Editor’s Note: This post is from regular contributor Norman Katz, Sourcing Innovation’s resident expert on supply chain fraud and supply chain risk. Catch up on his column in the archives.

Not long after one of my supply chain fraud presentations I was informed that one of the attendees had gone back to her employer and reported “I think I (now) smell a rat”. The company owner was not able to schedule to attend my seminar so he sent someone in his place, and was quite thankful he did.

(Fortunately it was not the fraudster who the company owner sent to my seminar!)

Indeed a trusted employee had been perpetrating fraud for quite some time and to the tune of somewhere between $60,000 and $250,000. The company owner was quite upset that this employee, who had always been treated very well, had stolen through good times and bad. I told the company owner that fraudsters are rarely concerned about their employer’s fortunes because they are more concerned about their own, even if their frauds affect their co-workers and friends.

If the amount of loss seems a little vague it’s because the company owner made a critical mistake: he investigated the fraudulent activities himself and in doing so exposed the investigation to the fraudster. By performing this investigation himself he scuttled the ability to have caught the fraudster “in the act”, involve law enforcement, prosecute the fraudster criminally or civilly, truly understand how the fraud was perpetrated and the depth & breadth of the fraud itself.

Fraud investigations are not “do-it-yourself” projects to be undertaken by those without experience. I was quite surprised at the simplistic mistakes the company owner made which seemed to defy logic and common sense. These mistakes resulted in the fraudster being blatantly tipped-off that the company was on to him. So what did the fraudster immediately do? He stopped his activities and began to cover his tracks faster than the company owner could investigate. Thus we will never know the true amount of the fraud loss. Further I question whether the fraudster’s methodology was completely understood so that corrective measures could be implemented.

By tainting the investigation the company owner allowed a fraudster to walk away with no punishment. The fraudster was either fired or simply resigned, I cannot recall which. This fraudster is likely to just get a job at another company and perpetrate fraud again. The fraudster will certainly make up a reason for leaving his last company. And what of the reference check? The prior employer can make no mention of any suspected fraudulent activity as it was never properly investigated or proven.

(Laws may further restrict what an employer can and can’t say about an employee, current or previous. But one point is that by not investigating properly and pressing charges no public record of this employee’s misdeeds will ever be recorded. Granted no company wants it made public that they were the victim of fraud; however as word spreads that a company is a victim of fraud isn’t it better publicity to make it known that the fraudster is being prosecuted? Doesn’t this send a better message to employees, suppliers, and customers that fraud will not be tolerated? This is an unfortunate “passing of the buck” that allows fraudsters to move from one company to the next, perpetrating their frauds over again.)

Even on fictional police television shows the need for proper investigative techniques is written into the scripts. Evidence must be secured and analyzed. Leads must be followed-up. Analysis may lead to several different directions where reasoning and investigative techniques will be relied upon to eliminate unlikely roads. Sometimes suspects are allowed to continue their illegal activities to make it easier to trap them and catch them in the act.

You don’t want your accountant performing dental work on you, nor would you (typically) want an attorney fixing a problem on your vehicle. Always ensure you allow those best skilled, experienced, and credentialed to perform the tasks that they are qualified to do. And this includes your fraud investigations.

Norman Katz, Katzscan

Share This on Linked In

Editor’s Note: This post is from regular contributor Norman Katz, Sourcing Innovation’s resident expert on supply chain fraud and supply chain risk. Catch up on his column in the archives.

Late July 2009: A 2-year FBI investigation results in FBI and IRS agents arresting five rabbis, three New Jersey mayors and two state legislators. All that was missing was the partridge in a pear tree.

The alleged frauds included human organ trafficking, money-laundering and political payoffs for favors. The perpetrators were caught when authorities exposed criminal activity through the different criminal enterprises. Monies and goods exchanged hands through business transactions involving domestic and international participants.

The perpetration of these frauds involved lots of people and likely relied on lots of trust. It is only through trusted relationships — honor among thieves — that organized crime can really be successful. Built on an otherwise shaky foundation when one support falls, when one person’s activities are compromised, the entire organizational structure’s stability is compromised to one degree or another.

A simpler analogy may be to say that the more pipes the easier to gum up the plumbing or to picture what happens to a house of cards (or dominos, etc.) when a supporting piece is removed.

When fraud is exposed, trusted relationships are often cast aside and knowledge leveraged to reduce penalties on individual players who would (gladly) sacrifice other participants to spare themselves harsh punishment. Any operational screw-up that resulted in exposure revealing the frauds could cause a domino effect that would ripple through the organization’s infrastructure and could bring down the entire enterprise.

Global supply chains contain many links and thus must rely on trusted relationships. The perpetration of a fraud in one supply chain link may manifest itself differently as it travels down the chain. The ripple effects of such a fraud may be felt at each chain link in terms of disruptions, problems and the need to take corrective actions. The notorious product recalls of the last few years were the result of failed trusted relationships.

What causes trusted relationships to fail? Certainly slip-ups that expose fraudulent behavior are one reason. Another reason is pure and simple greed and this is likely more indicative of trusted relationship failures in supply chains.

Controls must exist to provide parameters within which supply chain relationships function. On the purchase order item identifiers, prices and quantities are the controls which define how much of what is being purchased. The same applies for information on invoices as to what is to be paid. Controls also exist within business software applications like Enterprise Resource Planning systems, whether to limit transaction amounts or restrict functional use based on job role.

Monitoring of the controls provides oversight to ensure the controls are applicable and being followed. Even in criminal enterprises the business of business changes and controls that may have once worked may be rendered less effective or totally ineffective in the new business model.

Overall it’s still the people that matter. Gaps in controls will (only) be exposed by untrustworthy people who place their own greed and desires ahead of those of the enterprise which serves all and including customers, suppliers and employees alike.

Trust in enterprises starts at the top with senior management and flows down through the ranks. The enterprise that has the fortitude to value integrity above all else is certainly representative of one that can be trusted to do what’s right in all situations, and that’s the kind of enterprise you should look to conduct business with whether domestically or internationally.

Norman Katz, Katzscan

Share This on Linked In

Editor’s Note: This post is from regular contributor Norman Katz, Sourcing Innovation’s resident expert on supply chain fraud and supply chain risk. Catch up on his column in the archives.

As a long-time and avid newspaper reader I keep up-to-date with what’s going on locally and nationally, even if I find out the day after. I can’t imagine starting my day without enjoying a healthy breakfast while reading the newspaper. I read through all sections, though I may not thoroughly read each and every article. I also make sure to read through the letters to the editor, not just to find out about goings-on I might have missed, but to gauge outrage or support for a particular topic.

The wife of the Fort Lauderdale (FL) chief of police fired a gun at her husband while in their home and then proceeded to fire off two more shots outside the home as she was chasing him. The police chief’s wife was apparently quite distraught over his suspected cheating which, to my knowledge, has not been proven or disproven. Fortunately no one was injured as she missed not only her husband but also any innocent bystanders. In statements she informed that she did not mean to specifically put a bullet in her husband, but was distraught and looking to get his attention or something to this effect.

During her recent court hearing, the gun charge was thrown out as if no gun was used at all, and the wife was charged with lesser offenses.

Based on the letters to the editor, there is considerable outrage that — it would seem once again — money and political connections favor those who have them in what should be courts of law that are supposed to be neutral ground where only the law should be discussed. This is — from my understanding — especially true in criminal cases where laws are written down and are relatively “fixed”, as opposed to civil cases where precedent (prior case outcomes) sometimes set a standard. The newspaper’s own “news columnist” was also quite direct in his criticism of how this case was handled, and asked whether regular folk in the same situation would have been treated the same.

But there is a bigger issue in here in how this particular courtroom drama is playing out: how the precedent of this case will set a standard for future cases. There is no disagreement that she fired three times from a gun while aiming in the direction of her husband, who has not pressed any charges against her. The outrage from the community is that someone with lesser political connections and financial resources would have been treated much differently — and more harshly sentenced — by the court. With full admission that she did fire a gun three times, how is it possible for this fact to be simply omitted by the court when considering her punishment for breaking the law? Based on quotes in the newspaper from legal experts, quite a few people are wondering about this.

Organizations must set clear rules on how it stands for fraudulent behavior, and must definitively abide by its own rules in administering actions against employees, customers, or suppliers who perpetrate fraud.

To fail to create and publicize clear rules may make it difficult for the organization to punish fraudsters, especially when it’s their own employees. Organizations should not be complacent in believing that all employees understand what constitutes correct behavior, and an employee’s status has shown to not be a good indicator of such knowledge.

To fail to adhere to policies in terms of actions — which may include and require termination — against employees who are found to have committed fraud sends a clear signal to everyone else that the organization lacks the fortitude to follow through and make the hard — yet necessary — decisions. This could easily serve to actually encourage more bad behavior because employees who were possibly on the fence about committing fraud now know that there is no punishment if they get caught.

If your organization does not have policies for behavior and procedures for violations of behavioral standards, there is a risk of allowing bad behavior to be conducted, if not also condoned, and being left with few repercussions to deal with the source of the problem.

Share This on Linked In

Norman Katz, Katzscan