Meg McKechnie: So why do we care about conflicts of interest? Why does it matter if an individual or company benefits from a transaction? It does matter. Conflicts of interest undermine the trust and integrity of a transaction. Why would a company go to the expense of tendering if they know they're not going to get the contract or they have no chance of getting the contract? Sid, what are we seeing in this area?
Sid Mylavarapu: For instance Meg, one of our clients has had an issue where its project manager, who was integral to the procurement process, was using the client's contractors to build his home. As a result of social media analysis, we identified connections between the project manager and the contractor's family members. There were significant issues with the client's controls around conflicts of interest and as a result the project manager was able to get away with this.
Meg McKechnie: I've seen another example where a procurement manager at a particular department was able to award numerous contracts, generally low volume, to an associate of his. The issue there was generally around the segregation of duties and that's how it occurred.
Sid Mylavarapu: That's right. And that really leads us on to the control considerations that our clients need to be thinking about. The most important control consideration is the fact that you need to have an established framework for the management of conflicts of interest and that really is underpinned by three pillars – the first one being that there needs to be an adequate training system for staff around conflicts of interest. There also needs to be an encouragement for the declaration of conflicts of interest, but that needs to come from management. Finally, there also needs to be a regular review of any declared conflicts and of the compliance with the policies and procedures.
Meg McKechnie: And once you've got a framework for the employees to declare their conflicts and that they know you're regularly checking it's a deterrence measure. I think another key pillar to this is to ensure that you have an adequate segregation of duties, and as part of that you might was to consider regularly rotating your employees around, to minimise the occurrence of collusion, or the opportunity to develop relationships which may lead to collusion.
I guess that leads me to my next point. There needs to be ongoing testing of your adherence to policies and procedures, and a way to do this might be through data analytics. There are some tests that you might like to run; you might like to do comparisons between vendor and employee databases to identify connections. You may want to look at one-time vendors for example. There are many tests you can run and it will depend on the situation.