82% of companies were targets of payment fraud in 2018. To keep your company from falling victim to accounts payable fraud, you should have security measures in place to prevent it from happening in addition to conducting audits to identify any fraudulent actions that slipped through your defenses.
Here are five accounts payable fraud signs you should look out for:
"64% of attempted or actual payments fraud resulted from actions of an individual outside the organization," found a 2019 report from the Association for Financial Professionals.
External accounts payable fraud attempts don't require inside information or access to succeed. Instead, they take advantage of companies with so many vendors and payments that a few fake ones can go unnoticed.
1. Change in Banking Information Communication
In 44% of emails fraudsters send, they are impersonating vendors in order to get real invoices paid to their account.
When this type of fraud occurs, you'll receive an email or letter that appears to be from one of your vendors informing you they're changing their bank account. The communication will include all of the new bank details, but those details will lead to the fraudster's account.
With this type of accounts payable fraud, the perpetrator is hoping the accounts payable employee who receives the bank change notification will update the vendor bank information believing the notification to be official, then any invoices paid to that vendor will go into the fraudster's bank account.
2. False Invoices
Another way an external party might try to defraud an accounts payable department is by sending a false invoice.
The fraudster will send an invoice for a product or service to an accounts payable department from a vendor they don't actually do business with. The hope is that when whoever is processing this invoice sees there is no vendor matching the invoice sender in their records they'll set one up and then process the invoice.
These false invoices are typically low value so nobody has to sign off on the payment. Once that first invoice is processed, the fraudster will continue to send in invoices from the false vendor at an increased rate so there'll be a high volume of low-value invoices being processed and paid into their account.
Unfortunately not all accounts payable fraud is committed by external parties. Sometimes employees who have access to the accounts payable files will defraud the company where they work.
3. Alter a Vendor's Banking Information
Similar to how an external fraudster might send in a false change in banking information notification to get a real vendor's information changed to their account, an internal employee who has access to the Vendor Master Files (VMF) might go in and switch the banking information for an existing vendor with their own account info.
Then once they start receiving invoice payments, they'll leave the organization and disappear.
4. Ghost Invoices
To hide their tracks better than just altering a vendor's banking information and receiving the payout from actual invoices, an employee might process a ghost invoice against a vendor's account that'll get paid into their bank account.
By processing a ghost invoice instead of an actual invoice, the vendor won't notice the lack of payment on a real invoice, and then once the ghost invoice is processed, the employee will switch the bank information back to the actual vendor's account and hope their fraud remains unnoticed.
5. Create a False Vendor
Another way an employee might defraud their company without tipping off an actual vendor that something is amiss is by setting up a fake vendor that links to their bank account. Then, they'll start processing payments through the false vendor.
These types of accounts payable fraud don't have to be exclusively internal and external — outside parties can collaborate with employees at your company to defraud you.
Regardless, you should have measures in place to minimize your risk for both internal and external fraud and tools to help you identify fraud before money is paid.
Learn more about how our tool DataShark can help you root out potential sources of fraud.
Karl Andersson has devoted his career to helping organizations improve their business processes. For 15 years, he has worked with multitudes of Fortune 500+ companies as the CEO of Technology Insight. Before this, he spent 10 years working in the audit and consulting sectors, which included large international projects in both Europe and Asia. Karl brings a combination of industry expertise and real-world experience. The diversity of his clients has allowed him to understand a variety of industries, and the unique challenges that each of them face.