Charles Henri Royon, VP EMEA at Tradeshift
In the news this month we’ve heard that a boss is facing jail for submitting more than £3 million worth of doctored client invoices, while a hotel manager has been convicted for falsifying documents worth £350,000 . While you may question how such an extortionate amount of money was swindled, this type of activity is actually more common than many might think.
The Institute of Directors actually found that nearly three quarters of UK businesses have received bogus invoices. Fraudsters are continually targeting companies, tricking them into sending payments to fake suppliers, and stories around rogue employees syphoning money into separate accounts often appear in the news too. We’re also seeing stories in the news about overseas scams pocketing cash through payments that don’t clear.
Most businesses will, of course, have firewalls and password practices in place to secure their organisation’s data. So why aren’t they taking similar precautions for their invoices?
It’s not necessarily easy; flagging fraudulent activity can be difficult, no matter the size and complexity of a business’ supply chain, whether SME or multi-national. Much like how AirBnB verifies its users against an identification checklist, or PayPal safeguards sellers with good records by holding buyers’ payments for 21 days, businesses too need better controls, checks and visibility into their supply chain, suppliers and payments.
Presuming that businesses would have taken the necessary precautions to assess whether their suppliers are legitimate (checking they’re registered, verifying endorsements and scrutinising the website, for example), there are a few steps they then need to de-risk the invoicing process even further.
The first step is to educate employees on the different types of invoicing scams and the specific payment patterns to look at out for that may indicate fraud. Key fraud flags can include round pound value invoices, duplicate invoice payments, paying straight away and failing to match invoices. They then need to create policies on how to act when such issues arise, such as reporting suspicious activity to their bank in order to block transfers.
Making supply chains more transparent is also essential and in an era of cloud platforms, this can be achieved by digitising processes. Electronic invoices flag errors and omissions so that invoices with inaccuracies are not processed, which is where paper documents can fail.
Hosting payments on a cloud platform also means businesses have access to real-time supplier master data which allows them to de-risk the supply chain even further. They’re able to look for and flag unusual activity (like those I already touched upon) much easier because they don’t have to dig through mounds of paper – it’s all accessible online.
By connecting with suppliers over the cloud, businesses can also build a supplier check list for them to effectively validate themselves – somewhat mimicking a LinkedIn profile. If suppliers don’t tick off certain criteria, then companies know to avoid doing business with them.
Having a one stop shop for supplier data also makes it much easier for businesses to regularly review their supplier list and make sure information is up to date. This way they can minimise duplicate suppliers and consolidate them when possible – avoiding payment errors – and also block those that have been inactive for say 18 months, which could signify a fraudulent company.
While we can never fully predict payment risks, we can certainly do more to prepare and avoid them. Educating employees, instilling processes and harnessing technology are all key steps for protecting a business – not only its purse strings but its reputation too.