top of page

The Insider Threat Series: An Introduction to Procurement Fraud

Updated: Sep 12, 2023

Procurement fraud risk mitigation is not a one-time investment; it's an ongoing commitment to vigilance and proactive measures.

procurement fraud and corruption

Education and awareness are crucial investments in procurement fraud risk mitigation

An introduction to a series of articles that will highlight the typologies of corruption and its links to procurement fraud and associated financial crime, that in many cases to understand the simple nature of the fraud, and how, with education and the introduction of compliance within organisation procurement systems and ethics procedures in a large percentage of these cases would have prevented the fraud.

There can be many factors that help facilitate fraud or influence an organisation's ability to identify and mitigate the fraud and corruption that they are being targeted by. What is essential in all of this is that, as individuals, we learn from this, to understand the difference between what procurement fraud and procurement malpractice is including what are procurement fraud schemes.

Examining the methodology of the fraud and the root cause of internal control mechanisms that were manipulated, removed, or not in place allowing the fraud to happen brings us closer to preventing and detecting these types of fraud in the future.

The unethical standards of one individual can in some cases destroy a company or its reputation. In a number of cases that will be highlighted within the series, it can be the most trusted person in the organisation or the most unlikely person because of their quiet nature who goes unnoticed that can cause significant financial loss and reputational damage to the organisation.

Data analysis offers a proactive approach to combatting procurement fraud, enabling organisations to identify fraudulent behaviour early on and prevent it from escalating

For individuals working in compliance, there is, I believe, limited value in getting to know the fraud triangle and understanding the external factors and psychology that may influence a person towards crime and an individual’s justification to themselves and others for committing the act that will never be known until after the fact. The only thing that we can positively influence is their opportunity to commit fraud in the first place by designing out internal risk through an anti-corruption framework.


When assessing the gaps in risk mitigation and control measures it is key to understand the scope of the fraud, the typologies, and methods including individuals that can influence or manipulate the various elements of the procurement lifecycle from the identification of a need to the end of life or disposal of an asset.

Insider fraud can be diverse in nature from a member of staff influencing procedure to acquire an organisation's asset, to individuals linked to organised crime, usually within different areas of the business using their positions not only to hide the fraud through the creation of false paperwork or entries but also abusing their entrusted position, as an example, to manipulate financial data or use company vehicles to remove organisation assets.

The scope of corruption within procurement can generally be broken down into these areas

  1. A completely insider theft/fraud where an individual(s) steals organisation assets or monies and creates a fictitious requirement, documentation or company to divert funds or assets.

  2. An insider has a corrupt relationship with a vendor and uses their position of influence to manipulate the procurement process to the benefit of this company.

  3. During the contract management phase, an insider creates a fictitious requirement, confirms works as complete when no work was carried out and can authorise payments to be made.


The external risk can be the same, either as an individual company attempting to commit fraud or can be organised that can manifest as bid rigging and price fixing.

A bigger risk with external fraud however is if a contractor or bidding company has the support of an insider, who understands the control weaknesses within an organisation that can manipulate the award of a contract or in many cases dishonestly sign off of work that wasn't carried out or for the receipt or use of materials that they know are inferior.

A further area of external risk can occur when organisations are targeted by criminals either through websites with fictitious goods for sale, or where payment systems are targeted either through email compromise or direct contact to illicitly amend legitimate contractor account details and divert future payments to an account set up to divert these funds.


When we understand the scope of procurement fraud and corruption, the next questions should be in understanding your level of risk is who can influence the procurement process, and do we understand where procurement lifecycle starts and ends. Common areas of procurement fraud and corruption risk from an insider includes:

  • identification of needs and justification

  • design and specification

  • procurement route and vendor identification

  • type of tender

  • tender security, selection and award process

  • decision making and change management with contract management including completion approvals and payment authorisation

When we understand the scope of the fraud, the typologies, and who and where the procurement process can be influenced that includes within large scales projects such as infrastructure or construction, we then get to better understand that there are potentially hundreds of ways in which procurement fraud and corruption can be committed.

When looking at an organisation's capability and individual's responsibilities that are directly or indirectly involved in some part with the acquisition of goods, works or services, once mapped out you may suddenly realise that a person’s opinion in the right place can influence a decision maker.

The series of insider threat cases will hopefully enlighten readers to the risks within their own organisation or the environment in which they work and will hopefully as many have commented on training courses that once armed with this knowledge, that it made them more suspicious of behaviours and decisions that are being made.

Have you got a case example of the insider threat, why not share it in our blog posts?

Read more of our articles - corruption detection and prevention.

Do you want to work with us?

Book a Strategy Call with us to see how we can positively impact your risk approach

Be the first to receive our latest articles


bottom of page