We always put payment fraud under the microscope because it’s a widespread and evolving problem that puts almost every business at risk.

Back in 2019, according to a Lloyds Bank survey, 52% of businesses said they had experienced invoice fraud. Amazon, the world’s largest online retailer, faced a loss of almost $19 million due to fraudsters submitting doctored invoices. This proves—if you needed more proof– that everyone is exposed to this kind of fraud risk.

The same survey found that just 20% of businesses review invoices and only 37% have rigorous processes in place to keep invoice fraud from happening. Without better controls and closer scrutiny, businesses risk being bilked out of significant funds before they even discover they’ve been victimized.

While it’s not possible across the board, implementing and driving purchase order-based invoicing will make your company more secure. By deploying a few core strategies, you can mitigate the risk of becoming an invoice fraud victim:

Purchase order matching. Best practices for effective purchase order matching include capturing and matching line level detail. This allows you to establish acceptable tolerances for how much the unit price can deviate from the purchase order and alert stakeholders when tolerances are exceeded. It’s critically important to set up these kinds of rules to prevent a catastrophic loss in an invoice automation scam, especially when decentralized AP departments are dealing with large volumes of invoices. 

Protect yourself with flexible approvals. Accounting solutions with flexible approvals make it simple to maintain dual controls and oversight. It’s not possible to multi-factor authenticate invoices that are submitted via email, but robust, flexible approval controls on purchase order invoices can ensure one final check is provided prior to posting for payment. All of this allows for routing of invoices and exceptions to the correct approvers or AP teams based on an ever-evolving range of criteria.

Set up an invoice submission portal. If you’re being mailed or emailed invoices, knowledge of vendors is limited to the address listed on the envelope or the from email address. It can be easy to miss red flags like changing addresses or domain names with the highly manual processing of those invoices. AP automation solutions help reduce this concern by requiring a vendor to set up a profile in a digital portal to submit invoices that include additional company and contact information. This provides additional data points that can be used in assessing the legitimacy of a vendor or invoice.

Robust reporting makes flagging suspect vendors easier. While having strong organization and seamless workflows makes a difference, there’s still a place for finance teams and their expertise. Having the right reporting and analytics within your portal can help flag suspicious trends before they become major losses.

Your best solution provides historical data and alerts when an invoice exceeds risk thresholds.  For example, a high invoice amount, or if the invoice was submitted outside a normal pattern of behavior. This helps your team to avoid missing red flags and make better decisions when submitting an invoice for payment.

Organizations often must choose between security spending or increasing operational efficiencies that drive down processing costs and increase revenue flow. Unfortunately, security often gets the shorter end of the stick.

The right solution is an end-to-end solution that integrates security into refined operational processes that everyone needs. Robust reporting, greater visibility, and better workflows organization-wide can prevent catastrophic losses while still getting your AP department where it needs to go from an efficiency standpoint.

Subscribe

For further insight into the payments and banking industries, subscribe now and stay up to date on the latest tips, trends, and topics. You can also check out The Payments Podcast, where experts engage each other on the real-world factors impacting the payments and banking industries.

Posted by Chris Gerda

Chris Gerda serves as the head of risk and fraud prevention at Bottomline, with a focus on security for Paymode-X. He is responsible for the overall anti-fraud strategy and technology initiatives to maintain the security of $200 billion in payments within the 450,000+ network membership base.