The pandemic has awakened a hidden fraud in B2B payments

As COVID-19 continues to dictate global business in 2020, many C-suite executives are combating difficulties balancing a plethora of business strategies in order to function and survive.

With global businesses reporting $42 billion in total fraud losses this year, as reported in a recent survey by PWC, companies need to remain vigilant to prevent and respond to incidents.

An often overlooked area that's incredibly susceptible to compromise is the Purchase to Pay process. Also known as the P2P process, CFOs and CPOs connect procurement and supply chain processes within a company through a reliable Goods Receipt process, to manage internal fulfillment and external relationships with suppliers.

As the pandemic continues to expose vulnerabilities, executives need to alter and reshape their risk management strategies with P2P in mind for future success.

Companies need to pay close attention to internal controls to prevent fraud. When managed correctly, effective internal controls reduce the risk of asset and liquidity losses. It ensures that strategic information is complete and accurate; financial statements are reliable, and the plan’s operations are conducted in accordance with the provisions of applicable laws and regulations. When internal controls are effective, companies can rest assured that their plan is achieving its financial objectives. When it is not effective, that assurance depletes and dissolves.

Many different parties are responsible for fraud in P2P finance, order to cash transactions and company-to-consumer relationships. More often than not, it is those who have access to financials with purchasing power that are most at fault for fraudulent actions, like cooking the books, committing theft of company assets and providing bribes or kickbacks in procurement dealings.

These actors create and control weaknesses in the supplier relationships and invoice processing with limited control for customer and accounts receivable processes. External parties will run phishing schemes that could come in the form of phony government agencies and police personnel spreading manipulative email and phone messages and conduct theft of credit cards, personal assets and and other personally identifiable information.

In the past, companies have struggled to spot internal personnel conducting schemes of embezzlement, phishing, “spoofed” emails, phony invoices and money laundering. In April of 2017, a former accounts payable supervisor was sentenced to two years in prison for abusing his position of trust with Argen, a San Diego-based metals company, in order to steal millions of dollars which he used to fund a lavish lifestyle. Using his access to the full range of corporate financial records and general ledger accounts, he could control the company’s credit cards to make personal purchases and compile false tax returns to cover his private dealings. The open access and faulty segregation of duty with financial information and ledger data is something that companies need to watch closely.

Segregation of duty is the most common control and most difficult to implement, as it surrounds the risk of the wrong people having access to financial transactions and ledger data. From theAFP Payments Fraud and Control Survey, eight in 10 organizations were victims of attempted or actual fraud attacks, with 75% experiencing business email compromise and 74% of organizations experiencing check fraud in 2019. From the ACFE Report to the Nations Global Study on Occupational Fraud and Abuse, a typical fraud case lasts 14 months.

Automation can make the entire process of combatting fraud seamless. One example is e-procurement, which provides transparency, protection, efficiency and optimal utilization of resources. Executives rely on e-procurement solutions to issue purchase orders and PO requests, building a corresponding approval workflow electronically with the correct personnel in place. This also eliminates the extra work needed to manually circulate a PO from one approver to the other. Established e-procurement portals provide proven and secure alternatives that many commercial and government organizations are already using to function with greater success.

Manual invoices increase the risk of processing faulty invoices, paying an incorrect amount, or paying the invoice to an incorrect supplier. Major supply chain companies at risk for fraud around the world are adopting e-invoicing to streamline operations, eliminate waste, and unlock the working capital value of innovative payment strategies. Large companies like Google and Facebook are still learning to manage their own invoicing difficulties. Years ago, Oracle paid out $8m to settle a lawsuit brought by the U.S. government, which had accused the company of invoicing for computer training it had never provided. Both large and small companies can learn from competitors' mistakes and network to escape invoicing fraud and protect their assets.