Supply Chain Fraud exists in the gaps between software systems and the transactions that software systems output. Standard software systems that run supply chains are Enterprise Resource Planning (ERP) systems, Electronic Data Interchange (EDI), and Automatic Identification (e.g. barcode labeling and scanning) systems.
Where there are no systematic transactions, manual processes introduce the ability for illicit behavior due to a lack of internal controls.
Data governance, automation, checks-and-balances, and the migration of a paper-based transaction to an electronic one are each key factors in detecting and reducing supply chain fraud.
The basis for assessing supply chain fraud relies upon a foundation of good supply chain business practices, procedures, and systems to be in place and functioning. This is a collaborative effort; there is an increased return-on-investment from supply chain operations and systems projects, and there is an end-to-end perspective beyond just procurement and/or purchasing.
Software systems that are focused on are notably Enterprise Resource Planning (ERP) and Electronic Data Interchange (EDI), both individually and integrated, in the fight against supply chain fraud.
Data governance to improve data integrity, end-to-end data transactions, and integration checks-and-balances are reviewed to ensure gaps are closed.
User rights-and-roles security is reviewed to ensure that individuals are not granted functional and (individual and aggregate) transaction authority beyond their job description needs.
ERP transactions typically include sales orders, work orders, pick/pack slips, purchase orders, and invoices.
EDI transactions typically include purchase orders, purchase order acknowledgements, shipping notices, and invoices.
Whether an ERP system has EDI integrated or not, business transactions must balance through the entire order-to-cash (O2C) and procure-to-pay (P2P) cycles. When ERP has integrated EDI, the transactions between the two systems should balance.
We do not perform audits but will work with audit teams or will perform software systems or transaction assessments.