Day 0 Event #178 Ethical Procurement in the Digital Age

Summary

This discussion focused on ethical procurement in the digital age, presented by Sam Achampong from the Chartered Institute of Procurement and Supply (CIPS). Achampong emphasized that despite technological advancements, fraud and corruption in procurement remain significant issues, costing about 6% of global GDP. He defined fraud as misleading for financial gain, bribery as offering something of value to influence decisions, and corruption as misusing one’s position for unfair advantage.

The presentation outlined various types of procurement fraud, including personal interest, undisclosed interests, and specification abuse. Achampong stressed the importance of organizations assessing their risk of fraud and corruption through a seven-step process, including establishing anti-corruption policies, identifying risks, and developing action plans. He highlighted the need for clear organizational policies on gifts, conflicts of interest, and whistleblowing.

Achampong emphasized the importance of senior leadership in creating an ethical culture and the need for regular compliance training. He also discussed the importance of having a clear response plan for when fraud is suspected or discovered, including steps for investigation and potential sanctions. The presentation concluded with a quiz testing participants’ understanding of key concepts related to fraud, corruption, and ethical procurement practices.

Keypoints

Major discussion points:

– Defining fraud, bribery, and corruption in procurement

– The scale and impact of fraud/corruption globally

– Steps to assess and mitigate fraud/corruption risks in organizations

– Creating anti-corruption policies and procedures

– Importance of training, monitoring, and having response plans

Overall purpose:

The goal was to educate the audience on ethical issues in procurement, particularly how technology does not eliminate fraud/corruption risks. The speaker aimed to define key concepts and provide practical steps for organizations to mitigate these risks.

Tone:

The overall tone was informative and educational. The speaker maintained a professional but accessible tone throughout, using examples to illustrate concepts. The tone became slightly more interactive during the quiz portion at the end, as the speaker engaged the audience with questions.

Speakers

– Sam Achampong

Role: Regional Director of CIPS Asia, Middle East and Africa

Expertise: Procurement and supply chain, ethics in procurement

– Lubna Al Mohammedi

Role: Head of Operation of the Chartered Institution of Procurement and Supply Chain (CIPS)

Additional speakers:

– None identified

Ethical Procurement in the Digital Age: Challenges and Strategies

This comprehensive discussion on ethical procurement in the digital era was led by Sam Achampong, Regional Director of CIPS Asia, Middle East and Africa, following an introduction by Lubna Al Mohammedi. The presentation addressed the persistent challenges of fraud and corruption in procurement, despite technological advancements, and their significant economic impacts.

Defining Key Concepts and Scale of the Problem

Achampong began by defining key terms:

• Fraud: Misleading another party for financial gain

• Bribery: Offering something of value to influence decisions

• Corruption: Misusing one’s position for unfair advantage

The discussion highlighted the alarming prevalence and cost of these issues:

• Approximately 6% of global GDP is lost to fraud and corruption

• Nearly half of surveyed individuals reported experiencing fraud or corruption in the past two years

• Over 10% of respondents indicated that fraud or corruption scenarios are commonplace in organisations

Types of Procurement Fraud

Several common types of procurement fraud were outlined:

1. Personal interest: Using company funds for personal purchases

2. Undisclosed interests: Awarding contracts to companies with personal connections

3. Variation abuse: Submitting artificially low bids, then increasing prices through variations

4. Specification abuse: Tailoring specifications to favour specific suppliers

5. Bid rigging: Collusion among bidders to manipulate the bidding process

6. False invoicing: Submitting invoices for goods or services not delivered

Notably, 80% of procurement fraud occurs at the specification stage, before data enters digital systems, challenging the notion that technology alone can prevent unethical behaviour.

Risk Assessment and Mitigation

Achampong presented a comprehensive approach to mitigating risks:

1. Assess organizational risk through a seven-step process, available on the CIPS website (www.cips.org)

2. Understand the concepts of inherent risk (before controls) and residual risk (after controls)

3. Develop action plans for unaddressed risks

4. Implement monitoring plans and determine risk tolerance

5. Provide regular compliance training and auditing, noting legal requirements in some countries

6. Establish clear policies on gifts, conflicts of interest, and whistleblowing

7. Implement procurement best practices, including segregation of duties

The importance of organizational culture and country-specific factors in risk mitigation was emphasized. Achampong stressed the role of senior leadership in fostering an ethical culture and the need for stringent recruitment processes to prevent introducing risks through new hires.

Contract Management Cycle and Fraud Prevention

The presentation highlighted how fraud can occur at various stages of the contract management cycle, from needs identification to contract closure. Understanding these vulnerabilities is crucial for implementing effective preventive measures.

Responding to Fraud Allegations

Achampong outlined key elements of an effective response plan:

• Establish a clear process for reporting suspected fraud

• Outline steps for investigations and designate responsible parties

• Establish sanctions for proven allegations

• Protect whistleblowers and allow anonymous reporting

The importance of a robust whistleblowing policy was emphasized as a critical tool for uncovering and addressing unethical practices.

Technology’s Role in Procurement Ethics

While technology provides transparency and helps address some issues, Achampong noted that it doesn’t entirely prevent unethical behavior. This insight highlights the complex interplay between technology and human factors in maintaining ethical procurement practices.

Interactive Learning

The presentation concluded with a quiz based on real ethics examination questions, reinforcing key concepts and encouraging audience engagement.

Conclusion

Achampong’s presentation provided a comprehensive overview of the challenges and strategies in ethical procurement for the digital age. By emphasizing both human elements and technological considerations, the discussion offered a nuanced perspective on maintaining ethical standards in modern procurement practices. The presentation underscored the ongoing need for vigilance, training, and robust systems to combat fraud and corruption in the procurement process.

Lubna Al Mohammedi: Assalamu alaikum wa rahmatullahi wa barakatuh. Sabah al-khair. My name is Lubna al-Mohammadi. I’m the head of operation of the Chartered Institution of Procurement and Supply Chain, SIPS. Today, we have a critical subject regarding ethics. So under the title of ethics, ethical procurement in the digital age, we have Mr. Sam Achampang, the Regional Director of SIPS Asia, Middle East and Africa. So let’s start this presentation. Thank you.

Sam Achampong: Thank you, Lubna. Good morning and welcome to you all. A pleasure to be here, to those here and to those online, of course. As Lubna said, from SIPS, we work globally on procurement and supply chain matters. And today, we’re going to talk about ethics. Why are we talking about ethics? The main reason is because in a forum like this, in a technology-based forum, we realize that there is a perception that technology provides transparency that eradicates issues of ethics or corruption. Because we have a system and you take away the human element, there’s a perception that you eradicate that behavior. And of course you do. There’s a lot of good things in relation to technology and the Internet that allow us to provide transparency around transactions, especially in procurement, because procurement is when you are buying things for your company. However, what I’m going to point out is some of the ways in which we can try and avoid those ethical situations or certainly mitigate against them. And the reason why we’re attacking this subject is basically this comment saying, does technology by itself prevent unethical behavior? And we as an institute know that actually it doesn’t entirely, because as this quote at the top there says, 80% of fraud within procurement, within buying things, is carried out at what we call the specification stage. In other words, before you input your specification or your procurement into a purchase order and things along those lines, those behaviors can have already taken place. So it’s still very important that we understand some of the issues. As an introduction, here we just talk about the fact that despite digital interventions, the issues of fraud and corruption unfortunately are growing. So social media, technology platforms are not eradicating that. It’s actually growing. And what COVID, the pandemic, pointed out was that actually there are additional vulnerabilities due to the fact that people are using more and more digital platforms. So it’s not less, it’s more, which is quite surprising. So out of this, what we’re going to cover are these main points. We’re going to talk about, first of all, we’re going to define what fraud and corruption is. Because many people think, have different views, but we’re going to define what I mean by fraud and corruption first. What are the implications? But importantly, the practical steps in trying to avoid that. That’s really what we’re here to do today. Just to put into perspective as to why we think this is important is that fraud and corruption in itself costs 6% of global GDP. So if you imagine what we’re talking, we’re talking about trillions of dollars. That’s what the implications of fraud cost to us as human beings across the world. And almost half of the people who were surveyed in the survey that we carried out, almost half of these people acknowledged that they had experienced fraud or corruption in the last two years. Which is quite staggering. As well as more than 10% of people saying that these kind of scenarios of fraud and corruption are commonplace, are normal in organizations that they’re aware about. So that’s the scale of the problem. But let’s just define what I mean by fraud. That’s the important thing. So fraud is when you mislead another party for financial gain. That’s the definition of fraud. Bribery is when you give something of value to somebody because you want to influence them. So we’re being quite straight here. And corruption is when you use your position to gain credibility or to gain an advantage, an unfair advantage. So those are three definitions, just so we’re all on the same page here. Those are the definitions of fraud, corruption and bribery. To mitigate against fraud and corruption, there are lots of laws and legislations around the world. So here in the Kingdom, there is the Royal Decree. That’s the latest decree related to fraud and corruption. That’s here to mitigate it. If you look at other parts of the world, in the UK, from where I’m from, for example, you have the UK Bribery Act. So these are the laws that are here to protect people and here to mitigate against some of the issues that are happening. So that’s what we have around the world. And there are lots of other pieces of legislation to also help to combat some of these issues. And when you look at the actual types of fraud in relation to procurement. Now, when I mean procurement, I’m specifically talking about when you are buying things, buying goods or services for your company. So whenever I say procurement, I’m specifically saying that when you’re buying goods or services for your company. So procurement fraud can happen in many different ways. These are some of the examples. And the definition of those examples are, for example, personal interest. What does that mean? That means that I’m purchasing items for my organization for my own use. So I use the company money to buy, instead of buying a laptop, I buy an Apple iMac. That’s for me. I know it’s not for the company. And undisclosed interest. So maybe you have an interest in an organization and you then give that organization a contract. That’s undisclosed interest. You have to, there’s nothing wrong with doing that, but you just have to be clear to acknowledge that. Yes, I have an interest in this company. So everybody is aware. Receiving gifts, undeclared gifts, travel, entertainment, etc. Where suppliers work with each other to allow each other to win contracts. That’s also another issue. And variation abuse is interesting. So variation abuse is where companies bid for a contract at a very low price. And throughout the course of the contract, they will keep issuing variations to get more money out of it. So they won’t declare the initial price. They’ll keep saying, oh, and if you want this, okay, you ordered a pen. But if you want ink, that’s more money. That sort of thing. That’s variation abuse. And contract specification. Of course, contract specification abuse is where an organization or an individual will ensure that the specification favors a specific company. So your company have asked you to buy a car, but the specification you put out says it has to be a BMW, has to have these wheels. Only BMW can provide that car. So that’s specification abuse. When actually you should say, we will buy a car, has to have four wheels, has to be able to travel at this speed. But if you specify certain things, then that’s specification abuse. So what do we do? So there are a few ways to get over that, and one of them is to assess the risk in your own organization. And there are various steps. And by the way, these slides will become available to everybody, so you won’t digest everything now. But there are seven steps in which you can assess the risk within your organization to prevent some of these things happening. First is to establish the process. So you need to have a workshop. You need to set up what’s called an anti-corruption policy. And with all the people within your organization, so that everybody understands some of the things I’m talking about today. Once you’ve done that, when you’re identifying the risks, these are some of the kind of questions you’d ask. What arrangements do you have in place? How could corruption occur in your organization? That’s what you need to assess. Where does the risk lie? And which locations within the organization are these issues likely to happen? Is it in the warehouse? Is it in HR? These sorts of things are what you need to think about at that point. And then you need to rate something called the inherent risk. Now, this is quite detailed, and I won’t go into too much detail. But the inherent risk is the risk relating to the impact it could have. So there’s a tool that’s provided. And within SIPs, within the SIPs website, you can go to www.cips.org. You can find this framework. And that can help you assess what the inherent risk is. So what you look at is, if you look at, for example, bribery of tax authorities. If you want to assess how important it is to deal with this, what you do is you say, what’s the probable impact? If somebody in your organization bribed the tax authorities, the impact is very high. But what is the probability of it happening? very low. So what you do is you would say right it’s very very low the chances of it happening right because that is very unlikely that somebody can bribe the tax authorities you know go sees a cat is very unlikely but if it did happen the impact will be high so in that particular thing the inherent risk is yellow so that’s how you kind of make the assessment as you go along as an example and then you need to look at the controls what do you have in place to prevent certain things happening so what you do is you calculate what’s called the residual risk so what that means is if there is if there is a medium when you look at the controls you have in place the controls will be medium if the rigid if the residual risk is medium however if that changes if you have strong mitigating controls then the residual risk the risk remaining that the risk of its happening will then be low okay if you have strong controls but if your controls are very weak then the residual risk or the remaining risk becomes high so that’s the kind of framework you use right so that and that kind of brushes it over in in in quite a high in quite a quite a speedy fashion however that’s the principle behind it all and of course you can go into detail on this week we can share that with you so once you’ve done that you need to you need to develop a an action plan or a response plan so any risk that has not been dealt with within your organization you have to say we haven’t dealt with this what’s our action plan what are we going to do about it at that point and then once you’ve done that you need to make sure that you have a monitoring plan to make sure that you’re you’re monitoring all these risks identifying any trigger and also what the risk importantly what the risk tolerance of your organization is that’s the important thing okay how tolerant are you of risk in the organization or of risk occurrence or fraud occurrence in your organization and different organizations will have different tolerance levels and that’s important it all depends on your organization and what you do okay if you’re a government institution your tolerance level will be very very high why because it’s public money you’re dealing with okay so if you’re a private organization that may be slightly different so the tolerance level is very very important also your organizational culture will play a big part in in preventing risks happening okay so obviously in in this subject in terms of fraud senior leadership and their culture are very very key to what happens in your organizations of what the residual risk is which country urine will also define what the residual risks are as well because the framework of the country you’re in may either help or hinder how you’re dealing with ethical issues and that can that could differ around the world your organization if you provide regular compliance training regular monitoring and auditing and ensure that all visuals can report inappropriate behavior in in an appropriate way then that will also influence how your organization deals with it okay so if for example there is there’s a lot of inappropriate behavior happening in organization but there’s no way that people can report it then that’s going to influence how often these kind of things happen and recruitment this is quite interesting because every time you bring someone into the into your organization that’s good but it’s also a risk okay because you because you don’t know these people yet all right so recruitment becomes an area that you actually need to ensure is very very stringent in terms of mitigating risks so company checks not just on the on the character of the individual but what what undisclosed holdings do these people have you know if you operate a car company and you bring somebody in who actually their father owns a company that provides parts for cars you need to know that okay because because that’s an undisclosed holding and that could be a problem further down the line so these things are important to know obviously reference checks and criminal record checks are important these are basic but let’s be honest you have to do these things because otherwise you’re leaving yourselves open to risk training is essential obviously you can’t assume that people are are aware of some of the issues we’re talking about you know ethics fraud corruption are a very sensitive subject okay because you know if you say to anybody will you commit fraud of course they’re gonna say no okay but that’s not training is it you haven’t trained them about anything you have to actually define what you mean by fraud it could be it could be conflict of interest okay no one not many people deliberately go out and defraud a company actually the majority of people it’s really a conflict of interest it’s undisclosed holdings there’s things along those lines so you have to train people as to what exactly you’re speaking about to make sure you don’t get in that situation and as it says there in some countries training is actually a legal requirement for employees for certain things certainly in the UK it’s a legal requirement to train people on these things and on some other things legal requirement which means the company will be in trouble if they haven’t trained people so there are other areas when you’re putting together your policy and procedure you need to look at any any legislation that applies in whatever country if you’re a company working across the world you need to look at every country working to make sure what you’re complying with the legislation in that regard it needs to be clear who the policy applies to it may not apply to some employees people need to know what their duties are the company needs to have a clear statement that there’s zero tolerance around around whistleblowing so if somebody reports something how will it be dealt with that’s an important thing as well we spoke about reporting spoke about gifts there’s nothing wrong with receiving gifts from from supplies there’s actually in that that itself is not fraud there just needs to be rules about what you can do and if you’re in in in the process of purchasing something from a company and on that day when they’re giving them your price their price they also give you a gift that’s obviously a bit of an issue because whether you like it or not as human beings psychologically that makes a difference to how you’re going to evaluate that so it just needs to be trained these things have to be explicit so that everybody is aware of what the implications are conflicts of interest we mentioned and monitoring as well our issues so once all those things have been taken into account these things will definitely avoid any misunderstanding of what we’re talking about when we talk about fraud corruption okay it’s not just people wanted to take money there are there are areas that can that can get people in trouble when you do the investigation later so it’s best to avoid them and avoid innocent transactions being constituted as fraud so as far as procurement is concerned there is as an organization you need to make sure you have things like segregation of duties the same person doesn’t award contracts as the same person awards contracts can’t be the same person who pays the contractor things along those lines that may sound obvious but in some organization that happens so I select the supplier I also pay them I also approve their payment these kind of things shouldn’t happen that’s called segregation again all these things need to be looked into very in a very detailed manner that is a is a detailed section of what we call the contract management cycle that looks at the risks that happen in every single stage of when you’re buying something and that and it becomes quite complicated because fraud and corruption can happen when you when you’re defining a business need it can happen when you’re putting a strategy together can happen when you’re putting tender documents together can happen when you’re managing the supplies performance can happen in several ways so again it’s worth having that in front of you to understand where these issues can occur so so in the event that it is found out or there’s a suspicion that there is fraud within your organization there needs everyone needs to understand exactly what’s going to happen that can’t be a surprise that the process for reporting suspected fraud is there the steps that will be taken in other words if there’s an investigation how does that investigation happen we can’t make it up afterwards they these steps need to be written who’s going to carry out that investigation who’s the person within an organization or people who will investigate these things are they independent enough to do that and also finally if allegations are proven what happens what is the sanction for for somebody who is found guilty of fraud or investigation of fraud or corruption in an organization that needs to be clear are there any sanctions is it disciplinary is it gross misconduct misconduct is it a warning that needs to be clear in your in your organization before you do that so so those are the main things all organizations these have a response plan it needs to be independent people need to be trained and there needs to be support for whistleblowers people who are willing to report things anonymously okay they need to be protected you can’t encourage people to report these things and then disclose their name and say this guy told me that you’ve done this that that that that disrupts the integrity of the whole process so just to summarize before I get some quick questions for you guys there are some questions for everybody so pay attention going through that you will be able to define exactly what fraud bribery corruption is right What are the implications? What are the steps? And finally, what the key elements of fraud, bribery and corruption are and what the response plan is. These are the bits we went through. But just to check that everybody has been paying attention on this whistle-stop presentation, we are going to have some questions. A little bit of a quiz. And to be transparent, there’s no prize, there’s no money, there’s no chocolates. Just questions, right? Okay, so just to be clear, because I can’t be accused of bribing you to get the right question, right? Anyway, so let’s just go through them. So, question. So, which of the following points describes how you evaluate and prioritize stages of anti-corruption risk assessment? Quite a difficult question, I know. But what do you reckon? What does anyone think? Just one, two, three or four. I’ll give you some time. Anyone want to just hazard a guess? Okay, take a look at the risk factors, likelihood of occurrence and potential adverse impacts. Good one. Anyone else before I check? Same. Very close. Very close. By the way, for what I’ve been through in the last 20 minutes, this is quite difficult. This is the actual extract from the ethics examination. So, it’s not been changed. So, you’re doing very well. And they’re quite tricky, these questions. You know, people who go through that receive the ethical, the global ethical kite marks. So, these are real extracts. So, they’re not easy. So, and each question, each answer is quite similar. So, just bear that in mind. The next one. So, a director working has just returned from a disciplinary hearing regarding a member of staff. Which step of a response plan should the director now pursue to help prevent reoccurrence? So, how could they, what would they do to stop this issue happening again? Two things. Okay, three and sure. Yep. Three. Yep. And another one. Okay. So, two and three. Okay, cool. Anyone else? Two and three. Oh, dear. So, yeah. So, quite so, yeah. So, basically, what we’re saying is, the two important things are to, once the case has happened, to look at what happened. So, review the case and redo a risk assessment to try and see how it’s not going to happen again. Two and three actually are correct, right? But very, very similar. But basically, what you’re talking about is what the two most important things to look at. So, again, as I say, very, very, very, very close. Very, very, very, very tricky. These are tricky questions, right? Okay. Okay. So, which organization launched the set of anti-corruption initiatives to help countries address corruption? Now, I didn’t talk about this in the presentation, by the way. So, you can have a guess at this in case you know this yourself. So, it’s the MSF, Medicine Frontier Bank Information Office, or Financial Ombudsman Service. So, which organization launched the anti-corruption initiatives to help countries address corruption? Three, Information Commission. Anyone else? MSF, okay. Any others? It’s actually the World Bank. Yeah. So, I guess the clue here is globalization. So, it’s, you know, I guess we’re talking about corruption and we’re talking about the world. So, the difficulty here is that this is a UK-based one. This is a US-based one, so it’s not global. Okay. That’s global, but they’re more medical. They’re more medical. So, the World Bank is the one that looks at banking issues. Question four. Part of risk assessment for fraud includes the following. Which is the relevant step? Quite a difficult one. I’ll kind of go through that. Rate the inherent risk. We spoke about this in the course, but actually it’s not very clear. But the most relevant step is to rate the inherent risk. And the inherent risk is what the risk is left after you’ve taken all the actions that you need to take. So, this is the risk that remains having done what you need to do. Five more. What’s the best method for mitigating risks within an organization? Okay. So, you need to choose one out of this. So, do you say one? Okay. Okay. Two. Anyone else have the one or two? Four. Two. One, two, four. One, two, four. It’s three. No, not really. Four. So, there you go. Yeah. I think what we’re saying here is that, look, if you don’t have this culture from the top, then it’s not going to work. It doesn’t make any difference. This culture has to come from the very top of the organization. Which of the following statements explains the term conflict of interest? Conflict of interest. Two. Two. Good one. Any others for two? Two. Two. Absolutely. Of course, it is two. The longest statement. Which organizations should have a formal whistleblowing policy? Now, whistleblowing policy is where you encourage people to report things anonymously. Okay. So, what type of organization should have a whistleblowing policy? Sorry. I said which. Why should organizations have a whistleblowing policy? Sorry. Apologies. Why should they? One, two, three, four. Anybody? Four. Okay. Four. Four. There you go. Okay. Number eight. A procurement person is carrying out a review to look at anti-bribery policies. Which two statements are correct in relation to bribery? Two statements. Which of two statements relate to bribery? Anyone? Two statements. One and four. One and four. One and four. Anybody? One and four. One and four. There you go. One and four. There you go. Number nine. A contractor submits multiple invoices for work they only did once. So, they’ve done work once but they’ve sent four invoices. Somebody internally could help them to do this. What type of procurement fraud is this defined as? So, a contractor sends multiple invoices for something they’ve done once. What type of fraud is that? Okay. One. Anybody else? Four. Sorry. Five. Sorry. Five. Yeah. One. Five. Okay. There you go. We have a procurement person in here. Billing. Yeah. So, in this case, yes. They’ve sent in the invoice and it’s billing fraud, right? You bill once. You’ve done work once. You bill once. Which of the two are implications of unethical practices? Things that can actually happen when you have unethical practice. Two things. Does it affect money? Does it affect your brand? Does it make your organization grow too fast or does it make you have more job applicants? Which of the two things happen when you have unethical practices in your organization? First two. One and two. One and two. One and two. One and two. One and two. One and two. There you go. Oh, we have another one. Sorry. Which of the following defines fraud? I think, sorry, we have 12 questions. Apologies. How would you define fraud? So, personal and corporate rules. Deception. Dishonest and fraudulent conduct by those in power. Or offering an incentive for somebody to act improperly. One, two, three, four. Two. Two. There you go. I think we’re unanimous on two. And 12. You’re a member of an evaluation team. So, you have a bid coming in. You are part of a team who are deciding who’s involved in that bid. Which is correct in terms of your conflict of interest. So, your best friend works in a bidding organization. They’re no relation. But it still needs to be reported. You still need to report that your friend is the bidder. Or you’re a director in one of the organizations. Or a very distant cousin who works in the bidding organization. Do you have to report that? Or your next door neighbor. So, which statement is correct in terms of how you need to do your conflict of interest? Anyone? One, two, three, four. First one. Anyone else? Number one. Number one. There you go. Cool. Ah, okay. We do have 14. Sorry. A procurement officer works for a small company. Ah, you’ve been supplied with a laptop. You get a laptop from your company and you sell it. And you take the money. How’s that defined? Is that ethics, kickback, fraud or bribery? One, two, four. Okay, poor ethics, fraud, within the depth, it’s also poor ethics by the way, these are quite close. There you go, so thank you very much guys, that was not a test, not a real test, we did it together. I hope you found it interesting, as I said you can get full details from our website, that’s a very quick overview of quite a detailed global test that people take and they get certificates for it. So thanks for listening, hope you enjoyed it, take care, enjoy the rest of the day. Thank you. We will appreciate that. Thank you very much.