO doesn’t exceed the total value of the PO (and the total number of any unit invoiced doesn’t exceed the maximum authorized amount). Furthermore, it will not allow payment until the total sum of unpaid goods received at least equals the amount invoiced. This will not only make it easy for a human to identify duplicate invoices (where only the invoice number is changed) but duplicate billings, where similar invoices (for unshipped goods) are submitted with only minor changes.

T&E Fraud

You need a T&E system that can enforce spending limits, match establishments with blacklists, find duplicate charges for similar expenses on the same day, pull in expected airline fares in the proper bracket to identify policy violations, and other capabilities that can detect policy violation or over spend.

Distribution Theft

Now, if your organization is large enough, it’s pretty much a guarantee there is going to be theft somewhere along the chain. And if its external theft, that’s not something your system is going to be able to predict. But internal theft, that’s something it should be able to detect.

The fact of the matter is that if there is repeated internal theft, it will follow a patter. Similar types of inventory, coming from similar suppliers, on a small set of routes used by a smaller set of carriers — usually with a small set of common drivers involved. With enough data and data mining, a good platform can identify patterns indicative of inside jobs that can be investigated, identified, and stopped.

 

While platforms aren’t the entire answer, as they can’t detect, for example, true inside jobs by an employee cutting a camera feed or power feed (in a blind spot) on the way out, they are a very large part of the answer.

Fraud Permeates Your Supply Chain …

As per yesterday’s post, chances are that fraud is running rampant throughout your supply chain. It might not be all that significant in the grand scheme of things — a few points here, a few K there, a few items go missing from the stock room — and might be costing the organization less than an effort to stop the fraud would cost. Or, the organization might be losing 5% of its total revenue, which could be 5M annually if the organization does 100M annually, or 50M annually if the organization does 1B annually. And it’s very likely that you have no clue which end of the spectrum the fraud occupies.

You might be thinking that there’s no way we’re losing 50M a year — all of my categories over 5M are contracted, we monitor inventory and invoices, and all spend over 5K is tied to an invoice or a PO and the rest of the spend is so minuscule that the most we could be losing is 1M or 2M a year but, as we tried to point out yesterday, just because things look good, that doesn’t mean that they are.

For example, your buyer could be colluding with your primary supplier in your 100M category to inflate the quality and reliability metrics to the point that the overall weighting scheme chooses the supplier despite a 3% markup that is going 100% into the seller’s commission, with a 10% kickback to the less-than-honest buyer who inflated the scores. There’s 3M on one category. It’s a far cry from 50M, but let’s say that your organization also lost 20M this year from a “theft” on your main warehouse that was pinned on an organized crime ring. Was it an organized crime? Or an inside job where an employee cut the power on the way out for a big wad of cash and a local band of unorganized yahoos stole the goods? There’s 23M. Then you have carriers charging double fuel surcharges on 100M of freight and another 4M goes down the drain. Then you have the supplier of 20M worth of inventory that submits the same invoice twice with different invoice numbers 50% of the time, which the system doesn’t catch because it matches a PO and/or goods receipt and you overspend another 5M. There’s 28M. And then there’s the high-powered elite sales team that likes to charge “champagne” at the strip club for their “clients”; the marketing elite that thinks high-end dog kennels are “hotel” charges; and the C-Suite that only flies first class, against policy that flights under 4 hours must be business. And all of a sudden that’s another 2M of employee fraud that is slipping through the cracks and we’re at 30M. And we haven’t looked hard yet.

Get the point?

So why is your supply chain rampant with fraud? Simply put, because you don’t detect it.

Why not?

Platform iZombie.

Your platform blinds you to it. Your outdated, last decade platform that barely gets you through an average sourcing event that hasn’t kept up with the time, hasn’t made you smarter, and, in fact, takes you down the same old, beaten, dying path that you’ve been down before again and again.

So what do you do?

Get a better, more modern, platform.

What do you look for?

Stay tuned!