The good book states that "the heart of man is more deceitful than all else and desperately sick" in Jeremiah 17:9. Though that is somewhat unfortunate it nevertheless proves true day after day...just consider any of your local news reports. Generally speaking they're more tuned into the negative exploits that people perpetrate than the positive ones, primarily because negative news is sensational and boosts tv ratings. Not that this is intended to be a moral feature, but when it comes to accounts payable invoice processing, there's always an unfortunate subset of individuals who are willing to make poor moral choices and seek out ways to exploit the accounts payable process for wayward personal gains. Thus, we feel it's imperative to identify common accounts payable risks so you can prepare for them in advance and not get duped or suffer unnecessary losses in your business.
Seven biggest accounts payable risks to look out for:
- External Fraud
Fraud certainly comes to mind when considering accounts payable risks and there are a variety of ways this can occur. According to The Association of Certified Fraud Examiners, fraud represents a 5% loss on average to most businesses , which suggests a $3.7 trillion dollar issue globally, when factoring the Global GDP.
External fraud that exploits the accounts payable process can be packaged a variety of ways:
Collusion - essentially accounts payable fraud at its worst, whereby an internal employee who has payment controls works in collaboration with an external supplier to arrange for illicit payments to the supplier. This can occur through a payment exploiting duplicate payments or entirely fabricated payments. Once the payments are received by the supplier, ostensibly, monies would be split in a twisted type of profit sharing endeavor.B.Overpayment (kickbacks) - in this ruse, invoices are overpaid, again to a willing co-conspirator, and the overage amount is siphoned off for personal gain.
2. Conflicts of Interest
This is also a major accounts payable risk and can occur when there is limited supervision or loose controls over the procurement and payment processes. Another juncture that can get exploited is in the area of goods receipt and payments. One of the essential structures that should be in place for all of these areas is a sound division of labor which creates a healthy set of checks and balances over who is ordering goods or services, who is receiving them, and who is ultimately paying them.
Another common way that this area can go sideways is when there are gratuities or gifts extended to someone on the requisitioning side of the business. Left unchecked this could mean that a favored supplier gets sweetheart deals that were other suppliers considered may have been more competitive. A healthy practice to deploy to obviate this risk is to necessitate multiple bids or offers prior to engaging with an individual supplier so some due diligence has been established and the selection of a vendor can be justified or audited from a sound perspective.
3. Internal Fraud
This may seem like a derivative of Number 1, but it’s worth separating as its own accounts payable risks. .Under the guise of making legitimate payments to a vendor, a phoney vendor is created and paid. Through this means, the agent making the payments is typically sending themself the money to a third party address or PO box that they access.
Additional Risks and Some Ideas to Mitigate Them
There are other types of internal fraud that can occur, such as those involving check fraud, whereby someone tampers with or intercepts a check payment and funds are redirected to personal coffers. Alternatively, ACH fraud is another ugly means by which unsavory individuals manipulate a business payment methodology to route payment funds to their personal accounts.
It's also prevalent that in these situations repetitive payments are made from an amount perspective, and often run under the radar from an approval threshold perspective. For example, if the amount of the fraudulent payment were to be increased, it may necessitate the approval and intervention of a higher level manager or executive within the paying organization and as such draw attention to the devious activity. As such, one of the ways to mitigate these accounts payable risks is to create visibility around payment issuers including payments history analyses by vendor, amount, and date and assessing for frequency and nearness to the approval threshold.
4. Errant Payments
Hardly as insidious as any of the aforementioned accounts payable risks that we've reviewed, but certainly equally painful, errant payments can be comprised of extraneous, duplicate, or overpayments made to a vendor due to a variety of reasons. It could be that invoices were submitted multiple times by recipients in Accounts Payable and by requisitioners, depending on how the invoices arrive for processing. While that is fairly innocuous, the unfortunate realities of the pains created by this type of error are nonetheless real.
In other situations it could be that the payments made are over the amount of goods billed or received due to flawed pricing information or some other kind of variance even down to fluctuations in tax and freight charge processing.
In a healthy accounts payable process and one that is leveraging accounts payable automation, it's possible to query out against previously processed invoices to prevent duplicate or overpayments before they happen, but for many businesses this type of visibility is limited. Often there is a strain on the invoice processors as they struggle with manual data entry and invoice reconciliation (2 or 3 way matching) that is enough of a struggle to keep up with, that the extra step of fraud detection is just too much to pursue in a manageable fashion.
Further, it's entirely possible that if invoices are being processed from a sheer data entry effort that data entered can result in payment amounts being off due to human error / negligence. Obviously this can be cured through the use of advanced optical character recognition for data conversion or even e-invoicing methods that digitizes the transactions and eliminates many of the error prone data fields from occurring.
In the few remaining items we're going to cover, we'll approach some accounts payable risks that don't involve outright nefarious activity, but rather inadvertent or somewhat negligent circumstances that can be avoided through better process insight and visibility.
5. Late / missed payments
One of the perennial challenges that accounts payable departments face is that of organization and maintenance of a sound payables process. If invoices don't flow smoothly into the processing funnel or take copious amounts of time to trickle in from outlying locations to wherever AP is actually processing the expense, all kind of things can go wrong.
For many businesses, a lack of organization around this juncture leads to invoices disappearing altogether which, as a result, causes the vendor to assess late payment penalties on top of the already owed invoice. For many businesses, this could be averted by getting immediate, up front insight to their stream of payables which empowers them to then take an appropriate action and pay timely.
Beyond the pain of having to pony up whatever the late fee is, the pain of having to go back and forth with the vendor's accounts receivable department and hash it out can place a strain on the accounts payable staff (in an already burdened role) and just create less than optimal supplier relations. As such, it would be our recommendation that accounts payable managers and finance executives consider ways to improve this process through accounts payable automation.
6. Missed accruals / errant forecasting
Another implication of a sloppy accounts payable process is the lack of clarity around the financial forecasting of spend. For many businesses, month end closing presents the challenge of having to accrue pending spend by department (or other criteria). If you don't have visibility with a high degree of accuracy into your process, then you're at best going to have to resort to guesswork to piece together accruals. This is doubly difficult considering point five, if payments are late or missed entirely since you won't have a remotely accurate pipeline of pending invoices.
As such, mitigating this through upstream conversion of invoices to data is really the only remedy as that becomes the enabling factor to creating dynamic insight within the process. Once this is resolved, the burden of having to go out and obtain accruals and forecasting by department is bypassed. This kind of reporting can be done virtually instantaneously through reporting and as such a tighter control is placed over the process which ensures a higher degree of quality from an accuracy standpoint.
7. Lack of an audit trail
When invoice processing is anchored in manual process and invoices and supporting documentation are moved manually or are bound up in on and offline methods of communication, it can be difficult to assemble an accurate picture of how a decision was rendered and why a payable was approved and ultimately paid. This can portend a host of issues for the paying organization and is something that should be addressed proactively. By not having solid insight into the approval chain of custody on an invoice, you are opening the door to issues, especially of the fraudulent type.
If someone is aware that there are poor controls over the process, they may be more likely to try to exploit them in their attempt to enrich themselves. As such, if you can bring visibility with a high degree of accuracy to this area, it will be more likely to discourage a nefarious actor from attempting something illicit.
From our perspective the best way to do this is to engage the use of an electronic document management system layered with both a business intelligence engine and workflow capabilities whereby you can route and escalate invoice approvals based upon your business rules (vendor segregation by approver / department, dollar amount thresholds, etc.). And in so doing retain the invoice history from the time it presents to accounts payable through processing, and then all the way through invoice posting to the ERP and ultimately reconciling payment information to the invoice, for an end to end lifecycle of the document.
When you have something like this, it's very powerful as a holistic view into the process and a safeguard from future fraud activities. Further it's the kind of bedrock data that an auditor is going to look for when assessing a process to make sure quality controls and safeguards are being adhered to and enforced.
There are many things to consider when assessing and curing accounts payable risks within your business. Hopefully this piece has given you some things to think about and we certainly recommend exploring the use of an accounts payable automation system to make enforcing controls and ushering in visibility to your AP data a reality.