Supply chain fraud

What is supply chain fraud?

Today's organizations, with their extensive supplier networks, vast numbers of transactions and global operations, are increasingly vulnerable to supply chain fraud.

Supply chain fraud encompasses a range of practices from bribery and bid rigging to fraudulent billing. A 2022 report¹ showed the fraud costs and KPIs experienced significant rises in North America, with merchants increasing the amount they spend on fraud management.

Common types of supply chain fraud include:

corruption and bribery,
bid rigging,
counterfeit goods,
fraudulent billing,
misappropriation of assets and
cybercrime attacks on a company's suppliers and vendors to access data or disrupt the supply chain.

What are the risks to your business?

Financial losses
Higher insurance costs
Reputation damage
Investigation and prosecution costs

How to defend your business against supply chain fraud

Conduct due diligence on third-party suppliers and vendors, including confirming their financial stability, compliance with anti-bribery legislation and their policies on the use of sub-contractors.
Ensure proper oversight is in place for employees who are responsible for vendor maintenance, invoice processing and payments. Where possible, segregate these duties.
Implement an ongoing risk assessment review to determine if your existing controls and processes are effective and identify potential vulnerabilities. A lack of internal controls is a major factor behind internal fraud².
Invest in training initiatives to make sure employees are aware of risks and able to identify fraudulent behaviour. A whistleblower program allows employees to anonymously report suspicions of fraud or inappropriate behaviour – this is important as tip-offs helped detect over 40% of fraud in 2022³.
Commit to monitoring your suppliers – both through in-person visits and reviews of transactions. Consider including an audit clause, enabling you to audit suppliers and vendors for their compliance with your policies and procedures. Surprise audits and data monitoring and analysis reduced fraud by 50% and 47%, respectively in 2022, according to the Association of Fraud Examiners (ACFE)⁴
Employ your IT department to use data analysis to detect anomalies, such as sudden significant increases in payments to (or transactions with) a vendor or other high-risk transactions.

¹https://www.cybersource.com/content/dam/documents/campaign/fraud-report/global-fraud-report-2022.pdf
²https://www.linkedin.com/pulse/behavioural-red-flags-internal-control-weakness-contributes-/?trk=pulse-article
³https://reportitnow-global.com/blog/2022/04/18/acfe-report-to-the-nations-2022/
⁴https://www.fcc-cpa.com/news/new-acfe-study-knowledge-is-power-in-the-fight-against-fraud

Disclaimers

© Copyright HSBC Bank Canada 2023. All rights reserved. No part of this document may be reproduced, stored, distributed or transmitted in any form without the prior written permission of HSBC Bank Canada.

The information presented is not meant to be comprehensive and does not constitute financial, legal, tax or other professional advice. You should not act upon the information contained in this document without first obtaining specific professional advice. While reasonable care has been taken in preparing this document, HSBC does not make any guarantee, representation or warranty (express or implied) as to its accuracy or completeness. The information presented in this document is subject to change without notice.

Certain of the products and services offered by HSBC and its subsidiaries and affiliates are subject to credit adjudication and approval. This document does not constitute an offer to provide the services and products described and the provision of such services and products remains subject to contract.

“HSBC” is a trademark of HSBC Holdings plc and has been licensed for use by HSBC and its affiliates.

Protecting your business

Business email compromise

Credential stuffing attacks