TransferMate: four ways to prevent supplier payment fraud

Since the pandemic, there has been a significant rise in fraudulent attacks on businesses, during the height of the pandemic, phishing incidents alone rose by 220%. Criminals are shifting their efforts towards digital attacks looking for potential weak points in an organisation’s software. This means that now more than ever businesses need to be protecting themselves from potential threats.

See below six accounts payable frauds organisations can face and how to prevent them. 

Billing schemes

Billing schemes occur when a criminal submits fake invoices in order to get an organisation to issue fraudulent payments. 

“While the most common culprit is an internal employee, successful phishing schemes can be a way for an outsider to pose as an employee or supplier in a more subtle way,” said TransferMate.

Three common types of billing schemes include: 

• Shell companies
• Non-accomplice suppliers
• Personal purchase 

How can billing schemes be prevented?

TransferMate explains that checks and balances are key. Having multiple people in the chain can help businesses to spot potential fraud and/or discourage attempts, it is also worth contacting a supplier directly if something seems unusual. 

“It’s important to maintain a separation of duties in the purchasing process, have an approved [suppliers] list that you regularly update, and require additional sign-off for non-approved [supplier] payments,” said TransferMate.

Authorised push payments (APP)

Authorised push payments (APP) frauds typically occur as the result of a successful phishing attempt. Criminals monitor emails and analyse past invoices to produce a genuine-looking payment request at the right time.

Criminals can also impersonate an internal employee asking for payment authorisation, with language that gives a sense of urgency to push an employee psychologically to get it done. 

How can APP fraud be prevented? 

With a  typical organisation losing 5% of its revenue to fraud every year, TransferMate explains that these types of fraud can be prevented with many common-sense methods including the creation of a strong password that is frequently changed, as well as providing staff training. 

“Making your staff aware of common scams and the tactics used will give them the power and confidence to ask questions when they are unsure. Company policies, such as always putting payments through the accounts department (rather than company credit cards), also add a layer of protection against APP payment frauds,” said TransferMate.

Automated clearing house (ACH) fraud

While Automated clearing house (ACH) fraud uses similar phishing tactics to APP, instead of using information to trick an employee, ACH attacks the system that payments are being made through.

Once they gain access, supplier information can be altered within the system including payment information. 

How can organisations prevent ACH fraud?

With 1 in every 4,200 emails being phishing attempts, TransferMate explains that “as ACH fraud is essentially a way of attacking a digital network, the first step is to make that network as secure as possible. By using multi-layer, multi-factor authentication security processes, you can deter all but the most determined and skilled fraudsters.”

Automated payment systems bring additional layers of security to organisations, but it is the human factor that is the most at risk, it is important for organisations to train employees and identify suspicious behaviour. 

Cheque payment frauds

While you may think that Cheques are a thing of the past, in 2019, the Federal Reserve found that 14.5bn cheques were processed; cheque fraud is very common. 75% of businesses suffered accounts payable fraud as a result of cheque fraud. 

“The simplest way is for the fraudster to make out a check and change the payee or write checks for personal expenses and charge it to the business account. Fraudsters will also send vendors double-payments or purposely overpay them, and then intercept the check when it returns to cash it elsewhere,” said TransferMate.

How can organisations prevent cheque payment fraud?

TransferMate explains that there are many methods for preventing cases of fraud via this method. Preventing easy access to physical cheques in an organisation should be a priority, voided cheques should also be properly stored which will also help with reconciliation to spot potential fraud quickly. 

“A proactive way to prevent check fraud is to use a positive pay service. Essentially, positive pay means your bank will compare checks received each day to an issue file you send them and highlights items that don’t match across the two lists, flagging them for your review,” said TransferMate.