Recently, Barbara Corcoran, a TV celebrity on Shark Tank known for her business acumen, fell prey to an email phishing/fraudulent invoice scheme that initially cost the company $380,000 (She ended up getting the money back). This highlights how fraud “could happen to anyone,” and unfortunately it does; according to the 2019 AFP Payments Fraud & Control Survey, 82 percent of businesses stated they encountered fraud in 2018, up from 78 percent the previous year.
A key area of vulnerability is in Accounts Payable, where all charges and invoices are authorized for payment. There are several ways that bad actors commit invoice fraud. In addition to external email phishing schemes, threats can come from internal sources, such as employees who alter bank account details so the payment goes to directly to them, or create phony accounts and fake invoices. Sometimes, fraudulent activity comes from internal and external players who work together to submit invoices higher than the cost of goods/services received and pocket the difference.
AP automation plays a critical role in helping prevent fraud by taking processing out of the hands of humans, and instead putting automated rules, checks and controls in place. The long-term goal of AP automation is to achieve straight-through processing, which doesn’t require any unnecessary human involvement. The short-term and intermediate goal is to take undesired human interaction out of the process as much as possible.
Here are some AP automation best practices that world-class AP departments are implementing to get ahead of fraud:
- Increase your level of automation. Automation enables visibility and control over the AP process, shining a light on activities that were previously handled manually without much oversight. The more you can automate your invoicing process and take humans out of the loop, the better you will be at deterring fraud. Also, an automated system will flag exceptions and irregularities that can help to identify fraudulent activity, and provide an audit trail of everyone who touched an invoice, and when and why that occurred.
- Match invoices against POs and other documents. Organizations are building in rules that require an invoice to match a PO, goods received, bill of lading and other documents to help ensure that payment is being made for authorized services that have been delivered. The AP department should work with procurement to ensure that POs are being issued for all transactions over a specified dollar amount.
- Set up recurring payments. Pre-authorized payments can be set up for automatic payment, circumventing any human involvement in the process.
- Ensure segregation of duties. Different employees should be involved in creating vendor accounts, initiating POs, reviewing and approving invoices, and making payments to make it hard for bad internal or external actors to pay themselves for phony accounts and invoices.
- Designate multiple approvers. By having multiple people approve invoices, particularly those over a certain dollar amount, organizations will help reduce internal fraud.
Unfortunately, fraudulent behavior is not going away and, in fact, it seems to grow every year. By putting policies and controls in place and achieving high levels of automation, you can protect your organization and help stop fraud in its tracks. And this is no small matter. A study conducted by ACFE (Association of Certified Fraud Examiners) Global Fraud Study found that businesses on average lose 5% of their revenue due to fraud annually, representing $3.7 trillion for businesses globally.
Contact us at Dooap to see how we can help you further your AP automation journey and help prevent fraud in your organization.