All organizations, regardless of size are susceptible to invoice fraud. You may feel that your accounts payable process is watertight, however, with a significant increase in the number of people working remotely this leads to reduced visibility and control over AP processes. As a result the risk of fraudulent activity increases substantially. In a recent report, The European Union’s law enforcement agency Europol said that the Covid-19 pandemic has increased the risk of invoice fraud as more businesses move online and accounts payable staff work in isolation from home. EY report that they have been notified of several cases of invoice fraud since the start of the pandemic while the Association for Financial Professionals note that 81% of firms were targets of payment fraud last year. This should come as a stark reminder to all organizations that invoice fraud is a real danger that cannot be ignored.
In this blog we will help you build a strategy to detect and prevent invoice fraud in your organization. We will outline some of the most common types of invoice fraud, the key indicators to detecting invoice fraud before outlining the tips to prevent it from occurring.
5 Common Types of Invoice Fraud
This type of fraud occurs when an invoice is created and then submitted for payment for products or services that were never actually delivered or carried out. In this scenario, a vendor could be working alone, a hacker could be responsible – something known as invoice re-direction, or a vendor could be colluding with an employee of the invoiced organization in order to ensure that the illegitimate invoice passes through the AP process.
2. Labor Mischarging
Vendors may include false information on an invoice, regarding the numbers of staff employed and/or hours worked on an order for the purpose of inflating an invoice and increasing the payment they receive.
3. Inferior Products/Services
Another common case of invoice fraud experienced by organizations is when vendors attempt to provide inferior quality products to those ordered. According to Deloitte, schemes such as these can often be very sophisticated and intended to deceive the buyer into believing that the inferior product is actually genuine.
4. Duplicate Payment
One of the biggest costs experienced by accounts payable departments is through the payment of duplicate invoices. They are not always the result of vendor invoice fraud, however.
Sometimes a vendor will re-submit an invoice if there has been a delay with the payment. If any gaps exist within the AP department’s PO and invoice matching process, these invoices will sometimes end up being paid twice.
However, such gaps in the AP process are sometimes exposed by dishonest vendors who choose to submit duplicate invoices fraudulently.
5. Internal Fraud
While most organizations are aware of the risk of invoice fraud, the majority of actions to prevent it from occurring focuses on vendors and external scams.
However, according to PWC’s Global Economic Crime and Fraud Survey 2020, internal invoice fraud is now almost as common as external invoice fraud.
Internal fraud occurs when an employee involved in the processing of invoices obtains a legitimate vendor invoice and rather than making the payment to the vendor’s bank account, diverts it to a different bank account. The employee temporarily changes the vendor’s bank account details in their organization’s AP system before reverting the details to avoid detection. The legitimate invoice can then be paid to the vendor.
Both external invoice fraud and internal fraud are very real threats to all organizations. Thankfully, according to Levvel’s Vendor Management Report, many are treating risk prevention and compliance as a top vendor management goal.
4 Telling Signs of Invoice Fraud
While many organizations are beginning to prioritize invoice fraud prevention, knowing what kind of things to look out for is key to any prevention efforts. Here are four of the biggest ‘red alerts’ for detecting invoice fraud:
1. Abnormal invoice volume activity
If you have a strict purchasing policy in place that prevents your procurement team from maverick spending, why are you now receiving more invoices? If this does occur, you should check if the number of purchase orders (POs) matches the number of invoices. Where there are invoices that cannot be matched to a corresponding PO, there is a chance that you may be subject to either third-party or duplicate payment fraud.
2. Invoiced goods/services not accounted for
Similar to having a high number of invoices, if you received a request to make a payment for a good or service that does not appear to have been delivered, you could again be the victim of third-party vendor invoice fraud. Regular monitoring of inventory levels will help prevent this type of fraud.
3. Discrepancies between a PO and invoice
A high number of exceptions in the matching process of a PO and an invoice may be down to human error or an inadequate automated matching system, however, you should not rule out the possibility that you may be the subject of labor mischarging vendor invoice fraud.
4. Erratic employee behavior
While it is not easy to attribute erratic employee behavior to invoice fraud, it is certainly something to consider, particularly with internal fraud is now almost as common as external fraud. Your controls around the review and payment of invoices may be inadequate or there may be cultural issues within your organization that are fuelling employee fraud.
3 Tips for Preventing Vendor Invoice Fraud
Once an organization is equipped with the knowledge of the various types of invoice fraud that exist and is aware of the signals, there are then some very important actions that should be taken to prevent it from occurring.
1. Invest in automated invoice matching
The process of matching an invoice to a PO and supporting goods receipt note (GRN) is the most comprehensive method of processing a vendor invoice and also serves as a great method for validating different parts of the supply chain. If you are able to match all three documents, you are far less likely to end up paying a fraudulent invoice.
When the three-way matching process is automated, as part of a comprehensive AP solution, invoices will run straight through the AP process without any manual intervention, saving employee time, reducing errors and the risk of fraud. The lack of human interaction involved in the matching process when it is automated is key to reducing fraud, as it both reduces the risk of something being missed and the opportunity for an individual to manipulate any data.
When the matching process is automated, if certain invoice data is missing or conflicting, or the data mirrors an invoice that has already passed through the matching process, the software will flag this, allowing AP staff to investigate the issue before the invoice is sent for approval.
2. Vendor due diligence
The potential for vendor invoice fraud occurring can often be prevented as early as the selecting and onboarding of vendors. When onboarding vendors you need to carry out a number of due diligence checks.
Included in these steps are the following:
- Ensuring that you take all of the appropriate steps to validate that the vendor is a legitimate entity
- That they provide proof of incorporation
- That they provide an email address
- That their TAX/VAT number matches the details provided
- That they provide proof of bank account details
In the US, such due diligence checks may also entail ensuring that the vendor is not on any sanctions list that would preclude them from doing business.
An automated procure-to-pay solution that includes a vendor portal will request that you gather such vendor master data from the outset, along with PO and invoice transmission preferences before any payments can be made to new accounts.
With such information required at the time of onboarding and through vendors maintaining their data thereafter, you ensure that you only enter into business with legitimate, fully compliant vendors. You can then keep a track of their performance and financial status throughout the contract period to ensure you are continually protected from fraud and non-compliant activity.
3. Segregation of duties
If you allow the same person to both handle financial transactions, such as payments, and then record them, that person has a much easier path to fraudulent activities.
Segregation of duties, however, is the principle that no single individual is given the authority to carry out two or more conflicting sets of duties. Within a typical AP function, those who submit POs cannot approve invoices. Similarly, those who select and onboard vendors cannot be responsible for paying invoices. Additionally, all actions must be verified or approved by another team member to protect against bias, which may contribute to fraudulent actions.
These are just two examples of the segregation of duties that should exist within a Finance department, which becomes even more complex the larger the organization.
Having an automated procure-to-pay solution can greatly assist the segregation of duties, with approval workflows governing who approves invoices and configured permissions ensuring that no individual is able to carry out conflicting activities within the system.
The threat of invoice fraud is growing all the time. However, when aware of the types of fraud that exist, the warning signs that suggest it could be taking place, and the strategies for preventing it, your organization will be best placed to nullify its potential.