presence. But he knew that some of his competitors were investing in such activities, and he wanted to keep up with them.
Matt created a shell search engine marketing company called SEMCo with a fancy website and his wife as the company director. He painted SEMCo as one of the top companies on the market and got the owner to approve an inflated quote for SEMCo’ s services.
Then, Matt engaged a couple of inexpensive contractors to whom SEMCo subcontracted the work for a much lower price than what KitchenCo paid SEMCo.
After a few months, during a networking dinner, the owner met a search engine optimisation( SEO) consultant, and when their conversation turned to KitchenCo’ s SEO initiatives, the consultant was amazed by the price KitchenCo had paid, and stated that he had never heard of SEMCo.
Because of this conversation, the owner asked KitchenCo’ s finance director to carry out some checks on SEMCo and found out that it was owned by Matt’ s wife, and that the price KitchenCo had paid was well above the market average.
Case study 3: GlassesCo
For 15 years, David was the finance director of GlassesCo, a retailer that sold spectacles and lenses. GlassesCo used a small legal firm, LegalCo, and over the year, David got to know John, the owner, quite well.
At a certain point, the two men came to the following agreement: John would inflate the number of hours of consulting provided to GlassesCo, David would approve the inflated invoices, and they would split the fraudulent proceeds. This arrangement was quite easy to pull off because David was the only approver of the invoices.
One day, the CEO of GlassesCo received an anonymous email reporting that David was approving inflated consulting invoices. The CEO engaged a fraud investigator to verify whether the claims were true. By reviewing David’ s email archive, it became obvious that he was colluding with John in a pay-and-return fraud scheme worth £ 30,000($ 37,500) over the past two years. Due to the email archive retention period, it was not possible to ascertain whether the loss was even greater; however, given the length of David’ s service and for how long LegalCo had been providing services to GlassesCo, it is quite likely that the loss amounted to much more than that.
7 ways SMEs can protect themselves against procurement fraud
Segregation of duties: In all three examples, the lack of segregation of duties made the frauds possible or helped to conceal them. In MediaCo’ s case, the lack of segregation of duties in the accounting function allowed Jenny to hide the fraudulent payments in the general ledger without anybody noticing. To achieve segregation of duties, responsibility for processing payments should be allocated to a different individual from the one in charge of posting transactions in the general ledger. Another way to segregate duties is to ensure that finance systems require two users to process journal entries: one to post journals and one to release them.
In the second case study, segregation of duties could have been achieved by giving the finance department responsibility for carrying out due diligence on the new vendors. This would have uncovered the shell company fraud scheme before the vendor had been engaged.
In the third case, David’ s fraud would have been discovered much earlier if the CEO had to approve LegalCo’ s invoices in addition to David’ s approval. To ensure that invoices are independently approved, they should be reviewed by a second individual, other than the person who holds the relationship with the vendor.
Robust reviews: In the first case, the fraud was made possible by the poor controls carried out by one of the two managing directors, who did not check the details of the payments against the supporting documents. In the case of KitchenCo, the owner did not perform a thorough review of the vendor selection process carried out by the marketing manager, which resulted in the engagement of a shell company as a vendor. When approving,