Candidate fraud is a supplier risk. The weakest verification standard becomes your standard.
Bottom line
Candidate fraud behaves like supplier risk. When verification standards vary by supplier, channel, or hiring manager, the weakest standard in your supply chain becomes your effective standard. The solution is not more friction. It is consistent requirements and evidence of execution.
Why procurement should own this
Procurement already manages third-party risk by reducing variance. The same logic applies to the people your suppliers place. Candidate fraud concentrates where three things collide:
-
Responsibilities are unclear across parties
-
Standards vary by supplier or sourcing channel
-
Controls are assumed rather than validated
In most enterprise programs, that includes a mix of staffing suppliers, EOR and AOR flows, and manager-directed sourcing. If one pathway operates with weaker verification, it becomes the easiest entry point. Not because anyone chose it deliberately — but because variance in a supply chain is always exploited at the margin.
When suppliers and channels operate to different verification standards, the enterprise absorbs the risk. The weakest standard in the chain becomes your effective standard.
What fraud looks like in the talent supply chain
Procurement does not need to become a fraud function. But it helps to recognize the patterns that can be governed against:
-
Identity substitution — the person who performs the work is not the person who interviewed
-
Interview proxying — a proxy participates in assessments or screening on behalf of the placed worker
-
Credential fabrication — employment history, qualifications, or references are manufactured
-
Location and authorization misrepresentation — where the worker is located or eligible to work differs from what was stated
-
Unauthorized subcontracting — the contracted worker passes work to a third party the organization never vetted
None of these patterns are new. What has changed is the scale and repeatability. AI tools have lowered the cost of fraudulent presentation. Remote delivery has reduced the natural friction that used to catch substitution. And multi-party supply chains create handoff gaps that these patterns exploit.
A field example
A contractor interviews well and is selected quickly through a high-velocity sourcing channel. Two weeks after onboarding, delivery quality drops sharply. The manager escalates as a performance issue. Security later flags inconsistent access patterns. When the parties compare notes, it is unclear who verified identity, when it happened, and what evidence exists. The issue is not just the individual. It is the process gap.
A simple model: Verification variance equals risk
Fraud exposure increases when three things collide in the same engagement:
Role blasts radius
High access, sensitive data, regulated work, client impact
Verification timing
Before access, plus re-check at onboarding for higher-risk roles
Supplier variance
Different standards across channels, suppliers, or managers
Procurement can reduce exposure quickly by standardizing requirements by role tier and requiring evidence of execution — not just policy commitment.
Minimum supplier standard
Use this as a starting point for your procurement requirements. The goal is not to add friction to every placement. It is to ensure that the controls your suppliers claim to have are actually being executed — and that evidence exists if questions arise.
Identity and integrity
-
Identity verification completed before system access for designated role tiers
-
A defined approach to reduce interview proxying for higher-risk roles
-
Clear prohibition and detection approach for unauthorized subcontracting
Chain of custody
-
Documented chain of custody: who sourced, screened, presented, and verified
-
Supplier attestation that the worker performing the work is the worker contracted
Onboarding and post-start
-
Reverification at onboarding for designated role tiers
-
Defined post-start triggers for investigation: location mismatch, access anomalies, early performance cliff
-
Clear incident notification expectations and escalation path
Evidence and auditability
-
Evidence retention expectations: what can be produced if questioned
-
Audit cooperation language that validates execution, not just policy
Questions worth asking internally
These are designed for procurement leaders who want to understand where their verification variance sits before it becomes a visible incident.
- Do your staffing suppliers and EOR/AOR providers operate to the same verification standard — or do you assume they do?
- If a fraud incident happened through a manager-directed sourcing channel, would anyone know which party owned verification?
- When did you last audit whether your supplier controls are being executed consistently, versus just documented in contracts?
- Which of your sourcing channels has the highest placement velocity — and does that channel also have the most consistent verification?
- If a supplier had a substitution event last quarter, would your current contract give you the right to audit their verification process?
Start here
Map where verification standards differ across your staffing suppliers, EOR and AOR flows, and manager-directed sourcing channels. The biggest variance is usually where risk concentrates — and where a minimum standard will have the most immediate impact.
Go deeper
Procom has published a full framework for assessing your organization’s fraud risk posture — including the financial modeling behind each cost level and a self-assessment tool you can run internally. Download the whitepaper.
If any of this maps to what you’re seeing in your program, I’m happy to compare notes. [email protected] or connect with me on LinkedIn.
About the author
Simon Gray
With over 25 years of experience in strategic staffing, Simon leads Procom’s Workforce Solutions division to help clients hire quickly and compliantly.
