For years, organisations and criminals have been involved in a digital arms race. Business processes have increased in sophistication, but so have the fraudulent attacks designed to undermine them. This battle escalated during the pandemic when organisations suddenly found the need to shift their operations to new environments to continue operations.
Unfortunately, this proved to be an open invitation for nefarious activities. An astounding 72 per cent of Australian businesses reported the risk of fraud and corruption increased during the pandemic, and 85 per cent don’t expect that risk to decrease this year, according to the KPMG Fraud Survey 2021. During the third quarter of 2020, the median number of business email compromise (BEC) attacks received per company reportedly increased by 15 per cent from the second quarter. Of these attacks, the ones using invoice or payment fraud rose by 155 per cent, making it the most prevalent type of BEC attack.
No one wants to be the victim of fraud, but history has proven even the world’s biggest companies aren’t immune to financial deception. Take Google and Facebook, for example. In 2019, both companies were scammed out of more than $100 million due to phishing emails containing forged invoices. The emails were sent to the accounts payable department, and even though both companies had certain security measures in place, the seemingly legitimate invoices were processed. Then there’s the story of US tech entrepreneur Mark Cuban, who had $82,000 stolen from his first company by an employee cashing fake cheques at the bank. The lesson here is any company is vulnerable to fraud when the right safeguards aren’t in place.
Financial institutions are on high alert when it comes to fraudulent activity. The threat of regulatory non-compliance looms large for finance organisations, and with the customer life cycle undergoing dramatic transformation, it may seem more challenging than ever to protect the business.
So what are the proper measures? The key to preventing fraud—and fulfilling “know your customer” (KYC) requirements—is the right mix of people, processes, and technology. But as fraud has become more sophisticated and the landscape is constantly changing, success demands organisations, especially accounts payable (AP) teams, place a greater reliance on the technology piece of the fraud detection puzzle. People will always play a role, but as scammers get harder to identify, it becomes more difficult for humans to weed them out. Processes also have a part in fraud mitigation, but they must be crafted in ways that unite people and technology.
Which brings us to the tech component of the fraud protection equation. Technology can accomplish things even the best people and processes can’t. It’s the strongest defence against increasingly sophisticated fraudsters, and it’s the one element most resistant to human error, be it innocent or malicious.
Accounts Payable: The Front Line of Defence
The best defence is a good offense, and the AP department is on the front lines when it comes to identifying and preventing fraudulent activity. A recent State of ePayables Market Research Report from Ardent Partners sums up AP’s role nicely: “Accounts Payable sits in the middle of an enterprise’s financial activity and is ideally suited to identify and flag potential instances of invoices and/or payment fraud. In fact, 87 per cent of AP teams support fraud prevention and compliance activities.”
Since fraud is evolving and scammers are becoming more sophisticated (and dangerous) in their tactics, AP staff need to modernise their approach. Intelligent AP automation is a smart investment for financial organisations looking to bolster their defences. Automation delivers direct benefits to the people, processes and technology responsible for stopping fraudulent activity.
The Ardent report specifically discusses the benefit of automation, stating, “As a by-product of transforming itself, AP can better support compliance and risk management teams in enforcing policies, identifying potential red flags, and escalating issues internally.” Eliminating error-prone manual work is at the heart of this transformation. An AP automation solution establishes standards for handling exceptions and workflows, which reduces the fraud risk and increases compliance.
Australian businesses in particular are starting to realise the importance of technology in fraud prevention, with 38 per cent reporting using forensic data analytics or artificial intelligence to help detect fraud and corruption in the KPMG survey.
AP Automation: The Technology Leading the Charge Against Fraud
There are several ways intelligent AP automation technologies work together to shield finance organisations from fraudulent activity. As the name suggests AP automation solutions (APA) automate invoice processing, saving time and reducing errors. Process orchestration automatically routes exceptions for human review and approval and maintains a trail of handoff between human and digital workers.
Multi-channel invoice capture capability can automate the process no matter how suppliers send invoices—XML, paper, PDF, while workflow and imaging solutions provide an electronic archive of invoices and other financial documents. In addition, things such automated supplier onboarding validates addresses, tax data and other critical information.
A layer of Artificial Intelligence (AI) determines the invoice layout and identifies the right information needed, regardless of format. It can also automatically identify what to extract from an invoice and whether pay slips have been doctored or altered in any way. AP automation solutions can also prevent fraud by verifying that the banks details on an invoice match the Vendor master details.
This helps AP teams fight back against fraud in many ways: it eliminates the errors associated with manual invoice processing, which can result in duplicate payments or the approval of fraudulent invoices. It flags the submission of fake invoices coming from unknown vendors and purchase order matching ensures invoices are for the exact goods ordered or received. Or approval and exception workflows can be automatically triggered for invoices over a certain amount, coming in from a new vendor or if the amount doesn’t match the PO.
Freed from manual invoice processing, AP staff can focus on exceptions and apply their knowledge to unusual changes in vendor behaviour. They can work with advanced analytics enable to note trends in vendor behaviours and identify changes that may warrant investigation and use audit trails to track down potentially fraudulent activities.
Verification from third-party sources helps prevent identity fraud among new suppliers and vendors during the onboarding process, stopping issues before they arise.
It’s the combination of people, processes and technology which ultimately safeguards a company’s cash. As fraud has evolved and become more difficult for humans to identify, finance organisations need to place a heavier reliance on technology. AP teams armed with powerful and intelligent AP automation technology can do more than win a battle against fraud—they can win the war.
By Andy Mellor, Vice President Australia at Kofax