Fraud is on the rise: here’s how to beat it
The past few years have fundamentally disrupted the way we work. AP teams are no exception, having to adapt to remote work environments and increasingly clever cyber criminals. One of the greatest challenges to arise from the new way of working is the increased risk of fraud. AP remains one of most manual processes in accounting, making it an easy target for fraudsters to tamper with records, forge check endorsements, falsify communications, or fabricate approvals.
In this blog, we’ll take a look at the finance workflows most impacted by fraud, and share tips on how to prevent fraud in your organization.
The real risk of fraud
According to PWC’s Global Economic Crime and Fraud Survey, 51% of organizations surveyed in 2022 experienced fraud during the previous two years.
- 71% experienced Business Email Compromise (BEC)
- 63% faced fraud through paper-based checks
- 44% were unable to recover the lost funds
- Commercial card fraud increased by 10%, and ACH credits and virtual card fraud increased by 6%
As cybercriminals become more and more sophisticated, accounting fraud is getting harder to detect. Here are some of the most common types of AP fraud:
As cybercriminals become more and more sophisticated, accounting fraud is getting harder to detect. Here are some of the most common types of AP fraud:
|
Fraud type |
Description |
Example |
|
Invoice fraud |
There are several types of invoice fraud, including: Duplicate payments A vendor gets paid more than once because an AP team received the same invoice in different formats. Fraudulent payments Employees processing payments for non-existent or fraudulent goods and services; often via check or ACH (two of the most common business-to-business (B2B) payments). |
The average estimated cost of invoice fraud to middle markets businesses is $280,000 per year. |
|
False billing/unapproved vendors |
Employees create false invoices which lead to unauthorized payments. |
An accounts payable clerk who misappropriated more than $300,000. |
|
Tampered financial reporting |
An employee changes the company’s financial data after payments have been completed. |
The WorldCom accounting scandal was one of the most financially costly in corporate history, totalling nearly $4 billion in accounting fraud. |
|
Phishing scams |
An attempt to access a company’s account or fraudulently gain access to confidential information. |
In May 2021, millions of Americans experienced first-hand the damage that cyber attacks can cause, after fuel supplier Colonial Pipeline was crippled by a ransomware attack. |
How AP automation mitigates fraud
Organizations need to improve visibility and tighten their grip on risk prevention across the entire AP process. That’s where an automated AP solution like Quadient AP comes in.
Quadient AP deters fraud by eliminating manual processes that provide opportunities for record tampering and falsified approvals. It also provides sophisticated controls to mitigate internal and external fraud attempts, and detect and avoid scams such as duplicate payments, false billing, fraudulent payments, unapproved vendors, illegitimate expenses, tampered financial reporting, and phishing scams. Here’s how.
- Automated approval processes: An automated approval process gives accounting teams complete visibility into when invoices and payments are approved, and by whom. It also improves control by ensuring invoices are routed to the right approvers at the right stage in the approval workflow. With better control of the approval process, financial leaders can manage risks and financial losses at a broader level.
- Digital storage and centralized data: Quadient’s centralized,cloud-based solution simplifies audits and saves time with digital invoice storage. Users can search invoices by vendor, GL code, amount, legal entity, or any other information on the invoice, and create a digital trail of invoices and payments. This also provides on-demand reporting on transactions to satisfy compliance obligations.
- Artificial intelligence (AI) and machine learning (ML): These technologies enable teams to enter invoice header data with 99% accuracy, code invoices with a single click based on previous entries, and automatically identify and flag duplicate invoices, extra charges, or suspicious activity. This also provides accurate, real-time reporting of monthly accruals.
- Automated PO matching: Matching each invoice to a purchase order via two or three-way matching helps prevent fraudulent invoice payments.
Spotting a scam
In addition to AP automation, education is your best line of defense.
Be wary of suspicious communications
A fraudulent email communication or phishing scam commonly displays the following telltale signs:
- Unexpected ‘urgent’ requests
- Unknown senders (individuals, companies, suppliers, etc.) you haven’t dealt with in the past
- Spelling, grammar, or formatting errors
- Unknown or unexpected attachments
- Email addresses that are similar to what you’d expect but not the same
- From THomas instead of Tom
- From @veryrandomemail.com instead of @trustedcompanyname.com
- Invoices that are missing specific vendor details such as addresses, phone numbers, or company names
- Unexpected requests for large sums of money, access to bank account or confidential information, or requests to share login credentials
You can also use tools like Google’s Phishing Quiz or PhishMe from Cofense to simulate phishing attacks and help train yourself and your teams to know what to look for.
Confirm requests with your clients
Verify all client or vendor requests for payments or changes to payment instructions, especially if they come through email instead of from a direct phone call through a known contact.
If you receive an unexpected request, take the following actions:
- Contact the client using a phone number that you’ve used previously and that you trust.
- Verify and confirm the information before you take any action.
Implement cybersecurity policies
Work with your IT Team to implement a company-wide cybersecurity policy, including yearly training about staying safe from scams and online fraudsters. Your IT Team will know what elements they need to cover, but here are some things to consider:
- Requirements for strong passwords and two-factor authentication (2FA)
- Encryption for sensitive data
- Spam and phishing filters for email accounts
- Standard procedures to report potential phishing emails or scams
Set up multiple layers of approvals with independent checks and balances
Automating and separating expense approval workflows is another great way to detect and prevent fraud. Here’s how:
- Have at least two levels of approval for all purchases, separated based on matrices such as budget, department, or location
- Use electronic expense management to create a digital audit trail
Quadient’s success stories
Many Quadient AP customers have used AP automation to implement better security and control over their financial processes. Read more about how these companies have successfully leveraged AP automation:
The Huntsville International Airport team has gained much greater visibility since automating its AP processes. Donna Saunders, Financial Controller, said: “the biggest benefit is that we don’t have to go to the filing cabinet. We can just pull up the invoice or the purchase order within Quadient AP and check the details. Everything’s right there. There’s less overtime in accounting, and we’re happy about that.”
Radisson Hotels recently automated their invoices and expenses workflow, resulting in an 85-90% paperless workflow and centralized data and access. Dean Olevson, Director of Finance at Radisson Blu Minneapolis Downtown, said: “I would say we have saved at least 50% of our time. I also look at the time that department heads are spending on approvals, and that’s gone way down. They don’t have to traipse up to accounting and they don’t have to sign off on paper.”
Are you ready to automate?
Quadient AP is here to help! Book a demo today.
