Conflicts of interest as a ethical topic has always been relevant in procurement, both public and private sector. Here is a quick quote from my book, Bad Buying.

At a local level, I’ve worked with organisations whose top management didn’t even want to put in place a clear “conflict of interest” policy. That would mean staff having to disclose any interest they (or close family / friends) have in another business that might be a supplier or a customer of the organisation for which they work. But there’s usually a reason for that hesitancy.  Where you see organisations that won’t support anti-corruption activities, then you might draw obvious conclusions”.

Conflict of interest is a key issue within the fight against procurement-related fraud and corruption. We want buyers and everyone involved in the process to select suppliers, negotiate and manage contracts without being biased because they have an external interest that affects their behaviour.

We’ve seen these issues come up a number of times over the last 18 months through the pandemic with spend on products such as PPE (personal protective equipment) being in the public eye. So some recipients of huge contracts for PPE have had links with politicians and other powerful people, which has led to suggestions that decisions were impacted by these conflicts of interest.

The standard approach when developing procurement policies and practices is to ask those involved in the process to declare any potential conflicts upfront. Somebody can then decide if that is significant, and if so, how to handle that. At the extreme, I’d suggest it might eliminate a potential supplier from consideration completely. That doesn’t happen often, but appointing a small consulting firm to do a procurement review when that firm is run by the Procurement Director’s wife might not be a good idea.

But more frequently, it is a case of making sure the person with the conflict does not play a central role in key stages of the process, such as selecting the supplier or negotiating the contract. Suppose a senior executive who has an interest in the service being purchased discloses that their sister is a senior manager in one of the bidding firms. I would not expect that firm to be disqualified, but the executive should not be involved in the key aspects of the procurement. There are potential issues of confidentiality as well as bias of course – so if the exec is going to have access to confidential information, then they need to understand that any breach will lead to disciplinary action! Or you may simply choose to keep such information away from them.

There are questions however about how far we can and should go. That came to mind with the revelations around Mathew Hancock, the UK Health Minister who resigned because he broke covid rules with his ”friend”. But another part of that report claimed that his friend’s brother runs a firm that has won NHS contracts.

Is that a worry?  If your friend’s brother is bidding for a contract with your organisation, do you need to declare that as a potential conflict of interest?  That probably depends on just how close the “friend” is. If they are in effect a partner (legally or secretly) then it probably should be declared. But frankly, I would very rarely have known what any of my friends’ siblings did for a living!  So we have to be reasonable in terms of how meaningful the risk is.

A similar argument applies to shareholdings. Most of us hold shares indirectly through pension schemes or investment funds and we may well have direct holdings too. We can’t be expected to know exactly where “our” money is invested in every case. But what about if I have just a couple of hundred pounds worth of shares held directly in a potential supplier? I’d suggest that it is sensible to declare that, but I would not necessary exclude someone from the process for that level of “conflict”. However, if it were several thousand pounds worth, or if we were considering share options in a start-up that could prove valuable one day, the position might be different.

These are tricky issues.  The key is to impress on everyone that if they are in any doubt, it is better to declare the potential conflict and let others decide how serious it is. That is much better than having to plead later on that “I didn’t realise it mattered”. 

And if you want to hear more about this and related topics, I’m speaking as part of a CIPS (Chartered Institute of Procurement and Supply) webinar on July 13th, 2021, at 12.30 pm. It is all about ethics and is titled “50 shades of Procurement – an Ethical Perspective”.  It should be interesting – and it is open to CIPS members AND non-members, so anyone can book here.

(The picture shows my cycling friends enjoying an outing with me last year – no contracts were awarded!)

The UK National Audit Office has published a report titled “Initial learning from the government’s response to the COVID-19 pandemic”. It draws on the various reports NAO has conducted over the last year or so, including those related to ventilator and PPE (personal protective equipment) procurement, and covers quite a range of topics including risk management, data, workforce issues and – most relevant to our interests – “transparency and public trust”.

It is timely, not least because the Good Law Project and EveryDoctor UK are currently in the midst of a court case concerning PPE procurement. Those organisations are challenging the way government awarded contracts to suppliers, with a particular focus on a handful of suppliers including Ayanda Capital and Pestfix. They also want the government to publish the full list of suppliers and (where relevant), disclose who put them forward to the “VIP list” that gave firms accelerated access to the procurement process.

Some startling information has already been disclosed in the court case. For instance, it appears that Ayanda did NOT pass the initial “due diligence” process, but somehow were still awarded contracts worth over £200 million. It is also clear that influential people were badgering the professional procurement staff to favour certain firms. 

In the case of Pestfix, evidence suggests that their executives told the government buyers that some of the payment was being used to bribe people in China to make sure supplies got through to the UK.  (Pestfix denies this but the emails seem pretty clear!) I’ve always suspected that was one reasons why the government didn’t want to deal directly with producers but involved agents and middlemen. Ministers and officials didn’t want to get their own hands dirty in what was a vicious battle to secure supply at the height of the shortages.

It is well worth keeping up with the developments in the case, but let’s revert to the NAO report and transparency. One of the main NAO learning points is the importance of transparency and clear documentation to support decision-making when measures such as competition, are not in place.

In more detail:

Transparency, including a clear audit trail to support key decisions, is a vital control to ensure accountability, especially when government is having to act at pace and other controls (for example, competitive tendering) are not in place. On the ventilator programmes, we found sufficient record of the programmes’ rationale, the key spending decisions taken, and the information departments had to base those on. However, in the procurement of personal protective equipment (PPE) and other goods and services using emergency direct awards during the pandemic, we and the Government Internal Audit Agency found that there was not always a clear audit trail to support key decisions, such as why some suppliers which had low due diligence ratings were awarded contracts”.

That due diligence issue relates back to Ayanda (and others) of course. As well as the lack of documentation, government was also slow to publish information.

“… many of the contracts awarded during the pandemic had not been published on time. Of the 1,644 contracts awarded across government up to the end of July 2020 with a contract value above £25,000, 75% were not published on Contracts Finder within the 90-day target and 55% had not had their details published by 10 November 2020. The Cabinet Office and DHSC acknowledged the backlog of contract details awaiting publication and noted that resources were now being devoted to this, having earlier been prioritised on ensuring procurements were processed so that goods and services could be made available for the pandemic response”.

We can have some sympathy here, as staff were under huge pressure, but given the large number of people (many of them expensive consultants) working on PPE procurement, it should have been possible to do a bit better than this.

In terms of transparency, I recently wrote a briefing paper with the Reform think-tank, titled Radical transparency: the future of public procurement.  The message is that the time is right for a step-change in transparency around public sector procurement. That is not just about public trust, important though that is. I believe the even bigger issue is that buyers, budget holders and commissioners in the sector have very limited visibility of what each other are doing.

That means knowledge about great ideas and amazing supplier performance is not shared – and neither is the learning when something goes wrong. Radical transparency is the answer. The recent government Green Paper on public procurement makes a few comments in this direction but really does not go far enough. As soon as you see the rules on Freedom of Information quoted as a basis for disclosure you know there is no intention of getting anything really interesting into the public domain!

If you have a few minutes and you are at all interested in public procurement, do have a look at the Reform paper. I’d love to hear your comments and thoughts on the concept that transparency can be an effective antidote to public sector Bad Buying!  

The Conservative government has been criticised for some of the procurement actions of the last year or so, with allegations of mismanagement and cronyism. But the Labour Party has not been free of controversy in terms of how its politicians spend public money in local government.

Croydon council in south London has basically declared itself bankrupt, with mismanagement of a council-owned property company and bad decisions about acquisition of property investments contributing to the dire financial situation. We may come back to this as more detail emerges.

Meanwhile, Joe Anderson mayor of Liverpool, was arrested last December on suspicion of conspiracy to commit bribery and witness intimidation.  He and four others were held as part of a police investigation into the awarding of building contracts in the city. The BBC reported that a “year-long police probe, Operation Aloft, has focussed on a number of property developers”.

An inspection ordered by the Minister for Housing, Communities and Local Government reported in March and the inspector, Max Caller, found major failings “in governance and practice”. That has led to the imposition of Commissioners in the City to help the council implement the changes needed. But the report also commented on Anderson’s son David, now caught up in controversy. His firm SCC was awarded contracts by the council through what seemed to be unusual procurement routes.

Mr Caller said that a decision to award SSC a £250,000 health and safety contract on the project to dismantle Liverpool’s Churchill Way Flyovers in 2019 ‘exposed the site teams to considerable safety risks’. The company had no previous relationship with the council before the ‘urgent appointment was instructed’ as work got underway in 2019.

The report calls for more power for the procurement function in the Council, but also highlights that it needs to up its game. More criticism for circumventing official processes and policies appears to be attached to the staff in other departments such as Highways.

This is only the latest in a long line of issues around public sector construction contracts. That area of spend has historically been plagued by claims of and indeed proven corruption in local government and elsewhere.

 Why is that? Well, it is one of the biggest spend categories for local government and many organisations, and it is also relatively opaque in terms of benchmarking costs and prices. So social care, or IT hardware are also huge spend areas for councils for example; but I’d suggest it would be pretty obvious if a care firm or laptop supplier were charging unrealistically high prices to fund bribery. If a firm was charging £25 an hour for carers when the standard for other firms or other councils was £18, even the slowest auditor or councillor might notice!

But a few hundred grand added onto a multi-million pound building contract for a new school or sports centre is much harder to spot. If we’re talking the council buying land or property, then there is even less of a clear “market value”. 

These are also areas where historically, professional procurement has been less involved than in some other spend categories. The construction departments in councils have had a reputation for being powerful and something of a law unto themselves.  I remember 20 years ago a friend of mine who was MD of a firm that supplied heating equipment refusing to deal with one Yorkshire council because the corruption was so overt. Basically his firm was expected to pay a % commission to certain individuals on every order.

So a lack of professional procurement scrutiny, bespoke work and limited market price benchmarks are factors that indicate how open to corruption a spend area might be.

Back to Liverpool and there is also a link with a controversial construction project where Unite, the trade union led by Len McCluskey, is the buyer.  The project appears to have cost almost £100 million against the £57 originally forecast. The BBC reported that; “The contract to build the 170-room hotel and conference centre was awarded in 2015 to the Flanagan Group, a Liverpool company run by an associate of McCluskey, who is the union’s general secretary. Another contract on the project was given to a company owned by the son of Joe Anderson, Liverpool’s mayor.”

Yes, it’s him again …

Anyway, Unite has responded saying “Every step of the way, the production of this complex was overseen by independent surveyors and architects. Accountability was built into the process to ensure that at every stage of this development we got value for this union’s money. All this was overseen by our democratically-elected, independent 62-strong executive council”.

 Bad Buying? Or worse?  I’m not sure.

(But a Government procurement leader joining a supplier while still working as a civil servant is!)

In my last article about fraud related to supply chain finance (which came to mind because of the emerging Greensill / Gupta developments), I said that I hadn’t come across that type of fraud previously. There are plenty of other variants on invoice-related fraud in my book, however.

That brought a call from a friend. He told me of a case he had seen where a business created fake invoices to “clients” and used those invoices to obtain funding from their supply chain finance (SCF) provider. The amusing angle was that the finance provider was a major bank, and the fake invoices included a number that were supposedly issued to the same bank!

So the finance was provided by a bank on the basis of non-existent delivery of goods or services to the same bank … you might have thought that someone would have spotted this or checked to see if the supposed supplier was in their AP system. But perhaps they did, given the fraud was discovered eventually! You also wonder whether the fraudster was stupid, secretly wanted to be caught or was just having a laugh at the expense of the bank itself.

Exploring this theme further, it is clear that supply chain finance related fraud is not new. Just last year, a major scandal in Singapore saw the Him Leong oil trading company collapse. Part of that was down to false invoicing and over stating of receivables, which enabled the firm to obtain financing based on these invoices.

As the spglobal website reported, “financial statements for the year ended 31 October 2019 grossly overstated the value of assets by “an astonishing amount of at least $3 billion” comprising $2.23 billion in accounts receivables which had no prospect of recovery and $0.8 billion in inventory shortfalls”.

There are also cases that are not overtly “fraudulent” but are misleading. When leading UK construction and facilities management firm Carillion collapsed in 2017, the use of supply chain finance was one of the ways it concealed its problems until the final reckoning.  Carillion worked with Santander bank to offer its suppliers payment earlier than its ridiculous 120-day standard payment terms (in return for a fee, of course). Santander then retained the money it owed for the full period.

Globalconstructionnews website reported that “Carillion tucked the cash managed through reverse factoring into the box labelled “trade and other payables”, to which it had added “other creditors”. This, believes S&P, allowed it to show a modest increase in working capital from 2012 to 2016, because “working capital” does not usually include trade payables.  After 2012, the growth in money owed under trade payables ballooned from £263m that year to £761m in 2016. Reverse factoring, said S&P, allowed Carillion to “hide a substantial part of its debt from view”.

To widen the discussion to fraud generally, I believe that Boards, CFOs and CPOs should regularly ask themselves, “how would I defraud this organisation if I was an evil criminal genius”? Or maybe employ an actual evil criminal genius consultant to do that for them (I’m available at very reasonable evil genius rates). Read most of the cases I quote in the Bad Buying book, and you realise that any intelligent insider could have spotted the flaw in process that allowed the fraud, if only they had spent some time thinking about that.

However, the problem with much SCF related fraud or dubious practice is that it is almost always an internally generated fraud. It might involve third parties, innocent or not so innocent, but it is often driven by very senior people in the business, or even owners and founders. So there would not have been much point asking the Board of Carillion to look at the use of SCF if they were complicit in the  bad practice. If it is found that the Gupta companies did issue fake invoices to generate SCF funding  from Greensill, then no doubt that will have originated at a pretty high level in the business.

Meanwhile, back to other aspects of the Greensill affair, and yesterday we saw newspaper revelations that Bill Crothers actually joined Greensill two or three months before he left the civil service, while he was still Chief Commercial Officer for the UK government. Such a move seems very odd but it was all signed off within the Cabinet Office, apparently.  That seems to show very poor judgement at best from Crothers, and perhaps the judgment of the experienced top-level civil servants who approved this was even more suspect. More to come on all this, I’m sure.

We’ve written a couple of times about the Greensill affair, and now more is emerging about another key player in the financial scandal. Greensill in effect lent billions to Sanjeev Gupta, creator of the GFG Alliance of steel businesses.  That appears to have been based on both financing the invoices where GFG owed money to their suppliers, and also making early payment to gupta’s firms where GFG invoiced its own customers.

But the Financial Times, which has been instrumental in exploring matters, reports that Grant Thornton, the administrator for Greensill, has contacted some GFG “customers”.  Clearly, they in theory owe Greensill money. However, “some of them say they did no business with Gupta”.  In other cases, there are allegations that the customers were friends or associates of Gupta.

If this is true, it seems that Greensill was advancing money to GFG based on their invoices which had in theory been issued.  Greensill would collect the money owed from the customers in line with payment terms. So note this is financing Gupta based on its sales, rather than improving its cash flow by helping on the purchase side. But if these invoices – or some of them – were fake – then we have a real fraud, and Greensill obviously won’t be able to collect its debts. Maybe Greensill was an innocent victim, being told by GFG these were real customers and real debts. Or maybe not.

Anyway, this link with supply chain finance is for me potentially a new type of invoice-related fraud. I must admit I did not cover this in Bad Buying, but it might be in the 2nd edition / follow-up!

The more usual invoice frauds that I describe in my book fall into three categories.

  1. Fake invoices are created, submitted and authorised by someone inside the organisation. The money is paid to firms (probably set up for this purpose) which the insider(s) controls.
  2. Fake or inaccurate invoices are submitted by an external party, either “on spec” in the hope that the internal systems are poor and they get paid, or to be authorised by an accomplice internally. The supplier may even be genuine, but the amount invoiced may not reflect the actual goods supplied or work done.
  3. Invoice mis-direction, where the fraudster persuades the firm to pay a genuine invoice to the fraudsters bank account rather than to the real supplier’s account.    

“Fake invoice” fraud by insiders happens in the private sector, in government, and even in the charity sector. And it can be the most unlikely people – as in this case (taken from my book), where the former head of counter-fraud at Oxfam, the charity that fights poverty globally, was jailed after stealing more than £64,000 from the organisation.

Edward McKenzie-Green, 34, defrauded the organisation while investigating fellow charity workers in earthquake-hit Haiti. He filed fake invoices from bogus companies, making £64,612 in nine months before resigning because of unrelated disciplinary proceedings. The scheme was discovered after an internal inquiry was launched to investigate allegations that he’d behaved unprofessionally while leading a team in Haiti in 2011.

He agreed to resign, was given a £29,000 “golden handshake”, but then investigators unearthed 17 fraudulent invoices from two companies under his control.  An audit of his own counter-fraud department revealed payments to “Loss Prevention Associates” and “Solutions de Recherche Intelligence” in 2011. Investigators contacted the supposed head of one company, Keith Prowse, for an explanation of invoices for ‘intelligence investigation’, ‘surveillance equipment’ and ‘Haiti Confidential’. But there was no Mr Prowse – that was, in fact, Mackenzie-Green.  (The “real” Keith Prowse founded a very successful corporate hospitality firm in the UK).

McKenzie Green got two years in jail and Judge Wendy Joseph QC told him: “You have taken from those who desperately need it substantial sums of money. Worse, you have undermined the public confidence in a charitable institution. You were head of a department set up to counter fraud. This was a profound abuse of the trust invested in you.”

We suspect that the magnitude of the Gupta / Greensill affair might dwarf the Oxfam case and most of the others in the book, except perhaps for the Petrobras / Odebrecht scandal in Latin America, where fake invoicing was only a small part of the wider fraud and corruption picture. In any case, it will be interesting to see what emerges in the Gupta case over the coming months.

There have been interesting developments in terms of procurement of PPE in several European countries.   Last month, the Times reported that magistrates in Italy had ordered the seizure of property worth more than €70 million (£60 million) including a yacht, a Harley-Davidson motorbike, watches and several apartments from eight middlemen.  They are accused of exploiting the desperate shortages of PPE last year at the height of the pandemic.

The allegation suggests that a group of businessmen earned commissions worth €72 million on the purchase of 800 million facemasks from China. Those masks cost the Italian government some €1.2 billion. The suspects are accused of “illicit influence trafficking, receipt of stolen property and money laundering”. There is some cronyism involved here too. One of the accused is Mario Benotti, 56, a journalist and general director of two technology companies, and someone who knew Domenico Arcuri, 57, the Covid commissioner.  But Benotti says that he intervened to help his country and because Arcuri asked him to.  He acknowledges getting €12 million but says he earned it.

It has to be said that a margin or commission of €72 million sounds a lot. But on a spend of over a billion, that is “only” 6%.  Is that really exploitation?  A BBC Panorama programme this week suggested that firms such as Ayanda Capital made significantly more than that supplying the UK with PPE – a margin of 15.8% according to Tim Horlick, the boss. But in any case, if 800 million masks cost €1.2,  that is €1.5 per mask, which shows just how crazy the market got last year.

In Germany, the scandal is deeper and more shocking. Several leading politicians have been forced to resign because of the money they made personally from the pandemic shortages. Earlier this month, two members of the parliament and of Angela Merkel’s ruling CDU party resigned this week because of the scandal.

It appears that Georg Nüßlein and Nikolas Löbel both personally profited from government contracts for face masks. Löbel is alleged to have received €250,000 in payments for brokering a deal between a Chinese supplier of masks and the German cities of Heidelberg and Mannheim. Nüßlein is accused of making €660,000 through a consultancy firm for lobbying the government on behalf of a supplier. Mark Hauptmann, from the eastern state of Thuringia, is the latest to go. He is stepping down due to his alleged links concerning medical supplies and Azerbaijan. It all seems somewhat opaque, but Hauptmann has admitted that Azerbaijan and other countries paid for adverts in a newspaper he publishes.

Coming back to the UK, we also don’t know if any of our politicians took their cut for promoting PPE suppliers onto the “VIP” path, which greatly enhanced the firms’ chances of winning contracts. We still don’t know how Ayanda Capital and others were chosen to be awarded contracts, or why each got the size of contract they did.  This week, the BBC Panorama programme looked at how some very odd firms won huge contracts or acted as facilitators, such as an upmarket dogfood business! It also exposed that details of some contracts awarded last spring and summer have still not been published.

But there only four possible options in terms of the process used in the UK to select suppliers.  

1. There was an actual selection process. I don’t mean the due diligence assurance which was carried out once a firm had been chosen – I mean the process for choosing which firm would get which volume. But if there was such a process, we still don’t know what it was.

2. It was random. All the names in a hat …

3. It was literally first come, first served. The first firms that got their offers in won the work, until all the volume needed was covered.

4. It was fundamentally corrupt.  

We still don’t know which of these is the most accurate explanation, and until we do, we can’t rule out the possibility of more scandal emerging in the UK, as we have seen in these other nations. This story isn’t dead yet.

The fraud section in my new book was great fun to write. I know you can’t and shouldn’t call fraud “fun” in any sense, but the case studies I researched were interesting, and often quite astonishing.

In one case I saw personally (which I couldn’t mention in any detail in the book) we discovered a fairly senior colleague, who everybody thought was a lovely, capable person, was actually involved in approving six-figure invoices from a fake supplier. The police thought this “firm” was probably linked to the “Russian mafia”, and we only found out about the fraud when the police discovered this gang was receiving large payments from my firm (and told us)!

Anyway, buying-related frauds can involve just internal staff, as in the case of fiddling your expenses or using the company charge card wrongly, or can be purely externally driven, as in the case of many “invoice misdirection” cases, or might involve both internal and external players. That third category is perhaps the most common and includes classic frauds such as overpayments to suppliers or biased supplier selection in return for bribes or inducements to the buyer.

But technology, artificial intelligence in particular, is helping to pick up some frauds through its ability to analyse huge amounts of data and spot trends, patterns, inconsistencies and oddities. I remember a presentation from two or three years back which talked about using AI to search through corporate payments or approvals. The idea was that you might find for instance a budget holder who always submitted an invoice for approval or payment on a Friday afternoon, when it might be scrutinised less carefully! Or someone who always makes purchases with a value of £9,999 if the cut-off for approval is £10K.

But more recently, I learnt of another interesting approach. In this case, the AI focus is on emails and documents that flow within the organisation and to external third parties. It has been developed by a firm called FACT360, which is led by Paddy Lawton, who founded, ran and then sold spend analytics software firm Spend360 to Coupa in 2017. I spoke to Lawton and fellow director Andy Slater to get a quick overview of what they’re up to.

Of their three core products, AI Forensics  is most relevant to buying-related fraud work. It analyses documents and emails and produces a network “map” of who is talking to who within an organisation and across organisational boundaries, including to suppliers, for instance. It generates insights from that communication flows as well as from the content of the messages themselves.

So for example, if you apply the analysis to Enron’s data, before that firm’s crash and disgrace, you can see that one particular person was at the centre of a major web of communication within the firm, even though he wasn’t apparently very senior. It turned out he controlled one of the technology “marketplaces” that enabled Enron to falsely claim to be making money on transactions. This analysis of what FACT360 calls “prestige” can tell you a lot about what is going on within an organisation, and who is really important or powerful. 

“And there are subtle changes in communication behaviour that occur and can be detected when actors plan and engage in covert activity” according to Slater.

One of the interesting corruption cases in my Bad Buying book tells the story of the Sainsbury’s supermarket potato buyer, who conspired over some years with a major supplier to pay over the odds for potatoes in return for bribes. Might Fact360 artificial intelligence have picked this up?  Probably, says Slater. It is likely that emails between the main players would have been more frequent than for other similar suppliers, or show different patterns in terms of timing or even use of language. There might have been more obvious clues in the content too.

Of course, knowing that your email trail could be used in his way might discourage fraudsters from using that medium, but there is always going to be some record of contact, unless the participants are using real secret service tactics! And the beauty of these emerging AI technologies such as FACT360 is that the user doesn’t need to know or define what they are looking for – the system will highlight where it finds potential “unknown unknowns”, as Donald Rumsfeld famously put it. 

We’re still at the early stages of understanding just how AI is gong to affect our lives, and it may be that some implications will not be positive for many of us. But using it to detect and deter fraud and corruption in our organisations – and reduce Bad Buying – must be one of the more positive aspects of this fascinating technology.

Bad Buying was published last week, and whilst there wasn’t exactly a rush of media appearances, it was reviewed in the Times on Saturday (behind the paywall unfortunately).

The reviewer (Robert Colvile) enjoyed it, although he found it annoying / depressing that governments seem to make the same mistakes time and time again when it comes to spending public money. Well, yes, I’d agree of course, that being one of my reasons for writing the book! He also picked up on one important point that is mentioned in the book but perhaps deserves more focus.  As Colville put it in his review,

“And the mistake was usually pretty elementary (as a rule, anyone who talks about how their organisation was victim to a “very sophisticated” gang of thieves is telling porky pies: far more likely is that there was a failure to attend to the absolute basics).”

This is so true. We see it almost every time there is a fraud case – the organisation that has lost out claims it is the cleverness of the fraudsters, not the stupidity of management that is to blame. That is the case even if all the fraudsters have done is phoned up the finance department and said “hello, this is IBM here, we’ve changed our bank details, please can you pay our outstanding invoices now to this new account”. Very sophisticated…

But it is  certainly not just the public sector that gets caught out. EssilorLuxottica, the worlds leading lens and eyewear firm, was the target of a 190 million euro ($213 million) fraud at one of its factories in Thailand. At the end of last year, the firm announced that it had fired employees associated with the incident (well, you would, wouldn’t you) and was looking to recover the money.

An intelligent guess would suggest that this was a “fake supplier” fraud, where money was paid under the authorisation of someone internally to external firms that were controlled by the fraudsters.  Those firms would not in reality be supplying anything to EssilorLuxottica of course, and by the  time the fraud was spotted, those bank accounts would have been closed and the cash long since extracted.  But this was a huge amount of money to disappear from a single factory in Thailand – it  sounds like it could be equivalent to the firm’s entire annual revenue in that country.

Assuming that was the nature of the fraud, how on earth could such large sums of money be extracted without anyone noticing? What were the policies in place and processes to check up on those new “suppliers” and their legitimacy? Who was allowed to approve high value payments?  Did the firm outsource any part of the payment process to a third party services provider? (That can sometimes lead to weaknesses in the process and less focus on what is going on).  Maybe there was some sophistication here in the fraud, but it really does smack of poor internal management and controls.

Anyway, that story is really told to demonstrate that it is not just the public sector that can waste money and fall down on basic anti-fraud processes. I’d suggest that every procurement or finance leader and every Board should consciously think about this question – “if I wanted to defraud my organisation, how would I do it”? 

Think  through the different options and potential points of weakness, and evaluate whether there are processes, checks or policies in place that would stop you getting away with it. If the answer is “no”, then either tighten up quickly or accept that you might be the next person waffling on to the press about “sophisticated criminals”!  Personally, I would also fire the CFO if such a basic fraud was committed on his or her watch.

The Bad Buying book might be useful too if you are concerned about these issues.  It contains seven key anti-fraud principles, with some practical and clear advice on how you can at the very least reduce the chances of fraud and corruption affecting your organisation.

It is now just two days to publication of Bad Buying. So today, let’s focus again on the second section of the book, all about fraud and corruption. Whilst I really enjoyed writing and researching this section, it was also somewhat annoying and frustrating. That’s because so many of the cases featured could have been stopped, avoided or at least made a lot more difficult if certain basic processes and policies had been in place.

How was Fat Leonard allowed to corrupt so much of the US Navy, to the point where hundreds of officers (up to Admiral level) have ended up in court? Even when his firm did not legitimately win contracts for servicing ships in south-east Asia, the ship commanders used his firm anyway.

So why was no-one checking up on contract compliance  when the firms who should have got the business didn’t? Why did no-one look at spend analysis and ask questions about just how much money and share of business was going to Fat Lenard’s firm?  And how do you end up with a situation where several whistle-blowers raised the issue, but so many people were corrupt (including some recipients of whistleblowing information) that it still carried on for years?

Or for something a little less exotic, consider the legendary Sainsbury’s potato fraud. The UK supermarket group was defrauded for years by collusion between the buyer and a key vegetable supplier. The buyer agreed to pay over the odds for all the potatoes bought from that firm and in turn took kickbacks and had expensive meals and trips with the sales director. But why did no-one spot that Sainsburys were paying more than the should? Why was there no regular open and competitive process to source potatoes? Why was the decision making resting apparently in one man’s hands?

So I’ve laid out seven key anti-fraud principles in the book, and I’d seriously recommended that everyone should consider how their own organisation scores on these. Some seem obvious until you actually look at how many organisations really adhere to the principle.  For example, it is vital that all entities to which money is paid must be verified and authorised.

We need to make sure the order and the payment isn’t going to a fake or dummy company, perhaps even one controlled by the order placer (the internal fraudster) or their associates (when there is internal / external collusion).  That “supplier” may still supply the goods and services required, or something approximating to them, with the fraud being the quality or quantity of what is provided. Or they may supply nothing, relying on no-one other than the fraudster realising that nothing has actually been received. Or perhaps the time-lag before the discrepancy is noticed is enough for the fraudster to safely disappear, before anyone asks where those 5000 laptops that have been paid for have got to.  

So we must check that the entity we’re paying money to is genuine. Is it a registered company with a trading history? Does it have a track record? Who are the Directors? You really need to understand who your suppliers are, and identify any that aren’t genuine.  

That’s enough on fraud for now, and tomorrow I’ll look at the final chapter in the book where I lay out some thoughts on how you can drive “good buying”.  The book isn’t all case studies of failure – there is advice too, because the aim is to educate and inform, as well as to entertain and to shock people a little!    

So you might still get delivery of the book on publication day (Thursday) if you order now – check out the links here. (In fact, one friend tells me his book arrived yesterday). There is also a podcast now (“Peter Smith’s Bad Buying podcast”) and the first two episodes, around 15-20 minutes each, are available on most podcast platforms.

There is even a Bad Buying playlist on Spotify (all my section titles in the book are also song titles …) It is a “diverse” playlist, as my daughter described it, but I’ll take that as a compliment!  You can make your own judgment on that.

It is now just three days to publication of Bad Buying. So today, let’s move on to the second section of the book, all about fraud and corruption.

This was really enjoyable to write to be honest, even though we should be horrified at some of the stories. It was fascinating to see how frauds range from the mundane and often quite sad in terms of why the perpetraotrs do it ad the consequences, to those that have national or even international implications at the highest level.

One very ancient type of fraud is the cartel, although it is interesting to note that cartels weren’t always seen as a bad thing – and indeed, even today, we have OPEC, the oil cartel. But the medieval guilds were set up in part to operate as cartels and restrict the entrance of new suppliers into a market. But in modern times, we’ve seen illegal cartels in all sorts of areas, from international marine hose supplies (no, I’d never heard of marine hoses either), to construction firms in the UK public sector market, to brewers in India.

Many frauds relay on the buyer being able to ”fix” the supplier selection. In fact, that is a necessary condition in order to extract money though mechanism such as inflating invoices, over-billing or under-delivering. If a buyer and a supplier are going to collude – as they did in the case of a famous Sainsbury’s potato fraud – first of all, the buyer has to make sure that the supplier is chosen or wins the competitive process.

There are some rather ingenious examples of how this has been done. For instance, in the UK health service, a property manager manipulated the way that cost quotes were provided by suppliers to favour a relative’s decorating firm.  Bidders were asked to quote for different jobs, but work that actually was rarely needed was given a high weighting in the evaluation, and his relative bid low on those jobs, to score lots of points. But the jobs that actually would be frequently required were given a low weighting in the evaluation so his relative could bid high on those and still win the tender, knowing that he would then make significant money on that work. Very clever!  

That story points out one of the basic mitigations you can take to guard against fraud. Don’t leave any key parts of the process to a single individual, whether that is designing the evaluation process, marking the bids, negotiating prices… you can’t rule out collusion, but many of the examples I’ve seen are driven by just one personal internally. Putting a barrier in their way by taking away ability to act individually makes fraud much more difficult.

If that NHS example is small-scale, but interesting, at the other extreme we have the Petrobas / Odebrecht scandal in Latin America. At first that looked like a simple case of a large construction supplier paying bribes to win work from the Brazilian government-owned oil firm, Petrobas.  But as investigations went deeper, they exposed a vast network of corruption, with buyers paying over the odds to fund not just individual bribes but political donations too – and those political parties then appointing their stooges into positions in Petrobas where they could demand and get even more bribes!  Later, the related scandal spread to Peru, Mexico and further, leading to arrests and even the suicide of a leading politician accused of corruption.

That’s where the idea that a few more people knowing what’s going on breaks down. If corruption really becomes endemic in an organisation, it can be very hard to eliminate. Luckily, that doesn’t happen too often …

Anyway, there is still time (just) to order and get delivery on of the book on publication day – check out the links here. There is also a Bad Buying podcast now (“Peter Smith’s Bad Buying podcast”) and the first two episodes are available on most podcast platforms. There is even a Bad Buying playlist on Spotify (all my section titles in the book are also song titles …) It is a “diverse” playlist, as my daughter described it, but I’ll take that as a compliment!  You can make your own judgment on that.