It's no secret that accounting fraud has been on the rise, especially in the past year.
Unfortunately, the risk of failing to detect this type of fraud is increasing with COVID-19 & only getting worse.
Many finance departments that have a predominately manual or paper-based process have been forced to introduce “workarounds” to be able to function with staff working from home, or being furloughed & fraudsters are taking full advantage to exploit these weaknesses.
You probably heard about the controversy surrounding Patisserie Valerie & the suspected £40m fraud involving finance staff & a supplier.
But while business & accounting fraud is a serious problem across the country, you have to question how many businesses are setting themselves up to be victims.
We ask this because in our recent research report 20% of finance workers in UK businesses strongly agreed with the statement that their payment & procurement processes were putting them at risk of fraud.
Think about that: one in five finance staff believe their company is putting itself at risk of fraud.
Overall, 37% agreed their company was at least vulnerable to business & accounting fraud.
That might sound like a lot, but it is likely that the remaining 60+% are actually greatly underestimating how much danger they are in.
Talk to anyone in a finance team – especially one still relying on manual processes – & they will tell you staff is pressured to deal with hundreds of invoices a day (& are expected to spot fraudulent invoices on sight).
That’s an incredible undertaking but even so, especially with the technology available today, how can so many businesses be at risk of this type of fraud?
Accounting fraud is much easier than you’d think
Despite what you might think, business & accounting fraud are much easier than you’d imagine.
All you need is a duplicate invoice with a unique identifier sent a week or two after the original. If no one spots it, the invoice gets passed through & paid.
If anyone questions it, just say it was a mistake.
Duplicate invoices are also an increasing problem during the COVID-19 lockdown, as many suppliers are sending duplicate invoices as part of their credit control activities (presumably to shortcut the “we have not received it”) & many organizations are then processing these & paying them.
But how could you not spot a fraudulent invoice you ask?
Imagine this – because it is common:
A fraudster emails you or your finance team that looks like it has been sent by a director or CEO with an attached invoice & instruction to make an immediate payment. Finance jumps into action & makes the payment as requested. If the payment is large enough to subsequently draw attention, a very close inspection might show that the email address is being spoofed, or has a single character changed, but it is too late, the damage has been done.
Given that finance workers & the approvers are human (yes, they really are) they could easily miss something that looks innocent.
& that’s just threats from outside your business.
Online payments & credit cards create the opportunity for employee fraud
According to the three points of the Fraud Triangle, introduced by Joseph T. Wells in 1997, people (even good people) would likely commit fraud if presented with the following:
- The ability to Rationalize their actions
While pressure & rationalization might not be coming from the company, the opportunity certainly is.
For one, 68% of finance workers in our survey said that their company’s processes were so inefficient & convoluted that they had to work around them to get anything done.
Working outside of normal working processes to get anything done. This in itself presents the opportunity to bend the rules & try your luck.
& many employees are, so it seems.
UK businesses lose £190m a year according to research from NatWest – with 40% of that involving employees – &, in 2018, businesses reported £88m of insider fraud, according to Action Fraud.
Hundreds of millions of pounds in fraud – & that’s just what was discovered.
However, there is another emerging business practice that is presenting even more potential for employees to commit fraud undetected. This risk comes from the rising popularity of using business credit cards & making purchases online through the likes of Amazon, or Office Depot.
Unlike a company’s “official” suppliers, these sites don’t issue invoices. Employees just pick & pay for the item they want. The only evidence of any payment is the debit on the credit card. No one knows what was bought, who bought it, or even where it was delivered to. Unless there is an accurate audit of who had the card when the purchase was made – there is no way of knowing who it was.
All of this should mean that businesses are creating stricter rules for approvals, or investing in automated technology that can either remove the risk by controlling these purchases before they are made or capture & identify them for review & audit after the event.
Why aren’t companies investing in business & accounting fraud prevention?
We don’t know.
But if companies are failing to invest in preventative measures, & help finance teams do their jobs, then they have to share the blame when they fall victim to business & accounting fraud – it can’t all sit with the employee (unless it was the employee committing the fraud).
How can automated Accounts Payable help prevent business & accounting fraud?
Is the invoice really from your supplier or has it been “spoofed”? Have you ever paid a supplier invoice twice – paying the original & then the duplicate you requested because the first one got “lost”? Are you certain that a “regular” supplier for small values each month is really a supplier at all & not an ongoing fraud?
These are all things that an automated AP system can detect (as well as confirming where the invoice came from, is it formatted correctly, is the bank or corporation number correct).
Try as they might, under pressure finance teams simply cannot be expected to stay on top of all this. They need help & businesses have a responsibility to give teams the tools they need to do their jobs.
If they don’t & the business becomes a victim of business &/or accounting fraud, they need to look at themselves before taking aim at their finance team.