Practical steps to control kickback risks
Steps your organization can take now to control fraud
INSIGHT ARTICLE |
Kickbacks typically involve collusion between employees and vendors, where the fraudsters involved are either giving or receiving something of value to influence a business decision without the employer’s knowledge and consent. Kickback schemes can last years without detection, resulting in significant financial losses to victimized companies.
The classic kickback scheme involves an employee and vendor engaged in a collusive relationship for the purpose of diverting employer business to the vendor in exchange for cash payments or value-based arrangements to the employee.
Kickback schemes go undetected for a variety of reasons, including:
- The rogue employee is a manager and wields influence to facilitate the scheme through the company’s normal accounting processes.
- Some schemes involve multiple employees, which increases the opportunity to circumvent a company’s internal control procedures.
- The company’s procurement policies allow for sole-sourcing or limited number of vendor bids at a specified dollar threshold, resulting in limited oversight.
- The company’s procurement and payables processes lack the necessary internal control procedures to red-flag unusual activity on the back end of the process.
- A company may lack a formal bidding policy, which results in an environment of undefined roles and responsibilities.
- Business is diverted to vendors who are related to the employee authorizing the business relationship without the employer’s knowledge.
- Services rendered by a vendor involved in a kickback relationship are services operationally needed by the victimized company and, therefore, do not raise questions with management.
- Kickback cash payments or value-based arrangements (such as gifts, paid vacations or free use of vacation homes) to the employee are typically not processed through the company’s accounting system.
Most kickback schemes are detected through tips from honest or disgruntled co-workers or vendors. Therefore, whistleblower hotlines are a valuable weapon against kickbacks. However, while hotlines help, schemes are often perpetrated for months or years before detection.
In addition to a whistleblower hotline, a company can initiate processes to detect kickback schemes, such as:
- Periodically reviewing vendor transactions to spot unusual concentrations of activity with a few vendors. Year-to-year comparisons may also reveal significant increases in transactions with vendors or situations where costs of materials or services are out of line. Overbillings by vendors is a classic strategy deployed by vendors to fund their kickbacks.
- If a company has a procurement policy that includes limited procedures for lower-dollar thresholds, then periodically confirm that vendors are legitimate third-party vendors. Simple background checks can confirm the following:
- Vendor ownership and valid employee identification number
- Physical address and valid phone numbers
- Website presence
- For limited bids with a limited number of bidders, ensure that vendors awarded the work are legitimate companies and not simply shell companies used to meet procurement policy requirements.
- Perform a periodic database search that matches vendor addresses to employee addresses.
- Create a robust vendor set-up process which compiles detailed vendor information and is reviewed and approved by someone either outside the procurement department or not involved in the collection of vendor data.
- If not already part of a company’s procurement process, establish and enforce a written bid policy with detailed procedures and defined roles and responsibilities.
A formal bribery and kickback risk assessment performed with help from a fraud expert consultant can also help to better control your risks.
You may also be interested in
Data analytics should be a key weapon in every company’s fraud protection arsenal. Learn how companies can use that data to identify fraud.
Learn the categories of workplace fraud and five quick steps to reduce the potential harm of fraudulent activity to your organizations.