Invoice processing as our shield against the 5%
Curiously, the answer lies in the fact that our defences against fraud perpetrated by or against the organisation overlap to a significant degree and these defences rely on a combination of robust process supported by smart IT. By looking at fraud in the whole we can develop robust defences and our Accounts Payable and P2P processes and people are very much the front line in this battle.
And just to remind ourselves, it not just fraud. It is reported that globally up to 5% (ACFE Association of Certified Fraud Examiners 2022) of invoices may contain errors. If you consider your payments run each month, what does 5% look like? Of course, not all errors are fraudulent but some most definitely are and we’d like our invoice processing systems to help identify potential risk however it arises.
Fortunately, modern invoice processing systems use a variety of technologies to automatically extract data from in-bound documents and then apply ‘intelligence’ in the form of context and understanding of your business processes. Invoices that clear your ‘high bar’ of compliance can usually be safely automated, that is not seen by a human. Invoices that don’t ‘clear the bar’ should be referred to your AP team, procurement or back to the vendor as your business processes require. The beauty of automation is that it creates time and space for your AP team to manage the exceptions. However, such automation needs to reflect your attitude to risk.
Reflecting your business rules in your invoice processing system provides a powerful weapon in support of your AP, P2P and compliance teams when combatting payment risk. These rules are the underpinning of your approach to automation. Therefore, you should actively work with an invoice processing system and partner that allows you to implement your own business rules and ‘guardrails’.
Thinking about the potential risks and the help that your invoice processing systems, supported by P2P, can offer:
| Error | Fraud | Solution |
|---|---|---|
| Same invoice sent twice, duplicate | Same invoice sent twice, duplicate | Invoice processing system flags invoice number, date and vendor combinations on receipt – well before payment |
| Fictious suppliers Spoofing / hijacking of legitimate suppliers |
Vendor (supplier) master data control. Robust process around maintenance of vendor details within P2P systems combined with referencing and validating against the latest vendor details by your invoice processing system. Validation of bank account details extracted from the invoice versus master data. Understanding of valid bank accounts for the same supplier in different territories / context. Apply context around email addresses – are they what we expect for this supplier? |
|
| Invalid invoice e.g. no invoice number, tax etc. | Invalid invoice e.g. no invoice number, tax etc. | Invoice processing system understands mandatory information in context. |
| Duplicate line items and other invoicing errors. Missing goods. |
Duplicate line items and other invoicing errors. Missing goods. |
Invoice processing system can check detail lines versus totals (goods, tax, shipping etc.) as an indication of simple transposition errors in manual and handwritten invoices. 3-way matching by your AP system is the trump card here. By comparing the invoice to the PO and the GDN invoicing discrepancies will be flagged. Using approved POs is a great defense but it isn’t always practical in all industries and for all vendors. Sometimes vendors are engaged dynamically – understanding that non-PO invoices attract more risk is a good starting point. Open ended POs can also be abused. |
| Ad-hoc employee errors | An employee bad actor raising a false PO and then managing an associated false invoice through approval and payment. |
Use your AP system’s workflow management to segregate tasks e.g. raising POs versus invoice approval versus payment approval. Use your approval process to trap unauthorised transactions. Don’t allow employees to bypass the process for ‘special cases’. |
| Supplier and employee general errors | Co-ordinated fraud between vendors and employee bad actor. | Think about anomaly detection in your AP system playbook. What are our business rules? What patterns and behaviours would we consider unexpected? Examples might include payments to new vendors, values targeted to fall under approval thresholds, rounded invoice values etc.? Implement relevant checks via business rules in your invoice processing system |
| Poor or non-standard quality invoice from ad-hoc suppliers e.g. handwritten invoices, timesheets etc. | Poor or non-standard quality invoice from ad-hoc suppliers e.g. handwritten invoices, timesheets etc. |
The invoice processing system may well do a pretty good job and making sense of the document and extracting the data. However, such documents should be flagged as high risk. Your invoice processing system should support e-invoicing. E-invoicing greatly reduces the risk of loss from error or fraud. Not all vendors can work with e-invoicing but wider conformance with e-invoicing will come into place over the coming years (UK April 2029 for VATable B2B invoices) |
| General quality management | General fraud defense. | Lastly, but very much an encouragement / deterrent, let it be known that your AP system is auditing every action. Transparency is a great defense – conversely, if process is opaque and can’t be described, there may be greater risk. |
Summary
Think about that 5% payment error rate. Use your P2P and invoice processing systems to reduce the risk of error and fraud. Think about fraud in the whole, what are the risks? Where are our weaknesses? Deploy flexible invoice processing technology that works with your business to catch problems before they reach the payment run.
Call to action
If you are interested in how inSTREAM's intelligent AP invoice processing can help you management your defenses against payment errors and fraud, contact us today for a discovery call: celaton.com/company/contactus
Useful reference sites:
Accounts Payable Association Accounts Payable Professionals | Community | AP Association
Association of Certified Fraud Examiners
