By: Mohit Jain, CFE
Recently, I worked on a case wherein a whistleblower raised allegations on two employees that the company was engaging in unethical practices. The allegations included bribery and corruption, conflict of interest, breach of code of conduct, misappropriation of assets, high prices and poor quality of products supplied and abuse of position.
While the whistleblower had not indicated the names of employees in the whistleblower letter, they mentioned the name of the department of the company under which such unethical practices were being followed. An auditor conducted the preliminary investigation based on the whistleblower letter.
How the auditor identified the employees and carried out the investigation
- The auditor requested the purchase data of the department in question and started analyzing the transactions conducted during the past years. Next, they created a detailed profile of the employees working in the department.
- During the review of transactions with the vendor, the auditor performed transactions testing of the vendors using samples and requested the supporting documents required, as per company policy, such as purchase requisition, quotation, comparative statement, goods receipt note, gate pass, invoice, payment voucher and any other supporting available for the transaction.
- The auditor performed analytics on the vendor master of the company and listed the type of vendors, such as existence of vendor, turnover of the vendor over the years and type of products supplied by the vendor.
- The auditor conducted public domain searches on the vendor and noted the owner of vendor, address of the vendor, related parties of the vendor, establishment date of vendor firms, etc.
- The auditor also performed fuzzy logic on employee master and vendor master based on scenarios like common name, common address, common phone number, etc.
Based on the above analysis, the auditor listed the suspected vendors and reviewed all the transactions of the suspected vendors to identify the potential wrongdoings. The auditor noticed the following issues in the suspected vendor’s analysis:
- Conflict of interest between vendor and employee, wherein employee’s spouse was the partner in the suspected vendor’s company/firm.
- Communications indicating vendor favoritism by the employee, such as preferential treatment of payments to suspected vendor and quotation only obtained from suspected vendor.
- Sharing of confidential information with the suspected vendor.
- Kickbacks by the suspected vendor to employee family member’s account.
- Inexistent manufacturing facilities declared by the suspected vendor at the time of onboarding (Site visits on the manufacturing facilities revealed the results.)
Based on the above findings, the auditor prepared the questionnaire and interviewed the employees indulged in unethical practices.
The top red flags to identify corruption in the organization include:
1. Red flags to identify corrupt vendor/supplier:
- Supply poor quality of goods despite no questions raised, or they are continually awarded the work.
- Charges unjustified high prices or raises additional cost invoices frequently.
- Offers inappropriate gifts or provides lavish business entertainment.
- Close nexus with an employee (Address of supplier/vendor matches with the employees address or employee's relative address, know-your-customer [KYC] documents of vendor match with the employee's KYC), etc.
- Provides an incomplete address or contact details.
- Provides multiple addresses.
- Works with competitors and passes confidential information to the competitor in exchange for awards/contracts.
- Has various companies in the same industry and uses them for bid rigging.
- Displays indicators such as poor performance record, history of fraudulent contract, family ties with an employee, lack of qualification or experience, etc.
Although detecting and preventing vendor fraud is not easy, identifying key areas where there is a lack of control and implementing stronger controls and measures can go a long way in preventing vendor fraud cases.
2. Red flags to identify corrupt employee:
- Lifestyle is not commensurate with the income earned.
- Forces subordinates to bend the rules for personal gain.
- Circumstances arise that generate extreme personal pressures, such as ill family members, huge personal liabilities, etc.
- History of not filing conflict of interest forms or Global Anti-Bribery and Anti-Corruption (ABAC) declaration.
- Close association with suppliers.
- Inclination to make excuses for deficiencies in supplier's products or services, such as poor quality, late deliveries or high prices.
The presence of one or two red flags does not necessarily imply the presence of wrongdoing and may highlight some other external pressure or challenge exists in a person’s life. Understanding and recognizing red flags is an important fraud prevention strategy and can be unlocked through investing in regular fraud awareness education for the employees.