Notorious bank robber Willie Sutton was once asked, “Why do you rob banks?” Legend has it that Sutton’s response was, “Because that’s where the money is.”
Not unlike banks, the accounts payable and cash payments process within any business is “where the money is.”
This is probably why accounts payable fraud, sometimes called vendor fraud, is one of the most common ways white-collar criminals exploit their employer’s resources.
Accounts payable is literally at the tip of the spear when it comes to the volume of cash that leaves a business, whether by proper or improper means.
Categories and Statistics
Every other year, the Association of Certified Fraud Examiners publishes the results from its global fraud study in the Report to the Nations on Occupational Fraud and Abuse. In the report, fraudulent disbursements include payments made from the accounts payable system, as well as from payroll processing and straight from the cash register.
This article focuses on accounts payable, which includes billing schemes (such as shell companies and personal purchases), fraudulent expense reimbursements and check tampering.
In the 2012 Report to the Nations, these three sub-categories alone accounted for 51 percent of all types of fraud cases that were reported. The median losses for billing schemes, expense reimbursement fraud and check tampering were $100,000, $26,000 and $143,000, respectively. While other categories of fraud, such as financial statement fraud and corruption were more costly, vendor fraud was far more commonplace.
Overview of Strategy and Approach
Remember this: In its essence, accounts payable processing is a vendor or supplier (whether legitimate or not) that is requesting to be paid for goods and/or services and is presenting supporting documentation to receive that payment.
Imagine a traffic light. The red light represents your risk – how the fraud scheme is committed or, to get fancy, perpetrated. The yellow light represents caution, or symptoms you notice that may help you detect the fraud, sometimes called red flags. The green light represents “go,” the internal control measures that you can proactively implement in your quest to prevent workplace theft and abuse.
Schemes, Risks and Perpetration
Shell Company: An employee creates a bogus vendor and bills the victimized company for goods or services that are not actually provided. It may also include inflated, above-market prices on the invoice for goods and services delivered (a pass-through scheme).
Personal Purchases: An employee orders personal items and submits an invoice to the employer for payment. Lately, this scheme has manifested itself in the personal use of company credit cards or procurement cards (P-cards).
Fraudulent Expense Reimbursements: An employee files a false, inflated or fictitious expense report claim, requesting reimbursement for personal meals, travel or quasi-business goods or services. This scheme may also involve submissions of duplicate or inflated expenses.
Check Tampering: An employee steals blank checks from the company, inserting his or her name, or the name of a collaborator. The employee may also intercept a legitimate outgoing company check, forge the endorsement or alter the payee name, and then deposit it into a personal bank account. Check tampering can take the form of counterfeiting when the fraudster takes bank account and routing numbers from a company account and feeds it to an outside accomplice for reproduction on check stock purchased from an office supply store.
Symptoms, Red Flags and Detection
Be on the lookout for:
- The causes behind increased costs, coupled with lower-quality goods or services.
- Incomplete vendor information (address, tax identification number).
- Unusual, unauthorized vendor names or addresses added to the vendor master list.
- Missing or altered copies of supporting documentation, such as purchase orders, invoices and receiving documents. Watch for copies of these documents instead of originals!
- Changes in lifestyle – lavish trips, jewelry, personal assets. Listen for bogus stories like “I won the lottery,” or “A rich aunt died and left me her fortune.”
- Increase in purchases from favored vendors or unusually close relationships with suppliers.
- Goods received but not ordered, and goods ordered but not received, too.
- Data analytics – using the query, filter and sort/subtotal functions in spreadsheet and database software – may also show linkages between employee information from the employee master file and the vendor master file (address, related parties, bank account, etc.).
Controls, Countermeasures and Prevention
Get ahead of the curve, by:
- Separating the vendor setup and approval process from the payment process.
- Rigorously vetting all new vendors when they are set up.
- Frequently reviewing the vendor master file, with payment volume activity, for reasonableness and consistency with known business and operational trends.
- Maintaining and reviewing a log of sequentially numbered checks and payables processing batches.
- Setting up the automated fraud detection tool Positive Pay (or Reverse Positive Pay).
- Always requiring original receipts or invoices. It’s worth saying again – especially with expense reimbursement.
- And, by NEVER, EVER signing blank checks!
When all is said and done, be creative, connect the dots and don’t be afraid to think outside the box in your proactive stance toward vendor fraud.
Your valuable assets (cash, to be precise) are at risk, and your stakeholders would much rather you be proactive than reactive – after the horses have left the barn and the toothpaste is out of the tube. – David Sawyer, CPA, CFE, licensed private investigator with CPAmerica’s Atlanta affiliate Frazier & Deeter, LLC.