Editors Note: This article by Andrew Bartolini, Chief Research Officer and Founder of Ardent Partners, first appeared December 6th on our sister site, CPORising
Chief Procurement Officers face a myriad of supply risks from supplier insolvency to union strikes to geopolitical crises to inflation. However, one area of risk that has spiked in recent years but has not been given the depth of coverage that it warrants is fraud. Fraud is our fourth macro-level challenge that CPOs must address as they enter 2023.
B2B Fraud is Trending Up: Global Impact
Over the past few years, we have seen a huge spike in unpunished crime and corruption across all facets of society, including business and in all regions. This “BIG trend” combined with the general volatility and confusion sown by the COVID-19 pandemic has empowered criminals and fraudsters to unleash wave after wave of fraud attacks against businesses large and small.
Conducting more business outside of the office and operating as virtual teams translated into greater IT and data security risks. Over the few years, fraudsters have taken advantage of critical vulnerabilities and attempted to steal money from exposed businesses. With so many susceptible entry points, 2020 was the largest year on record in terms of fraudulent payment behavior and 2021 was even bigger when the total cost of financial fraud was estimated by several U.S. government studies to be in the trillions of dollars when taking business, consumer, digital, and all other transactions into account.
One of the pandemic’s main impact on physical mobility and fewer face-to- face interactions led to a decreased reliance on paper invoices and checks and wider usage of digital and electronic payments. The unfortunate downside is that fewer in-person meetings and negotiations may have opened the door for B2B fraud, particularly payments.
Fraud and security breaches are a very real threat to businesses all over the world. In fact, according to Ardent Partners new research, nearly four out of ten (38%) of all businesses reported a business payment fraud attack over the past year. In reality, the actual number is likely to be much higher as many attacks go unreported or, worse yet, unknown. Not all attacks were successful but it is clear from their sheer number that the risk of payment fraud attacks will be part of P2P’s “new normal” and that strategies and tools designed to thwart it will become more important.
B2B Payment Fraud: CPO Impact
Over the past five years, “impact on cash” has become a top CPO metric. This metric is an acknowledgment of the financial impact of the procurement department that goes beyond savings and into areas like demand management and payment terms negotiation. While it may not impact a CPO’s metrics, payment fraud obviously has a direct impact on cash positions and the bottom line. And, while the responsibility of managing the actual vendor payment does not sit within procurement (nor should it from a controls-standpoint), supplier relationships are and should be managed and controlled by procurement.
Fraud Mitigation Strategies
In the digital era, security breaches are a risk for every company. Developing secure supplier onboarding processes is critical, but only a first step. Partnering with finance/AP and IT is also fundamental to any B2B payment fraud initiative.
Mastering your organization’s protection against fraud requires providing staff with applicable training on fraud prevention and compliance skills. This can be an effective tool in preventing and mitigating fraud, as is leveraging AP automation and electronic B2B payment solutions to eliminate paper and manual processes from the invoice approval and payment cycle. The best way to combat fraud is to prevent it from happening in the first place. Here are some ideas on how to do just that.
21 Top Tips for CPOs, CFOs, CIOs, and B2B Payment Teams
1 – Track the latest B2B payment fraud trends
2 – Partner with a B2B payment provider that uses a verified payment processor
3 – Encrypt confidential transactions and communications
4 – Force frequent changes to login credentials
5 – Run constant security checks with antivirus software
6 – Conduct regular audits (In general, audits should focus on the design of the process controls and how the controls are monitored but we have included a few audit tips below
7 – Set a data management policy for confidential information
8 – When testing transactions, use advanced sampling strategies like Benford’s Law, which can help auditors to hone in on the most likely areas of fraud
9 – Occasionally change the dollar value threshold for audits and/or randomly test payments below that threshold
10 – Announce that payments below the audit threshold may be tested
11 – Test duplicate payment patterns by supplier but also by business unit, region, or any way that employees are assigned to an organization
12 – Remember too, that the threat of an audit is one of the most effective mechanisms enterprises have to prevent fraud
13 – Ensure that more than one staffer is involved in approving and then making disbursements above a certain dollar threshold
14 – Red flag: Watch for round dollar payments (common fraudster mistake)
15 – Red flag: Watch for invoice number patterns submitted over time have a close numerical sequence – 1001, 1002, 1003, etc. – (common fraudster mistake)
16 – Red flag: Watch for payments that were mailed to PO boxes
17 – Sample canceled check endorsements
18 – Verify canceled check destination accounts
19 – Include audit clauses in supplier contracts; conduct an occasional supplier audit
20 – Make sure that AP/payment employees take their vacations and that other staff cover their payment duties while they are gone
21 – Establish an anonymous whistleblower program