In KPMG’s COVID-19 Fraud Survey, 67 percent of Australian companies that responded reported they were at risk of being exploited by suppliers. Here we explore why suppliers present a significant risk and how you can reduce your business’ vulnerability.
Organised crime has been quick to take advantage of the current global uncertainty caused by coronavirus, mounting large scale orchestrated campaigns to defraud businesses and preying on fear and anxiety caused by the pandemic.
Board and senior leadership attention is diverted to address immediate burning issues such as liquidity and capital management in the current climate. This provides fraudsters with a head-start to grow their own profits by exploiting any new or enhanced vulnerabilities in your supply chain. This article continues on from our earlier supply chain analysis article, COVID-19 Actions for supply chain leaders, and examines the main reasons why your supply chain is so highly vulnerable to fraud and corruption in light of the coronavirus pandemic.
Supply chains are inherently vulnerable to fraud due to their global spread, the complexity of the operating environment, and the sheer volume and scale of transactions. COVID-19 era supply chains are at even greater risk of fraud due the rapid introduction of new suppliers.
Constrained supply chains have meant that organisations have needed to look to alternative suppliers to meet demand. These suppliers may be in different geographies, meaning new ports and the challenge of trans-shipment are introduced. New geographies bring with them new potential bribery risks and greater exposure to foreign public officials who might seek a bribe or facilitation payment to allow the passage of goods.
In addition, changes to suppliers often mean changes to many other components of the supply eco-system. The new supplier may necessitate the use of new third party logistics providers, new freight forwarders and customs clearing agents. The rapid introduction of so many new third parties into the supply chain, when they may not have been subject to appropriate due diligence, is a material risk.
New suppliers can mean exposure to new IT systems for ordering, payment, dispatch and tracking. Research suggests that 60 percent of cyber attacks occur in the supply chain1. Organisations need to be particularly cautious about opening back doors into their own infrastructure through interfaces with smaller third parties who might lack robust IT security protocols.
Businesses on every continent are faced with extraordinary challenges caused by the coronavirus pandemic including volatility in supply and demand for goods and services, constraints in mobility and traditional business operations, falling share prices and unforeseen business liquidations, plus intense pressure to reduce costs.
In preparing a business continuity response, organisations should look at the fraud, bribery and corruption risks as closely as they examine any opportunity for cost optimisation within the supply chain. Potential fraud losses could cost an organisation significantly more in the long run – even seemingly small supply chain fraud events, perpetrated while controls are weakened, can aggregate to a significant loss over time.
Supply chain fraud is typically opportunistic and in the majority of cases involves some complicit behaviour from an internal source. The chaos the coronavirus has caused has presented ample opportunities for criminals to exploit: taking advantage of current supply shortages, reduced or immobilised workforces, low productivity or staff morale and public desperation. Our article COVID-19: Protect your business from fraud and corruption examines this topic in further detail.
In a KPMG survey, Global Profiles of the Fraudster performed in 2016, it was discovered that less than half of supply chain frauds were identified by fraud risk management controls, most were accidental discoveries. This is a stark contrast from traditional frauds which can be detected through, for example, automated fraud rules and alerts or identity and access management controls. This highlights that catching supply chain fraud organisations requires a deeper understanding and a dedicated supply chain fraud action plan.
A supply chain fraud action plan, performed as part of a larger fraud risk assessment will enable organisations to safely navigate this challenge. The more you know about the risks you are facing, the greater the chance of effective risk management and fraud prevention.
If you have any questions regarding the content of this article and would like speak to someone from our team please contact us.