Divide and control – procurement protection

The procurement cycle can be complex with multiple opportunities to conceal significant losses to fraud and corruption. The good news for fraudsters is that, irrespective of sector or industry, there is always a need to procure goods and services (often urgently). The still better news for fraudsters is that with the prevention and detection eyes most focused on the finance department, fraud risks through procurement are often overlooked.

In essence, procurement fraud is a deliberate deception intended to influence any stage of the procure-to-pay lifecycle for financial gain or to cause a loss. A particularly complex offence (and increasingly so with outsourcing, partnerships and provider/commissioner arrangements), procurement fraud is difficult to detect and measure and can be carried out by those inside or outside an organisation – often with most success when there is an element of collusion.

The lifecycle can involve so many different people and departments that tackling fraud becomes a major challenge – it can occur not only during the tendering and award phases but also at the pre-tender and post-contract award stages. The opportunities for fraudsters range from false/duplicate/double/inflated invoicing, false payments, altered payment details and diverted transfers, under-delivery (quality and/or quantity), to price fixing, bid rigging and over pricing.

Sounds depressing and too big to tackle? Rather than viewing the procurement cycle as a single process, the key is to ‘unbundle’ it and focus on the different stages and operations in finer detail – for it is often in the detail that the devil lies. Each stage should have its own policies and procedures and each has its own risks and controls.

The first element to consider is the requirement and specification for goods/services – how is the need decided and checked?

Then consider budgets – as much as the requirement needs a sanity check, so does the budget.

Generally, the most robust processes are the PQQ and ITT stages, however one should never allow complacency to creep into the control environment and regular review is important (especially as personnel and systems often change). It is vital that the system, whether it be paper or IT-based, is secure.

The receipt and evaluation stages of the cycle should be locked-down to the relevant people. How the proposals are received and recorded should be thought through and decisions on scoring/winners, etc. should be documented along with evidence that those making the decisions are qualified to do so (especially on technical matters). The processes should be fully auditable and any patterns or surprises explored to understand if there are any reasons for concern.

After that, negotiating and awarding – often, negotiations can occur after the tender process has closed. If this is the case (and ideally it should not be), who is involved?

If only it ended there…goods and services all too often suffer from a ‘let and forget’ attitude so how do you check on the quantity and quality of goods/services you have received? Good contract management is key to this.

Those who do business with you must be made aware of your organisation’s anti-fraud/-bribery stance and ethical standards. Making clear from the outset that you expect the highest standards of probity is a useful starting point. Raising the understanding of what constitutes procurement fraud with staff who are involved in purchasing is also pivotal in defending the frontline.

‘Prevention is better than cure’ rings true in the lifecycle of procurement as much as it does in medicine.


John Baker
Nick Bennett

Related links

Fraud & bribery