control, and governance
MILKING THE MILITARY FOR MILLIONS
A federal court in Utah has indicted a Boston corporation and three men accused of bribing a military official to gain a US $54 million contract in Afghanistan, the Deseret News (Salt Lake City) reports. The U.S. Army solicited bids for a U.S. contractor to supply and train Afghan troops in 2007 — prosecutors allege that an Army lieutenant colonel fraudulently disclosed protected information about the bidding, which allowed Boston-based American International Security Corp. to win the contract. The investigation involves properties in Utah and accusations of hiding proceeds and transactions at a Utah credit union.
The men and the company are each indicted on charges of conspiracy, two counts of government procurement fraud, 16 counts of wire fraud, conspiracy to commit money laundering, and 19 counts of money laundering.
In its biannual Report to the Nations on Occupational Fraud and Abuse, the Association of Certified Fraud Examiners (ACFE) observes that organizations lose as much as 10 percent of annual revenues to employee fraud, waste, and abuse. The report also notes that more than 90 percent of the frauds committed by insiders targeted the organization’s cash accounts. In large organizations, this risk centers on accounts payable and purchasing, including procurement.
A proactive approach to preventing and detecting procurement fraud will rest on a systematic approach involving adoption and rigorous monitoring of anti-fraud, values and ethics, and conflict of interest policies, as well as fraud risk assessments and regular auditing and testing of the adequacy of controls and compliance with them. To aid early detection and prevention of procurement fraud and bribery, internal auditors should consider:
Using data mining to detect unusual trends. Would-be fraudsters often use computers and software when committing a crime. Sophisticated data mining techniques have been developed to identify indicators of fraud within the procurement system, and data-rich environments are ideal for continuous monitoring. Elements auditors should examine include employee master files, annual employee earnings files, master vendor files, vendor payment history files, and purchase order files.
Investing in fraud-related communications and training. Communication and training can contribute significantly to reducing fraud within an organization. Procurement and accounts payable managers and employees, as well as vendors, need to be put on notice and educated as to what constitutes a violation of the organization’s code of ethics and fraud policy. Using concrete examples, including those where fraudsters were detected and caught, can be helpful.
Segregating job responsibilities. One of the underlying enablers of procurement fraud is a lack of segregation of duties. Management should think carefully before having the same people specifying the requirements for a contract, approving them, and managing the relationships with contract bidders. Where the contract values are large and complex, there are many prospective bidders, and the related risk of fraud is high. Stringent controls over communications from within the organization to prospective vendors should be in place and closely monitored.
Looking out for cliques and cozy relationships. In many cases, fraud arises when there are closely knit relationships between employees or with outside vendors, especially one in which the members feel entitled and perhaps smarter than others in their department or the organization. The ACFE report notes that when more than one person commits fraud, the median loss rises dramatically.
Establishing and acknowledging the value of a whistleblower hotline. Good governance and oversight practices, and in some cases regulatory requirements (e.g., the U.S. Sarbanes-Oxley Act of 2002), dictate that organizations establish confidential reporting mechanisms for employees. The ACFE report shows that fraud is much more likely to be detected by a tip from employees than from internal or external audits.
Conducting a “reality check” test. If a middle manager drives a US $100,000 automobile, owns several properties, or leads a lavish lifestyle, it could indicate that he or she is involved in a fraud. Internal auditors should compare employee income tax and bank account records, if possible, with the organization’s master employee earnings records.
Of course, these measures cannot make an organization bulletproof. There are always going to be clever people who are going to find new ways of perpetrating fraudulent schemes. However, if organizations try some or all of these safeguards, they may have a better chance of catching or preventing serious damage caused by fraud.
COMMENT ON THIS ARTICLE
Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online, or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to edit/remove comments.