Stampli Warns: As Regional Banks Come Under Pressure, Beware Accounts Payable Fraud

Amidst the chaos pervading the regional bank industry, companies should take steps to avoid being victimized by scammers trying to submit false banking information to obtain fraudulent payments, according to Stampli, the leader in AI-powered Accounts Payable automation.

Fraudsters impersonating a business’s existing vendor might contact Accounts Payable departments, claiming that they had to switch banks and asking to update the vendor’s payment details with fraudulent account information. Their messages often include a sense of urgency to pressure the recipient into taking action without verifying the information.

This scam is effective because many vendors actually are switching banks for genuine reasons, including to mitigate risk in this period of banking uncertainty.

Recommended steps to prevent AP fraud
If the AP department accepts their request, future payments will be routed to the fraudster’s bank account. In order to prevent scams, it’s incumbent upon AP departments to follow strict protocols, including:

Always independently verify account change requests through the vendor contact methods already on file, regardless of the contact information provided in the request
Scrutinize email addresses closely, as scammers often create email addresses that closely mimic real ones
Ensure that all vendor information is kept up-to-date and accurate, to aid in the verification process when requests for changes are made
Educate all employees, but especially those in Accounts Payable, about common scams and pressure tactics, and train them to follow business protocols in such circumstances
Create a reporting mechanism for sharing and validating suspicious requests

“My advice is simple: Never assume you’re not under threat,” said Eyal Feldman, CEO of Stampli. “Any time money is changing hands, you should assume there are scammers looking for a way to get their hands on it. The good news is that with proper protocols and tools, accounts payable teams can stop fraud before it starts.”

How the nation’s leading potato grower prevents AP fraud
CSS Farms, the second largest potato grower in the nation, is a vertically integrated potato farming company with dozens of facilities across 10 states, including greenhouses, seed farms, and commercial chip potato farms. This year, they expect to farm 26,500 acres to produce more than 11 million CWT of potatoes (which is equivalent to more than 1.2 billion pounds).

During the harvest season, the AP team is processing thousands of invoices a month for nearly as many vendors. According to Vanessa Larimore, Accounts Payable Manager, CSS Farms does see fraudsters attempting to change vendor bank information — but none have been successful. “When it comes to banking information, we have a number of policies in place that require double checks or extra validation,” says Larimore. “For example, if we receive a payment-related email from a vendor, we never call the number they give us — instead, we always Google the main number. In addition, we have software-based controls, such as requiring secondary approval to change a vendor’s bank details, which doubles the likelihood that any fraudulent activity will be caught.”

Larimore also recommends using bank validation software, which she gets from her business bank. This software lets her team quickly verify account owner information and check the risk level of accounts in real time. Certain risk factors, such as accounts that were very recently created, are flagged for extra scrutiny.

“The best practice is to never take an email at face value,” says Larimore.

How Stampli helps its AP automation customers better protect themselves
Stampli is an AI-powered Accounts Payable automation solution that brings all of a customer’s AP-related communication, documentation, and workflows into one place. This centralization offers a number of benefits that happen to protect against both the fraud described above as well as other types of fraud. These include:

An invitation-only Vendor Portal that facilitates the collection of bank information, which places additional authentication obstacles between a fraudster and their goal
Automatic notifications for AP staff to securely review and approve changes made to a vendor’s bank information, with a full audit trail of changes made available to the AP team
Configurable payments that can be set to process only when a vendor is fully compliant with company policies, such as required documentation or verified bank details
Vendor records can only be created in the ERP and synced to Stampli, keeping the ERP as the source of truth and ensuring permissions for vendor creation are strictly controlled
Multi-factor authentication for AP staff with access to sensitive vendor and payment information, which reduces the likelihood of improper account access
Strict segregation of duties that ensure no one person has the privileges to both pay bills and update bank details, which protects against insider threats

“Among the many benefits of Stampli’s AP automation solution are the numerous safeguards that help prevent fraud,” said Feldman. “A combination of vigilant policies and robust tools make a company more difficult for fraudsters to target.”