In most organizations, fraud is a moving target and often requires an ever-evolving effort to keep pace with technology and new processes. It’s a game of cat and mouse; as controls evolve, so do the schemes to break them.
Take payments as an example. Where once fraudsters sought to engage in check forging schemes, today they often seek to identify holes in ACH and payment security controls. Today’s fraudulent behavior may involve a search for digital alternatives, such as gaining access to configuration data and subsequently changing the receiving bank account for a vendor.
At every turn, people test the perimeters of your security protocols. And as the tools to mitigate risk evolve, so do the behaviors. Look no further than the COVID-19 pandemic for the most recent example. A Fox Business headline proclaimed that “Coronavirus fraud in America topped $124M by end of August,” as a Motley Fool report uncovered more than 184,000 cases of COVID-19 fraud by Aug. 31.
In business, as in the consumer sector, fraud expanded even as travel and related expenses dropped significantly since the pandemic began. As the nation’s businesses rushed to support a remote workforce – essentially overnight — Oversight data showed that the halt in travel contributed to a 63.5% drop in travel and expense spend. Amidst the lower travel spend volume, the same Oversight data reflected a 206.7% increase in spend violations.
Spending down, violations up. Why? One possible explanation — the pandemic introduced unfamiliar employee spend patterns and a bending of policies (to support the rapid expansion of a remote workforce), which inadvertently created opportunity for waste, fraud and misuse. For instance, an unbelievable number of new spenders submitted expense reports for home offices in Q2 2020. Reports showed an increased number of expenses using personal cards or third-party payment platforms, such as PayPal. And, some tested the parameters of acceptable and reasonable spending, expense limits, preferred purchasing channel and vendors, and more.
The pandemic also significantly impacted typical supply chains, which led to some unusual activities throughout the procurement cycle. When offices suddenly couldn’t procure items, such as cleaning supplies from the usual places, they looked to new vendors. They made prepayments. They accepted unprecedented price increases. They opened themselves up to risk.
Across business today, new spending behaviors and can represent new sources of risk to the organization. After all, risk is often identified when conditions, spending, and behavior are “outside the norm.”
So, what do we do? How can we mitigate risk in this “new normal?”
The standard approach to mitigate risk is often through an audit of a sampling of various expense transactions in business has been to manually sample transactions in search of potential fraud, misuse and waste. But in a scenario like the one we face today, the shortcomings of audit as a control are apparent. You’re never going to catch the full scope of fraud risk in an organization reviewing a sample of all transaction or invoice activity. This approach offers only a snapshot of purchase and spending activity rather than providing comprehensive visibility into broader patterns of questionable spend across time and departments.
The solution – implement a more comprehensive review of all spending activity — monitor every transaction, every change in a vendor master list, every line item on the employee expense reports — to detect duplicates, errors, fraud and misuse across employee card and vendor spend. Through continuous monitoring and analysis, AI technology enables organizations to systematically identify anomalies, such as an unusual vendor payment or a vendor master change, to mitigate financial and compliance risks.
When our circumstances are new and unusual, training audit teams is time consuming and less comprehensive. Alternatively, a consistent, technology-based review of every transaction provides the best opportunity to mitigate fraud risk across organization spend activity. The power of AI-driven risk identification and mitigation tools may be the response your organization needs to these unique and unprecedented times.
About the Author
Jon Lawrence is the VP of Product Management at Oversight, a leader in spend management technology. Lawrence is an expert in software product management with nearly 20 years of experience focused on the B2B software industry.
Sign up for the free insideBIGDATA newsletter.
Speak Your Mind