The COVID-19 pandemic has put enormous pressure on global supply chains. As companies struggle to obtain the goods and materials they need, they may not pay as much attention to potential fraud signs. Unethical employees and organized crime gangs have only been too willing to take advantage of the situation.
Consider conducting a targeted risk assessment that focuses on the changes that have occurred since the pandemic began. Although a targeted assessment is not a substitute for an all-encompassing review, it can help prevent certain threats from resulting in huge financial losses.
Four Items for Review
As part of your assessment, review:
Changes in the operating landscape: As the pandemic took hold, both individual businesses and the larger marketplace changed. Some of those changes were readily apparent, such as consumers no longer shopping in person in non-essential retail stores. Other changes may only now be emerging. Any change in how your business operates can create risk, especially if it occurs quickly and does not adhere to your company’s policies and procedures. Your company might have engaged new suppliers in response to the pandemic and, because of supply shortages, not vetted them according to policy.
Your current vendor list: Combatting crime requires a detailed understanding of your company’s defenses and its ability to mitigate risk. For example, if you had to engage additional vendors to meet surging demand for your products, revisit those decisions and their impact on overall risk. Who was responsible for finding the vendors and did that person subject them to the appropriate level of due diligence, including rigorous background checks of the company’s principals? Were exceptions resolved appropriately? Should you replace any of these vendors now that you have more time to find and screen them?
Employee input: Rank-and-file workers often are the first to spot criminal activity in supply chains. During your targeted review of vendors, ask employees, as well as third parties, to share any suspicions and areas for improvement. If you have not done so already, consider establishing an anonymous reporting hotline or online reporting mechanism.
Control gaps: Once you have scrutinized new suppliers and gathered employee feedback, document potential control weaknesses. This requires you to first identify current internal controls and determine whether they are being followed. Then decide whether you need to mandate greater adherence to existing controls or add new rules. For example, you may find that employees working from home have not followed your business’ fraud-prevention policies when ordering supplies. You may simply need to remind employees of your controls or retrain them. On the other hand, the pandemic may have exposed existing gaps in controls.
To ensure the timely resolution of supply chain control gaps, assign lead responsibility for remediation to one individual, such as your business’ owner or chief operating officer. Contact us for more information or for a professional assessment of your supply chain fraud risk.