PYMNTS-MonitorEdge-May-2024

How To Catch A Wolf In Supplier’s Clothing

Shutterstock

If you want to catch a thief, follow the money. In B2B payments, that money is moving into the digital realm, meaning cyberthieves are, too. With these criminals using electronic paths to steel corporate cash, the age-old scam of fraudulently posing as a supplier seeking payment from a business has turned into a more sophisticated ploy.

Global information services firm Experian knows this plot well. The company’s director of strategic development, Jonathan Williams, recently told PYMNTS that Experian has been eyeing the rise of digital invoice scams for five or six years now.

On Tuesday (Jan. 5), Experian announced the release of a tool to help businesses avoid getting duped by these wolves in supplier clothing. Bank Wizard Absolute is a tool to help companies verify account information when AP managers key in bank account data into their ERP systems.

It seems a simple strategy — making sure the bank account your paying belongs to the supplier you want to pay — but as Williams explained, the shift to electronic B2B payments makes this verification process tricky.

“It’s quite possible that either through miskeying on an online banking system or through mishearing some piece of information or through some unclear piece of paper that comes across the desk of an accounts payable clerk, information could be keyed in incorrectly,” he said.

This process of manually entering in bank account information can lead to a few outcomes if a mistake is made — neither of which are good, Williams explained.

In what he says is arguably the best case scenario, the incorrect bank account information leads to payment made into an account that does exist; in which case, these pay-side businesses will see their payment bounced, and bottom line cash flow levels will be negatively impacted.

In the worst case, that payment actually goes through to somebody else entirely, leaving that corporate buyer — and its supplier — without money in their pocket.

It’s this latter case that invoice scammers are taking advantage of, and according to Williams, it’s becoming more prevalent.

“What we’ve seen over the last few years is that these fraudsters target specific types of industries with very high values of payments,” he said, adding that invoice scammers can cheat a business out of potentially millions of dollars. “In the last few years, we’ve seen it become more prevalent. Fraud measures have improved on a number of different payment mechanisms, so the fraudsters have just moved to where they think they can get the best return for their investment of time.”

Where they’re moving to, Williams said, is the B2B landscape, which is migrating to digital payment methods. Today, there are an array of factors that make the current market conditions vulnerable to being targeted by invoice scammers, he added.

“In the U.K., small and medium-sized businesses are starting to move away from using checks to make payments and moving to electronic payments and online banking,” Williams explained. “Especially with the trend of faster payments in the U.K., being able to pay suppliers on time and initiate those transactions slightly later gives them a bit more flexibility in their working capital.”

But this also creates opportunity for the invoice scam, he said, adding that cybercriminals are also moving to electronic mechanisms to seek payment.

In the U.K., Williams pointed to the construction industry as one he has seen with a high instance of these types of crimes. Fraudsters will pose as seemingly legitimate construction companies working on high-value deals with other businesses in industries like health care or education.

The appeal of these companies for cybercriminals, said Williams, is their supplier networks.

“It tends to be the sort of market segments where there are large sums of money, which see big invoices day in and day out,” he said. “In some cases, it’s not easy to go verify all of the details of the many suppliers those organizations are dealing with.”

He added that a health care company, for instance, may be dealing with thousands of different suppliers, meaning tens or hundreds of little changes to bank account information made every month that AP associates need to keep track of.

“The question is: How can an accounts payable manager verify that all of that information is correct and all payments are going to their right destinations?” Williams asked.

[bctt tweet=”‘The question is: How can an AP manager verify that all information is correct?'”]

Experian’s answer to that question is Bank Wizard Absolute. And if Williams’ musings on the rising pervasiveness of invoice scammers is correct, the market will likely see new solutions to help combat this type of fraud.

But whether it’s to protect against an invoice scam or to avoid the cash flow issues that can arise from data inaccuracies in the accounts payable department, Williams stated that it is “absolutely vital” that businesses, especially SMEs, verify bank account information. Cyberpayments crime isn’t just a problem for consumers, he explained; it’s hitting businesses and becoming more sophisticated.

“We’ve seen the same sort of fraud of using someone else’s bank account initially start out with consumers. But in the U.K., the fraudsters are now targeting businesses as well,” Williams said, adding that for cyber and financial security firms, this means a potentially big market. “Invoice fraud, or supplier fraud, is one of those areas which is ripe to be taken over and to be further exploited,” he noted.

PYMNTS-MonitorEdge-May-2024