Tungsten Network’s own research shows that SMEs in the UK are losing a staggering £9bn through invoice fraud every year. This equates to £1,658 per SME. Of those affected, one in six firms believes the fraud has cost them more than £5,000 in the last year alone.
What’s more, the rate of invoice fraud is accelerating. Over half of businesses (54 per cent) view it as their single biggest threat – more so than losing a major contract, a member of staff, or competitor activities.
A big contributory factor is the format invoices arrive into a business. Nowadays, an invoice might be a paper document, a PDF scan of a hard copy or totally electronic. It could arrive via post, email, web portal, or uploaded directly to an accounting system.
It could even be a confusing combination of options. As a result, there are multiple ways for criminals to corrupt an invoice or the invoice process and employees must be vigilant to thwart all the potential scams.
Also, where invoices are arriving via email, they don’t always get sent to the employee with responsibility for finance. This means everyone in a business needs to be alert to the potential for fraud and understand their part in identifying something suspicious before sending it on.
Of the 1,000 companies surveyed, 47 per cent have received a fraudulent or suspicious invoice in the last year. Tactics have included: viruses embedded in email attachments; unknown invoices sent via post or email; modified bank details; and duplicate invoices. Often criminals take information that is readily available on the internet to ensure the bogus invoice looks identical to the invoice of a legitimate supplier.
SMEs are particularly vulnerable to invoice fraud because of their limited resources. 95 per cent of all businesses in the UK are micro businesses employing less than nine people, so they often lack back office support.
This means owners carry the burden of managing every aspect of the business, including the payment process. A sole trader may spend long hours running the business, not having much time to inspect each invoice and cross-check prices against original quotes, or indeed actual goods or services delivered. Firms are losing hard-earned money simply through missing a change in a digit here or there.
For companies that operate globally there is even more risk. The more countries you operate in and the more complicated your payment process, then the more opportunity fraudsters have to target your business.
For example, cross border transactions could have VAT and other forms of tax applied across different locations. In addition, there are certain higher risk parts of the world where you need to be particularly alert and agile to understand the complexities of operating in that market and how to protect your business.
Read more on fraud:
- From phone calls to online: Preventing fraud across all business channels
- Avoiding falling prey to risky invoices
- Advice on being proactive to safeguard against fraud in the workplace
Businesses are often even more at risk at this time of year. Summer means holidays for the vast majority of staff, which in turn means teams get stretched and mistakes get made. Where less knowledgeable or temporary staff are involved in the invoice process, it becomes less secure. They are less likely to consider the risk of fraud and are not as equipped to spot potential scams.
Businesses of any size are at potential risk, but small businesses are likely to find it harder to recover if they are unlucky enough to get stung. Help is at hand and suspected criminal activity can be reported to Action Fraud, the UK’s national centre for reporting fraud and internet crime, but stolen money can be tricky to trace and recoup, leaving SMEs out of pocket.
Another useful source for information is Financial Fraud Action UK’s website, as they produce a useful short leaflet on invoice fraud to assist SME’s in recognising and protecting their business against fraud.
Flagging up the issue to all staff, no matter what the role, is vital. Another way that a business can fight back is to move over to electronic invoicing.
The real strength of adopting a technical solution is that it shifts some of the responsibility for checking an invoice from your finance team to a highly sophisticated, automated-service provider that is expert in validating invoices. To an extent, therefore, an e-invoicing service provider does some of the checks and balances in relation to invoice fraud for you.
For example, the service provider can check duplicate invoices against the system to avoid criminals copying an invoice and a business paying out twice for the same thing. In addition to automated rules, the move to electronic also makes the invoicing process more efficient and therefore easier for your business to react to fraudulent activity once it is detected.
UK SMEs face all manner of challenges. With the correct protective measures in place, there is no need for invoice fraud to cripple companies. But in the current financial landscape where companies receive a mix of paper and electronic invoices, it is also critical that businesses educate their staff about the scale and financial impact of invoice fraud, and train them to detect it.
Lucy Ashdown is head of compliance at the Tungsten Network
These are the three abnormal lurking places for digital fraud.
Share this story