IOFM-Trained AP Hero Prevented Her Organization from Being Bilked for $120,000

March 13, 2019

Share

Strong internal controls and proper training are proven deterrents to fraud. In recent reported cases, Accounts Payable professionals have been able to keep potential malicious intruders at bay, saving their organizations thousands of dollars.

Case in Point

An Accounts Payable manager in Texas recently reported an incident in which she was able to foil a fraudster who had billed her organization for $120,000. Fortunately for her company, the AP professional had recently attended IOFM's 1099 and 1042 conference sessions and webinars. As a result, she was well-versed on internal controls and how to properly set up and vet foreign vendors.

Fraudster Requests a Wire Payment

In January, the Accounts Payable manager received an emailed wire payment request, supposedly from her organization's Manager of Special Projects. She immediately had the impression that something was not right. AP was being asked to pay a whopping $120,000 balance immediately and to email a wire confirmation when done. The invoice looked legitimate enough (see below), but the urgency of the request and the method of payment gave the AP professional pause.

Invoice from fraudster.jpg

Something's Not Right Here!

Although the request seemed authentic to begin with, the AP pro's internal "fraud detector alert" was set off. The person who was requesting the payment via email was a known entity within the organization—the name and title were correct. But something was fishy about the manner in which the request was being made. It was a departure from the organization's standard policies and procedures.

The email read:

I need you to pay the attached invoice today and please email me the wire confirmation when done.

What? Payment Without Paperwork?

Since the email and invoice were questionable—and because the vendor had not submitted the proper vendor master file paperwork—the request gave her considerable pause.

In addition to asking the AP manager to pay a vendor that had not even been set up in the vendor master file, she was being asked to forego the organization's established policies and procedures. According to these policies, a W-8BEN-E was required to validate and pay a foreign vendor. In addition, the tone of the email was a departure from the requestor's customary communication.

Suspecting that her organization's emails had been hacked, the AP manager responded to the requestor asking that a W-8BEN-E be filled out so that the foreign vendor could properly be set up in the system. (Form W-8BEN is required at her organization from non-resident aliens who do work and/or make income in the U.S. or foreign business entities who make income in the U.S.)

Wrong Form Submitted

Immediately, an email response came back. The suspected "vendor" had attached a W-8BEN—the incorrect form (see below). 

W8 BEN_fraud.jpg

Could It Be? Was This a Bona Fide Scam?

At this point, the AP manager was on high alert. She was reasonably sure that the email was not generated in-house but was, in fact, an email that was fraudulently generated using the name of someone from within the organization.

AP Pro's 1099 Training Kicks In

From her 1099 and 1042 training, she was well-aware of the difference between a W-8BEN and a W-8BEN-E. She took an additional step to test her fraud theory and sent two test questions to the bogus in-house payment requestor, saying:

I sent you the correct form for the company (the W-8BEN-E form). The form that the vendor sent is for an individual. Please have the company fill out the correct form. Also, will you be generating a PO in AX when the system gets back up?Sidebar_phishing_rev.jpg

The matter of the correct form and the question about the PO was not answered. Instead, the manager received a reply saying:

Proceed to send the wire payment out due to the wire cut off. I will send the other necessary document once I receive it from the vendor.

At this point, the AP manager refused to issue the wire payment without the W8BEN-E and until the matter was investigated. She immediately followed up internally to alert management and IT of the incident.

Outcome and Advice for Other AP Professionals

As suspected, the email was not generated from within the organization. A fraudster had hacked the organization's email system and obtained the names of company employees. Using this information, the fraudster requested that the wire payment be sent to a fictional company.

The AP manager was shaken by the incident, knowing her organization had been at risk for losing $120,000. Yet she was elated that her training and the AP department's strong policies and procedures had saved the day.

She offers this advice to other Financial Operations professionals: Accounts Payable should never waver or cut corners when initiating payments to vendors, no matter how urgent the request. Follow the rules you have in place to avoid fraud within your organization!

Note: To read another case history of attempted fraud, go to Vendor Fraud: IOFM Training Keeps AP Pros on Their Toes.

 

Subscribe to our Newsletter

You may unsubscribe from our mailing list at any time. Diversified Communications | 121 Free Street, Portland, ME 04101 | +1 207-842-5500