Accounts Payable Fraud: How to Add the Appropriate Controls

Accounts Payable Fraud: How to Add the Appropriate Controls

With the ease and accessibility of today’s technology, fraudsters anywhere can replicate checks with ease. It’s no stretch, then, to say that it’s become easier than ever before to forge a check.

And it’s check fraud, with a whopping 77 percent of actual and attempted instances of fraud to make up a majority of fraud among companies.

What are some examples of payment fraud?

Check forgery is one of the most familiar forms of payments fraud. It involves legitimate checks falsely imprinted with the payer’s signature. Counterfeit checks are also a tactic fraudsters use by digitally altering a document and printing it to appear as a genuine check.

The Association for Financial Professionals 2016 Payments Fraud and Control Survey states that, “after checks, wire transfers were the second most popular vehicle for payments fraud, with 48% of organizations exposed.”

Electronic fraud happens when ACH transactions or other digital transfers are initiated from an unauthorized source.

What are 3 types of fraud that impact the accounts payable process?

  1. Internal Fraud:  Internal fraud is initiated by one or several employees who have access to key company assets such as cash, check stock, and bank account numbers. The perpetrator often hides this fraudulent account activity by making false entries in the accounting system to cover their trail.
  2. External Fraud: External fraud is committed by someone outside the organization. They are able to gain access to company accounts and solicit unauthorized transactions.
  3. Conspiracy Fraud or Collusion: Conspiracy or collusion can combine both internal and external actors where an employee works in tandem with someone outside the company to divert resources.

What are ways AP can combat payment fraud?

Positive Pay and Positive Payee: Positive Pay is a service banks provide to match the account number, check number, and dollar amount of each business’s check against a statement of checks previously issued by that business. It’s kind of like having fraud prevention insurance on each check.

A check that does not match the file a business provides to the bank is flagged as an exception and the business is notified for approval before it is released.

Payee Positive Pay works almost exactly like Positive Pay with one exception: the customer’s name (payee) is also matched on the statement file with the issued check.

Check Controls: Controlling who has physical access to unprinted check stock is of paramount importance to keeping the integrity of check payments intact. Check printing and handling provides a huge invitation for fraud, dependant on the existing controls in place to prevent it.

A world without checks would be ideal, yet, it’s still the most common form of payment for businesses. This is why restricting access to check stock is crucial. Applying physical locks on check stock cabinets with dual access provides a good level of accountability.

Other types of controls over physical check stock

Physical Controls: One technique used by large organizations to prevent check fraud is to separate the signature plates from the check stock itself. This means two separate keyholders are required to produce a check.

Check Limits: Some Enterprise Resource Planning (ERP) programs have the ability to set a dollar-amount threshold for a check, flagging it for additional approval, before it’s sent along to the payee.

ACH blocks and filters

ACH debit block: This type of debit block prevents all transactions from posting except those that are previously authorized. There are specifications included in this feature for pre-approved recurring payments or maximum daily dollar amounts.

Debit filter: This filter screens ACH transactions to match only with pre-approved businesses. It’s similar to a bank’s Positive Pay services but specifically for ACH transactions. The filter ensures that ACH debits fulfill the right criteria against a list of approved vendors. Only transactions that meet all criteria are posted as successful transactions.

Reconcile all bank accounts within 30 days

Reconciling bank statements within a 30-day window is a best practice in accounting departments. This allows for quick discovery of any suspiciously posted transactions.This step cannot be stressed enough for its importance in good fraud management.

Reconciling bank statements also reveals the following:

  • Bank errors in the accounting process
  • Unauthorized payments that require investigation
  • Outstanding or expired checks

These control practices, used simultaneously, can do wonders for improving your payment process. It may even cause you to consider moving to an electronic payment process or to outsource a piece of your AP department. Most importantly, these practices will help shield you from accounts payable fraud.

  • Previous Article
    Weekly Ledger 11: Top Stories in Accounting and Finance
    Weekly Ledger 11: Top Stories in Accounting and Finance
  • Next Article
    B2B Fintech Disruption, Coming Soon to a Bank Near You
    B2B Fintech Disruption, Coming Soon to a Bank Near You

Most Recent Articles