Asset Governance — Fraud Risk and Register Quality
Published: April 5, 2026
Every organisation purchases goods and services. Equipment, furniture, stationery, IT hardware, maintenance contracts, professional services. In most Indian companies, this process works through phone calls, WhatsApp messages, verbal approvals, and a bill that lands on the accountant's desk after the money has already been spent.
It works. Until it doesn't.
According to PwC's Global Economic Crime Survey 2024, 59% of Indian organisations experienced financial or economic fraud in the past 24 months — 18% higher than the global average. Procurement fraud has overtaken all other categories to become the number one economic crime in India, with 50% of businesses identifying it as a major threat.
This article is about the three ways companies handle procurement — and why two of them fail.
1. "I Handle Everything Myself"
This is where most Indian businesses start. The founder signs every cheque, approves every purchase, and personally knows every vendor. When the company has 10 people, this works perfectly. The owner has full visibility and nothing moves without their knowledge.
Then the company grows to 30 people. Then 50. Then 100.
The same owner is now spending three hours a day on purchase approvals. Quotations sit on their desk for a week. Staff send WhatsApp messages — "Sir, please approve" — that get buried under 200 other messages. Contracts are lost because quotes weren't responded to in time. Decisions that should take ten minutes wait three days.
Research on Indian SMEs confirms this pattern: most small and medium businesses in India don't have any defined business processes. The entire operation is run by a single person. As one study noted, "it is impossible for a single person to take care of all areas of a business because of their biological as well as professional limitations."
The owner isn't the solution anymore. The owner is the bottleneck.
The company can't grow faster than the owner's personal capacity to review and approve. Staff stop waiting and start buying things on their own — submitting bills after the fact. The owner works longer hours but things still fall through the cracks.
2. "I Trust My People"
So the owner delegates. They hire a purchase manager, a store manager, a department head — and hand over the responsibility. "I trust you. Handle it."
This is the most dangerous stage.
Delegation without controls is not empowerment. It is an open invitation. PwC's research found that for every rupee stolen through fraud, companies incur an additional four rupees in related costs — investigation, remediation, legal fees, process overhaul.
The most common procurement fraud scheme is disarmingly simple: a purchase manager selects a vendor who charges above-market prices, and the difference is shared as a kickback. This is widespread in companies where procurement is decentralized without oversight — the very companies that "trust their people."
The patterns that emerge
- Vendor-employee collusion. Your purchase manager buys from Vendor X at Rs 1,200 per unit. Market rate is Rs 800. The Rs 400 difference is split. You never see the comparison because there is no historical pricing data in the system — because there is no system.
- Inflated deliveries. The vendor invoices for 100 units. 80 were actually delivered. The purchase manager signs off on 100. You pay for 100. Nobody checked because nobody was asked to verify the delivery independently.
- The slow bleed. Nobody steals Rs 10 lakh at once. They add Rs 500 here, Rs 1,000 there, to every order. Over a year, it adds up. Each individual transaction looks normal. The pattern is invisible because nobody looks at patterns.
- The trusted long-timer. The person who has been with you for 15 years. Your right hand. Would "never steal." Research on workplace embezzlement consistently finds that the perpetrators are long-time employees who were trusted implicitly. More than half of all workplace theft occurs because of weak internal controls — not because of bad hiring.
The common thread: one person controls the entire purchasing cycle — selecting the vendor, approving the purchase, confirming the receipt, and authorising the payment. This is exactly the scenario every fraud prevention framework warns against.
3. What You Don't Know You Own
Beyond procurement, there is a quieter problem: most companies don't actually know what they own.
Industry research estimates that 65% of fixed asset records are incomplete, inaccurate, or missing altogether. Between 10 and 30 percent of assets listed on company books no longer physically exist — lost, broken, stolen, or scrapped without being removed from the register.
The consequences are real and ongoing:
- Insurance premiums paid on assets that don't exist
- Depreciation calculated on ghost assets — distorting your profit and loss
- Tax paid on inflated asset values
- AMC contracts renewed for equipment that was disposed of two years ago
- New purchases made for items the company already owns — because nobody can find them in the records
When the auditor asks "show me this asset," and nobody can, the problem becomes official. But the financial leakage has been happening silently for years.
4. The Third Way: Delegate With Guardrails
The solution is not to do everything yourself — that doesn't scale. And the solution is not to delegate blindly — that invites fraud. The solution is to delegate within a system that enforces accountability automatically.
What this looks like in practice
| Today | With a governed process |
|---|---|
| Someone buys something and you find out in the accounts | Every purchase starts as a request — visible before the money leaves |
| You don't know who approved what | Every approval has a name, a date, and a reason |
| "Who should approve this?" — confusion | The system routes to the right person based on rules you set once |
| Ordered 100, received 85, paid for 100 | Order says 100, receipt records 85 — mismatch flagged before payment |
| "What did we pay last time?" — nobody knows | Historical pricing for every item, every vendor — searchable |
| New person joins — starts from zero | The system has the history. New person follows the process from day one. |
| "How much did we spend on IT this year?" — ask the accountant, wait 3 days | Filter, view, export. 10 seconds. |
The principle is straightforward: the person who requests cannot approve. The person who approves cannot confirm receipt. The person who receives cannot authorise payment. This separation of duties — enforced by the system, not by trust — is the single most effective control against procurement fraud.
What changes for the owner
You set the rules once: purchases above Rs 50,000 need your approval, below that your department heads handle it. The system enforces those rules every time, without exception. You see a dashboard of what's being purchased, what's pending, and what's been received — without being involved in every transaction.
Your team is empowered. Your controls are enforced. And your time goes back to running the business.
5. It Starts Simple
The most common objection is: "this sounds complex." It doesn't have to be.
Start with one thing: purchase approvals. When someone in your organisation needs to buy something, they raise a request. The system sends it to the right approver. The approver reviews and approves or rejects. That's it.
No implementation project. No consultant. No six-month rollout. Just a structured way for purchases to be requested, approved, and tracked.
When you're ready, add delivery verification — matching what was ordered against what was received. Then add your asset register — automatically built from the purchases that have been received. Then add Tally integration — so your accounting entries are generated from the same data.
Each step builds on the last. Each step makes the next one easier. And every transaction from day one becomes part of your organisation's permanent, searchable memory.
Your company buys things every day. The question is whether it remembers — who approved, what was paid, who received, and where it is now. A governed procurement process ensures it always does.