11/03/2011

1

Procurement fraud

Chartered Institute ofPurchasing and Supply

10 March 2011

www.pwc.co.uk/brisk

PwC

Agenda

• What is fraud?

• What is procurement fraud?

• The impact of the UK Bribery Act

• Case study

• What steps can be taken to mitigate the risk of procurement fraud?

2

11/03/2011

2

What is fraud?

www.pwc.co.uk/brisk

PwC

Definition of fraud

The Fraud Act 2006 - a person is guilty of fraud if he is in breach of anyof the following:

• Fraud by false representation

• Fraud by failing to disclose information

• Fraud by abuse of position

The person must have acted dishonestly, and that they had to haveacted with the intent of making a gain (temporary or permanent) forthemselves or anyone else, or inflicting a loss on another

4

11/03/2011

3

PwC

PwC Global Economic Crime Survey 2009 - UKfindings

Q: Is fraud on the increase?

A: Almost half of respondents (public and private sector) experiencedfraud in previous year with one third having identified an increase inboth incidence and cost of fraud

Q: Which sector is experiencing higher levels of fraud?

A: Higher level of fraud reported by government and public sector thanother sectors – is this due to greater transparency?

Q: What is the principal concern regarding the impact offraud?

A: Principal concern was the impact of fraud on reputation

5

What is procurementfraud?

www.pwc.co.uk/brisk

11/03/2011

4

PwC

“Procurement is the whole process of acquisition from third partiesand covers goods, services and construction projects. Procurementfraud can involve tendering irregularities, bid-rigging and paymentclaims for goods and services that were not delivered or are inferior towhat was specified as the order.” (Serious Fraud Office)

Fraud can happen at any stage in the procurement process:

7

Definition of procurement fraud

RequisitionPurchase

orderGoods

receivingInvoicing Payment

PwC

Bribery andcorruption

Conflicts ofinterest

Collusion

Common types of procurement fraud

8

Requisition

Purchase order

Goods receiving

Invoicing

Payment

Price fixing and bid riggingBias towards a particular supplier

Inappropriate purchasesFraudulent contract and price variations

Unauthorised product substitutionSupply of substandard items

Failure to deliver fully on contract

Price mischargingFalse invoicing

Diverting paymentsFalse payments

Intercepting and altering payment details

11/03/2011

5

PwC

The typicalorganisationloses 5% of itsannual revenueto fraud

5%

Procurement fraud is a very real threat

Fraudulent billing accountsfor 26% of occupationalfraud cases with the fraudgoing undetected for amedian length of 24months and cost of$128,000ACFE 2010 Global Fraud StudyReport to the Nations onOccupational Fraud and Abuse

26%

Of those respondents who suffered assetmisappropriation fraud in the last. 12months, 71% think it is likely that they willexperience it again in the next 12 monthsPWC Global Economic Crime Survey November 2009

71%77% of UK organisations, thatwere victims of economic crime,reported falling prey to assetmisappropriation

77%

PwC

Who is committing procurement fraud?

• Procurement fraud is most frequently committed by employeesacting in collusion with vendors

• Employees with significant knowledge of the systems

- Fraud is becoming increasingly more elaborate and technologydriven

- Perpetration by middle managers

Where is procurement fraud most prevalent?

• Most prevalent in construction

• Also prevalent in education, housing and telecommunications

10

Who is committing procurement fraud?

11/03/2011

6

PwC 11

Risk of procurement fraud in economic downturn

Fraudrisk

!

“As people lose their jobs andthose still in employment feelmore threatened, the pressureand incentive to commit fraudwill increase.”

Incentive / pressure

Cost reduction exercises weakeninternal control:

• limited segregation of duties

• some procedures suspended

Opportunity

Perpetrators more able torationalise fraudulent activityE.g. “I was entitled to a pay rise,so made up a bit of thedifference in other ways”

Rationalisation

The UK Bribery Act

www.pwc.co.uk/brisk

11/03/2011

7

PwC

Offences under the Bribery Act 2010

13

Active bribery(Offering, promisingor giving a bribe)

Passive bribery(Requesting,agreeing to receiveor accepting a bribe)

Bribery of a foreignpublic official

1 2 3 4

Corporate offence of failure toprevent bribery

• Liability is triggered by aperson acting for or onbehalf of the organisationpaying a bribe

• Defence is that thecompany had in place“adequate procedures”designed to prevent suchconduct

Also the offence of “Consent or Connive”

PwC

Is this relevant to my organisation?

Exposure to bribery risk

• Operations in other jurisdictions

• Business includes large scale projects, tenders or long term contracts

• Private sector dealing with public sector / Public sector dealing with privatesector (e.g. movement of goods through customs and obtaining planningpermission, licences and permits)

• Use of third parties and agents as intermediaries

• Entering into joint ventures / outsource agreements

• Use of gifts, hospitality and entertainment activities

• Political and charitable donations / sponsorship

14

11/03/2011

8

PwC

Procurement’s exposure to the Act?

Passive bribery

• Procurement employees susceptible to receipt of bribes

Corporate offence

• Management of third parties and outsource providers who are required tofollow the organisations policies and procedures

• Receipt of false invoices when others attempt to make facilitation payments

15

PwC

What do adequate procedures look like inpractice?

16

11/03/2011

9

Case study – procurementfraud investigation usingdata analytics

www.pwc.co.uk/brisk

PwC

The false-invoicing scheme

11/03/2011

10

PwC

They are based on transaction testing (red-flags)

• Many false-positives

• Easily avoided by fraudsters

But these are not very unusual

People work late for many reasons

Supplier data is typically inaccurate

Too easily avoided

Traditional data-driven detection methods havelimitations

A new, more analytical, approach is required

Postings late at night

Invalid supplier data

Vendor / employeesharing a bank account

Round-sum amounts

PwC

Comparing the outputs of a traditional approachto a scheme-based approach

Traditional methods producelists of exceptions

Our approach findsinteresting patterns

P Suppliers which look similar to othersA supplier with

unusually sporadic

payments, which are

always processed at

the end of the day,

by a user who

normally deals with

one-time suppliers

P Suppliers which have a period of inactivity

P Suppliers where spend has increasedsubstantially

P Suppliers where one user raises all of thepurchase orders

11/03/2011

11

PwC

Clustering suppliers to find outliers

• Clustering is the process of grouping homogenous entities based on theircharacteristics

Semi-dormantsuppliers

Semi-dormantsuppliers where allthe POs are raisedby one user

One-time suppliers

Preferred suppliers

We can visualise the results of the clustering to visually spot outliers

PwC

The investigation continues

11/03/2011

12

PwC

How we detected a kickback scheme with collusion

• We were then asked to search for other fraud schemes in the data

• We focused on bribery and corruption schemes – given that theBribery Act was on the horizon, our client wanted to demonstrate aproactive stance against bribery and corruption

• We started by using data analytics to look for potential kickbackschemes

• The approach to detecting the kickback scheme was iterative – weused our experience to guide the analytics with investigatorsfollowing up on our leads

• We detected the kick-back scheme using these stages

InvestigateIdentifyoutliers

Search forpatterns

Selectcluster

PwC

Jon Hayton comments on the kickback scheme

11/03/2011

13

PwC

We selected the cluster of suppliers most likely tocontain a kickback scheme

We chose the cluster of preferredsuppliers.

We then analysed user behaviour withinthis cluster.

PwC

We used various techniques to analyse userbehaviour within the cluster

Collusive useractivity

Normal useractivity

11/03/2011

14

PwC

Recap of our scheme-based approach

We look for the holistic impact ofa fraud scheme on the data, notjust individual transactions

We generate events relevant toindividual schemes, and not justred-flags, as these provide aricher picture

We look for outlying patterns inthe data which may indicate afraud

This provides a quicker, more accurate, view of whether fraud exists

What steps can be takento mitigate the risk ofprocurement fraud?

www.pwc.co.uk/brisk

11/03/2011

15

PwC 29

PwC Fraud Wheel

PwC

• Perform data analytics

- Analysing procurement trends, payment patterns and changes inthe mix of products and services procured can provide indicatorsof collusive behaviour

• Carry out integrity due diligence on suppliers

- Analysis of market data and intelligence

- Reputation risk assessments

• Reinvigorate whistleblowing procedures

- A prime tool to foster a culture of transparency and to identifyunethical behaviour

- Traditionally whistleblowing procedures detect less fraud in thepublic sector than the private sector

30

Be proactive to prevent fraud

11/03/2011

16

PwC

• Develop employment screening programmes

- Verification of candidate’s background for employment purposes

- Identify dishonest and undesirable candidates

- Perform criminal record checks

• Implement contract reviews

- Management of contract delivery so that contract value is not lostto the supplier over the duration of the contract

- Value for money testing can result in significant savings

- Identification of overcharging or improper penalty charges

- As well as financial savings, there can be improvements in both thequality of services and risk management

31

Be proactive to prevent fraud

Any Questions?

This publication has been prepared for general guidance on matters of interest only, and doesnot constitute professional advice. You should not act upon the information contained in thispublication without obtaining specific professional advice. No representation or warranty(express or implied) is given as to the accuracy or completeness of the information containedin this publication, and, to the extent permitted by law, PricewaterhouseCoopers LLP, itsmembers, employees and agents do not accept or assume any liability, responsibility or duty ofcare for any consequences of you or anyone else acting, or refraining to act, in reliance on theinformation contained in this publication or for any decision based on it.

© 2010 PricewaterhouseCoopers LLP. All rights reserved. In this document, “PwC” refers toPricewaterhouseCoopers LLP (a limited liability partnership in the United Kingdom) which is amember firm of PricewaterhouseCoopers International Limited, each member firm of which is aseparate legal entity.