Procurement Audit Procedures
Every now and then, a news story pops up about an organization being implicated for their inept handling of a high-profile procurement. Most of the time, this is due to bias in the bidding process or the misappropriation of resources within the procurement department. Periodic, end-to-end audits of the procurement process are critical to curb fraud and retain the integrity of the company's purchasing function.
Procurement is the simple process of purchasing necessary products or services for the business, from the best suppliers and at the right price. For example, a company might procure raw materials, facilities, technical equipment, telecommunications and training services, among many others.
Since most businesses spend a significant portion of their operating budget on goods and services, even the slightest problem can have a direct impact on profits. Eliminating fraud, errors and waste in the supply chain can have a massive effect on the company's bottom line and reputation.
That's where a procurement audit comes in. This is the process of reviewing all the different supply contracts and procurement processes to ensure they are accurate, complete and efficient. Where risks are identified, the company can put controls in place to contain the risk within acceptable limits.
Every organization has a process for selecting vendors, and these range from structured requests for proposals to informal pricing requests. This area is prone to fraud and selection bias, so the audit should start here.
Start by reviewing the selection criteria for placing vendors on the approved supplier list. Are the criteria fair and objective and do they meet your business' needs? Were suppliers properly scored against these criteria? For example, your selection process may require bidders to be scored based on five or six different criteria such as quality, volume, cost and lead times, whereas in reality, the order was given to the person with the lowest bid.
A vendor must be able to provide the product in accordance with the organization's requirements for volume, price, quality and delivery. Flag up any that do not.
A purchase order, submitted to the procurement team or directly to an approved supplier, kicks off the purchasing process. The audit should review a sample of POs for accuracy – does the form bear the correct authorization signature? Does the PO match the supplier's final invoice in terms of the product description, quantity and price? Are staff aggregating orders to receive bulk discounts?
Next, take a random sample of supplier invoices and packing slips and compare them to your purchase orders. Does a properly authorized PO exist for goods received? If not, you could be hit with improper charges to your department budgets.
Procurement internal control best practices demand that you don't just stop at the paper trail. Auditors should also review the processes for receiving goods and logging the movement of goods in and out of the warehouse. This ensures that controls are in place to prevent the loss and theft of items.
Are items secured in a safe location with access restricted to authorized staff? Are inventory levels properly monitored and recorded? Are quality control inspections being undertaken to ensure that goods of the proper quality are being supplied?
The final part of the audit concerns issues of accountability. Are staff obtaining the proper authorizations before purchasing? Does the business have an effective separation of responsibility, such that different people are placing orders, approving invoices for payment and reconciling financial records? Is the finance team reconciling ledgers for accuracy against POs, bills of sale, supplier invoices and receipts? Are you paying suppliers on time to qualify for an early payment discount?
These controls are all essential to prevent unauthorized or fraudulent purchases and to ensure you're not incurring excessive costs. If you spot any red flags throughout the process, it's a sign to investigate further and expose any dubious practices.