Steven Rollins CEO & Chief Project Strategist ALLPMO Network

In realizing the consequences of certifying this report to the government, you worry about what you are doing. Are placing your career, your job, your family at risk, every three months? You bet you are and more. You are risking personal financial penalty and jail time when in fact you may have nothing to do with the errors in the report. This is the best your team can do given the information at hand.

What can YOU do about this? As one of the executive leaders in your business, you have the opportunity to initiate improvement in fiscal controls to lessen risk for the corporate entity that you serve, as well as you and others who are subjected to this same standard and penalty. Knowing what the business must do to control project fraud should be the goal. Answering the following five questions will give you and your business a great start.

1. What is Project Fraud?
2. How do we prevent project fraud?
3. How do we detect project fraud?
4. How do we train our workforce to manage project fraud?
5. What policies should we implement to effectively manage and communicate on project fraud?

Getting Started
Gaining total control over project fraud requires the ability to recognize project fraud at all levels of the workforce. Secondly, the organization must be able to evaluate work results compared to what the organization expected. Thirdly, the organization must establish an environment that consistently reduces the opportunity for project fraud as a means to improve project fraud prevention. A key construct to project fraud control is improving visibility to work results at all levels.

What is Project Fraud?
Let's define the objective you seek to remedy – project fraud. The federal government through the enactment of the Sarbanes-Oxley legislation is seeking to reduce and/or eliminate corporate fraud. Project fraud is a type of corporate fraud. Fraud is defined by Webster Dictionary as "deceit; trickery; cheating". A person who intentionally deceives or is not what they pretend to be is a fraud. Thus, anyone that is a part of a project team, directly or indirectly, that deceives, tricks, or cheats in the project work they do, is committing project fraud, technically speaking.

Accounting/Finance departments in most businesses are performing an adequate job in auditing and improving financial reporting except for those areas of the business where fiscal management can be manipulated to support personal career management, personal reward, or other personal interests that are not in the corporation's best interests or is not what the business paid for.

Examples of Project Fraud

1. Project Sponsor mis-management. Project Sponsors that lead the project team knowingly in a direction that they know is not what the business has requested.
2. Over-estimation of work level-of-effort at the project and/or task level. Project members who over-state work estimates for personal benefit.
3. Intentional suppression of project progress reporting information. Not reporting correct project status, even when the information is negative, is mis-representation.
4. Internal business partner unwillingness to assume accountability for project success or failure for the project they funded. This example is tricky however their lack of ownership creates opportunity for project fraud to develop.
5. Business case justification misrepresentation. Have you seen any business cases that were over-stated because it helped make the case for project activation?
6. Internal business-side partners that compete with other business-unit peers for project delivery support not in alignment with the fiscal year work plan of strategic projects. CIOs are often targets of business side project owners to deliver their projects when they have not been approved to do so.
7. Worker sense of urgency that is personal-need driven versus business focused driven. Workforce members who work on what they want to do when they want to do it.
8. Worker vendettas that prevent project delivery progress. Enough said!
9. Including customer requirements into an existing project when the new requirements were not approved. Project Teams have enough to do.
10. Adding unplanned project vendor workers to the project team without approval to do so. This costs the business money id did not expect to spend.

These types of fraud appear most often in the project delivery sphere and represent the tip of the iceberg on types of project fraud that eat away at corporate fiduciary accountability and personal risk for those required by law to certify quarterly and annual fiscal reporting as set forth by the Sarbanes-Oxley federal legislation.

How Do We Prevent Project Fraud?
Several methods exist that will help the business prevent project fraud as soon as they are implemented.

1. Reducing the opportunity for project fraud will reduce project fraud. Project Fraud requires the opportunity to actually become realized. Opportunity for project fraud can come from anywhere. Rigor and discipline from the practice of project management when applied in an uniform manner will aid the prevention effort.
2. Raise the visibility of project progress to all involved workforce members. Team Members should be aware of the project critical path schedule and who is currently on the "hot seat".
3. Enlist the Program/Project Management Office to design, develop and implement Project Fraud Management policies that when implemented will improve project fraud prevention and detection. Internal Auditing or Strategic Planning are not the best solution since this requires seasoned understanding of the principles of project management and how that rigor and discipline is applied in the business.

Project delivery environmental contributors that enable project fraud opportunities

1. Over-worked employees who are helplessly multi-tasked.
2. A business environment that accepts project delivery success as "close" to expected delivery date and budgeted cost.
3. Project Sponsors that have not been trained in a standard business model for leading project investments.
4. Missing entity to support and facilitate tactical progress of all project investments, such as the "Project Management Office".
5. Poor visibility to down-range project delivery hurdles, inter/intra project.
6. Poor executive sponsorship to promote project fraud control management in the organization.
7. Lack of awareness by the workforce for the current year fiscal objectives – what the business expects to achieve for this fiscal year.
8. Inappropriate force-ranking of project investments in alignment with the corporate objectives for the fiscal year.
9. Inefficient support for the workforce for project management rigor and discipline.
10. Business model that embraces cost-optimization compared to throughput-optimization.

How Do We Detect Project Fraud?
In most companies, this activity falls to Internal Auditing, Strategic Planning or to the Program/Project Management Office. Internal Auditing or Strategic Planning are good choices to start with if a PMO does not exist. However neither Internal Auditing or Strategic Planning normally do not possess sufficient project management principles expertise to perform this role over the long term. Adding Project Fraud Management to the charter of the PMO does not mean that the PMO must take on a "Police" role. In fact, great care must be given to how this new service is communicated to the workforce. In many companies today, the PMO is emerging as a "Help Desk" to help project teams overcome unplanned hurdles in project delivery. If these project teams begin to believe that "what they say may be used against them in a court of law" do you think they will ever visit the PMO again for help? The PMO should be collaborating with Internal Auditing for Internal Auditing to perform the project fraud audits so that the PMO can maintain its helpful role with the project teams.

The PMO should be responsible for ensuring that:

• All strategic projects are linked to a primary corporate objective.
• All project teams educated about current project fraud policies.
• Uniform project fraud detection and prevention procedures are implemented.
• All Project Sponsors are trained in Project Fraud Management.
• Set an ethical tone from the top.
• Take all reported fraud tips seriously and investigate each of them.
• Implement a "Project Fraud Management" Policy

Whoever performs project audits should consider the following project fraud checkpoints:

• Project team is educated about current project fraud policies?
• Establish project fraud detection and prevention procedures through your PMO
• Are visible project status charts on the progress of the project progress displaying all relevant information posted on a regular basis?
• Does the project apply "Critical Path" scheduling for the project?
• Is the Project Sponsor trained on project fraud?
• How was work estimation for the top project tasks performed?
• All project resources are working project work in the correct priority order.

How Do We Train Our Workforce To Manage Project Fraud?
Project Management delivery success has been improving in recent years in companies that have project management as a practice. It use to be that five out of six IT projects failed every year due to some type of project failure. Given these odds, why would anyone want to work on project teams? Now with the current economic pressure to minimize project resources (costs), the pressure is even more intense. Project Fraud Management should be perceived as an improvement to the culture behind the project delivery environment. As these polices are implemented, these new rules will add more protection to the blind sides of the project team from those people who might be inclined to take advantage of the project. Project teams should welcome this news with open arms in most businesses if the message is communicated well. This embracement will help facilitate the project team training necessary to support project fraud management policies.

Project teams should be trained on how to manage to a project schedule using critical path/critical chain techniques. A four-hour awareness class will do initially for all project team members. Subsequent project status meetings should include this scheduling technique as part of the review process so that all project team members are kept informed as to current progress by the project.

Project Sponsors should be trained in an uniform manner to manage for project fraud. If your business is not harnessing the Project Sponsors for this type of support, opportunity to catch the project fraud early in the process is will be lost.

Corporate Governance committees should be communicated and trained on organization project fraud management policies as well using operational data to help them navigate difficult project decisions.

What Policies Should Be Implemented To Effectively Manage And Communicate On Project Fraud?
Our objective in managing for project fraud is to prevent and detect project fraud while reducing project delivery costs. While this may seem improbable, consider that the information listed below is what you should be accomplishing today but for some reason it is not. Furthermore, the costs associated to performing these policies are really a one-time event primarily for the creation and implementation of the project fraud policies. In a mature state, these new policies and processes will become second nature with no apparent direct cost other than through the PMO and/or Internal Auditing when performing project fraud functions.

To achieve this objective, policies are required to establish necessary guidelines for:

1. Necessary project information
2. Resource role accountabilities
3. How to conduct project audit events
4. Organization Governance support
5. Service Level Agreements between Internal Auditing, Strategic Planning and the PMO
6. How to report project fraud
7. How to manage for project fraud

This is a start for most likely policies to be implemented. There may be others that you will need for your business. The bottom-line of these policies should yield the following benefits.

Top benefits for managing project fraud detection and prevention

1. Reduced rework 6% of budget or more
2. Reduced investment in projects that do not meet ROI guidelines.
3. Improved corporate governance to leading, managing, and navigating fiscal year tactical work plans.
4. Improve workforce work satisfaction.
5. Improved project delivery success.

The value proposition of the PMO in detecting and preventing project fraud
The Project Management Office (PMO) can be a very effective soldier in the war against project fraud. Through effective portfolio management techniques, service level agreements with Internal Auditing, Strategic Planning, and direct support to the corporate governance team, a PMO can wipe out project fraud while helping the business become more viable.

Defining Portfolio Management
Portfolio Management is defined as the measurement of achievement of a group of related projects, objectives, assets, or resources for a period of time that encompasses a fiscal year, for the purpose of optimizing the organization's support to successfully complete these related efforts. Further information can be obtained from the PMO book , Advanced Project Portfolio Management and the PMO: Multiplying ROI at Warp Speed by Gerald S Kendall and Steven C Rollins. This book details the necessary steps and value to be gained in establishing a PMO that will help your business prosper.

Types of Portfolios in Organizations

1. Projects
2. Corporate Objectives
3. Assets
4. Resources

Defining Corporate Governance
In establishing corporate or organizational governance, the following five questions are important to answer:

1. Is the business strategically aligned with the approved strategic fiscal year work plan? Are we working the plan in the order we expected?
2. Are our project investments delivery risk managed well? Do we have executive leadership on point strategically and tactically for each corporate objective that we seek to achieve this fiscal year?
3. Do we have project fraud management policies in place that prevent and detect project fraud and is our workforce aware. How do we educate our workforce to recognize project fraud? How do we best implement a project fraud management policy?
4. Does our workforce work the daily work according to their personal needs primarily or do they work the daily work according to what the business expects them to do?
5. Is there a safety net in place to protect our project investments from fraud? Are we communicating internally sufficiently to raise project fraud awareness?

Each fiscal year when the business implements it strategic plan for that business cycle, the business knows what it wants to be. It must know that it knows when an objective will be or will not be achieved, relative to all of the project investments primarily supporting it, so that senior management can make appropriate management decisions to optimize the business work plan. The following initial action steps will help you consider options to regain executive control over your organization.

Initial Action Steps To Regain Executive Control

1. Is the business strategically aligned with the approved strategic fiscal year work plan? Are we working the plan in the order we expected?
   
   Objective: All projects are mapped 1 for 1 with each corporate objective.

   Step 1:

   Form an organizational governance committee to own the aggregate of organization portfolio of projects.

   Step 2:

   All strategic project investments are mapped 1-1 with a primary corporate objective.

   Step 3:

   All project teams are reporting project progress using critical path techniques in their schedules.

   Step 4:

   PMO produces a cyclical progress report detailing project investment progress compared to governance expectations.

   
   
2. Are all of our project investments delivery risks managed well? Do we have executive leadership on point strategically and tactically for each corporate objective that we seek to achieve this fiscal year?
   
   Objective: Corporate Objective Achievement Accountability ? Assign one of your direct reports to manage strategically and tactically over the fiscal year, each corporate objective.

   Step 1:

   One senior executive is assigned to each organization objective to be accountable for strategic and tactical achievement of that objective.

   Step 2:

   All project investments within each organization objective are tracked and ranked in a force-rank order.

   Step 3:

   All project investment predecessor and successor relationships are identified within the portfolio of projects for each organization objective.

   Step 4:

   Organization objective most critical project is always known. Project investment opportunities and threats are always known for each organization objective project portfolio.

   
   
3. Do we have project fraud management policies in place that prevent and detect project fraud and is our workforce aware. How do we educate our workforce to recognize project fraud? How do we best implement a project fraud management policy?
   
   Objective: Reduce Project Fraud Opportunities by Raising Visibility

   Step 1:

   PMO publishes monthly progress report of strategic project investments.

   Step 2:

   Organization governance committee meets regularly to review project investment portfolio progress,

   Step 3:

   Top 10 strategic project investments progress are consistently posted in common areas.

   Step 4:

   Workforce has been trained in Project Fraud Management policies.

   Step 5:

   Train the workforce to be aware of the fiscal year corporate objectives and how their work relates.

   Step 6:

   Project Teams are employing critical path/critical chain scheduling techniques in their project schedules.

   
   
4. Does our workforce work their daily work according to their personal needs primarily or do they work the daily work according to what the business expects them to do?
   
   Objective: Improve the sense of urgency for project delivery completion

   Step 1:

   Implement critical path scheduling in all project teams to raise awareness for "what's next".

   Step 2:

   Conduct regular project progress status meetings

   Step 3:

   Perform project audits on a pre-determined basis such as every three months and/or at the end of each project phase.

   
   
5. Is there a safety net in place to protect your project investments from project fraud? Are we communicating internally sufficiently to raise project fraud awareness?
   
   Objective: Establish or amend the charter for the organization PMO to manage project fraud prevention and detection

   Step 1:

   Implement portfolio management techniques.

   Step 2:

   Establish service level agreements between the PMO, Internal Auditing and Strategic Planning to support project fraud management.

   Step 3:

   Implement Organization Governance Committees to support the work in alignment with objectives and project teams.

Conclusion
Project fraud is all around us. As I travel all around the USA the last several years, I have asked my clients what they thought about project fraud. Does it exist in their business? How do they know? What are they doing about it? Aren't they worried? They answer: "Project Fraud does exist, we just don't know what it looks like most of the time until it is too late"; "We can't control what we can't see or recognize".

Given the Sarbanes-Oxley legislation as the cause, the effect will eventually become larger on corporate America and the world more than is realized today. More so than Y2K ever was. Why? Because companies won't do business with your company if your company can't demonstrate that project fraud is under control. Remember when Total Quality Management swept through Corporate America? Many Fortune 1000 firms refused to do business with others unless they have a viable Quality Program in place. The same will happen with Project Fraud Management. It will not matter if your firm is publicly traded or not. Corporate Project Fraud Management will be expected by your partners, your customers and your workers. I hope this does not sound glum!

It may seem overly expensive to implement part or all of these suggestions. The fact is your business may actually operate much easier and cheaper on a day-to-day business by reducing and/or eliminating regular costs for work processes that acted as defensive project fraud mechanism for various project works.

Managing for project fraud prevention and detecting makes great business sense. What exactly is your firm doing about it? Does the senior team have their personal action plans in place to compensate for federal penalties and/or jail time should they be found guilty of fraud? I wish you well!