Fraud is rampant everywhere. The total cost of occupational fraud exceeded $7.1 billion according to the 2018 AFCE survey reports. The survey included 2690 cases of occupational fraud in 125 different countries that were reported by Certified Fraud Examiners. This according to AFCE 'does not come close to representing the total amount lost to fraud. The true global cost of fraud is likely magnitudes higher, especially when factoring in the indirect costs, such as reputational harm and loss of business during the aftermath of a scandal.' Billing fraud costs victim organization $100,000 according to the same report.
In view of the preceding and given the current business environment, mounting regulatory pressures, and the increased visibility and importance of the accounts payable function, best practices are something with which every professional need to be conversant.
Building a world-class accounts payable operation and implementing the critical anti-fraud audits under procurement and accounts payable can prevent leakage that occurs due to poor and inefficient processes. This article provides the keys to the detection and prevention of Accounts Payable Fraud. It will equip you to identify red flags of the AP function and put basic anti-fraud controls in place.
Identifying the types of Accounts Payable fraud
There are two main types of Accounts Payable fraud:
External fraud is perpetrated by outsiders such as vendors, customers, and computer hackers and Include
- Billing schemes
- Delivery of substandard goods at full price
- Shell companies
- Social engineering
- Subcontractor scams
- Kickback schemes via involvement with insiders
- Theft of confidential accounts payable data
- Check fraud such as check counterfeiting, interception and forgery
- ACH fraud: Theft of funds through the Automated Clearing House financial transaction network
Internal fraud is when the employer is cheated via billing schemes.
According to Kroll, approximately 67% of corporate fraud committed by insiders (Kroll)
Some of the schemes commonly known as billing schemes are:
- Shell Company schemes: A dishonest employee creates a shell company to bill the employer for goods and services it does not receive thereby converting the payment to his or her own advantage.
- Pass-through schemes: The dishonest employee uses the shell company that is set up by him/her to purchase goods or services for the employer, then marks up and sells to the employer through the shell.
- Pay-and-return schemes: A dishonest employee deliberately causes an excess-payment to the legitimate vendor and misuses the refund when the vendor refunds the excess-payment.
- Personal-purchase schemes: A dishonest employee initiates purchase orders and payments for goods or services for personal use. The crook sometimes retains it for self and other times he returns it for cash.
- Vendor master file fraud: A vendor master file with insufficient controls may let the dishonest employee adds sham suppliers, use inactive ones to commit billing fraud or make a fraudulent alteration of existing suppliers of existing supplier data in the vendor management file.
- Kickback schemes: A dishonest employee colludes with the dishonest supplier and allows the supplier to submit inflated invoices, bill full price for substandard products or secure orders without competitive bidding.
- Check fraud/tampering: Includes check counterfeiting, check-forging, enforced theft, interception or forged endorsement, check altering, concealed check schemes wherein an employee prepares a fraudulent check and submits it usually along with legitimate checks to an authorized maker who signs it without properly reviewing.
27 Warning signals or red flags to watch out for in Accounts Payable functions -
- What to watch out for in the invoices and invoice documentation
- Unusual pricing
- Unfamiliar vendors
- Even numbered pricing
- Supplier billings more than once a month
- Matching employee and supplier addresses
- Invoices of vendors that have only PO box address
- Large invoices are broken down into smaller invoices
- Invoices with company number that differs from their own
- Invoices for unspecified consulting services that are not specific or vague
- Invoices with the absence of employer ID or an invalid employer id
- Invoices that have consecutive numbers despite being weeks or month apart
- Unprofessional invoice related documentation such as purchase orders, shipping documents etc.
- Invoices in which the company names consist only of initials, - Although some legitimated companies have such names, it is a naming convention often used by crooks
- Invoices whereby the supplier address is different from the address in the vendor management file
- What to watch out for in the vendor management file
- Many inactive suppliers could indicate that pony suppliers are included
- Many duplicate suppliers with similar names in the vendor management files
- Many employees having access to the vendor management file may indicate theft by one or more of the authorized employees
- What to watch out for to identify kickbacks
- Replacement of a long-term supplier
- Unusual increasing rise in purchase of a particular product or services price
- Contracts awarded to the same supplier frequently or consecutively
- Unusual change in procurement trend of a particular product or service
- What to watch out for to identify check frauds
- Missing blank checks
- Missing signatures or seem to be forged
- Canceled checks appear to be erased or altered
- Dual or fraudulent endorsements of canceled checks
- Indications of forged endorsements on canceled checks
- When complaints about non-payments from suppliers and other payees abound (may be an indication that checks are stolen or altered.
40 ways to put anti-fraud controls in place:
- Perform surprise audits
- Perform inventory checks
- Perform supplier audits
- Identify all post box addresses
- Place surveillance in key locations
- Apply multiple match techniques
- Match employee and vendor addresses
- Have a robust supplier validation in place
- Match employee initials to supplier names
- Perform regular audits including tests for particular red flags
- Manually review and compare payroll records against payees
- Apply basic analysis and audit techniques such as sampling, ratio analysis
- Use automation to detect irregularities in financial records
- Check supplier files for complete details
- Validate all suppliers to ensure legitimacy
- Place hotline to get employee tips to gather warning signals and potential evidence
- Perform audits for inconsistencies between invoices, disbursement records and canceled checks
- Ensure different personnel handle supplier approvals, purchase requests, purchase approvals, receipt and payment
- Implement Accounts payable transaction limits for specific personnel
- Ask approvals for purchase request beyond a specified amount
- Ensure that personnel authorized to approve purchases are not authorized to make changes to the approved supplier list
- Have a process to obtain competitive bids for all procurements beyond a certain amount
- Forbid purchase department personnel accepting gifts from suppliers that have value beyond the organization's policy limits from suppliers
- Implement monitoring for duplicate invoices
- Ensure all shipping documents and shipping receipts for goods reach Accounts payable within one business day
- Match corresponding purchase orders, invoices, and receiving documents
- Perform vendor management cleaning periodically to remove and flag duplicate suppliers
- Scrutinize suppliers having the same name but different postal addresses
- To prevent check frauds, always use a combination of payment or use Positive Pay, Payee Positive Pay, Reverse Positive Pay
- Make use of ACH Positive Pay, and/or ACH debit filters
- Make use of enhanced security stock to prevent check frauds such as counterfeiting or forgery
- Understand and use the check/payment fraud prevention services that banks offer
- Check if there are invoices paid without a purchase order
- Without delay, scrutinize any long-time supplier replacement
- Use electronic systems that have audit recovery/double invoicing controls
- Use control management systems (CCM)
- Implement job rotations whereby the purchasing staff should be refrained from dealing with the same supplier for long durations
- Implement mandatory vacations for accounts payable staff
- Reconcile accounts
- Ensure that there is consistency in following bidding rules
Attend the seminar Account Payable Best Practices to learn the newest best practice every organization should implement to ensure crooks don't get their hands on money or sensitive information. This is one session you might want to invite your colleagues in accounting, auditing and payroll to so they implement appropriate best practices and are not bamboozled by some of the newest frauds.
The speaker Mary S. Schaeffer, is a nationally-recognized account payable expert, is the author of 18 business books, a monthly newsletter, and a free bi-weekly e-zine, as well as several CPE courses for CPAs. She runs AP Now, a boutique publishing and consulting firm focused on accounts payable issues. She also serves as the Education Director for the Institute of Financial Operations. Before turning to writing and consulting she worked in the corporate world as an Assistant Treasurer for the Equitable Life Assurance Society, a Financial Risk Manager for O&Y and a Corporate Cash Manager for Continental Grain. A frequent and popular speaker at both live and online events, she has an MBA in Finance and a BS in Mathematics.