The title sounds so simple.

Disbursement fraud schemes are by far the most common I have seen in my 30-year career.  You probably didn’t know that you can take a few easy steps, investing just minutes, to mitigate losses from this type of fraud.

Begin by gaining a firmer control of the vendors to whom disbursements can be made. Does your company have a vendor approval process, or can checks be issued to anyone? If the vendor isn’t legitimate, why would you pay them?

Let’s examine a few basics associated with good vendor internal controls.

First, implement a documented vendor approval process and conflict of interest policy. Someone, other than the requester, should spend the time to perform some due diligence, such as researching the internet and secretary of state’s website to learn more about the prospect.  Time invested on the front end may save you a tremendous amount of time and money on the back end.

As a fraud examiner, what would I be looking for?

Initially, I’m looking at a company’s existing internal controls and processes to determine how the system can be exploited. For example, how many people are involved in the vendor procurement process? As with any internal control, the more involved, the better the control.

Key Tests:

  1. Do you have a vendor application for them to complete?
  2. Is the business address a house, P.O. Box or commercial address?
  3. Have you Googled the address to verify its actual location?
  4. Does the location make sense?
  5. Did you check to see if the vendor has a website?
  6. Have you checked the phone number?
  7. Is the phone number a cell number, or is it a landline?
  8. Do you know others who use the vendor?
  9. Has the vendor provided you with a federal identification number or a Social Security number?
  10. Did you inquire whether the vendor has a personal or family relationship or any other conflict of interest with anyone at your company?
  11. Is the mailing address for payment different than the corporate address?
  12. Did you attempt to match the submitted and/or verified information such as address, phone number or identification number to other approved vendors and employees?
  13. Did you search the entity on the secretary of state’s website and check the incorporator, address and registered agent to see if they match any employees?
  14. If you pay electronically, do the account numbers agree with any other vendors or employees?

The fact that one of these issues exists may not necessarily mean there is fraud. But, it should be a red flag to make additional inquiries.

Larger companies tend to have more established internal controls and documented internal control policies and procedures for vendor procurement. They also are more likely to have adequate segregation of duties. Smaller companies that do not have these controls in place are the most susceptible.

Cutting corners to engage – and then start paying – a vendor can be a recipe for financial disaster. Prevent paying a fraudulent vendor by properly qualifying them!

For assistance with performing any of the tests mentioned, or if you need assistance with establishing a proper vendor approval process, please contact Frank Suponcic, CPA, CFE, CFF, at 440-449-6800 or fsuponcic@skodaminotti.com.