Apple kickback case highlights need of staff audits

An Apple executive’s guilty plea to corruption charges highlights the need for regular audits of staff and processes according to security experts.

Paul Devine, who worked at Apple from 2005 to 2010, pleaded guilty to charges of wire fraud, conspiracy and money laundering. He admitted to selling product forecasts, roadmaps, pricing targets, product specifications, and data obtained from Apple’s business partners to third party suppliers, in return for a share of the business they won.

He now faces 20 years in prison and has been ordered to repay the $2.28m he made in the deals. At the time of his arrest investigators found $170,000 hidden in his California home. He was initially investigated for a smaller bribery case but was found to have been making higher profits than originally envisaged.

The case highlights the need for companies to conduct regular audits on staff and purchasing processes to spot indicators of this kind of behaviour. Rob Enderle, former auditor and principal analyst at Enderle Research, said that while these sorts of scams were tricky to spot companies must make the effort.

“It’s hard to catch because transactions occur outside the vendor’s systems,” he told V3.co.uk.

“One place you do catch it is in violations of competitive bidding processes. An audit of processes an identify bad bidding practice can be very effective.”

Such practices usually have a short time to run before being discovered he said. The discovery usually comes about because a key player moves jobs, other suppliers with low bids complain or audits show certain suppliers are getting preferential treatment.

Schemes like the current Apple case are infrequent but not unknown he said. The California State government had had to disband its IT department in 2002 after Oracle was found to have unduly influenced key officials.