The inherent tension between corporate policyholders and providers of fidelity bonds and crime insurance has been rising with an uptick in the frequency and losses associated with procurement fraud.
The increasing challenge of preventing, detecting and investigating procurement fraud, we believe, is a source of growing tension between insurance carriers and insured corporations.
Corporations and other organizations have a greater exposure to procurement fraud than most senior managers and board members realize.
Procurement fraud is progressively more elaborate and increasingly technology-driven, and is perpetrated by individuals with significant operational knowledge of the systems they abuse.
Experience in this field suggests that fraudulent practices in the area of procurement are more prevalent than most senior managers believe–and that the amounts involved are larger than might be imagined.
As corporations grow bigger in size and geographic reach, the purchasing cycle encompasses a bigger monetary value and far greater numbers of transactions. The result is a greater temptation and opportunity to commit procurement fraud and a greater challenge to detect and investigate it.
American International Group said it has experience that “shows approximately half of all large fidelity losses are linked to vendor fraud,” according to a statement on their Web site.
And Chubb, in an online posting promoting the need for crime insurance, reports that “the expansion of computers has drastically changed the speed with which fraud can occur,” while “mergers, acquisitions, downsizing, restructuring, rapid expansion and globalization have increased the challenges of maintaining a strong system of internal controls.”
An interesting characteristic of procurement fraud schemes is that despite being common, they are difficult to detect and to investigate, as procurement fraud in general tends to be perpetrated by individuals (employees and/or vendors) who have a deep operational knowledge of the procurement process.
Experience with such cases suggests that these perpetrators have mastered the procurement system over a long period of time prior to striking with a significant volume of fraudulent transactions.
For example, in many cases, procurement fraud occurs under the radar screen by a systematic abuse of delegation of authority and hence goes undetected.
Further, procurement fraud is often perpetrated through collusion, as familiarity and close working relationships between employees in the purchasing and payable units with contractors and service providers may provide an opportunity for complex fraud schemes against the company.
Generally, full understanding of any procurement fraud requires comprehensive fact-finding into numerous elements including:
o The time period and the individual/s involved.
o The methods employed.
o The monetary impact on the corporation.
A fraud investigation is often a long and detailed process that requires the use of dedicated internal and external resources.
The complexity of procurement fraud schemes involve analysis of large transactional data sets, volumes of invoices, numerous e-mail communications and the need to interview personnel in various locations. This often requires retention of legal and forensic resources.
The initial objective of the investigative effort is establishing whether misconduct occurred. If so, employment of responsible individuals could be severed and law enforcement and regulators could be alerted, as needed.
The successful pursuit of an insurance claim under an employee dishonesty or fidelity policy involves establishing that a violation of trust and fiduciary duty occurred.
Establishing a limited number of instances of fraudulent activity may be sufficient grounds to provide an insurance carrier with a notice of discovery and perhaps with a preliminary loss calculation.
But problems may arise if these procedures are not sufficient to successfully address an insurance carrier’s requirement for detailed documentation supporting a loss calculation, and the need to establish the amount of a company’s assets that were stolen or otherwise abused.
The proliferation of electronic signatures, electronic communication and online approval of purchasing orders, invoices and payment requests makes it a considerable challenge to prove that unauthorized actions were made by a fraudster working outside their permitted authority.
Difficulties can occur because corporations seldom keep detailed logs of changes to master vendor files and other data sources that are key to the procurement cycle, making it a significant challenge to establish a direct connection between a changed entry and an individual.
The common denominator in many procurement fraud schemes is the combination of greed and lack or limited controls.
Eradicating greed is most likely impossible. Enhancing controls in each and every single subprocess of the procurement cycle may be an effort worth considering given that fraud is more common where deficiencies in an organization’s control environment exist.
Breakdowns in control are seen in business units in:
o More geographically remote corners of the organization, where the firm’s procedures, culture and morale are weaker.
o In divisions, operations and processes that are not central to a company’s main business.
o In operations that are soon to be discontinued.
o In businesses that enjoy fast growth.
o In units that are subject to severe cost-cutting pressures.
Surveys by my firm have found that the most common methods of fraud detection are tip-offs (35 percent), internal auditing (19 percent), whistle-blowing systems (8 percent) and fraud risk management (4 percent).
The gap between the real effectiveness of internal controls in addressing fraud and the perception that many corporate managements have about them widens in corporations operating in environments that are more tolerant to fraud and corruption.
There are a variety of key factors that make it difficult to prevent and detect procurement fraud, which also contribute to the complexity and cost associated with investigating procurement fraud and bringing an insurance claim.
These factors include:
o Easy to fabricate, legitimate-looking source documentation.
o Frequent use of electronic authorization and electronic signatures.
o Corporate policy that does not match on-the-ground realities.
o Proliferation of outsourcing of accounts payable and shared services units.
o The complexity of data processing systems.
Insurance carriers and corporations recognize it is impossible to eradicate procurement fraud. Thus, it may be advisable to develop ways to tackle the emerging trend of procurement fraud and develop proactive approach to discourage it.
It is also necessary to do away with the widely held myth that an effective corporate antifraud program is virtually complete with the establishment of codes of ethics and whistle-blower programs.
Acknowledging the increasing burden of investigating procurement fraud schemes in light of their breadth and technological sophistication, insurance carriers should allow for greater flexibility in the submission of proof of loss.