Organizations throughout history, regardless of size, have been susceptible to some form of invoice fraud. Indeed, with the average large company processing hundreds to thousands of invoices each month, the sheer volume makes it impossible to closely examine each bill that comes through the door. Add on a significant increase in the number of people working and shopping remotely and the opportunity for criminal money mischief grows exponentially.
These aren't just words. The banking and finance industry trade association UK Finance 2021 figures showed a near 40% rise in push payment scams in which criminals pretend to be a trusted contact.[1] In fact, the post-pandemic surge has rocketed so high as for them to declare fraud attacks a ‘national security threat’ for Britain. [2] Even large technology companies such as Amazon have been victims of invoice fraud (to the tune of 9 million).[3] And the attacks have become increasingly more sophisticated with greater (new) financial and legal implications.
Fortunately, the same advances in technology used by criminals to commit fraud can also be used to stop them, particularly when it comes to finance departments and accounts payable fraud. Here are the main types of fraud, why they are posing a major threat to businesses, and 7 keys that CFOs should adopt to help battle both internal and external fraud attempts.
Common types of invoice fraud
Fraud can take several forms but some of the most common ones faced by businesses include:
1. False, inflated, and double (duplicate) invoices
A supplier can commit invoice fraud by submitting fast, inflated, or duplicate invoices. These refer to invoices for goods or services not rendered, or one or more invoices for the same goods or service. This can be purposefully done or sometimes the vendor will re-submit an invoice either due to delayed payments or simply not realizing it had already been sent. In other cases, somebody could be working directly with somebody in the invoice organization to ensure the invoice passes through the payable process.
2. Phishing schemes
These are scams by which cybercriminals attempt to gain access to sensitive data by pretending to be from a legitimate source. Often these appear to be from a legitimate supplier email but are in fact redirected.
3. Shell companies
Creating a shell company, often called a ghost company, is one of the easiest ways to commit internal fraud. These business entities typically only exist on paper with no physical address or employees., using false names and addresses to submit invoices.
4. Labor mischarging
Vendors, contractors, and even non-employees may include false information on an invoice in order to increase the payment they receive. These can include the number of staff employed, hours worked, or duplicate dates.
7 Keys that CFOs should adopt to fight the fraud battle
If the goal of the fraudster is to obtain funds through false debt factoring by sending false invoices to debtors, the goal of the CFO is to block this from occurring. Here are 7 steps that CFOs can take to fight the fraud battle:
1. Make invoice risk management your priority
Companies worldwide suffer financial losses of billions every year due to fraud, which can be committed by company employees or individuals outside the company, such as partners, agents and clients.[4] While both the loss amount may differ from both company size and according to region, one thing is clear: not making invoice risk management a priority will cost the financier less to prepare against then becoming a victim.
2. Automate your receivables processes
A fraudulent invoice can be integrated into company flow because of process vulnerabilities. In many cases, these vulnerabilities may be “easily” rectified before any invoice payment is made concerning a client, supplier or fake account simply by automating any time-consuming and repetitive service that can be a source for errors. A CFO who adopts automation also realizes a fresh opportunity to keep their team from being limited by performing menial invoice tasks and instead giving them opportunities to focus on statistical analysis, risk prevention, tactical consulting, and even customer support. This is true whether lender, borrower, or supplier.
For example, three-way matching - the process of matching the invoice with the purchase order (PO) and receiving report to validate data - is one of the most important ways to minimize the risk of fraud. Invoice process automation allows you to easily flag invoices with conflicting or missing data, tracking invoice activity (reducing the possibility of duplicate invoices), and ensures that no one person has oversight over the process.
3. Finance and IT need to communicate
How well do your CFO and Chief Information Officers (CIOs) agree? People often talk about a conflicting relationship between CFOs and CIOs, notably one’s lack of technical expertise versus the other’s lack of business vision. With today’s digital transformation and increasing security vulnerabilities, sensitive data may be at risk, including client files and invoices, bank account details, patents, and more. CFOs and CIOs must therefore work together: while the CFO remains the protector of financing, cash, and payment-related factors, the CIO enables the department to manage data and business applications.
4. Acquire the right skills in-house
Data, which has become an undisputed source of value for company growth and intelligent decision-making, is now also the cornerstone for CFOs. However, risks related to data integrity and security are the price to pay, especially where the invoice process can be used as a vector for penetration. CFOs need to work with experts to master the associated data science and rise to the occasion in their effort to eliminate fraud, avoid loss and improve reporting.
5. Engage stakeholders within the company
Regardless of their form, organisational transformation projects pay their own way when the company’s teams are actively committed and not limited by inefficient methods. This applies even more when handling issues related to abuse, especially false invoices. The human factor – client, supplier or employee – is often the primary source of invoice related problems. Training employees and raising awareness regarding the impact on business must therefore be among the CFO’s top priorities for the company.
6. Implement a Cloud-based automation solution
The Cloud offers companies an easy solution for digitalisation efforts from document transfer, storage, and invoice and cash management. Accessible from everywhere via a mobile connection and easily scalable, Cloud computing also offers compliance options for the new e-invoicing and MTD regulations.
Most automation suppliers today offer robust and secure environments that are ISO certified and accessible to all organizations.
7. Effective invoice management is essential
There are some remarkably effective ways for finance departments to adapt their defenses against the flow of invoice fraudsters and avoid undue payment. But how do you choose the right one? Invoice automation solutions factoring in the purchase-to-pay process have become essential for financial decision makers and are more functional than ever. Not just limited to providing total traceability of every action regarding invoice, cash or credit operations, the most advanced options also integrate algorithms capable of extracting all the data present in those documents in order to detect and prevent document fraud before payment or credit of any kind, triggering alerts quickly if a single sign of false data or information is detected.
Prepare yourself, invoice finance fraud is not going away
Fraud will continue to pose significant challenges that will plague many CFOs as we move to an even more digital world. But while the progression of attacks may create greater invoice and payment issues for CFOs, they must also set up a specific service or solution to protect themselves. AI-based platforms can predict and analyse invoice irregularities, while Cloud-based systems are constantly advancing to offer the stronger security, bank protection and automated processes they need to minimize the risk of danger to the company.
The question for the finance team is not whether they will become a target, but when. The answer is that CFOs must start looking now to defend their business and reassure stakeholders.
