Transcript W102: Procurement Fraud Prevention and Internal Controls

W102: Procurement Fraud
Prevention and Internal Controls
Pleased to introduce the following panel
members
– Tom Caulfield, Executive Director Council of
the Inspectors General on Integrity and
Efficiency
– George D. Strudgeon, Audit Director Compliance Assurance, Virginia Auditor of
Public Accounts
– Matthew Harris, Assistant Special Agent, U.S.
Postal Service Office of the Inspector General
When you press ………….
And
money
comes
out
We need to mitigate our risk
Risks Concepts
• Risks are those activities that could impede the
efficient and effective accomplishment of
objectives
• Risks are identified and assessed for relevance
• Risks are analyzed for significance
• Controls are then selected to mitigate significant
risks
• Controls must be periodically tested to ensure
that they are in place and working
• Controls must evolve accordingly
Polling Question 1
From a contracting perspective (pick as
many as you’d like) those areas that
represent the highest fraud risk in your
organization
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Requirements
Contract Documentation
Contract Type
Source Selection
Contract Pricing
Oversight and Surveillance
Inherently Governmental
Property Accountability
Award Fee
Financial Management
PROCUREMENT FRAUD PREVENTION
AND
INTERNAL CONTROLS
Procurement Integrity is the state or
condition where all phases of obtaining
goods and services are performed:
honestly,
 fairly,
 impartially,
 legally, and
 appropriately transparent.

Free from Procurement
Fraud and Abuse
Polling Question 2
• Do your organizations produce ongoing analysis/reporting, metrics or
other identified indicators to mitigate
risk.
• Yes
• No
PROCUREMENT FRAUD PREVENTION
AND
INTERNAL CONTROLS
PROCUREMENT INTEGRITY CONTROLS
PROCUREMENT INTEGRITY
CONTROL SYSTEM™
“the aggregate of the organization’s people,
processes, procedures, and management systems
that are uniquely designed to the organization and
provide reasonable assurance regarding the
prevention, deterrence, detection, and prompt
reporting of procurement abuse, fraud, or noncompliance within organizational procurements*”
*
Procurement Integrity Consulting Services, LLC
PROCUREMENT INTEGRITY
CONTROL SYSTEM™
“the aggregate of the organization’s people,
processes, procedures, and management systems
that are uniquely designed to the organization and
provide reasonable assurance regarding the
prevention, deterrence, detection, and prompt
reporting of procurement abuse, fraud, or noncompliance within organizational procurements*”
*
Procurement Integrity Consulting Services, LLC
PROCUREMENT INTEGRITY
CONTROL SYSTEM™
“the aggregate of the organization’s people,
processes, procedures, and management systems
that are uniquely designed to the organization and
provide reasonable assurance regarding the
prevention, deterrence, detection, and prompt
reporting of procurement abuse, fraud, or noncompliance within organizational procurements*”
*
Procurement Integrity Consulting Services, LLC
Procurement Integrity Controls
must operate within an environment
committed to procurement integrity!
Procurement Integrity Controls can be broadly
classified into two categories:
Prevention – focused on preventing inappropriate events.
Detection – focused on detecting inappropriate events.
Operationally focused are ones functioning
within the procurement processes and directly
affect each individual procurement (i.e.
segregation of duties).
Governance focused are ones that facilitate
the environment for which procurements'
occur and function outside of the various
procurement processes (i.e. procurement fraud
training).
Operational
Procurement
Integrity Controls
Operational PIC - Inside the Procurement Processes
Procurement Manual
Clear and readable manual/guidance/instruction
Reference to PI (honest, fair, legal, & impartial)
Designating someone responsible to champion these items
Description of each procurement type with decision points and responsibility
Monetary thresholds for all procurement types clearly identified
Etc.
Etc.
Segregation of Duties
Clear description of original need/requirement - requester & approval
Verification of requirement's description - author & review
Verification of specification's description - author & review
Verification of advertisement synopsis - author & review
Change order or modification - requester & approval
Authorizing for follow-on options - requester & approval
Using special procurement authority - requester & approval
Any exception to policy - requester & approval
Any exception to contract requirements/scope - requester & approval
Any equitable cost adjustment - requester & approval
Approval on deviation from original cost estimates - requester & approval
Governance
Procurement
Integrity Controls
Operational PIC - Inside the Procurement Processes
Procurement Manual
Clear and readable manual/guidance/instruction
Reference to PI (honest, fair, legal, & impartial)
Designating someone responsible to champion these items
Description of each procurement type with decision points and responsibility
Monetary thresholds for all procurement types clearly identified
Etc.
Etc.
Segregation of Duties
Clear description of original need/requirement - requester & approval
Verification of requirement's description - author & review
Verification of specification's description - author & review
Verification of advertisement synopsis - author & review
Change order or modification - requester & approval
Authorizing for follow-on options - requester & approval
Using special procurement authority - requester & approval
Any exception to policy - requester & approval
Any exception to contract requirements/scope - requester & approval
Any equitable cost adjustment - requester & approval
Approval on deviation from original cost estimates - requester & approval
Operationally focused are ones functioning within the
procurement processes and directly affect each individual
procurement (i.e. segregation of duties).
Governance focused are ones that facilitate the environment
for which procurements' occur and function outside of the
various procurement processes (i.e. procurement fraud
training).
Tom Caulfield
[email protected]
LinkedIn
Polling Question 3
• Has your organization developed
and deployed an exception manage
tool to track and document those
activities targeted as high risk?
• Pick yes or no.
USING DATA ANALYTICS TO PREVENT AND DETECT
PROCUREMENT AND CONTRACT FRAUD
ASSISTANT SPECIAL AGENT IN CHARGE, MATTHEW D. HARRIS, PHD
OIG Contract Fraud Program
OIG Contract Fraud Program
When can Contract Fraud
Occur?
Red Flags
Examples
•
•
•
•
•
Lawn service and you’re cutting the grass.
Cleaning and no one has shown up in weeks.
Snow removal and you’re relying on the sun.
Vehicle washing, but your trucks are always dirty.
Pest removal, but exterminators either never come or they
are ineffective; District still pays them.
• Trash removal, but contractor comes at his convenience
and charges Postal Service for full load.
• Fleet fuel and the costs suddenly skyrocket with all charges
at same station, some on Sundays or holidays.
• HVAC service, but your A/C or boiler never seems to work,
despite visits from vendor
Information that can assist in
determining fraud
• Name of Contract
• Date of Bid Opening
• Winner and Winning Bids
• Losers and Losing Bids
• Engineer’s Estimate
• Who is Signing the Bid and from what location
• Subcontractor Information
• Pre-bid Meetings
• Time Stamp on Bids
• Fax on Bids
• Email Addresses
• All Address Information
Remedies
Common Contract Fraud
Violations
Case Examples
Case Examples
Five VMF supervisors accepted bribes in exchange
for directing $13 million in maintenance work to a
contractor.
 Bribes to one supervisor included thousands of dollars
in drinks and lap dances at a local strip club, a $3,000
paver patio installed in his backyard, and the services of
a prostitute on a weekly basis.
 Bribes to another supervisor included
more than $65,000 in cash, thousands
of dollars in free service work on cars,
and a custom-modified,
high-performance Ford Pinto
How to we prevent it?
• Referrals to audit for lower dollar cases
• Referral to management to improve
processes
• Use investigative outcomes to show
systemic failures
• Catch it at its earliest stages.. Data
Mining and Data Analysis
Tripwire Concept
A tripwire is anomaly detection tool
creating a report and notifications after
being triggered by a predefined event or
set of conditions
The tripwire teams are made up of Data
Mining Specialists and Investigative
Subject Matter Experts
Multi-disciplinary success
Minimizes manual analysis with
computer generated leads to ensure
fraud is identified timely, and leads are
actionable.
Lead SME’s assigned to work
with CAPE to enhance data
analysis and leads.
34
Interdisciplinary success
Contract Fraud TripwiresAnalytics
Employees living with or close to
or contractor payment address
Other planned Tripwires
Other data mining projects
• Highway Contract Routes
• Extra Trip Analysis
• Identify high volume of extra trips by
employee, facility, HCR, and route.
• Failure to pay fringe benefits
Other data mining ideas
Polling Question 4
Select from this list those indicators your office
considers to identify risk before a Contracting audit:
1. The senior leadership tends to transfer to the same office
2. Contracts have significant differences between original
award amounts and current or closed amounts
3. Contracting award types appear abnormal (for example,
little competitive bidding)
4. Contracts have been awarded to those contactor that may
have had questionable relationships with other
government agencies
5. Options and extensions beyond contract performance
period
Results
• 158 less hours to close
a CF case using
Tripwire
What does data show us?
• Cases opened using data analytics






Shorter time from case opening to resolution
Higher resolution rate in cases
Identifying better cases
Spend less man hours investigating cases
Improves agent efficiency
Higher financial impact from cases using RADR or Tripwires
Matthew D. Harris, PhD
[email protected]
FRAUD HAPPENS
SO PLAN FOR IT
________________________________________________________________________________________
George D. Strudgeon, CPA, CGFM, CGMA, MBA
Audit Director, Auditor of Public Accounts
[email protected]
225-3350 ext. 339
LinkedIn: George D Strudgeon
Outline
Virginia: Report
reasonable
possibility of fraud
to Auditor of Public
Accounts, State
Inspector General,
and State Police
(§30-138 Code of
VA)
Federal: NonFederal entity
reports criminal
fraud to feds
(§200.113 Uniform
Grant Guidance)
Virginia: Report
convicted felony
to Virginia
Retirement
System (§51.1124.13 Code of
VA)
“Managers may perceive a conflict between their
priorities to fulfill the program’s mission, such as
efficiently disbursing funds or providing services to
beneficiaries, and taking actions to safeguard
taxpayer dollars from improper use.” GAO
Recap
FRAUD HAPPENS
SO PLAN FOR IT
________________________________________________________________________________________
George D. Strudgeon, CPA, CGFM, CGMA, MBA
Audit Director, Auditor of Public Accounts
[email protected]
225-3350 ext. 339
LinkedIn: George D Strudgeon