Many articles have been published about procurement fraud recently, for example through banking account number modification or fake purchases. It has become essential to set up solutions to mitigate this risk. This article will provide you with 6 propositions to help you prevent procurement fraud.
1. Split and define job responsabilities
The Segregation of Duties (SOD) is one way of ensuring that an employee doesn’t have complete control of the procurement process. Involving several people in accomplishing and validating tasks helps prevent fraud and errors. For example, it becomes impossible for a single individual to create false supplier invoices, or to fraudulently edit banking account information. Auditors like to focus on SOD because it is a simple way to control supplier risk.
2. Build workflows for each procurement scenario
It’s important to build workflows (from the purchasing request to the invoice matching). That way, there is always a different approver from the requester.
Approval workflows make it possible to track transactions and prevent fraud. During IT projects, we have often this tendency to set up a general workflow and to manage exceptions with secondary approvals. These process loopholes can be used by fraudsters.
Indeed, exception management processes such as a procedure for special emergency purchases can open a breach in the control process. If there are no clearly established processes, an exceptional purchase could bypass usual controls.
3. Put banking information edits under maximum surveillance
The best way to prevent procurement fraud is to set up a centralized supplier data management tool. Only specific users would then have read/write access to this sensitive data. These edits should go through a specific validation workflow before publication in the financial ERP.
Ensuring data integrity for the entire information system is another benefit of having a centralized tool. Indeed, supplier risk is minimized since the tool acts as the single source of truth. The quality of the data is also improved since duplicates are deleted and the data formats are standardized.
4. Authorize payments only to suppliers that have been validated
Payments should only be authorized to suppliers validated through an activation process. It is key not to allow « ad hoc » supplier creation directly in the ERP to prevent procurement fraud.
5. Set up a « 3-way match » reconciliation
3-way matching consists of comparing the purchase order, the order receipt, and the invoice before approving any invoice. This type of matching must be done for every invoice in order to ensure the correspondence between all the documents.
6. Set up a strong Spend Analysis tool
Recurring analyses must be carried out with specific alerts, such as invoices without PO, budget overruns, contract anomalies, etc. All recurring and unusual spending behaviors must be identified and controlled.
With spend analysis, you can identify who is buying what, when and from whom to better control future spending. Spend visibility is key to Procurement performance.
These 6 simple steps have helped many large to medium size companies to minimize procurement fraud.
Indeed, we strongly recommend you to review your procurement processes at least once a year. This will enable you to ensure that actions are set up to mitigate supplier risk. The evolution of practices and processes within an organization is an open door to new opportunities for fraud.