Are You a “Typical” Procurement Fraudster?

I presented last week as part of an event run by CIPFA –  the Chartered Institute of Public Finance and Accountancy. As you can imagine, their live events are notorious for wild behaviour and partying, but this was online, luckily for me. (OK, just my little public sector accountancy joke there…) Anyway, I talked about Bad Buying, particularly in the public sector context and with a focus on corruption and fraud which I thought would most interest accountants.

One of the other speakers, Mohamed Hans, a lawyer and public procurement adviser, talked about the “typical” profile of a corporate fraudster. Most work within the organisation, and apparently, he – and more often than not it is a “he” – is most likely to be middle aged, with quite a few years of service, well-respected internally, and in a management position.

I guess that all makes sense. You need to have some authority generally to commit fraud – in the procurement space, it really helps if you are a budget holder or can sign off expenditure in some way. If you have been around a while in the organisation, you are more likely to understand the systems and processes, and how to get around them to commit your fraud. All of that points to someone of a certain age, seniority and length of service.

That fits with my personal experience. Probably the closest I came to a major case was when a senior procurement executive who had a “dotted” reporting line to me was prosecuted for a fraud where he appeared to be in league with some very unpleasant “Russian gangsters”, according to the police. My firm was not aware of the fraud but the police spotted odd transactions at the gangster end of things, which it emerged came from our villain signing invoices for non-existent furniture purchases, with the payments going to the gangsters. He was in his forties, in a senior role, and had been with the firm for at least a decade, so he fit that archetype perfectly!

Other cases in my Bad Buying book include a mid-level executive for Toys ‘R ‘ Us at Maidenhead in England. He was a  “typical middle-aged accountant to colleagues, living in a semi-detached house near Reading and driving an old Vauxhall car. But actually he lived a double life and was stealing millions from the firm, spending money on sports cars, prostitutes and even an estate in Nigeria for his secret mistresses! He was ordered to repay £3.6 million when he was finally caught, as well as being jailed in 2010 for seven years. (His jail term will increase if he doesn’t pay the money back.)

His fraud was simple. He created a fictitious toy manufacturer, a ‘supplier’ to the firm, and then made regular payments of £300,000 a month over more than two years to that account, which of course he controlled. When this was reported in the press, one reader’s comment was amusing: ‘so he spent £2.4 million on call girls and sports cars – and wasted the rest’!  But it’s not really funny; this was shareholders’ money, and sympathy is due to his wife and family, who knew nothing about it and did not benefit in any way”.

Just to show it isn’t only men, the (female) interim director of operations at Ealing Hospital NHS Trust stole more than £200K back in 2008 to pay for (among other things) horse semen, needed for her stud-farm business. She fraudulently signed off payments, which went into her own bank accounts rather than to genuine suppliers. The judge said that she was, ‘a woman of very great ability and up to this point of very high character. The difficulty and sadness of cases such as this is only people of high ability could get themselves in a position where they can defraud people and the NHS of the amount of money you took.’

However, in most cases, fraud can be prevented quite simply. The most basic advice includes that no single person should be able to “create” a new supplier, and onboarding checks must be made. Then again, no one individual should be able to authorise a payment (e.g. by signing off an invoice) to any supplier, without some sort of check from another person.  It is not unknown for two or more people to collude in frauds, but in my experience establishing that sort of basic control reduces the probability of fraud by a significant factor. Carrying out a fraud alone is one thing; asking another person to collude with you brings another level of risk for the fraudster.

And don’t assume someone couldn’t possibly be a fraudster because they are respected, have worked in the organisation for years, are senior, go to church, are kind to animals …. Criminals come in all sorts of shapes, sizes and disguises!