By Mohammed Hans, CIPFA procurement network advisor
A genuine invoice can be intercepted by fraudsters who alter bank details to an account under their control, while public bodies can be contacted by individuals – under the pretence of a bona fide supplier and get the account details to be changed.
How to detect the fraud?
Typical signs to look out for include receiving invoices where the company logo appears blurred or there are no payee details, email addresses that have been subtly changed using a different suffix like .org or .com or .co.uk instead of the usual .gov email address ending.
Other actions that can be taken to help protect organisations against invoice fraud:
- You should confirm bank account details if an attempt is made to alter account details using your usual designated contact person a the suppliers and not the contact on the invoice with the changes unless they are the same;
- Train and make staff aware to check invoices thoroughly and for any irregularities;
- Confirm with suppliers where details have changed before the next payment is due that the correct changes are recorded on your system, taking care to contact the correct business;
- Establish a threshold, where payments above this level will mean setting up a meeting with the business to confirm account detail changes.
- Limit the display of suppliers on websites (only give information which is generic and widely available).
In other research findings on fraud, Ernst & Young believe companies could save millions of pounds by analysing the emails of suspected employees. The most common words used by rogue traders and fraudsters when emailing about their plans at work have been revealed by investigators working with the FBI.
'Cover up', 'write off', 'illegal', and 'failed investment' were used most often by employees carrying out rogue trading and fraud. Researchers say the analysis of emails written by employees under suspicion could save companies millions of pounds by flagging concerns before money is lost through fraud.
'Special fees' and 'friendly payments' were regularly used in bribery cases and phrases such as 'do not volunteer information' revealed concern at getting caught out.
Top five fraud words/phrases
Nobody will find out
Also in the research, investigators found that employees often disclose their reservations about the plans with phrases such as 'want no part of this' and 'don't leave a trail'. They also try to rationalise their behaviour in emails by saying 'not hurting anyone', 'won't miss it', 'fix it later' and 'told me to'. This could be particularly relevant in current austere times where staff may be over looked for promotion or pay awards.
Mohammed Hans, Procurement and Commissioning Network.