top of page

A New Approach to Prevent the Transfer of Vendor Fraud Risk

Updated: Feb 6

Whose duty is it to protect the revenues of an organisation from fraud and corruption risk? Is a prevention approach used and how is it confirmed that vendors that wish to become a supplier can demonstrate that they mitigate their own risk and that they don't transfer bribery and procurement fraud risk into the procurement lifecycle?

Security is always excessive until it's not enough

In 2012 and again in 2015, Transparency International UK Defence and Security Programme (TI) led by Mark Pyman assessed the ethics and anti-corruption programmes of 163 Defence companies from 47 countries using publicly available information.

Based on the extent of publicly available evidence on their ethics and anti-corruption programmes, companies were placed in one of six bands A to F from extensive evidence through to almost no evidence.

All companies in the index were sent a draft assessment for comment and review.

TI also reviewed information that was internal or confidential to companies. In 2015 Sixty-three companies provided detailed internal information, almost double the number that did so in 2012.


Two-thirds (107 companies) performed in the bottom half of the index (bands D to F), with limited to no evidence of such programmes.

23% (37 companies) provide no evidence at all.

42 companies out of 127 (33%) improved significantly since 2012, by one or more bands. In total, 76 companies (60%) have improved compared with 2012.


The anti-corruption analysis was banded into six areas that included:

  • Leadership, governance, and organisation risk management

  • Company policies and codes

  • Training

  • Personnel and helplines

  • Offsets

This significant piece of analysis and subsequent publication on which companies had been proactive in developing and improving their anti-corruption initiatives highlight a major point. A significant number of companies recognised the importance of anti-corruption and also that their company is perceived as ethical.

When we appraise this simple method of assessing corruption risk, both public and private sectors need to assess the value of its implementation as part of a supplier onboarding process.


Identifying procurement fraud and corruption is always a challenge because of its covert nature. If you are taking steps to check for conflicts of interest, a vendor’s ability to adequately complete the contract including verifying previous performance or that they are low financial risk. If we check that they are compliant with organisation policies such as health and safety or UN Global Compact requirements why wouldn’t we make the same assessment of their proactive approach to counter fraud and anti-corruption approach?


So when considering the areas assessed by Transparency International areas that should be verified when reviewing a vendor's anti-corruption and procurement fraud approach might include:

  • Is there internal anti-bribery communication that includes a leadership message of zero tolerance

  • Is this information published on the company website

  • Do they have a proactive approach to risk management that might include audit and data analysis

  • Do they assess their supply chain for counterfeit or inferior product risk

  • Does a vendor have codes of conduct and anti-fraud and corruption policies

  • Is there an anti-bribery training programme in place or do you provide training to new suppliers?

  • Does the vendor have a hotline and/or helpline for ethical concerns?

If a vendor can’t adequately evidence that they can protect public or private sector revenues or transfer risk particularly in high value projects, would we wish to approve them as a contractor?