Five personality faces of procurement fraud risk

Here are five employee faces to look for when trying to prevent procurement fraud, abuse and noncompliance. Their aberrant behavior can lead to manipulated purchasing systems plus major financial and reputational losses, potential litigation and/or contract termination.

Let's travel back to the early 1990s. Darian, a midlevel federal government employee, has an extensive background in contracting. He’s leading a two-phase advanced computerization research and development (R&D) project of specialized software tools for a U.S. federal agency.

The project’s milestone dates for the first phase — the R&D — are planned from January 1991 through June 1994. The second phase, a nationwide implementation of the software tools that the agency had developed during the first phase, are planned for July 1994. The agency plans to implement the tools under a government contract with a base value of $4.5 million.

In July 1993, Darian (not his real name) receives an unexpected telephone call from his boss’s boss. The big boss wants to let Darian know the division appeared to be ending the year with just over $4.5 million in unexpended funds and asks if the computerization project could transition from R&D to integration a year early. Darian is a good midlevel employee and he hopes to eventually move up the government management chain, so he answers with a confident “absolutely!”

The big boss (with pleasure in his voice) thanks Darian for his dedication to the mission’s success but wants to ensure that Darian is aware that he must commit the funds to a contracted vendor before the end of November 1993.

Darian realizes that he has only five months (July 1993 to November 1993) to complete all the required paperwork and convince a contracting officer (CO) to have a contract awarded, which is extremely difficult. In a best-case scenario, the average full and open federal government competitive contract competition takes six to eight months.

Darian quickly visits the division’s CO and requests his assistance in getting a vendor on contract to implement the newly developed software tools at multiple locations across the U.S.

The CO asks how many companies can satisfy the requirements. Darian, who knows that any answer other than “one” will result in a requirement for a “full and open completion,” decides to tell the CO only one company is qualified to satisfy the implementation requirements. The CO says that if only one company is qualified, the procurement regulations would require a sole-source justification to be drafted and approved by management, which Darian acknowledges. (A sole-source procurement is a contract entered into without a competitive process, based on a written justification that only one known source exists or that only one single supplier can fulfill the requirements.)

Darian then asks the CO for a copy of the instructions to complete a sole-source justification, a blank sole-source justification form and an example of a previous sole-source justification that the CO has approved.

Darian contacts the computerization company he believes is best qualified to complete the integration portion of the project. He meets with a representative of the company at a local restaurant to provide them with the government documents. He requests the company to complete the narrative portions of the contracting forms and to highlight its technical capabilities. Darian is well aware that soliciting the company to complete the government documents is a direct violation of the federal procurement rules, but he believed he had no choice if he wants the contract awarded on time.

The company completes the sole-source justification forms and Darian signs them confirming all the information in the documents are accurate and truthful.

Darian gives the completed contracting documents to the CO and waits for a confirmation that the sole-source justification was sufficient, which would allow Darian’s preferred contractor to be awarded the $4.5 million contract. The CO reviews the justifications and tells Darian the justification isn’t adequate and needs additional details.

Our quick-thinking Darian decides to add a new technical requirement that the selected contractor has to be geographically located within 100 miles of the government headquarters. This requirement is completely unnecessary but is compelling enough to convince the CO to accept the sole-source justification.

Darian has spent two years of his life working — almost to a point of obsession — on this R&D project. He’s confident no one knows more about this specialized effort than he does, and therefore he believes that he alone should decide the company that’s best suited for the final integration of the software tools. For that reason alone, Darian deliberately and knowingly violates the federal procurement rules and solicits the company’s help in completing government documents he was solely responsible to complete.

What’s the harm?

Darian didn’t receive anything of value from the company that won the sole-source contract, so he wasn’t involved in receiving a bribe. The company didn’t provide Darian with any gift after the award, so he didn’t receive any illegal gratuity. Darian didn’t have any financial interest in the company, so he didn’t violate the federal conflict of interest laws. Also, Darian wasn’t interested in leaving the government and working for the company that won the contract, so he didn’t violate any legal restrictions regarding post-government employment. And no one in his family worked for the company, so no conflict-of-interest violation was apparent.

No federal prosecutor would’ve attempted to charge Darian with a violation of the Procurement Integrity Act. He hadn’t violated any federal criminal or civil violations. Yes, he did violate the agency’s procurement rules, and he violated the federal employee ethics rules, but was that so bad? Wasn’t he totally motivated by his desire to accomplish the government’s mission? Wouldn’t many describe Darian’s actions as “great initiative, but poor judgment?”

Best product at best price thwarted

What if someone had noticed Darian sitting in a restaurant providing the contractor with government documents, and then that person had notified the government? Wouldn’t the government have initiated an investigation? And if investigators had searched the contracting records and discovered that Darian was leading a multimillion-dollar, sole-source contracting effort, wouldn’t that have justified the investigation to continue?

Wouldn’t investigators have conducted an exhaustive search of Darian’s finances to attempt to find a motivation for some type of fraudulent scheme? Investigators would’ve had to eventually interview Darian. If they understood his personality type and why he was motivated to deliberately violate internal procurement policies, they’d probably be more effective in collecting vital evidence, and if substantiated, ensure some appropriate punitive and corrective actions.

Although Darian didn’t violate the law, he clearly violated federal government ethics rules. A disciplinary board surely would’ve formally reprimanded him and possibly removed him from government service. The CO who was quick to accept the written justification even with last-minute additions and didn’t question the validity of the requirements might have been reprimanded and retrained on his professional responsibilities.

Darian’s statement to the CO that “only one company could satisfy the requirements” wasn’t accurate. In 1993, three companies advertised capabilities that were consistent with the scope of work required for this government contract. One of these companies learned of the sole-source decision and informally raised concerns to Darian’s management. However, that company’s concerns ended there.

Individuals who fall into these personality risk profiles create different risks or vulnerabilities.

The U.S. government never pursued Darian’s ethical violations because it didn’t know about his actions until years after he left government service. He’d told a government employee about what he’d accomplished by circumventing the rules, and the employee told his supervisors. A government examination confirmed Darian’s accounts. However, the government didn’t begin a formal examination because of the lapse in time, Darian no longer worked for the government, the contract period of performance was completed and everyone was satisfied with the contract deliverables.

Five personality risk profiles

Darian’s case illustrates one of five personality risk profiles (“well-intentioned noncompliance employee”) of those who deliberately manipulate portions of their organizations’ procurement processes.

Some employees who violate their procurement processes are performing their misdeeds so they can commit fraud.

However, others, as in our case illustration, will deliberately violate their procurement processes not for fraud but to enhance the efficiency of operations or so they rationalize. We call this procurement abuse. (Abuse is a contracting action, like Darian’s inappropriate sole source, that falls short of a criminal or civil violation. However, a prudent procurement professional wouldn’t consider it, given the same facts and circumstances, a reasonable or a necessary business practice.)

These procurement process abusers might not have any malicious intent, but they’re placing victimized entities at significant risk of contract termination, reputational damage, financial loss and potential litigation. Abuse also gives potential fraudsters the incentive to commit crimes.

We’ve identified these five personality risk profiles after decades of practical experience and hundreds of fraud investigations and examinations and/or assessments of procurement integrity controls. (Procurement integrity controls are the processes, procedures and management systems designed to provide reasonable assurance that an organization can prevent and detect — and provide prompt reporting and capable response to — procurement fraud and abuse.)

When we understand the underlying motivations and self-justification for these personalities, we’ll be more effective in promoting procurement integrity and can help prevent and deter fraud.

Procurement fraud, abuse and acts of noncompliance to procurement policy are, by their nature, products of human behavior that employees perform with willful intent.

Individuals who fall into these personality risk profiles create different risks or vulnerabilities. As a professional working in the prevention and detection of procurement fraud and abuse you’ll eventually interact with these profiles, so you must understand their individual motivations for their actions:

• Situational fraudster.
• Deviant fraudster.
• Multi-interest abuser.
• Well-intentioned noncompliance employee (Darian’s face).
• Disengaged noncompliance employee.

The situational and deviant fraudsters, along with the multi-interest abuser, will cause direct financial losses because of their actions. They’ll also damage entities’ reputations, and create media embarrassment and potential litigation. The actions of both “noncompliance employees” will open entities up to unnecessary fraud exposure, increased contract disputes, and will waste resources and funds.

Fraud Triangle and KPMG model

To understand the personality risk profiles, you need to have a basic knowledge of the three components of Cressey’s Fraud Triangle: a perceived unshareable financial need, a perceived opportunity and a rationalization that the inappropriate act is deserving.

Another way to help understand the five personalities is via the 1979 KPMG-granted research study of fraud and how it could be detected. The study identified three elements:

• Situational pressures. 
• Opportunity to commit fraud.
• Personal integrity (character).

The KPMG situational pressures are those immediate ones within the surrounding environment of an individual. Opportunities to commit fraud are those that individuals or organizations create, for example, by learning the organizations’ operations, increasing access and influence over controls and developing positions of trust. (See Iconic Fraud Triangle endures, by W. Steve Albrecht, Ph.D., CFE, CPA, CIA, Fraud Magazine, July/August 2014.)

An organization can develop opportunities for fraud and abuse by not demonstrating a commitment to procurement integrity, by failing to link specific organizational risks to effective preventive and/or detective procurement integrity controls, or by fostering performance matrixes of profit over ethical business practices.

We’ve seen in our experience that perceived pressures and opportunities don’t have to be real to trigger an inappropriate act as long as the person can rationalize their actions as warranted.

Neither the Fraud Triangle nor the KPMG study specifically addresses the severity of the financial impact or the frequency of occurrence in relation to the employee’s ability to rationalize their actions or perception of being caught. However, we believe a relationship of financial severity and frequency of occurrence proportionate to the individual’s ability to rationalize committing procurement fraud and/or abuse does, in fact, exist.

Situational fraudster

This employee, who many consider the typical fraudster, appears to be frustrated at work, has rationalized their perceived entitlement to an illegal enrichment and perpetrates the fraud when the right occasion occurs — usually because of weak procurement integrity controls. When the situational fraudster is caught, other employees aren’t surprised that the individual was involved in the fraud because of the person’s poor work attitude.

Situational fraudsters have no intention of committing any type of fraud when they join their organizations, and often have no criminal records. They usually become upset with events at work that have a direct financial impact on them such as being passed over for a promotion or transferred to a lower position. They perceive these events as unjust, rationalize that they aren’t deserving of their financial losses and observe a weakness in organizations’ procurement integrity controls that they decide to exploit.

As a hypothetical example of a situational fraudster, let’s examine a government agency (GA) employee (we’ll call him Sam) who’s overseeing a contractor’s performance. This employee then becomes upset because he’s losing one day of pay each week for 10 weeks due to sequestration. (Sequestration is the employment of automatic, across-the-board spending cuts in the face of annual budget deficits.)

Sam rationalizes that the failure of elected officials to approve a budget was the only reason he lost a portion of his pay. While his frustration grows, the contractor he’s been overseeing for several years offers to “lend” him a small amount of money just to help, which Sam perceives as his only solution for paying down his expected debt. What started out as a “loan” with Sam’s potential intent to repay becomes an offer of a “gift” from the contractor. Sam feels gratitude and returns the “favor” by providing sensitive information of a future procurement opportunity.

Sam realizes how easy it was to supply the sensitive information, so he accepts additional payments from the contractor for more sensitive information. Sam doesn’t intend to become a situational fraudster. But he has a perceived pressure to regain his lost income from sequestration. And he saw the opportunity of providing the sensitive information as a solution, which he rationalized that he deserved.

The “gifts” are legally defined as bribes. The contractor’s payments will continue if Sam rationalizes them and believes he has a low probability of being caught.

You might structure your interview plan of Sam, the situational fraudster, around the theme of the elected officials’ failure as the catalyst for Sam’s actions.

Deviant fraudsters

Often described as “wheeler dealers,” deviant fraudsters are the most serious threat to organizations because they can cause the most damage. Organizations perceive them as some of the hardest workers or best contractors even though they’re always searching for opportunities to commit fraud.

They live behind “veils of trust” from others within the organization. A deviant fraudster has a strong group of advocates who’ll deny assertions that the fraudster is involved with any wrongdoing. Internal deviant fraudsters will take only a few days of leave each year. They seem to have their hands in every process within their business units.

An example of an external deviant fraudster would be a corrupt contractor who offered our previous GA, Sam, the situational fraudster, the “loan” that turned into a “gift” that rolled over into a bribe.

Multi-interest abuser

Most procurement fraud authors and trainers talk almost exclusively about situational and deviant fraudsters, but we should consider the vulnerabilities of other types.

Multi-interest abusers aren’t by definition fraudsters — they aren’t seeking any financial advantages — but they still manipulate procurement processes to advance their interests and/or the interests of others. They help friends or family members obtain contracts or ensure awards go to their preferred contractors.

In some countries or cultures, family members of a new government employee expect that person to supply them with jobs or contracts.

Multi-interest abusers of the procurement process inappropriately draft specifications to particular contractors, push the need for sole-source justifications to avoid fully competitive processes or slant technical evaluations to specific bidders. They might support the continued use of incumbent contractors mostly because they enjoy good working relationships with them, but the contractors might not be supplying the best deals.

An abuser who drafts an unwarranted sole-source procurement to their family members or friends can rationalize that the organization is getting the contract service it needed, so their actions aren’t harming the organization.

These abusers raise significant risks to procurement processes because of the increased risks of contract protests from other contractors or forcing organizations to pay higher costs because of noncompetitive processes. Of course, if personal financial gain motivated employees to inappropriately act then we’d categorize them as procurement fraudsters and not abusers.

Well-intentioned noncompliance employee

Organizations rarely consider this personality type (or the next one, disengaged noncompliance employee), but they present significant risks to procurements and are harder to identify than fraudsters or abusers.

Fraudsters and abusers create direct financial losses or damages to reputations or create media embarrassments, but noncompliance employees create indirect and unnecessary exposures to fraud and potential contract disputes. They can waste organizations’ resources and funds and create countless opportunities for fraudsters. You must address the vulnerabilities these employees create.

Well-intentioned noncompliance employees believe their willful deviations from procurement processes cause no harm but actually help their organizations become more efficient and obtain better services. They’re totally focused on helping their organizations.

These employees normally have been with their organizations for several years and have good working knowledge of procurement processes or requirements and therefore know exactly how to advance their outcomes. They consciously decide not to identify to the procurement staff the true scope of requirements, which ensures contracts remain under a particular dollar threshold and expedites awards. These employees also know the key descriptions in purchasing documents to use — or not use — to avoid any additional procurement steps. (Think about Darian’s actions in our opening case.)

Another example: A well-intentioned noncompliance employee works on developing a product over the course of several years, which an external contractor is ready to manufacture. The employee is familiar with this contractor that historically provides good service and has an outstanding record of customer service.

The procurement staff asks the employee to develop a technical evaluation criteria for a fully competitive procurement. The employee disregards the policy that forbids the technical evaluation criteria to be tailored to any specific contractor and intentionally develops technical requirements that best matches the contractor that he prefers. The employee easily rationalizes the resulting benefit in efficiency and potential services versus complying with the procurement policy.

Disengaged noncompliance employees

They are usually disgruntled or dissatisfied with their organizations, and knowingly decide to expend little or minimal effort on specific procurement steps. These employees will disregard their responsibilities to verify contractors’ bonds, to examine contractors’ performance records or to confirm  contractors’ deliverables prior to approving payment.

If deviant fraudsters observe disengaged noncompliance employees’ disregard for oversight, they could theoretically submit false or inflated cost data. Deviant fraudsters, who observe disengaged product inspectors not performing required testing, could substitute low-cost parts during manufacturing.

Gallup workforce polls clearly demonstrate the statistical probability of these disgruntled disengaged employees working anywhere within an organization. (See Employee Engagement in U.S. Stagnant in 2015, by Amy Adkins, GALLUP News.)

Recognize the faces

Procurement fraud, abuse and non-compliance to procurement policy is no accident. They’re byproducts of the unusual and sometimes deviant human behavior with different motivations and justifications for their actions than you and me. Because every global organization, public or private, faces the risk from each of the five personality risk profiles, you must discover and differentiate the faces to develop mitigation steps and assist management in detecting, deterring and preventing bad behavior.

Tom Caulfield, CFE, CIG, CIGI, is chief operating officer and co-owner of Procurement Integrity Consulting Services, LLC. He’s an instructor for the ACFE’s Contract and Procurement Fraud seminar. His email address is: Tom@procurement-integrity.net. 

Sheryl Steckler, CIG, CICI, is president and co-owner of Procurement Integrity Consulting Services, LLC. Her email address is: Sheryl@procurement-integrity.net.