audit (echoevg/Shutterstock.com)

DOD looks to analytics to fight fraudulent contractors

The Defense Logistics Agency wants to beef up its Business Decision Analytics (DBA) decision tool to better help it better identify and combat fraud.

The high volume of purchasing taking place on DLA's automated procurement system has made the agency a prime target for a practice it calls CAGE hopping and CAGE jacking.  CAGE hopping occurs when fraudsters establish a Commercial and Government Entity code, receive a DLA contract and deliver non-conforming parts or do not deliver the parts at all. Before they can be caught, they hop to a new CAGE code and repeat the process. 

CAGE jacking occurs when suspect actors register new CAGE codes in the names of existing businesses, substituting their banking data for the legitimate business' data. When they are awarded contracts under the guise of the legitimate business, send invoices and get paid, they either deliver nonconforming parts or no parts at all.  

To minimize these threats to its supply chains, DLA developed an enterprise risk assessment and decision support tool that alerts contracting specialists to high-risk procurements prior to a contract's award. It uses Dun and Bradstreet risk data on suppliers' financial stress (e.g. bankruptcy, delinquency, etc.), supplier litigation (e.g. legal issues, liens, etc.), demographics (length of time in business, foreign ownership, etc.) and overall corporate structure (subsidiary relationships, domestic parent companies, global parents, etc.). 

The D&B data will cover up to 35,000 DLA suppliers, according to the request for information.

In July, DLA came under fire for not preventing for a fraudulent scheme in which Government Accountability Office investigators posed as law enforcement officials by giving DLA information about a fictitious law enforcement agency. The investigators were granted access to the DLA's online systems, where they could view and request excess Defense Department property. GAO said DLA's "reliance on electronic communications without actual verification does not allow it to properly vet for potentially fraudulent activity."

About the Author

Connect with the GCN staff on Twitter @GCNtech.

inside gcn

  • security compliance

    Security fundamentals: Policy compliance

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group