Of all the oft-touted benefits associated with accounts payable automation, they typically overshadow their ability to address another concern, one in which AP is particularly vulnerable: internal fraud.
Certainly, many of today’s automated AP solutions help avoid late payment penalties, capture early payment discounts, reduce the number of days that payables are outstanding, and minimize the cost of invoice processing as they should do. But still, most business owners consider themselves immune to the risk of internal fraud and feel that it is the kind of thing that only happens to other companies.
That said, the stats surrounding the frequency and severity of internal fraud may surprise you:
- A lack of internal controls make up 29.3 percent of fraud cases, making it the leading area of organizational weakness.
- According to the Association of Certified Fraud Examiners, the median amount of time required to detect billing, expense reimbursement, and check-tampering fraud is a whopping 24 months.
- Check fraud comprised 77 percent of payment fraud in 2014.
- The accounting department is the largest function engaging in fraud, accounting for 16.6 percent of all internal fraud cases.
As an accounting professional, you are inclined to look at financial data and transactions very carefully. Plus, you have the experience-driven intuition that can automatically raise red flags when something seems “off.” However, for most small business owners, the day-to-day needs of keeping and growing their company will naturally get the most attention, giving dishonest employees the opening they need to take advantage of their employer.
As a trusted advisor, finding ways to safeguard your clients should always be on your mind. So while there’s no way to eliminate the risk of fraud entirely, leveraging technology and data can help minimize this risk considerably.
So how can AP automation help? This article explores three buckets of functionality that can help keep your clients safe.
1. Audit Trails
Among the benefits of a digital ecosystem is the amount of data at your fingertips at any given moment. What used to be an exercise in filing cabinets, sticky notes, and the capacity of your memory has become a mere function of cloud computing. Today, the simple click of a button can provide a detailed and time-stamped view of the entire lifecycle of an invoice or vendor record.
Did an employee make multiple changes to vendor record detail within a short amount of time? Was bank account data for a supplier modified? Was an employee not typically associated with a given vendor unusually active with their invoices?
If suspicion arises, data points, such as general ledger, approved amount, contact information, or banking details, can provide insight in such a way that you know who executed a given action, and precisely when. While not meant to imply wrongdoing or suspicion necessarily, you will no doubt be able to recognize activities that deviate from the norm and are worth a second look.
More than likely it was a legitimate modification, a breakdown in communication, or an honest mistake. To quote Christine Warner in a fantastic article entitled 10 Ways to Identify Accounts Payable Fraud, “trust but verify.”
So how can a busy business owner or accounting manager keep tabs on the pulse of their payables quickly and easily? While fraudsters are inherently resourceful and crafty, some telltale signs may be helpful to raise an eyebrow or pique your interest in a deeper dive:
- Invoices are missing vital details, such as description and quantity.
- Vendor info contains PO boxes or public emails, such as Yahoo! or Google.
- Dramatic change to typical vendor pricing.
- Approved amounts just underneath approval limits.
- Rounded invoice values ($25.00, $50.00, etc.).
- Increases in invoice volume for a given vendor.
- After-hours logins and modifications to invoice and vendor records.
While audit trails cannot necessarily prevent fraudulent activity, they can provide an enormous amount of data should you need it to alert a client, or to put a stop to fraudulent activity in progress.
2. Access Control
You wouldn’t allow just anyone to walk into your office and thumb through your documents. You may even limit the access some people within the accounting department itself have to certain documentation.
With a cloud solution, you can take the concept of access even further, not just allowing team members access to data, but also limiting their functional capabilities. By assigning specific roles to your team, you can ensure that certain functions are restricted to those you choose, preventing anyone else from having access to perform specific tasks.
Maybe you would like to have specific employees approve bills, with others having read-only access. Perhaps you only want certain staff to be able to edit payee records, or you would like to limit the ability for clients to reject invoices or edit details.
With this standard feature of AP platforms, access is controlled digitally, ensuring that members of your team have access tailored to their role within your team, even down to a very granular level.
By doing so, you can systematically segregate tasks to ensure compliance and accuracy throughout the payables cycle. After all, the hallmark of a well-run payables process is the consistent use of checks and balances.
By separating roles for data, approvals, and payments, it reduces the chances for funds to be rerouted or otherwise misappropriated. Among the more common role-based segregations are:
- Preventing approvers from modifying invoice data.
- Disallowing approvers from paying invoices.
- Limiting access for vendor record editing.
- Restricting the ability to modify user permissions.
3. Business Rules and Workflow
An efficient workflow is only as good as your ability to enforce it consistently. Paper-based workflows are notorious for ad hoc approvals and scrambling to make it in time for the biweekly check run.
Along the way, discrepancies can easily slip through the cracks, as can fraudulent payments. Moreover, within the madness of being a busy accountant, reviewing each and every invoice in detail is sometimes just not possible. With an automated solution, business rules enforce these standards automatically and regularly.
Whether it be multiple required approvers, mandatory preapproval review processes, or payee bank account validation, automated business rules prevent the ability to bypass steps required by your business. This also removes discrepancies on noncompliance with internal routing and processing policies – it is enforced digitally and can be modified as needed by assigned company administrators only.
Some of the more common uses of systems and workflows offered by AP automation platforms include:
- Multistep approvals.
- Individual approval thresholds.
- Exception handling workflow.
- Automatic invoice routing.
- Digital PO matching.
The Final Word
Fraud is very real and very costly, but shouldn’t consume your thoughts. With due diligence, regular evaluation of your processes, and a keen eye for things that seem out of place, you can minimize these risks substantially.
Circulus will also be at the Scaling New Heights conference, June 4 to 7, 2017, in Orlando, Florida, booth #82.