October 2025 - Bad Buying

I’ve let my regular writing about Bad Buying slip in recent months, so I’m going to make an effort to get back into regular articles here.

Because of the hiatus, there is quite a lot to catch up on, and one of the most interesting procurement fraud cases I’ve seen for a while was recently covered by a number of sources, including the Proc u rist (which has become a very useful resource) and the excellent Kelly Barner on the Art of Procurement website.

When I lecture on procurement fraud and corruption, I usually ask the students what they think would be the most difficult fraud to detect (and therefore your best bet as a corrupt executive!) Methods such as basic bribing of a buyer can be effective, but usually there is some audit trail left behind. Fake invoices can work, but again some basic checks can usually head off that risk.

My answer is a conspiracy between a budget holder (procurement or other) and a provider, and my chosen spend category is professional services. In particular, ‘personal’ services such as those provided by a consultant, interim or adviser of some sort.

So the budget holder engages their friend and co-conspirator to do a consulting assignment, perhaps. The price agreed is £20,000. A report is produced – but it is written by AI and only took 2 days of actual work. Or an ‘interim project manager’ is engaged, and submits an invoice for 15 days work last month, at £2000 a day, which is approved by the budget holder. But in reality only 5 days’ work was actually carried out, and the market rate for the work should anyway only be £800. These are tricky frauds to detect and to prove culpability.

This case was along those lines but had an interesting twist to it. This May, Intel in Israel uncovered a fraud involving former employee Natalia Avtsin and supplier Yafim Tsibolevsky. They allegedly stole over $800K, by exploiting the firms’ trust in Avtsin and vulnerabilities in both the procurement process and the computer systems supporting procurement .

So Avtsin got quotes for hardware components from Tsibolevsky’s company, Energy Electronics 2000. Her manager approved the quotes, but once that was done, Avtsin changed the classification of the purchase from components to ‘services’ in the purchase to pay system. That enabled her to bypass the more stringent checking processes for components – presumably some sort of formal receipting, that might have also led to issues around missing stock, I am guessing.

But the verification for services seems to have been pretty non-existent, which supports my theory that services are a fruitful area for fraudsters, and Avtsin could sign off invoices up to $20K with no further checking. Over a year, 42 transactions were put through using this methodology!

It was an internal audit that discovered this, after Avtsin had actually left the firm, and it was a pattern of suspicious invoice categorization apparently that alerted audit. So a few plus points for Intel for at least discovering that. But the weaknesses in the process are obvious, ranging from questions about how Energy Electronics became an authorised supplier, to the lack of any ‘trigger warnings’ about such regular, pretty large invoices, or checking of the invoices (no ‘separation of duties’), to the ability of an executive to change the classification of an order once it was approved and (presumably) accepted into the system.

That seems particularly worrying – anyone reading this is advised to check whether their P2P systems allow that too! Then back to my original point, the intangible nature of services always makes it that bit harder to spot fraud.

Overall, it is not on the scale of the incredible EssilorLuxottica fraud, which really was a payments fraud, but it is an interesting addition to my library of procurement-related wrongdoing. And it has provided an interesting new case study for me to discuss in Lille at Skema Business School next month.