Procurement cards are a valuable tool in creating efficiency within low value purchases that can reduce bureaucracy particularly where an organisation has high volume procurement. However, can this simplicity make insider fraud easier to commit and hide?
Repeated patterns become facts, and when you're in touch with the facts you can predict the future
When an organisation has a high volume of purchasing, in instances where procurement cards are used and if there is limited compliance oversight and asset management, there is an increased likelihood that procurement fraud may occur. To understand the risk your organisation may face you must first look at the common fraud methods.
When procuring items online it is normal practice when going through the eCommerce process to be asked for the purchasers address and the delivery address, it is at this point that a purchaser can illicitly divert items to an address of their choice. This becomes more relevant where purchasing and delivery information is missing when conducting compliance checks.
Theft of assets
Although purchases aren't always tangible such as online training courses, where purchases aren't linked to an asset register there is a greater opportunity for theft or individuals stealing to order either at the time of the order or on delivery of the item.
Breach of procurement policy
Purchasing of items for an individuals personal use or as part of a fraud scheme can be made easier where an organisation doesn't have a strong procurement card policy or compliance program.
Duplicate purchases or more commonly known as double dipping where individuals use the card for payment of expenses and then claim for the expense separately on the organisation expense system.
The online fraud threat from criminals and criminal groups can be seen in many forms from the sale of counterfeit or inferior goods to the sale of materials where, on purchase, no goods are provided. Interpol as part of operation Pangea in 2020 closed down more than 2,500 web links, including websites, social media pages, online marketplaces and online adverts for illicit pharmaceuticals with a similar number in the process of being closed down.
Provision of services
Limiting the types of purchasing that can be carried out and using trusted ecommerce websites may reduce the fraud risk, however where your organisation allows the purchase of services through the procurement card then an increased risk can be created where you are unable to verify whether a service has been provided.
As highlighted within previous articles analysis of purchasing data and compliance with procurement policy and procedures is integral in the detection of fraud risk and also a key part in communicating your anti-fraud culture. Areas of common analysis to identify fraud risk might include:
Missing purchase and goods receipt paperwork
5 way match including requisition, purchase order, invoice, goods receipt and asset register information
High spend employees or high spend vendors including links between both
Duplication or fabrication of receipts for other alleged purchases
Use of non prime or unapproved vendors
Round sum or split transactions to increase the financial threshold of purchase
Purchases out of normal working hours
Ability to verify if services were performed
Prevention and control measures
Introducing and communicating a clear policy for procurement cards and what can be purchased is the first step in introducing strong compliance procedures. Simple control measures can include:
Renewal of a procurement card where a cardholder leaves or moves within an organisation
In addition to an audit program, ensure there is an internal management system to monitor purchases and authorisation process
Where practicable, reduce the number of procurement cards in use to ensure that a compliance program in manageable
To ensure that your organisation has effective procurement card and compliance procedures, documenting the limitations of the card and the types of procurement available is necessary to ensure that compliance checks can quickly identify irregularity and non compliance with procurement policy.
What action do you need to take, are you happy with the level of risk mitigation your organisation has in place for the use of procurement cards or do you see an opportunity and likelihood of significant financial loss?