Mistakes & Fraud Edition
Mistakes are going to happen in any business, at least any business that involves humans. There really isn’t any way around it. And mistakes with your vendor management process can end up being incredibly costly to your organization. In fact, we're sure that right now, someone on your staff is losing sleep over the fear of being the person who makes a costly mistake.
While eliminating human error would rock, it's not a realistic outcome. Your goal, instead, should be to recognize the weak points in your process where mistakes can occur, and to arm your staff with solid procedures and tools to backstop the jobs they do.
For a quick primer, here are three ways your vendor master is costing you money, along with some practical advice on how to keep those costs down.
Employees outside of AP collect vendor payment information
How this costs you:
- increases opportunity for fraud
- increases time spent onboarding vendors
- non-AP employees spending time on functions not integral to their jobs
You would never ask a goalie to take a penalty shot, a fireman to perform heart surgery or a lawyer to change the alternator on your car. It's just not their job. So why are you asking somebody who isn't in procurement or accounts payable to collect tax ids, remit addresses, and W-9s?
Expecting employees who aren't familiar with collecting and vetting the credentials associated with vendor onboarding to do this collection, positions them as a ‘go-between’ the vendor and your AP department. This not only opens your organization up to the mistakes that come with the other four items on this list, it wastes tons of valuable time.
While you may want your employees to have the say in who they do business with, having a central point tasked with collecting vendor documents will eliminate many potential fraud vectors and reduce many of the hidden costs that go into the $100-200* you pay per year to onboard and maintain each vendor.
*PaymentWorks customer data point
Accepting unconfirmed vendor information into your ERPHow this costs you:
- returned checks for incorrect addresses
- charges for returned ACH for incorrect routing or account numbers
- time and effort finding, correcting and reissuing payments
- B notice fines from the IRS for incorrect 1099s
- but most of all, it costs you with #3 below
If you already have a main point that collects all of this vendor info, good for you! Next I’ll ask if you're leaving it up to an employee to use their own judgment to determine if what they have collected is legit? Better yet, if changes related to what is already in your ERP (a name change or a banking change request) are legit? If so, you're opening yourself up to a world of hurt.
Giving your staff tools to confirm the vendor credentials relieves them of the significant stress of attempting to ascertain what is true and what is a scam. By using third parties to confirm credentials like TIN, address and banking, your organization will have much greater peace of mind.
Which leads us right to the primary driver in all of those sleepless nights:
Bad actors and social engineering
How this costs you:
- paying a fraudster instead of your vendor
- potential litigation with your insurance company to cover the money you lost
- reputational harm
- possible loss of your job
This one is the big fear: payments fraud. Social engineering is the easiest way for a fraudster to steal your cash. It doesn’t even require the savvy of a computer hack (though it often starts that way). Social engineering is essentially when one party uses email or the phone to trick another party into doing something they believe is legitimate — usually involving transferring large sums of money into a fraudster’s bank account. These types of fraudulent scams can happen on scales large and small- you probably read about them every day.
If your current process allows for payment details to be changed because your AP staff received an email with new banking instructions, then please put this risk at the top of your list of ways your vendor master is costing you, because sooner or later, someone is going to get fooled.