Wage a War on Payables Fraud: Tips to Prevent the Most Common Forms
Stephanie Dula 26 Aug 2015Fraud comes in many shapes and sizes, but phony invoices, check tampering, and padded expense reports are some of the most common ways companies get taken. To avoid being caught unawares, an Accounts Payable team needs to always keep their guard up. Besides implementing effective systems to prevent fraud in the first place, you also need a monitoring system that will raise a red flag at the first sign of a suspicious activity.
Related: Get up close and personal with real-world experts on fraud prevention at INNOVATE 2015: The Purchase-to-Pay Innovate Summit in New Orleans, Sept 12-14.
Fraud is indiscriminate; it can strike any company regardless of size or profit margins. Because of its unique access to working capital and the financial supply chain, AP needs to assume a primary role in any corporate anti-fraud efforts. Here are five areas where adhering to best practices will greatly reduce your risk of being a victim of corporate fraud:
Payment Fraud
One way you can spare your company lost income is by keeping an eye on certain types of payments. Any supplier that consistently submits invoices in round numbers could be guilty of skimming a few extra cents or dollars from every order: small amounts can add up to substantial balances over time. Another supplier scam involves submitting invoices below a threshold amount that avoids additional authorization. Invoices submitted at odd hours or a sudden, drastic increase or decrease in the number of invoices or dollars billed can all be symptoms of fraudulent behavior. While many times such variations will reflect legitimate behavior, it is better to be safe than sorry and authenticate all questionable activity.
Current AP technology is a boon to anyone looking to prevent fraud. Metrics can be established to flag any of the above mentioned transaction types, with alerts sent to appropriate team members for verification. Use the technology you have to its fullest extent: manually tracking and controlling such potentially fraudulent activity is going to cost more and will come with a much greater risk of failure.
Duplicate Payments
While all duplicate payments are not fraud, any duplicate payment can cause major amounts of spend to be lost. It doesn’t take a lot to cause a duplicate payment to occur – mistyping a payment amount, entering a vendor name differently, or adding an extra digit to an invoice number – can all lead to a duplicate check being processed. And while any of these scenarios could be the result of an honest mistake, they can also be evidence of fraud. It is the combined risk of fraud and the unnecessary hemorrhaging of funds that drives a need for processes designed to search out duplicate payments. The point is: duplicate payment are largely preventable
There are independent firms that deal solely with cost recovery. You can contract with them to audit your payment practices and help weed out overpayments. Another option is to better utilize the abilities of your procure-to-pay system by seeing if there are validation procedures that can be enhanced or embedded within the workflow. Eliminating the risk of duplicate payments requires a high degree of sophistication because however you go about doing it – you will need to be extremely detail oriented and thorough – the errors that can create a duplicate payment are easy to overlook. Having processes in place that prevent the keying of duplicate invoice numbers for the same vendor is certainly a good place to start. An even better opportunity involves closely monitoring and regularly cleansing your vendor master files, where a fraudulent individual may be tampering with a legitimate business listing.
Customer Master Files
Maintaining current and accurate master files is one of the easiest ways to prevent fraud. It can be tedious and requires a good amount of legwork, but can make it very difficult for a number of different fraudulent activities to be perpetuated. To start, verify every bit of information a vendor gives you from their address to bank account numbers. Addresses are easy enough to verify these days, thanks to the internet and such sites as yellowpages.com and Google maps. A residential address is not the red flag it used to be, due to the proliferation of home offices. However, if you look up a supplier’s address and it shows up as a vacant lot or a mail drop location, then more research is required.
Likewise, anytime a change is made to the vendor master file, verification needs to occur. What if a tried and true supplier with no fraudulent behavior in the past calls up and says they have a new bank account routing number? It’s easy to assume that all is well and to update your files to reflect this change. However, while this supplier runs an upstanding business, he may have one dishonest employee who decided to direct payments into his own personal account. Verification would have uncovered this potential swindler.
These examples show how taking the time to maintain your vendor files with accuracy can save time and money in the long run. When checking for accuracy, make sure to do so with approved documents, such as tax forms and verified correspondence. Have set standards for keying in vendor information, including company name and contact info, so as to limit the risk of duplicate entries for the same business. It helps to have some fuzzy logic capabilities built into your technology solution so you don’t get hung up on ‘Drive’ vs. ‘Road’ or ‘Suite’ vs. ‘Room.’ Finally, if it’s possible for payables and purchasing to share vendor master files, do it if you haven’t already. In this way there is a single source for critical data that will eliminate yet more opportunities for fraud.
Check Fraud
The actual tampering of checks is a type of fraud that can affect anyone, be it a large corporation or an individual. For consumers, there are pens on the market with ink that is impossible to fully wash out, hindering anyone who might try to erase what you wrote in order to write their own name in the “Pay to” section. For businesses, preventing check fraud is a little more complicated than switching writing implements.
Catching check fraud is a matter of diligence. First, it pays to keep tabs on irregular activity regarding checks – high volume of returned checks, missing checks, etc. Automated procurement systems can be tailored to flag check transactions that deviate from the norm. Optical Character Recognition (OCR) technology can even track the actual payee on the checks themselves, alerting you to any discrepancies.
Second, it also helps to reconcile AP check logs with monthly bank statements to find discrepancies. While 2- and 3-way matching is routine for checking invoices and purchase orders, putting the same concept to work on the payment end can help reduce fraud. There are usually three data sources at play – the check register, AP logs, and bank statements. By merging these data sources and comparing all the information from each check, anything that doesn’t reflect the same data across the board will stand out and be flagged for attention.
Check Request Fraud
Catching bad checks is always a good thing. Moreover, tampering with checks isn’t the only way check fraud can be committed. Unlike milk left on the counter, checks don’t go bad all by themselves.
Check request fraud can be difficult to track down. It can assume a variety of forms that may seem perfectly legitimate at first glance: things such as reimbursements for business travel expenses and purchase card usage.
To cut down on check request fraud, it helps to tighten internal controls on these types of activity. It is not difficult for an employee to expense something and then actually purchase it for less, like a hotel room, or airfare, or a meal while on travel. Fortunately, most employees are truthful and only expense the actual cost. By having solid procedures in place to confirm costs and properly account for expenditures, the risk of check request fraud will be greatly diminished.
The Thief in Your Midst
The ugly truth about fraud that can turn an unfortunate business situation personal is when the fraud comes from internal sources – your own people, be it in AP or elsewhere in the company. Like the disgruntled workers in the movie “Office Space,” who come up with a plan to skim fractions of cents off transactions and have it transferred into their own bank account, fraud often committed by those whose trust you’ve taken for granted. Typically, the bumblers in the movie made an error. In their case it involved the placement of a decimal point that guaranteed finance would quickly figure out something was wrong. The point is, this type of thing is happening all the time, and so AP needs to be ever vigilant.
Because Americans believe in the principal that one is innocent until proven guilty, it may seem like you are questioning an employee’s loyalty by keeping tabs on him or her in order to catch any fraudulent behavior. Furthermore, constantly double checking everyone’s work is just not practical. Employees need to trust each other for the enterprise to function smoothly. Then again, if someone ups and quits for no apparent reason, trust your gut and make sure that person isn’t taking some of the company’s income with him.
You also need to trust your processes to identify potential frauds through multiple approvals, tailored analysis and robust reporting. We are fortunate to operate in an age where technology can do much of the work for us, making fraud a less profitable option for those looking to take the short route to success.
