The Southbourne Tax Group Do you really know who you are paying? | Page 3

the reviewer should be aware of the specific reasons why the approval is needed and the risks it is designed to
mitigate. Raising awareness around this topic would help improve the quality of the review performed.
Vendor selection and approval: Having a strong vendor selection and due-diligence process in place is crucial
to avoiding procurement fraud, as the case of KitchenCo shows. A strong vendor selection process should
include a bidding procedure and a due-diligence process to ensure that the new vendor is a genuine company
and that there is no potential conflict of interest. Once those checks have been performed, the new vendor
should be approved by another party who should conduct independent checks to ensure that the selection
process has been carried out fairly and without bias.
Automated controls: Manual processes are more prone to errors and fraud than automated processes. In the
case of MediaCo, the fraud would have been much more difficult to perpetrate if, instead of using manual
payments, the company was using an automated system. In this case, the vendor details would have been
populated automatically based on the data available in the vendor master data. Therefore, provided that
appropriate controls around the vendor master data had been in place, it would not have been possible to
perpetrate this type of fraud.
Ongoing vendor monitoring and benchmarking: It is best practice to monitor an existing vendor’s performance
over time to ensure that the level of service meets expectations and the price is appropriate. The monitoring
activity should be carried out by a department or person different from the one managing the relationship with
the client on a day-to-day basis. This would have helped prevent GlassesCo from falling victim to the
overbilling scheme.
Tight analytical and budget review: All of these cases lacked a robust review of the actual and budgeted figures.
While more challenging for small, rapidly growing companies, the review process should include not only a
tight review of the actual-versus-budget figures, but also analysis of the financial ratios and comparative
analysis to identify costs that need further investigation. The tighter the controls, the greater the chance of
spotting frauds.
Hotline: Tip-offs are the most common way of uncovering frauds. Having a formal, structured process to report
and follow up suspected instances of fraud and control override helps SMEs encourage people to report such
cases. Nowadays, a number of companies, for a flat annual or monthly fee, provide a 24/7 hotline service in
different languages.
In each case study, the fraudsters saw an opportunity to take advantage of the perceived lack of control and
thought they could get away with their scheme. To prevent and detect fraud effectively, senior management
must have good oversight over controls.