Tackling Supplier Risk:
Are Your Suppliers Legitimate? Chris Doxey
Despite extensive focus on risk management and internal controls, why are there still situations in which payments are mistakenly paid to criminals and/or phony companies posing as legitimate suppliers? How is it possible that a seemingly legitimate company has a private mailbox at the local UPS Store, a private residence, or even a prison address? Is it possible that invoices have consecutive numbers? Shouldn’t it be a red flag if invoices from a supplier are issued from the same address as an employee? How can a company properly vet a potential supplier?
Most leading organizations recognize the importance of comprehensive supplier qualification processes but struggle to communicate qualification requirements to potential suppliers, and have difficulties creating a baseline for evaluating supplier risk levels. Ardent Partners reports that 51% of the respondents in “The CPO’s Top Goals for Investing in Technology” survey report improving compliance as a goal. The Hackett Group includes customizing supplier
6
onboarding, identifying fraud, and addressing internal policy non-compliance as the best practice tactics for a world class P2P organization. So how can we stop these fraudsters, improve compliance, reduce risk, and establish a good supplier onboarding process? Consider the following best practices and controls to ensure that your suppliers are legitimate.
