procurement fraud chartered institute ... · in this document,“pwc” refers to...
TRANSCRIPT
11/03/2011
1
Procurement fraud
Chartered Institute ofPurchasing and Supply
10 March 2011
www.pwc.co.uk/brisk
PwC
Agenda
• What is fraud?
• What is procurement fraud?
• The impact of the UK Bribery Act
• Case study
• What steps can be taken to mitigate the risk of procurement fraud?
2
11/03/2011
2
What is fraud?
www.pwc.co.uk/brisk
PwC
Definition of fraud
The Fraud Act 2006 - a person is guilty of fraud if he is in breach of anyof the following:
• Fraud by false representation
• Fraud by failing to disclose information
• Fraud by abuse of position
The person must have acted dishonestly, and that they had to haveacted with the intent of making a gain (temporary or permanent) forthemselves or anyone else, or inflicting a loss on another
4
11/03/2011
3
PwC
PwC Global Economic Crime Survey 2009 - UKfindings
Q: Is fraud on the increase?
A: Almost half of respondents (public and private sector) experiencedfraud in previous year with one third having identified an increase inboth incidence and cost of fraud
Q: Which sector is experiencing higher levels of fraud?
A: Higher level of fraud reported by government and public sector thanother sectors – is this due to greater transparency?
Q: What is the principal concern regarding the impact offraud?
A: Principal concern was the impact of fraud on reputation
5
What is procurementfraud?
www.pwc.co.uk/brisk
11/03/2011
4
PwC
“Procurement is the whole process of acquisition from third partiesand covers goods, services and construction projects. Procurementfraud can involve tendering irregularities, bid-rigging and paymentclaims for goods and services that were not delivered or are inferior towhat was specified as the order.” (Serious Fraud Office)
Fraud can happen at any stage in the procurement process:
7
Definition of procurement fraud
RequisitionPurchase
orderGoods
receivingInvoicing Payment
PwC
Bribery andcorruption
Conflicts ofinterest
Collusion
Common types of procurement fraud
8
Requisition
Purchase order
Goods receiving
Invoicing
Payment
Price fixing and bid riggingBias towards a particular supplier
Inappropriate purchasesFraudulent contract and price variations
Unauthorised product substitutionSupply of substandard items
Failure to deliver fully on contract
Price mischargingFalse invoicing
Diverting paymentsFalse payments
Intercepting and altering payment details
11/03/2011
5
PwC
The typicalorganisationloses 5% of itsannual revenueto fraud
5%
Procurement fraud is a very real threat
Fraudulent billing accountsfor 26% of occupationalfraud cases with the fraudgoing undetected for amedian length of 24months and cost of$128,000ACFE 2010 Global Fraud StudyReport to the Nations onOccupational Fraud and Abuse
26%
Of those respondents who suffered assetmisappropriation fraud in the last. 12months, 71% think it is likely that they willexperience it again in the next 12 monthsPWC Global Economic Crime Survey November 2009
71%77% of UK organisations, thatwere victims of economic crime,reported falling prey to assetmisappropriation
77%
PwC
Who is committing procurement fraud?
• Procurement fraud is most frequently committed by employeesacting in collusion with vendors
• Employees with significant knowledge of the systems
- Fraud is becoming increasingly more elaborate and technologydriven
- Perpetration by middle managers
Where is procurement fraud most prevalent?
• Most prevalent in construction
• Also prevalent in education, housing and telecommunications
10
Who is committing procurement fraud?
11/03/2011
6
PwC 11
Risk of procurement fraud in economic downturn
Fraudrisk
!
“As people lose their jobs andthose still in employment feelmore threatened, the pressureand incentive to commit fraudwill increase.”
Incentive / pressure
Cost reduction exercises weakeninternal control:
• limited segregation of duties
• some procedures suspended
Opportunity
Perpetrators more able torationalise fraudulent activityE.g. “I was entitled to a pay rise,so made up a bit of thedifference in other ways”
Rationalisation
The UK Bribery Act
www.pwc.co.uk/brisk
11/03/2011
7
PwC
Offences under the Bribery Act 2010
13
Active bribery(Offering, promisingor giving a bribe)
Passive bribery(Requesting,agreeing to receiveor accepting a bribe)
Bribery of a foreignpublic official
1 2 3 4
Corporate offence of failure toprevent bribery
• Liability is triggered by aperson acting for or onbehalf of the organisationpaying a bribe
• Defence is that thecompany had in place“adequate procedures”designed to prevent suchconduct
Also the offence of “Consent or Connive”
PwC
Is this relevant to my organisation?
Exposure to bribery risk
• Operations in other jurisdictions
• Business includes large scale projects, tenders or long term contracts
• Private sector dealing with public sector / Public sector dealing with privatesector (e.g. movement of goods through customs and obtaining planningpermission, licences and permits)
• Use of third parties and agents as intermediaries
• Entering into joint ventures / outsource agreements
• Use of gifts, hospitality and entertainment activities
• Political and charitable donations / sponsorship
14
11/03/2011
8
PwC
Procurement’s exposure to the Act?
Passive bribery
• Procurement employees susceptible to receipt of bribes
Corporate offence
• Management of third parties and outsource providers who are required tofollow the organisations policies and procedures
• Receipt of false invoices when others attempt to make facilitation payments
15
PwC
What do adequate procedures look like inpractice?
16
11/03/2011
9
Case study – procurementfraud investigation usingdata analytics
www.pwc.co.uk/brisk
PwC
The false-invoicing scheme
11/03/2011
10
PwC
They are based on transaction testing (red-flags)
• Many false-positives
• Easily avoided by fraudsters
But these are not very unusual
People work late for many reasons
Supplier data is typically inaccurate
Too easily avoided
Traditional data-driven detection methods havelimitations
A new, more analytical, approach is required
Postings late at night
Invalid supplier data
Vendor / employeesharing a bank account
Round-sum amounts
PwC
Comparing the outputs of a traditional approachto a scheme-based approach
Traditional methods producelists of exceptions
Our approach findsinteresting patterns
P Suppliers which look similar to othersA supplier with
unusually sporadic
payments, which are
always processed at
the end of the day,
by a user who
normally deals with
one-time suppliers
P Suppliers which have a period of inactivity
P Suppliers where spend has increasedsubstantially
P Suppliers where one user raises all of thepurchase orders
11/03/2011
11
PwC
Clustering suppliers to find outliers
• Clustering is the process of grouping homogenous entities based on theircharacteristics
Semi-dormantsuppliers
Semi-dormantsuppliers where allthe POs are raisedby one user
One-time suppliers
Preferred suppliers
We can visualise the results of the clustering to visually spot outliers
PwC
The investigation continues
11/03/2011
12
PwC
How we detected a kickback scheme with collusion
• We were then asked to search for other fraud schemes in the data
• We focused on bribery and corruption schemes – given that theBribery Act was on the horizon, our client wanted to demonstrate aproactive stance against bribery and corruption
• We started by using data analytics to look for potential kickbackschemes
• The approach to detecting the kickback scheme was iterative – weused our experience to guide the analytics with investigatorsfollowing up on our leads
• We detected the kick-back scheme using these stages
InvestigateIdentifyoutliers
Search forpatterns
Selectcluster
PwC
Jon Hayton comments on the kickback scheme
11/03/2011
13
PwC
We selected the cluster of suppliers most likely tocontain a kickback scheme
We chose the cluster of preferredsuppliers.
We then analysed user behaviour withinthis cluster.
PwC
We used various techniques to analyse userbehaviour within the cluster
Collusive useractivity
Normal useractivity
11/03/2011
14
PwC
Recap of our scheme-based approach
We look for the holistic impact ofa fraud scheme on the data, notjust individual transactions
We generate events relevant toindividual schemes, and not justred-flags, as these provide aricher picture
We look for outlying patterns inthe data which may indicate afraud
This provides a quicker, more accurate, view of whether fraud exists
What steps can be takento mitigate the risk ofprocurement fraud?
www.pwc.co.uk/brisk
11/03/2011
15
PwC 29
PwC Fraud Wheel
PwC
• Perform data analytics
- Analysing procurement trends, payment patterns and changes inthe mix of products and services procured can provide indicatorsof collusive behaviour
• Carry out integrity due diligence on suppliers
- Analysis of market data and intelligence
- Reputation risk assessments
• Reinvigorate whistleblowing procedures
- A prime tool to foster a culture of transparency and to identifyunethical behaviour
- Traditionally whistleblowing procedures detect less fraud in thepublic sector than the private sector
30
Be proactive to prevent fraud
11/03/2011
16
PwC
• Develop employment screening programmes
- Verification of candidate’s background for employment purposes
- Identify dishonest and undesirable candidates
- Perform criminal record checks
• Implement contract reviews
- Management of contract delivery so that contract value is not lostto the supplier over the duration of the contract
- Value for money testing can result in significant savings
- Identification of overcharging or improper penalty charges
- As well as financial savings, there can be improvements in both thequality of services and risk management
31
Be proactive to prevent fraud
Any Questions?
This publication has been prepared for general guidance on matters of interest only, and doesnot constitute professional advice. You should not act upon the information contained in thispublication without obtaining specific professional advice. No representation or warranty(express or implied) is given as to the accuracy or completeness of the information containedin this publication, and, to the extent permitted by law, PricewaterhouseCoopers LLP, itsmembers, employees and agents do not accept or assume any liability, responsibility or duty ofcare for any consequences of you or anyone else acting, or refraining to act, in reliance on theinformation contained in this publication or for any decision based on it.
© 2010 PricewaterhouseCoopers LLP. All rights reserved. In this document, “PwC” refers toPricewaterhouseCoopers LLP (a limited liability partnership in the United Kingdom) which is amember firm of PricewaterhouseCoopers International Limited, each member firm of which is aseparate legal entity.