Bad Boys Porsche: Expensive lessons in procurement practices

Image source: azerbaijan_stockers from Freepik

The case, which revolves around a false bank guarantee, demonstrates that fraud can slip through the cracks even in organisations with extensive financial controls. If billion-rand institutions can be misled by fraudulent documentation, what does that mean for businesses that don’t have the same resources?

The truth is that procurement fraud is a risk for everyone, from multinational corporations to small family-run enterprises. Without proper safeguards, businesses leave themselves exposed to financial losses, reputational damage and costly legal battles.

Types of procurement fraud

At a recent procurement workshop, I shared a concerning statistic: there are at least 28 different types of procurement fraud, and they manifest in ways that are often difficult to detect.

Fraud isn’t always an elaborate, high-stakes operation - it often begins with seemingly small oversights. One of the most common tactics is false invoicing, where businesses are charged for goods or services that were never delivered.

In some cases, an employee may be complicit in this scheme, working with an external party to syphon funds. Then there’s bid rigging, where suppliers collude to fix tender outcomes, leading to inflated costs and poor-quality service.

Other forms of procurement fraud include kickbacks, where employees receive personal incentives for awarding contracts; duplicate payments, where invoices are processed multiple times without verification; and the use of shell companies, which is the use of fake suppliers created with the sole purpose of funnelling money out of a business.

Kaspersky uncovers fraudulent schemes for iPhone pre-order

26 Oct 2020

These schemes may seem obvious in isolation, but in the complexity of day-to-day operations, they can go unnoticed for months or even years.

Recent reports from SAS and IBM have found that procurement fraud accounts for nearly 40% of all business fraud cases.

The issue isn’t just about financial loss; it has far-reaching implications. Weak procurement controls can expose a business to compliance violations, disrupt supply chains and even lead to regulatory scrutiny. Many businesses only realise the extent of their exposure after suffering significant financial damage. In extreme cases, procurement fraud has been the downfall of otherwise thriving companies.

Lessons from recent case law: Business email compromise and procurement fraud

One of the key lessons from case law, including ENS v Hawarden and Gripper & Company v Ganedhi Trading Enterprises, is that fraud often happens because of loopholes in contracts and a lack of due diligence.

The ENS v Hawarden case, in particular, provides critical insight into modern fraud risks. The case involved a business email compromise (BEC) fraud, where a third party intercepted communication between a buyer and a law firm, altering banking details to divert funds to a fraudulent account.

Initially, the High Court ruled that ENS, the law firm, was liable for failing to prevent the fraud. However, the Supreme Court of Appeal overturned this decision, stating that businesses and individuals must take reasonable steps to protect themselves from cyber fraud.

Lawyer must pay clients R1.4m stolen by scammer

Tania Broughton  30 Jan 2023

The ruling reinforced the importance of verifying banking details before making payments, a crucial lesson for procurement practices.

Similarly, Gripper & Company v Ganedhi Trading Enterprises [2024] highlighted that the burden of verification falls on the debtor. The Western Cape High Court ruled that a purchaser’s obligation to pay does not end simply because they were misled into paying the wrong account. The judgment stated:

The golden thread in the judgments referred to supra places an obligation on the purchaser to ensure that the bank account details contained in the invoice are in fact correct/verified and that payment is made to the seller and not to an unknown third party. Failure to do so, and where payment is made into an incorrect bank account, such incorrect payment does not extinguish the purchaser’s obligation and liability to pay the debt.

This case further reinforces that businesses must proactively verify banking details before payments are processed, particularly in procurement transactions.

How businesses can mitigate procurement fraud risks

1. Strengthening due diligence in supplier verification

Vetting suppliers thoroughly is essential, and this process should go beyond a surface-level review of credentials. Businesses should:

• Verify financial statements
  
• Conduct background checks
  
• Confirm that suppliers have a legitimate operational history
  
• Implement independent verification of banking details before making payments

Bank guarantees and letters of credit, while helpful, should not be relied upon as absolute proof of legitimacy. Fraudsters have become increasingly sophisticated in fabricating documentation, and a failure to scrutinise these guarantees can lead to serious financial losses.

2. Tightening procurement contracts

Many businesses use outdated contract templates that fail to address modern fraud tactics. Contracts should include:

• Debtor’s duty to verify – Payments should not be considered final until funds reach the correct account. The rulings in ENS v Hawarden and Gripper & Company v Ganedhi Trading Enterprises reinforce the principle that businesses must verify banking details before payment is made.
• Creditor’s duty to confirm – All banking detail changes must be verified through secure methods.
• Limited liability clause – Protects businesses if a debtor fails to verify new details.
• Fraud reporting clause – Both parties should agree to immediately report suspicious activity.

These clauses should be reviewed regularly and updated to reflect new risks and regulatory changes.

Fraud, an increasingly prevalent threat in real estate industry

7 May 2018

3. Implementing internal controls and fraud detection mechanisms

Businesses must go beyond finance-based controls and ensure that procurement fraud prevention is part of their broader business processes. Some of the controls businesses can consider include:

• Mandatory multi-level approvals for high-value transactions
• Automated invoice matching to detect discrepancies
• Two-person verification for supplier payments
• Surprise audits to identify red flags early

Additionally, businesses must recognise that procurement fraud is not solely a finance issue but that it affects all levels of an organisation. Employees across all departments should be trained to identify red flags such as:

• Unusual payment requests
• Suspicious changes in supplier information
• Urgent demands to process payments without due verification

Investing in SMEs for a stronger supply chain

The procurement landscape isn’t just about avoiding fraud - it’s about building a resilient supply chain. One of the most effective ways to do this is by investing in SMEs and supplier development. Research from SME.TAX highlights how equipping SMEs with proper compliance and governance structures can create a more reliable and competitive supplier base.

As we’ve seen from the Bad Boys Porsche case and recent legal rulings, even the most secure financial institutions can be deceived. The difference between those who recover quickly and those who suffer long-term consequences often comes down to the strength of their procurement practices.

Fraud prevention isn’t about reacting to incidents after they occur. Instead, it’s about building robust systems that make fraud difficult in the first place. The lesson here is clear: when it comes to fraud, prevention is always better than cure. The question is, will your business be ready?