Vendor billing processes can present a crucial point of weakness; companies need to monitor billing activities with an eye toward fraudulent behavior. A common fraud scenario occurs when an employee sets up a phantom supplier in the company's accounts payable system and subsequently issues false invoices from that supplier. Look for telltale signs, including invoices with sequential numbers that are issued from the same vendor, post office boxes without corresponding street addresses, and invoices for amounts that are just below the approval limit. Also, keep an eye out for check tampering, which typically results in larger losses and which occurs when employees forge, alter, and intercept checks that are drawn on the company's account.

Invoice tampering is a type of external fraud that occurs when a third party creates a fake invoice and sends it to the buyer through what appears to be a supplier's email address, but is actually a cloned address. While everything might seem to match an existing account, the offender has changed the supplier's bank account information on the invoice. Also, be wary of inquiries from someone claiming to be with one of the company's suppliers, who requests a change to bank account information in the vendor master file.

A kickback is a type of fraud that is collaborative in nature, involving both internal and external parties. In kickback scenarios, the supplier charges more than the goods or services cost and gives a portion of the money to the internal party. Red flags include overpayments and payment of value-added (VAT) taxes when they are not required. A supplier and employee may also collude around submitting duplicate invoices for goods or services that the buying organization (employee's employer) never received.

|

Rooting out Fraud

The good news is that by implementing processes and technologies that make it easier to identify suspicious patterns or unusual behavior, you can reduce risk and protect your company against fraud. Here are five best practices to help safeguard company funds:

1. Conduct an audit of your entire purchase-to-pay process. A key first step in preventing fraud is to conduct an internal audit of policies and procedures to assess the specific areas in which your organization's purchasing and invoicing processes are most vulnerable. Some questions to consider include:

• Where are you lacking visibility and control?
• Do you have a system of checks and balances?
• Do you allow purchases without purchase orders (POs)?
• Do you have proper controls in place for off-contract and non-PO spend?
• Are approval limits consistently applied across the organization?
• Is there segregation of duties, or do some individuals have authority over multiple parts of the purchase-to-pay process?
• Who are your suppliers, and how did you select them?
• Have all these suppliers been vetted and approved?

2. Put controls in place. Once you've identified your areas of weakness, the next step in effectively managing risk is to establish best practices in procurement and A/P processes. For example, ensure that different individuals handle different processes, such as invoice approval, purchasing, receiving, accounting, and shipping. Allow orders only from approved suppliers. Establish invoice approval levels, and require multiple approvers for larger sums. Give only a few individuals access to the vendor master file, and document all of your policies and controls.

3. Establish a fraud prevention program. Work closely with C-level executives to implement a strict anti-fraud program and to communicate the company's commitment to those policies, underscoring the importance of fraud prevention. Promote this initiative broadly with employees and vendors as a deterrent to anyone considering fraudulent activities. Following are some specific steps you can take:

• Create a tip line where employees, as well as others outside the organization, can anonymously report fraud.
• Communicate your fraud prevention and deterrence messages clearly and often to internal audiences, using vehicles such as the employee handbook, company intranet, and signage in common areas.
• Conduct in-person and Web-based trainings for all employees on ways to recognize the warning signs and report fraud, as well as preventative measures they can take. Include the training as part of the on-boarding process for new hires and in ongoing training for all employees.
• Provide in-depth, specialized training for senior executives as well as managers and employees in functions particularly vulnerable to fraud, such as finance, business development, and sales.
• Make sure you clearly inform suppliers of your commitment to fraud deterrence by including anti-fraud language in their contracts and by communicating your company's fraud prevention initiatives on a periodic basis.

4. Automate processes and leverage technology. One of the reasons fraud is hard to spot is that many companies still rely on time-consuming manual invoice handling, which limits visibility into invoices and makes it hard to find discrepancies. Automation in accounts payable enables companies to better ensure that they're consistently enforcing policies and procedures, at the same time that it streamlines processes. With automation, companies can more easily require approvals at certain invoice amounts, funnel purchasing through an easy-to-use e-procurement system, manage more spend, make sure invoices are always paid using master account information, and ensure that only approved suppliers are used.

Moreover, an automated system will provide an audit trail, as well as visibility into every person who handled each invoice. It can automate three-way matching to check and match all POs, invoices, and goods and services received. In addition, purchase-to-pay automation provides strategic value by enabling a company to immediately view important financial information—e.g., where it is spending money and with whom, and what financial liabilities it has at any time. All of this information is crucial for effectively managing spend, cash, and working capital.

5. Use analytics to uncover unusual patterns or issues. Determine the metrics you need to track, and drill down into the data to look for irregularities or suspicious activity such as duplicate payments, overpayments, similar invoices within a certain cost range, or amounts that appear to be unusual. Run reports to dig deeper into potential areas of fraud—e.g., the number of exceptions by supplier, by purchaser, or by recently added suppliers.

Fraud is high on the list of concerns for finance and treasury professionals in all types of organizations. It's time we lift the veil of secrecy and shame, admit our vulnerabilities, and take prudent steps to help prevent fraud from happening on our watch. Not only would doing so help safeguard corporate finances, but it would also result in the adoption of best practices and technologies that can improve working capital management.

—————————————

Eric Wilson is VP of purchase-to-pay for Basware, a leading provider of networked purchase-to-pay solutions, e-invoicing, and financing services that enable organizations around the world to grow their businesses and unlock value across their operations. For more information, contact [email protected], 704.602.3379.