Bottom line
Point-in-time verification fails because modern fraud unfolds across phases, not at a single moment. A contractor who clears your pre-hire screen can still substitute at onboarding. An access profile granted on day one can drift for months without review. When each party believes someone else owns the next step, no one owns the full picture.
The gap is usually in the handoffs
When a contractor placement fails, the post-mortem usually starts with a question about who screened them. Nine times out of ten, somebody screened them. The problem is what happened after.
Most organizations verify at one point — typically during hiring — and then stop. But several of the most common and costly fraud patterns do not show up at the point of hire. Unauthorized subcontracting is invisible until access anomalies surface. Overemployment degrades delivery gradually, not immediately. Capability inflation looks like strong interview performance right up until the 60-day performance cliff.
Point-in-time verification was designed for a different threat. The question is whether your controls cover the full lifecycle — and whether each party in your supply chain knows what they own at each step.
The gap is rarely a missing control. It is a missing handoff. Each party believes the next step belongs to someone else — and fraud exploits exactly that assumption.
A field example
A worker clears pre-hire screening and performs well in interviews. Onboarding is accelerated to meet a project deadline. After access is granted, delivery becomes inconsistent and unusual usage patterns emerge. When the parties compare notes, each points to a different control: “we verified,” “they verified,” “the manager approved.” The gap was not any single missing check. It was the absence of a lifecycle system with clear handoffs and evidence at each stage.
Why point controls fail
Think about a single contractor engagement across four moments: before hire, during the interview process, at onboarding, and once they are working. At each moment, a different party typically owns the process — a sourcing supplier, a hiring manager, an HR team, an IT security function.
Fraud patterns that unfold across those moments depend on no single party having the full picture. The patterns that cause the most damage are almost always sequences, not single events:
-
A proxy handles the interview, then the actual worker starts — and no one checks whether the onboarding person matches the interviewee
-
A contractor works from an unauthorized location from day one — but location data is only reviewed if someone raises a flag
-
Unauthorized subcontracting begins after the first few weeks, once patterns are established and oversight relaxes
-
Access accumulates incrementally across an engagement without any reauthorization trigger
None of these are stopped by a single pre-hire check. They are stopped by a system that maintains accountability across phases, with clear handoffs and defined triggers that bring the right parties together when something looks wrong.
What procurement can require by phase
The goal is not more checks at every stage. It is defined ownership, consistent evidence, and a clear escalation path when patterns shift. Here is what that looks like across four phases:
PRE-HIRE
-
Chain-of-custody documentation: who sourced, screened, and verified
-
Role-tiered validation expectations for credentials and work history
-
Supplier attestation of identity ownership before submission
DURING HIRE
-
Controls to reduce interview proxying for designated role tiers
-
Clear policy on acceptable tool use during assessments
-
Defined handoff from sourcing supplier to hiring manager with evidence
ONBOARDING
-
Identity verification before system access for higher-risk roles
-
Reverification at onboarding for designated tiers
-
Documented handoff confirming who verified what before access is granted
POST-START
-
Defined triggers for investigation: location mismatch, access anomalies, early performance cliff
-
Escalation path that includes procurement, not just recruiting or HR
-
Evidence retention expectations when concerns arise
The procurement translation: Auditability
Procurement cannot govern what it cannot validate. Two suppliers may claim identical verification controls. The differentiator is consistent execution with evidence that can be produced when questions arise.
The practical ask is not “do you have a verification process?” Most suppliers will say yes. The practical ask is “show me what you would produce if I asked you to prove it happened.” That question surfaces the gap between policy and execution faster than any audit.
Questions worth asking internally
These are designed for program leaders and procurement executives who want to understand where their lifecycle gaps sit before an incident forces the question.
- For a placement that fails at 60 days, can you trace exactly which party verified identity, when, and what evidence exists?
- Are your post-hire monitoring expectations written into supplier contracts — or are they assumed?
- Who gets notified if a geolocation anomaly surfaces after a contractor is onboarded? Is there a defined escalation path?
- When a worker leaves for performance reasons in the first six months, does anyone check for fraud indicators — or does it close as a bad hire?
- How do you currently handle the handoff between your staffing supplier and your IT access provisioning team? Is there a documented confirmation step?
Start here
Pick the role segment where you have the highest combination of system access, remote delivery, and placement velocity. For that segment, map who owns verification at each of the four phases. Then identify three things:
-
1. Where there is no clear owner — that is a handoff gap
-
2. Where there is no documented evidence — that is an auditability gap
-
3. Where there is no defined trigger — that is an escalation gap
Those three gaps, in that role segment, are your first priority. Closing them does not require a program-wide overhaul. It requires clear ownership at each handoff point and evidence that travels with the placement.
Go deeper
Procom has published a full framework for assessing your organization’s fraud risk posture — including the financial modeling behind the full cost continuum and a self-assessment tool you can run internally. Download the whitepaper.
If any of this maps to what you’re seeing in your program, I’m happy to compare notes. You can reach me at [email protected] or connect with me on LinkedIn.
About the author
Simon Gray
With over 25 years of experience in strategic staffing, Simon leads Procom’s Workforce Solutions division to help clients hire quickly and compliantly.
