As a former Head of Internal Audit with decades of experience doing, managing and leading internal audits, I have come across my fair share of idiots and idiocy in my career.
At times, auditees sees internal auditors as idiots. Similarly, there were times when as the Internal Audit Head I also saw auditees doing idiotic acts that went against common sense, breached organizational rules and was technically outright fraud on a small scale.
To be fair, I freely admit that as a former IA head, I have also done my fair share of mistakes and oversights so I am as big as the idiots I will be exposing in my post. The use of the term “idiot” is not meant to be derogatory. Merriam-Webster defines, “idiot” as a “foolish or stupid person” and the older meaning of, “a person affected with extreme intellectual disability,” is even by the dictionary’s standards considered a dated term. So to be clear, I use the term to refer to the stupid or foolish behaviour I have uncovered in my decades of internal audit fieldwork as well as investigations. But unfortunately, in the context of corporate behaviour, those foolish and stupid acts are termed as “idiotic” in this post.
One of the most pervasive small fraud that occurs in every organization where I have carried out internal audit on procurement involves the falsification of goods receipt.
For those of you who are not familiar with the typical process of procurement, typically one obtains or is allocated a budget to purchase goods or services that the department needs. Depending on the estimated procurement value, in the public sector, the department may do a direct purchase (for goods/services up to $6,000) or put up a quotation (for goods/services up to $90,000) or tender (for goods and services beyond $90,000) in GeBIZ, the Government Electronic Procurement Portal.
Once the Purchase Order (PO) or ordering of the goods/services (whether through GeBIZ or not) is issued to the vendor, typically, the department has to wait for the delivery of the goods/services and then do a three-way match in the system. A three-way match is where you PO is matched to the Delivery Order (DO) or Works/Service Report and also matched to the invoice for payment.
One of the key controls in the three-way match in any procure-to-pay system is that you have to receive the goods/services before you can make payment.
In one of the organizations that I audited, it came to our attention that a department had to put up a loss report on an item that was “lost”. Now as part of the process then, any loss reports had to be signed off by Internal Audit before it could be surfaced to the CEO for approval on the recommendation whether there was fraud or negligence and whether the staff or staffs responsible for the loss had to bear a portion of the loss that the organization needed to write-off the loss amounts.
The amazing thing about this loss report is that the item was never physically received in the first instance! What had happened was that the staff of the department had purchased some electronic parts direct from an overseas vendor online. He basically put up the proper procurement paperwork to purchase the item. Later, the item was lost in transit by the US Postal Service and the department could only claim USD 50 for the loss. The item had cost USD 3,000 or so.
Now, if the procurement controls above were operating, then in theory the organization would have suffered no loss as no payment would have been made without receiving the goods.
But guess what? The staff had gotten another colleague to do “goods receipt”, i.e. certifying that the electronic parts were received in good condition and correct quantity/quality. This was the fraud in that the goods were never received yet as it was lost in transit in the US Postal Service. The Finance department had approved this PO for payment because there was a three-way match in the PO, Goods Receipt and Invoice/Receipt were presented.
This type of fraud is not uncommon especially near to financial year-ends especially in the public sector because there are budget considerations to charge the purchase to the prior year’s budget or else there was no funds to support the purchase.
Even as I put my inputs into the Loss Report, I realized that the Head of department of the staff put it down to “oversight” and eventually no disciplinary action were taken against the staff responsible for falsifying the goods receipt resulting in a loss of USD 3,000 to the organization.
That was just one of of the many examples of “deliberate” idiocy I have encountered in my years as an internal auditor. People choosing to behave like idiots to make their lives easier to the detriment of the organization.
What other idiotic behaviour have you encountered in your own career or business journeys?