Supply Chain Fraud, Corruption, Counterfeiting, and Theft
TOOLS, BEST- IN- CLASS PRACTICES, AND COUNTERMEASURES
Our focus in this section is to provide some insights on emerging tools that are providing capabilities to manage critical aspects of supply chain risk.
This section explains the four quadrants presented in Figures 8.2 and 8.3.
Fraud, Corruption, and Theft Tools
The left portion of Figure 8.2 relates to a solution called Decision Point from Navigant. This tool is Navigant’s antibribery onboarding portal. It is designed for the investigation of distribution and supply chain third parties. The tool addresses the challenges inherent in utilizing interme-diaries and suppliers, such as onboarding, regulatory compliance and education, information gathering, approvals, and investigative processes as they relate to antibribery and other compliance regulations. The tool facilitates the third- party onboarding process, assesses and risk scores third party corruption risk, and enables due diligence investigations when appropriate in an effort to support the U.S. FCPA, Foreign Corrupt Practices Act.
The right portion of Figure 8.2 provides a workflow of a supplier onboarding process, which Navigant and other antibribery and cor-ruption tools maintain for clients. As you can see, the tactical tasks are interwoven into a company’s overall supplier management process. These tasks inside Navigant’s Decision Point and other tools are co- managed processes rather than fully outsourced. For example, supplier onboard-ing may be initiated and managed by a commodity manager or buyer in the procurement group, who then sends the invitation, interacts with the supplier, and monitors progress. These tasks could then trigger key tasks at each step done by a third party, such as launching a survey, requesting certificates, validating responses, and more.
Moving to the left side of Figure 8.3 we profile another emerging solution tool from IHS that captures significant data for manufacturers across the globe in terms of where a supplier is located, its market share, inventory metrics, financial disposition, and financial risk. Looking at IHS’s tool kit, you might consider it a supply chain “temperature check.”
The right side of Figure 8.3 highlights a new solution set from Verisk Crime Analytics, in conjunction with C. H. Robinson, which monitors
Yes
Co-managing Supplier Risk Start Invites
Supplier, Based on
Vendor Type
Procurement Team Start Portal Supplier Risk Service Provider Third Party Co-Managed
Escalate-No Response or Incomplet
e Registration Sends Appropriate Email Invitation
Email Reminders for 30 Days. After 30 Days Escalate to Client
Flag Whether or Not Meets Vendor-Typ
e Insurance
Requirements (Real Time
)
“Does Not Meet” Notification to Supplier
Approval Notification Sent to Supplie
r Supplier Contacts Client to Dispute?
Provides Requested Insuranc
e Information? Mark Supplier as Does Not Meet Requirements Mark Supplier As ApprovedAll Requirements Met?Contact Supplie
r for more InformationFail
No
No NoNo Yes
YesYes
YesEnd No Fail PassPass
Validate that Input Data Matches Insurance Certificate
– Insurance Limit(s) – Policy Number(s) – Effective Date(s) – Expiration Date(s) – Notation of Insurance Carriers(s) Per Client Requirements
Particular Attention Paid to:
Profile Submitted ?
Supplier Logs in?
Reviews “Does Not Meet Requirements” Supply
Updates Supplier Approval Status to Approved or Rejected
Over- rides Supplier Approva
l Status?Geography MapTable Financial Risk Revenue DebtIncome & Profitability
0.5 0 01 Supply Health Lead Times Utilization RatesInventories
1.5 1 22
$ Financial
Financial
Production Market Share Inventory
Inventory
FIGURE 8.2 Emerging risk management tools.
and alerts companies around the globe in an effort to provide coordi-nated theft incident communications, recovery support, and deterrence measures integrated with law enforcement organizations worldwide.
Through the use of the platform called CargoNet, which is connected to more than 120,000 officers and agents spanning the globe and more than 9,000 agencies in the United States, shippers can mitigate the risk of cargo theft by receiving near- real- time theft alerts that are automatically sent to law enforcement, thus strengthening security around sensitive and high- value freight.
Supplier Co- Management
We know that managing supplier risk is a trade- off between cost of dili-gence and the cost and likelihood of damages caused by suppliers, directly or indirectly. Normally, more time and money spent on due diligence results in lower actual damages. However, over time this reaches a point of diminishing returns. And therein lies the key to the co- managing sup-plier concept. Disciplines, process improvements, and systems that reduce the cost of diligence while simultaneously reducing the risks of supplier- induced damages are far more efficient and effective than throwing more resources at the problem. What are some of the benefits of using third parties to manage supplier risks?
FIGURE 8.3
Emerging fraud and corruption tools.
• Economies of Scale—Third parties that serve hundreds of compa-nies can realize efficiencies not possible by individual compacompa-nies, and therefore data can be collected once and used many times.
• Economies of Specialization—These tasks are core competencies for third parties and therefore they become efficient and effective over time at performing them.
• Investment in Technology—Again, because these are core compe-tencies, third parties continue to invest heavily in platforms and sys-tems to streamline the processes and provide overwhelming value.
• Accumulated Expertise—Experienced providers have learned what works and have created templates and libraries that can lead, guide, direct, and coach their clients.
• Regulatory Currency—Often providers maintain a cadre of experts to keep up with regulatory changes, denied party lists, and legisla-tion to ensure their clients stay in compliance.
• Improved Initial Risk Awareness/ Identification—More risks are exposed in the due diligence processes, and therefore action can be taken quickly to avoid risk.
• Increased Number of Suppliers Managed—The disciplines, pro-cesses, and systems brought by an experienced third party can generate huge improvements in the number and percentage of sup-pliers for which the proper due diligence is performed in depth, thus reducing incidents and damages.
• Enhanced Early- Warning Risk Alerts—Finally, with well- developed monitoring tools, emergent risks can be discovered sooner, giving the client more time to deal with an event and execute an optimal response.
Addressing Corruption with Best Practices
The U.S. Conference Board and the Center for Responsible Enterprise and Trade executed an exhaustive global survey involving Fortune 500 companies such as DuPont, Microsoft, ARAMARK, Emerson, Caterpillar and more.8 This study found that 70% of respondents felt there was an extensive risk of corrupt activities when working with agents and busi-ness partners in emerging countries. Furthermore, an agreed- upon effec-tive compliance program should consist of seven pillars: risk assessment, due diligence, contract provisions, audit and monitoring, governance and
management, codes and policies, and training and communications. The study also found that training of company employees is a key ingredient for compliance success. More than 60% of respondents felt their company would benefit greatly from third- party, independent rating of their anti-corruption programs.
This report also found that the emerging market where companies uti-lize suppliers and agents the most is China. Other top markets for sup-pliers and agents are India, Southeast Asia, Mexico/ South America, and Eastern Europe. If your supplier base is scattered across these top five countries/ regions, which is probably the case, we know there’s enough risk to go around for everyone. How do companies address corrupt practices with suppliers?
• Perform Due Diligence—The methods utilized the most by respon-dents include examining legal and financial aspects, reviewing of government relations, criminal investigations as a risk assessment technique, reviewing policies of third parties, and third- party eth-ics reviews.
• Contract Provisioning—Verbiage and actions most often placed in contracts include complying with laws and regulations, right to ter-minate by the company, right to terter-minate if third party violates laws, third- party financial liabilities, right to access supplier records, com-plying with anticorruption policies, and the right to audit the supplier.
• Audit/ Monitor—Methodologies and processes most often in effect are searches for criminal activity, review of payments with high- risk suppliers, reviewing policies of third parties, periodic supplier and third- party recertification, and periodic audits and visits.
• Rely on Policies—Policies most often in effect are anticorruption information for employees, training of employees, reporting for employees, ongoing compliance programs, and reports on and for third- party employees.
• Rely on Procedures—Procedures most often in effect are constant communication about corruption, written policies for third parties, multiple approvals for third parties, company employment agree-ments, bids reviewed by company teams, and anticorruption infor-mation for third- party companies.
• Governance and Responsibilities—In this arena, the internal audit, compliance, finance, and legal departments are extensively involved in anticorruption efforts. Often, responsibility for anticorruption efforts with suppliers and third parties will reside with the procure-ment group.
Counterfeit Countermeasures
Counterfeiting, as mentioned earlier, is a topic of interest across some important industries. It’s a major issue, especially to the Nuclear Regulatory Commission (NRC). The NRC is one of the biggest proponents of supply chain risk management inside the U.S. government. When the NRC speaks, everyone listens, including other countries. Below are some key methodologies the NRC advocates as well as tools, techniques, and countermeasures to support its ongoing battle against counterfeit parts.
The NRC advocates the diligent use of procurement policies and proce-dures, as we witnessed in the Conference Board’s report. It also stresses the issue of parts, manufacturers, and distribution facilities having audits and assessments. The NRC has developed for its nuclear clients an obso-lescence product life cycle protocol covering components from cradle to grave. The commission has also developed several measures for counterfeit part risk detection and new traceability verification methods using serial-ization and tags. And finally, the NRC has worked to bolster law enforce-ment resources and penalties.
The NRC has developed countermeasures to detect counterfeit items.
It has introduced new techniques such as Fourier transform infrared spectroscopy (FTIR), thermo- mechanical analysis, and X- ray fluores-cence spectroscopy (XFR). Something that is particularly leading- edge is SigNature DNA.
SigNature DNA is something completely different in terms of counter-feit countermeasures. It is a plant- based electronic signature marking that is invisible to the naked eye. The markings show up only under ultraviolet light. Each supplier marks its product with its own customized sequence of which the combinations and permutations are infinite. Thus, the Pentagon is paying extra for these suppliers to mark all electronic components dur-ing a trial period. Also, the SigNature DNA technique is now expanddur-ing into new industries such as wine and high- end apparel.
Another new approach to mitigate the risk of counterfeit electronic components is growing rapidly. According to a report by the U.S. Senate Armed Services Committee, titled “Inquiry into Counterfeit Electronic Parts in the Department of Defense Supply Chain,” an overwhelming majority of more than a million counterfeit parts identified in the investi-gation were sourced from a party other than the original manufacturer or an authorized distributor.
In the electronics industry, and now others as well, after a major risk event or a problem with a key supplier within an industry, buyers often have no choice other than to begin sourcing in what is called the gray mar-ket. A gray market is an unauthorized channel of distribution. However, turning to the gray market and purchasing a part from a source other than the original manufacturer or authorized distributors exposes the buyer to not only substandard components but also increases their risk of pur-chasing counterfeit components. As a result we have seen the birth of the excess and obsolete (E&O) industry. Franchised E&O distributors with guaranteed product traceability are filling a gap in supply chains result-ing from just- in- time manufacturresult-ing and supply disruptions. By holdresult-ing excess and unsold factory stock and guaranteeing product traceability back to the manufacturer, these distributors offer buyers a credible and reliable source of product to mitigate counterfeit risk.
While the approaches presented here are not the only ways to coun-ter the councoun-terfeicoun-ters, they illustrate some of the creative thinking that is occurring to try to stay one step ahead in an area that is a continu-ous concern.
CONCLUDING THOUGHTS
This chapter highlights the darker side of human nature. When we think about natural disasters, we think about things called “acts of God.” These acts are not caused directly by humans, although climate change propo-nents will argue that this is not necessarily the case today. Something we do know for certain is that every time an act of fraud, corruption, coun-terfeiting, or theft occurs, it is a man- made event. And man- made events are preventable.
The problem with fraud, corruption, counterfeiting, and theft, particu-larly at a national level, is that these behaviors, particuparticu-larly corruption,
correlate highly with poorer and less- successful countries. As a predictor of failure, at one level corruption may have the most devastating effect of any risk presented in this book. As the Austrian journalist Karl Krause once commented, “Corruption is worse than prostitution. The latter might endanger the morals of an individual. The former invariably endangers the morals of the entire country.”9
Summary of Key Points
• Bribery is trying to persuade someone, typically illegally or dishon-estly, to act in one’s favor by offering a gift of money or other attrac-tive inducement.
• A counterfeit is something made in imitation so as to be passed off fraudulently or deceptively as genuine.
• The first stage of a risk event tends to be denial. The second of the four stages is severity (scope and scale). The third stage is blame (reality sets in). The final stage is resolution (where the lesson is learned).
• New organizations enacted to cut down on fraudulent activities include Consumer Financial Protection Bureau and Customs Trade Partnership against Terrorism. New regulations with this same goal include the Dodd- Frank Wall Street Reform and Consumer Protection Act and the Foreign Corrupt Practices Act.
• Tools against fraud and corruption include Navigant’s antibribery onboarding portal called Decision Point, IHS’s “temperature check,”
and Verisk Crime Analytics’ CargoNet.
• An effective compliance program should consist of seven pillars: risk assessment, due diligence, contract provisions, audit and monitor-ing, governance and management, codes and policies, and training and communications.
ENDNOTES
1. Riley, Charles. “Governments Lose Trust As Corruption Soars.” CNNMoney, July 9, 2013, Accessed from www.cnnmoney.com.
2. Compliance Week Magazine and Kroll Anti- Bribery & Corruption Report, May 2013 Survey.
3. O’Toole, James. “Ralph Lauren Admits Bribery at Argentina Subsidiary.” CNNMoney, April 22, 2013, Accessed from www.cnnmoney.com.
4. Accessed from www.dictionary.com.
5. Fulghum, David, Bill Sweetman, and Jill Dimascio. “China Chips: Counterfeit Components Reveal Political Hype and Bureaucratic Muddle in Washington.”
Aviation Week and Space Technology, June 4–11, 2012: 68.
6. European Banking Board terms and definitions.
7. Accessed from http://www.pwc.com/ us/ en/ cfodirect/ publications/ dataline/2012-10-sec- adopts- conflict- minerals- rule- public- and- nonpublic- companies- in- many- industries- are- affected.jhtml.
8. USA Conference Board & Center for Responsible Enterprise & Trade Report, August 2012.
9. Accessed from http://www.brainyquote.com/ quotes/ quotes/ k/karlkraus152098.html.
165