There will always be people who will look for flaws or weaknesses in your processes that they can exploit. Fortunately, there is a lot that technology can do to help you prevent AP fraud.
It doesn’t have to be high-tech hacking.
Actually, fraud can happen by letter or over the phone and can even catch experienced AP staff unaware.
Here are just a few ways fraud can occur in the procure-to-pay process.
How AP fraud happens
Change of bank details
Someone pretending to be a known supplier may call, write or email saying they have “changed their bank details”.
If the AP team recognises the name and logo, they might not think too much about updating the details.
It could be months later when the actual supplier complains about not being paid you will realise the fraud took place.
Malicious software embedded in attachments
Cyber criminals are very good at mimicking emails.
You may not think twice about opening a PDF invoice from what looks like a regular supplier.
However, it’s possible that the email has been spoofed.
You could actually be opening malicious software that may contain viruses or spyware.
Duplicate invoice fraud
An unscrupulous supplier may notice problems with your AP process and try submitting invoices more than once for the same work.
Without the proper controls and matching in place, you could be losing money through intentional (or unintentional, for that matter) duplicate invoices.
How to prevent AP fraud?
High-tech and low-tech training, and user awareness.
User awareness is a first line of defence, and a culture of security is important.
Whilst your IT team or subject matter experts may know where fraud is likely to occur.
Not everyone who interacts with your documents will know whether their actions may be facilitating fraud.
Some will need education about the latest cyber threats.
In fact, others may need reminding not to trust an inbound call to change bank account details.
It’s also important to have a culture of openness in case someone is worried they did something wrong.
Ensure controls are in place in your AP process
Putting in and enforcing controls to your supplier data is crucial.
Your data feeds your procure-to-pay process, so the better ownership, quality and controls you have over your data – and any changes made to it – is crucial to prevent fraud.
Automate invoice processing
Lots of fraud is aimed at getting past the human eye or finding ways to get past “gatekeepers”.
However, modern software is less easily fooled.
Invoice automation tools have capabilities built in to detect suspicious changes and will follow rules and protocols to prevent fraud.
These AP Automation tools validate the legitimacy of the supplier and their bank details.
When suppliers submit invoices through supplier portals or e-invoicing systems, you can trust they are legitimate.
It can be challenging to stay one step ahead of the criminals.
Ensuring your people, processes, and technology are aligned can help you prevent AP fraud.