Where your supply chain leaks money Supply chain fraud costs UK businesses hundreds of millions of pounds annually. Procurement staff who take kickbacks from suppliers.
Where your supply chain leaks money
Supply chain fraud costs UK businesses hundreds of millions of pounds annually. Procurement staff who take kickbacks from suppliers. Suppliers who invoice for goods not delivered. Logistics providers who overcharge for services. Employees who create fictitious suppliers and route payments to themselves. These are not edge cases – they are the types of fraud that UKPI investigates for businesses every month, across manufacturing, retail, construction, healthcare, and professional services.
The common thread is that supply chain fraud is difficult to detect through routine financial controls. It is concealed within the volume of legitimate transactions, disguised by paperwork that looks normal, and protected by the relationships between the people who commit it and the people who should be catching it. This article explains how supply chain fraud works, how to detect it, and how to investigate it once detected.
Types of supply chain fraud
Procurement fraud
The most common form. An employee with purchasing authority steers contracts to a supplier they have a personal interest in – a company owned by a family member, a friend, or the employee themselves through a nominee arrangement. The supplier charges above-market prices, and the employee receives a benefit: direct payment, goods, services, or a share of the inflated profits.
Procurement fraud is sustained by the employee’s control over the purchasing process. They select the supplier, approve the invoice, and confirm receipt of goods or services. If no one else in the organisation verifies these steps, the fraud can continue for years. The losses accumulate incrementally, each transaction may be unremarkable in isolation, but over time, the total is large.
Invoice fraud
Suppliers submit invoices for goods not delivered, services not provided, or quantities greater than those actually supplied. A construction subcontractor invoices for 500 hours of labour when only 400 were worked. A catering supplier bills for 100 meals delivered when the actual number was 80. An IT consultancy charges for a senior consultant at £900 per day but sends a junior at £400 per day.
Invoice fraud exploits weaknesses in the goods receipt process. If no one checks deliveries against purchase orders, or if the person checking deliveries is colluding with the supplier, overbilling goes undetected. The fraud is particularly common in services contracts, where the deliverable is less tangible than physical goods and harder to verify independently.
Ghost supplier fraud
An employee creates a fictitious supplier in the company’s vendor database, submits invoices on behalf of the fake supplier, and approves payment to a bank account they control. The supplier does not exist – it has no premises, no employees, and no legitimate business activity. The only purpose of the company is to receive payments from the victim organisation.
Ghost supplier fraud is detectable through basic checks: does the supplier have a physical address? Is it registered at Companies House? Does it have a website, a telephone number, and other signs of genuine business activity? Are there other customers, or is the victim organisation the sole source of revenue? These checks are straightforward but often not performed – particularly when the person who created the vendor record is also the person who approves payments to it.
Kickback and bribery schemes
A supplier pays a kickback to the employee who awards them the contract. The kickback may be cash, gifts, hospitality, free use of property or vehicles, employment for a family member, or any other benefit. In return, the employee ensures the supplier receives contracts, often at inflated prices, and overlooks quality or delivery problems that would normally result in the supplier being replaced.
Kickback schemes are the hardest to detect because the corrupt payment does not flow through the victim company’s accounts. It moves directly from the supplier to the employee, often in cash or through a third party. Detection relies on identifying the circumstantial indicators: a buyer who insists on using a specific supplier, who resists competitive tendering, who has a lifestyle beyond their apparent means, or who reacts defensively to questions about procurement decisions.
Logistics and distribution fraud
Fraud within logistics operations includes diversion of goods (stock is dispatched but does not arrive at its destination because it has been redirected to an alternative address), phantom deliveries (a driver signs for a delivery that was never made), and mileage fraud (claiming mileage or petrol costs for journeys not taken). In warehouse environments, stock shrinkage attributed to damage, waste, or administrative error may actually represent systematic theft.
Detection methods
Data analytics
Analysis of procurement and payment data can identify patterns associated with fraud. Red flags include suppliers with a single customer (your organisation), suppliers with addresses that match employee addresses, round-sum invoices (£1,000, £5,000, £10,000) that suggest the amount was chosen to avoid approval thresholds, invoices consistently just below authorisation limits, duplicate invoices (same amount, same date, different invoice numbers), and a single buyer responsible for a disproportionate share of procurement spend with a single supplier.
Data analytics does not prove fraud. It identifies anomalies that warrant investigation. The anomaly may have an innocent explanation – a small specialist supplier that genuinely has only one customer, or round-sum invoices that reflect genuinely round-sum contract rates. But when multiple red flags cluster around the same supplier, employee, or process, investigation is justified.
Vendor verification
Checking suppliers against Companies House records, verifying their physical address, confirming their VAT registration, and reviewing their accounts (where filed) establishes whether the supplier is a genuine trading business. Cross-referencing supplier details against employee records (do any suppliers share an address, phone number, or bank account with an employee?) identifies potential conflicts of interest.
Process testing
Testing procurement processes to verify that controls are working as designed. Are purchase orders raised before goods are ordered? Are goods receipted independently of the person who placed the order? Are invoices matched to purchase orders and delivery notes before payment? Are supplier additions to the vendor database subject to verification? If the answer to any of these questions is “not consistently,” the process has gaps that fraud can exploit.
Whistleblower channels
According to the Association of Certified Fraud Examiners, tips from employees are the most common way fraud is initially detected – accounting for over 40 per cent of detected fraud. Providing a confidential channel for employees to report concerns, and making clear that reports will be taken seriously and investigated, encourages reporting of suspicious activity.
Investigating supply chain fraud
Preserving evidence
Before confronting anyone, preserve the evidence. This means securing financial records, email correspondence, procurement files, and system logs before the suspect has an opportunity to alter or destroy them. If the suspect has access to the systems that contain the evidence, their access should be restricted as early as possible – without alerting them to the investigation.
Digital forensic imaging of the suspect’s computer, email account, and mobile phone (if company-owned) preserves the evidence in its original state and allows detailed examination without altering the originals. Deleted emails, files, and browser history can often be recovered through forensic examination.
Financial analysis
Tracing the flow of money from the victim company to the fraudulent supplier, and from the supplier to the employee (directly or through intermediaries), establishes the financial mechanics of the fraud. This involves analysing bank statements (obtained through court order if necessary), company accounts, tax records, and transaction data. Financial investigators can trace complex payment chains and identify the ultimate beneficiaries.
Background investigation
Investigating the connections between employees and suppliers reveals conflicts of interest that were not disclosed. Company directorship searches, property ownership checks, and relationship mapping identify personal and financial links between the people involved. A procurement manager whose spouse is a director of the company’s largest supplier has a conflict of interest that should have been declared – and its non-disclosure raises immediate concerns.
Surveillance
In some cases, surveillance is appropriate to document meetings between employees and suppliers that are inconsistent with normal business activity. A buyer meeting a supplier representative at a pub on a Friday evening, rather than at the office during business hours, may be socialising – or they may be exchanging a cash payment. Surveillance documents what happens; the investigation interprets what it means.
Results and recovery
When supply chain fraud is confirmed, the employer has several options. Disciplinary action against the employee, up to and including dismissal for gross misconduct. Civil recovery proceedings against the employee and the fraudulent supplier to recover the losses. Criminal prosecution under the Fraud Act 2006 or the Bribery Act 2010 (which applies when the fraud involves corrupt payments). Reporting to regulatory bodies where applicable (for example, the Financial Conduct Authority for regulated firms). And remedial action – strengthening the procurement controls that the fraud exploited.
Civil recovery can include claims against the employee for breach of fiduciary duty, against the supplier for unjust enrichment, and against any other parties who knowingly participated in or benefited from the fraud. Asset tracing may be required to locate the proceeds of fraud before recovery proceedings can succeed.
Prevention
the strongest fraud prevention combines strong controls with a culture of integrity. Separation of duties in procurement (the person who selects the supplier should not be the same person who approves the payment). Mandatory competitive tendering above specified thresholds. Regular rotation of purchasing responsibilities. Independent verification of supplier details at the point of onboarding. Regular review of spending patterns by category, supplier, and buyer. A conflict-of-interest declaration process that requires employees with purchasing authority to declare personal relationships with suppliers.
No control system is fraud-proof. A determined fraudster with sufficient authority and motivation will find a way around any control. But strong controls raise the effort and risk required to commit fraud, reduce the potential duration of fraud before detection, and demonstrate to investigators, regulators, and courts that the organisation took reasonable steps to prevent it.
Working with UKPI
UKPI investigates supply chain fraud for businesses across the UK. Our investigators have backgrounds in financial crime, forensic accounting, and corporate investigation. We identify the mechanics of the fraud, trace the money, gather court-admissible evidence, and support disciplinary and legal proceedings.
If you suspect fraud within your supply chain, call 0800 043 1754 for a confidential discussion. Early action limits losses and preserves evidence. Delay allows the fraudster to continue operating and to cover their tracks. You can also contact us online.
Industry-specific risks
Construction
Construction is one of the sectors most affected by supply chain fraud. The project-based nature of the work, the large number of subcontractors, and the difficulty of verifying work quality on large sites create opportunities for overbilling, phantom labour, materials fraud, and kickbacks. A project manager who approves invoices from a subcontractor without independent verification of the work completed is the weak point that most construction fraud exploits. Independent quantity surveying and site audits reduce this risk but are often not conducted with sufficient rigour.
Healthcare and pharmaceuticals
Healthcare procurement fraud includes kickbacks from medical device suppliers, overbilling for consumables, and substitution of cheaper alternatives for specified products. In pharmaceuticals, supply chain fraud extends to counterfeit medicines – a risk with direct patient safety implications. The Medicines and Healthcare products Regulatory Agency (MHRA) regulates the pharmaceutical supply chain, but enforcement depends in part on businesses detecting and reporting irregularities.
Public sector
Public sector procurement is subject to the Public Contracts Regulations 2015 and is designed to be transparent and competitive. Despite these safeguards, procurement fraud occurs in the public sector at a rate comparable to the private sector. The National Fraud Authority has estimated that fraud costs the public sector £20.6 billion annually. Common methods include bid rigging (where suppliers collude to ensure a predetermined winner), conflicts of interest between procurement officers and suppliers, and invoice manipulation in large-scale service contracts. Internal audit functions, supplemented by independent fraud investigation when specific concerns arise, are the main lines of defence.
Speak to an accredited investigator about your specific situation.
Call 0800 043 1754
