Since we have had corporations, we have had corruption. This is another risk that’s not going away. Plus, fraud is rising rapidly!
Expounding the Pounding
There’s a huge amount of potential corruption and fraud that you need to worry about. It’s not something that anyone wants to talk about but it is something that needs to be talked about a lot more than it is considering that global corporate losses to fraud were estimated at 5 Trillion in 2024, or about 5% of global revenue! Fraud, for now, is the only risk more costly than natural and climate disasters.
When it comes to corruption and fraud, there are three places it can come from: inside (corruption), outside (fraud), and, the hardest to detect, internal and external partnerships (collusion).
Internally, you need to worry about situations like the following:
- disguised procurements to bypass processes (such as split purchases)
- false evaluations / awards
- false expense claims
Externally, you need to worry about situations like:
- supplier impersonation / false supplier
- partial delivery (but full invoice)
- bid rigging and collusion
And when you have parties on the inside and outside collaborating, you might get:
- conflicts of interest
- credit card / p-card fraud
- kickbacks and bribery
And, we’re sad to say, this is just scratching the surface. The reality is that there are at least 15 major types of fraud you need to worry about in Procurement, and some are pretty hard to catch. Properly documenting these and the proper steps you can take to minimize your chances of falling victim isn’t an article, it’s a white paper. I know, I wrote an unpublished one a year ago. But we will give you a few tidbits to get you thinking in the right directions.
Reducing the Risk
In order to truly minimize the risks and reduce your fraud losses to minimal, vs the more-or-less industry average of 5% of revenue, you need to take a lot of precautions. Some of the most important ones are:
TP(C/R)M:Third Party Compliance/Relationship Management and Vetting
You need to ensure that all suppliers, carriers, and other third parties you plan to do business with are real, legitimate, vetted entities and that you have also vetted their owners/directors and vetted with the owners/directors the people you are signing the contracts with and accepting payment instructions from are employees.
CyberSecurity & CyberTracking
You need to install and maintain state of the art cybersecurity and cybetracking and make sure the source of every electronic communication is traced back to its source and the originating domain ALWAYS confirmed. Very smart cybercriminals can not only mask from and reply to fields on emails requesting a change in payment details, but they will register / hack and steal domains that are extremely similar to the company being impersonated. If the company is McDonalds.com, then, guess what, they will acquire (control of) MacDonalds.com and a quick scan of the email headers might be enough to convince even a moderately astute individual the request is genuine.
e-Procurement/Invoice-to-Pay/Accounts Payable
With mandatory minimum 3-way match before ANY payment is approved – NO EXCEPTIONS. The purchase order must match the goods receipt which must match the invoice.
There’s more that must be done, but this is where you start. It will prevent a lot of the common and easily prevented fraud.