The rise of invoice fraud in the age of COVID
How the Global Pandemic Has Highlighted the Need for Invoice Fraud Protection
No matter what business we’re in, we all share concerns about fraud in financial transactions and invoicing. Rightfully so, especially today with accounts payable and accounts receivable staff working remotely.
Back in 2018, global exposed dollar loss exceeded $12 billion due to B2B invoice fraud alone; in the first three months of 2020, invoice and payment fraud increased more than 75%, and between April and May the volume of Business E-mail Compromise (BEC) attacks jumped another 200% per week.
Indeed, fraud and cybercrime are becoming increasingly more sophisticated and varied, and the operational upheaval and security lapses caused by COVID-19 have enabled their unparalleled expansion.
For businesses and governments, the impact can be catastrophic. These incidents cost businesses an average of $200,000, and 60% collapse within six months of the attack. Meanwhile, business fraud, tax evasion and noncompliance are leaving countries across the world with mounting debt from expenditures exceeding realised tax revenue:
- Pushing the Value-Added Tax (VAT) gap to half a trillion euros globally
- Necessitating “unprecedented action” from governments across the world, leading to ever-more stringent mandates on already-struggling businesses
So which types of fraud are most prominent? How has the pandemic precipitated the drastic increase, and how can we protect our businesses in 2021 and beyond? We break down the problem and offer a solution, supported by the Tax and Customs Union for the European Commission.
Common Types of B2B Invoice Fraud
Cybercriminals are constantly innovating to overcome new security measures, and as a financial professional one of your responsibilities is to prevent fraud in your department. The following forms of invoice fraud have proven increasingly prevalent in 2020:
- Compromised email fraud, or phishing, when a perpetrator targets a specific employee within an organisation, impersonating a senior colleague or trusted customer, issuing instructions to solicit a financial transaction
- Under the waterline invoices, through which fake invoices are created with values low enough to be paid without authorisation
- False invoicing, through which fake invoices are created for products or services not delivered with the hope that it will be paid without being scrutinised
- Account takeovers, through which your account or bank account information is intercepted and later used to make payments
- Business identity theft, when a perpetrator opens a business account under your business, acts as the business owner or representative, and utilises this information to apply for credit or open accounts
- Ransomware, when a perpetrator sends you a file that, once downloaded, can wreak havoc on your entire IT system, and then demands a ransom to fix the problem they caused
- Commercial bust out, when a perpetrator sets up a fake business and buys goods or services from you with no intention of ever paying for them
How COVID-19 Has Enabled the Rise in Invoice Fraud
The less secure your invoicing processes, the more likely you are to fall victim to fraud — and the global pandemic has left even the most meticulous billing departments at risk.
With AP and AR teams working in remote locations, with divergent internet capabilities and IP protections, security protocols have been weakened, leading to data breaches, phishing attacks, fraudulent invoicing, and financial losses.
In addition, with centralised administrative functions often in low-wage areas affected by unstable internet and weaker protocols, as well as the increased use of shared computers and mobile devices for business purposes, network and hardware security lapses have increased significantly, exposing organisations to private data leakage and GDPR non-compliance.
While COVID-19 has served as somewhat of an equaliser, exposing all organisations to threats less common under normal business conditions, those that still rely on outdated manual invoicing methods remain most susceptible to fraud. Paper invoices, delivered by mail, and PDF invoices, transmitted via email, are inherently:
- Fraught with unintentional errors
- Far easier to forge
- Prone to interception
- Easily lost or delayed
- Not trackable
- More difficult to archive
- Not validated and undisciplined
- Not guaranteed to be compliant
How Government Regulations Could Leave Your Business Behind
For governments, increased B2B invoice fraud and tax noncompliance mean larger VAT gaps, and suffering economies, so countries across the world are following the recommendations of the European Commission and acting “rapidly and forcefully to limit the economic hardship caused by lockdowns and other containment measures” by mandating electronic invoicing.
As we note in The Impact of COVID on Global Compliance, we’ve observed more than 1,190 individual fiscal measures, with 95% of countries acting to improve business cash flow.
And as a result, companies that don’t digitise their invoicing may find themselves facing crippling fines, or worse. For example:
- In some countries, like Hungary, you could be blacklisted
- In other countries, such as Brazil, your goods could be stopped in transit
- In other countries, including Mexico, noncompliance could be penalised on par with organised crime
What You Can Do to Prevent Invoice Fraud: Best Practices for Protecting Your Business
The impact of COVID-19 has highlighted the detrimental effects that manual processes can have not only financial operations but on the health of the overall business — and how the consistency, visibility, and protective measures that come with automation can make or break an organisation during a crisis and in the post-COVID world.
So, how do you protect against risk and optimise for the long-term success of your business?
- Use a disciplined e-invoicing network that pre-validates invoices
- Ensure your invoice processing is simple and scalable
- Prepare for changing government e-invoicing mandates
- Automate your AP and AR processes
- Use three-way matching
- Implement a policy of no PO, no pay
As Billentis has said, “the digital transformation is no longer an option, it’s the imperative.” But not all AP and AR automation solutions are the same.
We at Tungsten Network process invoices for 74% of the FTSE 100 and 71% of the Fortune 500, enable suppliers to submit tax compliant e-invoices in 48 countries, and last year processed transactions worth more than £164 billion.
- Using Total AP, you upload your invoice to the platform for buyer review, processing and approval, and upon approval payment is sent — and you can accommodate all your suppliers, regardless of size, location or maturity.
- Using Total AR, you submit one file, through any channel, in any format, and deliver all your invoices to all your customers — and you can release cash to the balance sheet and gain business agility.
Find out how Total AP and Total AR can help you prevent fraud, maintain compliance and achieve business agility and world-class performance: