Showing posts with label delivery. Show all posts
Showing posts with label delivery. Show all posts

Thursday 4 October 2018

HOW TO IDENTIFY A POTENTIAL PROCUREMENT SCAM


Procurement Scams - Red Flags and  Warning signs

HOW TO IDENTIFY A POTENTIAL PROCUREMENT SCAM

4 October 2018

ABSTRACT

Procurement fraud is a growing concern for businesses around the globe and is on the increase in South Africa. This article is aimed at increasing awareness of some common or less sophisticated procurement scams and is aimed at a wide audience ranging from Business executives, Suly Chain-, Procurement & Finance professionals, to Busine
ss Owners and SMEs / SMMEs. 

Estimated reading time: 15 min


Background photo credit: RawPixel on UnSplash.com

Introduction


The 2018 edition of PwC's Global Economic Crime and Fraud Survey found that economic crime continues to disrupt business globally, but specifically here in South Africa. The 2018 results showed an increase in reported economic crime, with 77% of South African organisations saying that they have experienced economic crime in the past two years - the highest rate in the world out of all countries participating in this survey. 

On the bright side (if there is one) it is worth noting that this figure is reported economic crime - which by implication should mean South African businesses are more pro-active in detecting and reporting crime.

Understanding Economic Crime - what it is?


The Global Economic Crime and Fraud Survey examines over 7,200 respondents from 123 countries, of which 282 were from South Africa.

PWC's research indicates that economic crime can broadly be broken down into the following categories:

Types of Economic Crime SA compared to World
Figure 1 - PWC 2018 Research - types of economic crime, South Africa compared to the World

The top 5 causes per the PWC research are as follows:

  • Asset misappropriation 
  • Consumer Fraud
  • Procurement Fraud
  • Bribery and Corruption
  • Business conduct/misconduct

Sitting at 77%, South Africa’s rate of reported economic crime remains significantly higher than the global average rate of 49%.


Shockingly, PwC reported that it is alarming to note that 6% of executives in South Africa (Africa 5% and Global 7%) simply did not know whether their respective organisations were being affected by economic crime or not. Chances are, they probably have been affected in some way or another.

Examples of common Procurement scams

It is nearly impossible to provide a full and comprehensive list of all of the possible ways in which procurement fraud can be conducted. The size and level of complexity/sophistication will vary - larger organisations are more likely to have financial and other controls in place to detect or prevent many of these. However, as technology progresses, so do the new methods or opportunities. For this reason, we invite you to comment below, or even contact us if you wish to share experiences at your company or organisation



Example 1



Some of the most common scams are likely to arrive on your desk via email, innocently disguised as a procurement opportunity. This could be one of those days that you and your team are furious paddling when things get so busy you don’t know what to pick up and what to drop. Deadlines, phones ringing, month-end. Things get hectic in Finance and Procurement. And lots and lots of paperwork. For smaller companies, one-man shows or SMMEs, the opposite can be true – depressingly quiet. Your business is listed all over the internet, but still, nobody buys anything.



One day an email arrives completely out of the blue (or a fax, if your company is still stuck in 1987) – it could be directed to a director, or an employee in Sales or anybody in the company, for that matter.


According to the email, the COE of the biggest Mining Company or the Minister of Finance hereby invites you to participate in a Tender or RFQ. “Finally!” your sales persons thinks, “Our hard works is paying off! / The Facebook ad campaign works! / The new marketing campaign works!”.


Example of a Request for Quotation
Figure 2 - Innocuous looking Request for Quote

Variation 1 


The RFQ / tender invite somehow looks a bit different, possibly slightly odd. 

The product requested is for a:
  •  “Bronze Cast Iron Sewage Pump B-7692-075 (Originals only)” or 
  •  “DTS42K CUTTING DISC” or 
  • “TXV 387 UNDERSEA TENSIONERS” or 
  • <INSERT DESCRIPTION HERE> - i.e. it could be anything. 

The turn-around time to meet the deadline is short. Very short.


Big business should walk away at this point. For smaller firms and SMMEs, it might still be tempting, specifically if there is money to be made. Even if this invite is not even remotely similar (ie. different to) to the line of products and services of the business.

But don’t worry, they even suggested a supplier. “Man, these guys think about everything,” the sales rep thinks. So he/she copies and pastes the product code into Google. It takes them straight to the only company in the country that carries that exact item. The cost price is not exactly cheap. And this tender is for XXX units.

Fortunately, the RFQ also indicated a suggested selling price range which could be as in the thousands or even hundreds of thousands.  After some head scratching the budget is re-prioritized to find money… somebody sells a kidney … takes a 3rd mortgage on the house… 

The sole supplier is very helpful and confirms that they happen to have XXX units in stock, but you need to hurry as they are selling out, fast. Only 50% deposit required (% may vary).  You compile and submit the tender or quote in record time. 

Within 2 or 3 days you are formally informed that you won the tender or your quote was selected. You receive an order number via email - Bob’s your uncle! Now to pay the deposit, and the supplier generously offers to deliver straight to the buyer’s warehouse.

Days and weeks go by with no contact and payment from the buyer. You phone, leave messages, but the procurement official’s cell phone stays dead. No replies on your emails either.  

Eventually, you google and phone the buyer’s Head Office:
  • No, They never heard of <Name goes here>. 
  • Your call is transferred you to Finance department – no, they did not get your invoice. Never heard of your company either. 
  • Transfer you to Procurement - No, they did not receive your consignment of Bronze Cast Iron Sewage Pumps. Didn’t order it either. 
The supplier’s phone lines coincidentally also went dead at the same time.

Variation 2 



The goods being procured via the fake tender process are high in value and could range from common consumer electronics such as laptops or parts to more specialised types of equipment. Or it could be lower value commodities. 

You are again acting as middleman for whatever excuse they have given to justify it. The supplier is legit and the goods procured are legit (i.e. actual existing items).



When you deliver, however:

  • The delivery location is either not an official site of the “client”, or
  • The “client’s staff” or “officials” receive your consignment and take delivery of the goods outside the gates (i.e. not on the premises) of the real company or organisation’s official warehouse or depot.

And you never see your goods or your money again.


Variation 3


Very similar to Variation 2, but the order is actually for something your company supplies in the ordinary course of business:
  • High-value stock, something readily trade-able or convertible to cash, such as luxury items or laptops,
  • Everyday consumer products  

Variation 4



You are asked to make non-refundable deposits or transfer money:

  • Prior to getting access to the tender document,
  • As a security deposit,
  • Prior to being registered on the supplier database,
  • To help secure / facilitate “lucrative government contracts”

Where you are asked to pay a deposit or make a payment, the account holder details provided is different from the company name – e.g. into a personal account.

Variation 5



You have delivered the goods and everything checks out. The “procurement official” or somebody from “Finance department” at the “client” contacts you telephonically to inform you that they paid by EFT. However, there is a problem - They overpaid you by a couple of thousand. Silly clerical mistake.



You check your bank account and it reflects payment as promised. The payment received exceeds the invoice value by the exact number they mentioned. They kindly ask if you could please refund the difference as soon as possible, this is urgent. It was a mistake and somebody will get fired. Please Pay via EFT into the account details they provide.



Being the good corporate citizen you are, you immediately process the EFT refund. You do not take extra precautions to validate the bank account first. A day or 3 later your bank account balance is suddenly lower again – the payment you received has disappeared. Turns out you were paid with a stolen cheque that bounced.



Net effect: “the overpayment” which you so kindly refunded, was paid from your own funds.



20 procurement red flags to look out for
Fig 3 - Be on the lookout for these warning signs

WATCH OUT FOR THESE 20 POTENTIAL RED FLAGS WHEN RECEIVING TENDER OR QUOTE EMAILS IN YOUR INBOX


Before jumping at the opportunity waiting in your inbox, spare a minute or 5 to look at and think about the following:

1. Was this tender actually advertised in the newspapers?


Visit the official government or company website, search the newspapers and tender bulletins to confirm this is legitimate tender. If you find it, then confirm the details between your invite and the actual advertisement:
  •          Is the tender number exactly the same?
  •          Is the tender details exactly the same?
  •          Is the closing date exactly the same?


2. Is this request or invitation received out of the blue?



Think – Is there any prior history with the organization / business inviting you to quote?
  • Have you ever contacted this business or have they contacted you before?
  • Have you done any previous business with this company or government department?
  • Are you registered on their supplier database?
  • Are they even in your Town or Province?

3. Is the request broadly line with the nature of your business?


If e.g. your company specialises in detergent manufacturing, long-distance cargo carrying, or you have a beauty salon or dentist’s office, or you supply office stationery, you have to think twice when receiving a request that is not in line with the ordinary course of business.

Why would anybody invite you to supply:
  • Bronze Cast Iron Sewage Pump B-7692-075?
  • DTS42k cutting discs?
  • TXV 387 undersea tensioners?
  • Bullet-proof helmets for Riot police?

If the tender or quote request is for a product that actually is within the range of products you sell, proceed with all the other steps.


4. Is this a known scam or a legit tender?


Do 3 separate Google searches - Copy and paste:

  • the email heading e.g. “Bronze Cast Iron Sewage Pump B-7692-075 SUPPLY TENDER INVITE!!!   
  • product name or model serial number / 
  • tender reference number 

into Google (respectively), followed by “scam”. For example, if the tender invite is to provide “TXV 387 undersea tensioners”, copy and paste that into Google followed by the word “Scam”. The full search query now shows “TXV 387 undersea tensioners Scam”.




Illustrative Google search results
Figure 3 - Google Search Results



  

If this scam was previously reported on a bulletin board somewhere, it should appear in the Google results. You may have to scroll through the first couple of search results though. On the other hand, if this request is not a scam you might be able to pick up discussions from other people on the same topic.


If it is a legit tender reference number then look up the tender documentation. Confirm the submission deadline and whether or not there is a compulsory tender briefing to ensure you were not given a legitimate but outdated tender after the deadline had closed.


5. Is the tender or RFQ document professionally designed and complete?


The fake invitation to tender or RFQ is usually rather short – frequently only one page. There may or may not be “technical specifications” on a second page.


  • The RFQ / Tender document could be based on a legitimate letterhead, but the form section of the document frequently looks like it was designed using Microsoft Word. On face value, the document does not appear as refined or professionally designed as pre-printed official stationery would be.
  • It might come pre-populated with your company details, or might be a completely blank form that has to be filled in.
  • The form may also reflect an organisation logo/Government coat of arms as a slightly blurry watermark to make it more official looking.
  • The forms frequently request a “company stamp here”, or is stamped with a stamp to make it look official.
  • Scam Forms often contain technical looking serial numbers, approval numbers, codes, treasury or other financial reference or approval numbers in an attempt to make it look legit. Writing could be ALL CAPS

Fake Order Document
Figure 4 - Fake Order document

6. Look at the legal terms 

  •   For legitimate tenders specifically, there will be multiple pages of legal terms and conditions, forms to complete and draft contracts. For legitimate RFQs the legalese is often at least a couple of paragraphs. 
  • Legitimate Tenders are typically advertised in national newspapers, whereas RFQs are more likely to be an invitation basis.



With fake procurement documents, expected legal terminology is notably absent, or limited to a basic sentence or two – e.g. “This quote does not constitute an order”.


7. Is the grammar correct and writing style appropriate?


Legitimate tenders and any tender invites will tend to be slightly formal in style, grammar and language use. Spelling and grammar errors will be very limited if any. Companies will generally not send out documents with:

  • Obviously Spelling mistakes e.g. Coca-Colla 
  • Grammatical errors

The wording and writing style on scam invites and documents is often more informal: e.g. “Bronze Cast Iron Sewage Pump B-7692-075 SUPPLY TENDER INVITE!!!


8. Is the time period unusually short?


Time pressure - The deadline to submit might be significantly shorter than industry standard, even as short as 2-3 days. Note that a longer time period does not automatically make this a legit transaction. 


Similarly, if you are informed of that you submitted the winning tender within only a day or 2 after submitting, something could be amiss. Specifically, Public sector tenders can take weeks to months to finalise, as they may have to go through various rounds of internal approval leading up to award stage. More often than not, there will be negotiations and contracts to be signed. Therefore any request to perform services or deliver goods within a day or 2 after submitting the tender or quotation is potentially highly suspect.


9. Is there a suggested selling price in the RFQ or tender?



If this is not an existing client that previously bought the exact same item from you and therefore knows the selling price, it would be very unusual. And it makes no sense either - the very purpose of procurement is to achieve cost savings by obtaining the best pricing under competitive conditions. What prices would they have recommended to other "bidders"? 



It usually not in the best interest of the buyer to disclose budget or affordability. Very few government procurement transactions publish any degree of affordability. 



10. Is there a suggested Supplier in the RFQ or tender?



Why invite somebody to act as a middleman that simply pushes up the price and adds no other value to the product or procurement process? The buyer can simply go straight to the source and buy the exact same item directly from them for cheaper. 



11. Is there a sole supplier situation?



While searching on Google for the product and potential suppliers, make sure to confirm how many suppliers exist for the product requested - specifically for technical type products. Commodity type products can usually be procured from various sources. Bona fide sole supplier situations for non-technical / commodity type products are scarce. Even technical products might have substitute products. 



If the tender or RFQ indicated a sole supplier or specified a specific supplier without substantiation, approach with caution. Inquire about substitutes. Even for OEM suppliers, some products could be generic and procured from other suppliers - e.g. different brake manufacturers produce vehicle brakes which comply with Toyota specifications for any specific Toyota model. 



Again, why invite somebody to act as middleman in a procurement process? The buyer could have simply gone straight to the source and bought the exact same item directly from them.


12. Did you get phone calls?


With legitimate tender processes, there is typically very limited personal contact between buyers and sellers. If it is a closed tender / by invitation only, they would have obtained your details from the supplier database and do not need to phone you to confirm it. Therefore, receiving phone calls to confirm your company contact details is unusual, but not impossible.

You might also receive a follow-up phone call from an authoritative sounding “procurement official” to: 

  • emphasise the urgency, or 
  • tell you something along the lines of “With your excellent credentials, there is a pretty good chance you could get the contract", or 
  • to inform you that your company is the only 1 in the running, 
  • to berate you for missing the deadline, or 
  • to ask if you need an extension.

Legitimate buyers usually approach various companies for pricing at the same time, not just one. They typically won't chase after any specific supplier or agree to special arrangements or extensions for one supplier only. 

13. Were you asked to pay money in order to qualify for this opportunity?



Companies and specifically government won’t ask money to register you on their supplier database. 



Official tenders for very large projects might occasionally require the purchase of procurement documents, but in such a case the tender is likely to be advertised publicly in national or regional newspapers and on official tender bulletins. The banking details would be printed on the tender advert, and it would be a corporate account. 



Procurement Fraud / Scam Tender
Figure 4 - Example of request for money


Where the tender invite is for a closed tender or quotation, then you should have knowledge of already having registered your company on the buyer's supplier database. 


Where tenders require financial guarantees to be provided at tender submission or at the appointment stage, the requirements for these are usually contained in the publicized advert as well as in the tender documents. Actual cash payments or EFT deposits to the Buyer are NOT the way things are done in such cases.

14. What do you have to submit exactly?



Tenders and sometimes even large or complex quotes are often not evaluated on price alone. Any large value tender or quotation in your inbox which solely requires you to submit price and no type of "technical proposal" or other sections usually associated with tenders or quotations, requires further investigation.

This is not suspect by default, but very unusual. Secifically in case where your company is not listed on the supplier database already.

15. Name, surname & job title of the sender


Scam Tender invites either use:
  • typical everyday names, or 
  • names of famous people, big business executives or politicians, or 
  • important job titles or in the name of name of a high ranking company position such as the name of a board member, Chief Executive, Chief Financial Officer, Chief Procurement Officer or even the Company Secretary to give legitimacy to the invite. 

These names are a reasonable cultural fit in your area. The name might even sound familiar and legit to confuse people – a CEO of a listed company or a Government Minister is a name you might have heard over the radio or read about in the newspaper. Remember:

  • CEOs or Gov Ministers will not be working in a Procurement department, 
  • They are equally unlikely to extend personal invitations to participate in tenders,   
  • Furthermore, it’s extremely unlikely that they would be listing themselves as the contact person with their own actual contact details.



16. Check the sender’s email address



Companies generally use the same email format for all email addresses. 

Occasionally firms do use a generic tender email such as Procurement@ or RFP@ . You can use Google or Linked to confirm the format of the email address for that organisation on their official website. If it is an official and legitimate email address you should be able to confirm it. 



Example - Any variation in the domain name should be treated with suspicion. 


  • If somebody legitimately works for a big international company or organisation, they are very unlikely to use a name@yahoo.com, name@webmail.co.za or similar type email address for business correspondence where the email address does not contain the exact same official domain. 
  • Email addresses could also look legit on face value, but actually be something completely different. In Microsoft Outlook, hover your mouse cursor over the address to see if the display name is the same as the actual address.
Confirm the contact person name on LinkedIn or search by posting the email address in Google or Linkedin. Look for spelling mistakes in the company name or the format of the email address. If LinkedIn shows only 1 Joe.Soap@CocaColla.biz then chances are pretty good that it is not the real thing (see what I did there? )

Examples of fake email addresses used in previous scams include:

  • name@angloamericanplatinium.com <- note spelling of Platinum
  • @eskomholdingssupplychain.co.za, @eskomfinance.co.za, @eskomprocurement.co.za, @eskomgroup.co.za , @eskomsa.co.za, @eskomenterprise.co.za, @eskomdistribution.co.za, @eskomrotek.co.za
  • tenders@doh.za.org, doh@treasury-gov.org.zaghd@gautenghealth-gov.org.za, health@mphumalang-gov.org.za, NDOH@nationalhealthgov.org, @heaths-gov.org.za, @dh.gov.co.za 
  • supplychain@barloworldlimited.com, info@barloworldlimited.com, procurement@barloworldlimited.com, finance@barloworldlimited.com 
  • @transnetsa.net, @transnetfreightrails.net, @transnet-jhb.net, 
  • @yahoo.com, @aol.com, @gmail.com, @webmail.co.za or any other internet domain than the company’s official domain


17.  Check the sender’s contact details 

Always ensure that you have full contact details of an actual person, specifically once you are notified the tender or RFQ has been awarded to you and before procuring or paying for anything.Insist on a real office extension, a land-line number which has to be the same prefix as the main land-line switchboard number.

    18.  Confirm that the Company's Billing details are correct?


Compare the contact details contained in the email you received and per the correspondence to this entity’s official contact details – use Google and visit the official website.

Are the company contact details (telephone, street address) the same or completely different to the contact details on the official site? If in doubt, phone the official switchboard number as per the official website, and ask if sender works there and to confirm the department and contact details. 



19.  Confirm that the Company's Delivery details are correct?



Confirm that the delivery address is an actual currently used company site. 


Instruct drivers to not deliver anywhere that is not inside the actual official company premises – i.e. deliveries strictly inside the actual warehouse or depot yard or premises. That means no delivery just outside the gate, or somewhere along the route, or last-minute changes to delivery details.


20. Have you met the Contact person from the Buyer in person?


Due to procurement procedures for quotations, it is seldom possible to meet the person responsible for the administration of the transaction before the award of the tender. For tenders where a briefing session takes place, this briefing is typically held at the premises of the buyer and serves to confirm the validity of the transaction.

On award of the transaction, however, this is likely to change. For tenders specifically, there could be tender negotiations and contract signature before the service provider is actually appointed or expected to perform.

Unless you are 100% certain of who you are dealing with, try to meet the buyer. Specifically in cases where there are no prior relationships with this buyer/organisation, or supplier, and you have not yet formally met the contact person inside at their premises. 

Take precautionary steps prior to any handing over goods or making any payments in the case of an order.




Conclusion

As mentioned at the outset, it is near impossible to make a comprehensive list of all procurement fraud possibilities. There are simply too many permutations. Furthermore, changes in technology sometimes have unintended consequences, which then require new or additional controls to be developed and monitored

If you liked this blog post, please share or tweet or repost this article to others who may also be interested in these topics.

If you wish to discuss your busines or procurement challenges in confidence with us, please feel free to contact us at your soonest convenience. Where you have personally experienced other examples of procurement fraud, please leave a comment below.




Also why not subscribe? Simply scroll up and enter your email on the top right for notifications. We publish approx 1-2 posts per month on business-related topics. 




© Cogniplex (Pty) Ltd - 2018  - Visit us on www.cogniplex.co.za


IOT Supplychain Visibility Test 947

  Supply Chain Visibility real-world experiment @ Ride Joburg 947 Cycle Challenge This past weekend was one of the highlights of the cycli...