A transparent procurement process is the antidote to the impediment of corruption, ensuring that public resources are used for the greater good, not personal gain.
Quality means doing it right when no one is looking
Where would you start? If you are ever put in the position of putting together an assessment of whether your organisation has adequate corruption and procurement fraud risk mitigation in place, after taking a deep breath, an initial focus should be on planning a risk assessment of your organisation's procurement lifecycle and compliance capability.
There is no one size fits all approach to evaluating the external and insider threats that an organisation can face from corruption and procurement fraud including the mitigation procedures that should be put in place to counter these risks. Such an assessment shouldn’t be a tick box approach of common risks or controls but to design an organisation's anti-corruption framework in response to its corruption risk assessment.
There are many areas to consider in a risk management approach from vendor onboarding, manipulation of procurement route, pre and post award stages, contract management, and the end of life and disposal of assets to name but a few. A walk through of your processes and compliance programmes with the relevant organisation expertise including finance, procurement, projects, quality assurance, and projects will further identify risks from different perspectives and expertise.
Corruption and insider threats are not just about individuals with malicious intent; they also encompass those who unwittingly create vulnerabilities through carelessness or lack of awareness.
When evaluating risk mitigation requirements an assessment should first be conducted to determine which are the key risk areas, this will ensure that your organisation can properly task and coordinate its finite resources.
Part of the problem in assessing risk is the availability or access to information including limited identification of data sources that are of value to the assessment, which in itself can be a significant risk where assessments are being made with only half of the available data.
Many organisations have departments that protect their own data and don’t share it with other departments including compliance, which can create a situation where the scale of a problem is underestimated or unknown.
CORRUPTION RISK - A CASE STUDY
A case example includes an investigation surrounding an insider threat and the improper award of single source consultancy contracts and procurement risk management. The conclusion of the investigation confirmed that an individual within the project team who received the initial consultancy requirement had set up his own recruitment company to facilitate the award of consultancy services through his own recruitment company that was managed by his wife.
Following the conclusion of the investigation and became clear a year later was that an audit of the organisation's single source procurement procedures, during the period of the investigation, had been conducted without the knowledge of the investigation team. The conclusions of the audit raised significant concerns surrounding the gaps in the justification and authorisation process including the control failures in a significant number of single source contracts.
The disconnect between departments within the same organisation meant that if this information had been shared with the investigation team at the time, then they might have better understood the scale of the risk and had the opportunity to assess whether other cases or individuals were involved.
MAPPING CORRUPTION RISK IN SINGLE SOURCE PROCUREMENT
Corruption risk in single source procurement can be created from the absence of competitive pressure, which can lead to favouritism, price manipulation, and subpar service or product quality. A lack of transparency in this procurement route decision making may further exacerbates these concerns, that may lead to fictitious requirement or fictitious vendors.
Reducing corruption risk within single source procurement requires a multi-faceted approach that promotes transparency, fairness, and accountability.
Clearly defined criteria: To minimise corruption risk, establish clear and well-defined criteria for resorting to single source procurement. This should include specific situations where single source procurement is justifiable, such as emergencies or specialised products/services where no alternatives exist.
Rigorous justification and approval process: This process should involve multiple levels of review and authorisation, including input from procurement expert and senior management. Each step should be documented, providing a clear trail of decision-making that can be audited if necessary.
Independent auditing: External auditors should periodically review single source procurement decisions to ensure compliance with established criteria and procedures. This oversight mechanism adds a layer of accountability and transparency to the process.
Market research: Conduct thorough market research to identify potential suppliers and alternatives even before resorting to single source procurement. This will support decision making and value for money.
Rotation of suppliers: Where appropriate, consider rotating suppliers even within single source procurement to prevent undue favouritism.
Compliance and monitoring: Establish mechanisms for continuous monitoring of contract performance and completion and/or provision of goods, works or services. This ensures that the supplier delivers as promised and helps identify any deviations early on.
Single source procurement, while necessary in certain situations, carries inherent corruption risks that can compromise the integrity of the procurement process. By implementing a combination of strategies such as clear justifications, transparent documentation, independent review mechanisms, and enhanced training, governments and organisations can mitigate these risks and ensure that single source procurement remains a tool for achieving organisation objectives rather than a breeding ground for corruption.
RISK MITIGATION FRAMEWORK
To determine whether your organisation has the ability to assess and mitigate its own risk, a number of initial questions should be answered:
Do you have a communication strategy to build organisation culture and respond to corruption and procurement fraud risk?
Do you have a corruption risk and fraud response plan?
Do you have documented investigation procedures?
Have you conducted a project assessment for corruption and procurement fraud risk?
Have you assessed your organisation's capability against BS10501 British Standard, Guide to Implementing Procurement Fraud Controls, and ISO37001: Anti-Bribery Management Systems?
Do you have a structured training programme that outlines current corruption and procurement fraud risk, impact and risk mitigation?
Can your organisation centrally collect and analyse its own data for corruption and procurement fraud risk?
Have you conducted an assessment of your procurement lifecycle for corruption and procurement fraud risk?
Do you have asset tracking as part of your organisation's asset management procedures?
Do you have asset disposal procedures for goods and materials that are obsolete, scrap, damaged or write-offs?
WHAT WILL YOUR APPROACH BE
The answers to these initial questions will give you an insight into whether your organisation has the ability to assess its risk and if it can adequately respond to it. If you are unable to answer these questions fully, then you may want to ask yourself what the potential impact to the organisation is of not having these procedures and mitigation in place.
Reducing corruption risk within procurement is a complex endeavour that requires a combination of policy, process, and cultural changes. By implementing clear criteria, robust approval processes and control measures, independent oversight, and embracing transparency-enhancing technologies, organisations can strike a balance between efficiency, productivity and accountability.
Do you want to work with us?
Book a Strategy Call with us to see how we can positively impact your risk approach
Be the first to receive our latest articles