Will You Be My…Vendor Bank Account Verification Expert?

by Ashley Poynter

Content Manager

Will You Be My…Vendor Bank Account Verification Expert?

It’s February, the month of love. To celebrate, we’re honoring V-Day, but we don’t mean Valentine’s Day. Nope, for us, the “V” stands for verification – vendor bank account verification – something we’re quite passionate about.

We’re inviting you to join us in expressing love for this very important work , and we’re going to provide all the information you need to make your heart go pitter-patter about it.

So grab your bag of candy hearts as we dive into all things vendor bank account verification!

Fraud, A Love Story

Oh Fraud, Where Art Thou?

Roses are Red, Violets are Blue, Manual Processes Make Fraudsters Love You

Automating to Avoid Heartbreak

Get Ready For Vendor Management Appreciation Day 2024

Want Help Aligning Teams on Vendor Bank Account Verification?

Interested in Tips On Vendor Bank Account Verification?

Want Personalized Guidance on Vendor Bank Account Verification?

Fraud, A Love Story

No, we’re not talking about the hit from Taylor Swift (though, if she happens to be reading this, we wouldn’t be mad about a remixed version on vendor fraud).

We’re talking about how endearing bad actors find it when you skirt necessary layers of security and open a doorway for their fraudulent shenanigans.

Fraudsters are on the lookout for vulnerabilities in both your vendor onboarding processes and the financial system. The FBI reports that cybercrime losses totaled $10.2 billion in 2022 and the AFP’s latest Payments Fraud and Control Survey adds some color:

63% of survey respondents said their organizations faced fraud activity via checks.
Nearly half (44%) of payments fraud victims in 2022 were unsuccessful in recouping any of the stolen funds.
Wires are a top payment method used in business email compromise (BEC) attempts, according to 45% of respondents.

The Anti-Phishing Working Group (APWG) adds that social engineering attacks are up, too. It recorded nearly 5 million attacks in 2022, with callouts that:

Phishing attacks are on the rise – up 150% year-over-year since 2019
Phishing attacks totaled 1,350,037 in the last quarter of 2022 – a 6% increase from the previous record quarter
On average, a BEC attack attempts to steal $132,559

Fraudsters are not slowing down. They are getting increasingly creative – whether it’s pretending to be your vendor or pretending to be your boss. They can easily use spoofed emails and other tactics to defraud organizations like yours – all without you being any the wiser. This is even easier when you don’t have proper vendor bank account verification procedures.

That is to say, if you’re not verifying bank accounts and ensuring the authenticity of vendor account information, you’re leaving yourself wide open to a ton of risk – and financial (and reputational) loss. Here’s a cartoon break that puts it in perspective:

Oh Fraud, Where Art Thou?

So what does fraud look like? It comes in many shapes and sizes, Let’s look at a few ways fraudsters can scam their way into your heart bank account.

Check fraud – This is an oldie but still a goodie in the eyes of fraudsters. With check fraud, bad actors forge checks (or create counterfeit ones) and use them to steal funds from your organization. In fact, check-washing scams are on the rise. According to Nasdaq, they cost $815 million each year. It happens when a fraudster erases the payee name and dollar amount from a check with a chemical solution. They then rewrite the check, allowing them to cash it and steal money from an unsuspecting victim.

CEO fraud – We’ve talked in detail about this one – a fraudster favorite. This happens when a bad actor uses the name of a top executive (usually the CEO) to send an email. The catch is that the email is usually not the exact email address of the exec. It might end in a .co when your organization’s email domain is actually .com. It can wreak havoc on the entire organization – especially if the culture is permissive of broken processes.

Vendor email compromise – This is similar to CEO fraud in that it’s a phishing attempt. Instead of pretending to be your CEO, fraudsters impersonate your vendors. So you might receive a banking account information change request from someone you think is your vendor – but who is really a fraudster lying in wait. All it takes is one person to push that request through and ::poof:: money gets sent to a fraudulent bank account.

These fraud scams are most likely to occur when organizations don’t do due diligence aka vendor bank account verification. The fraudsters are counting on this for their payday.

So vendor bank account verification is an essential business process, but what does that mean?

Roses are Red, Violets are Blue, Manual Processes Make Fraudsters Love You

Trust us, no one wants to be on the receiving end of a love letter from a fraudster. Yet, that’s exactly the position many procurement and finance teams put themselves in by relying on manual vendor onboarding processes. This is especially true in a post-pandemic, digital-first world that has spawned an entirely new and sophisticated segment of fraud actors, as Linda Miller, CEO of Audient Group so eloquently describes below:

Think about the purpose of vendor bank account verification: to validate the legitimacy of the ownership of a bank account so you know that when you make a payment, it’s going to the right party. The problem is that manual verification processes have holes. They are error-prone because they rely too much on humans – humans who are at times busy, cranky, distracted, and imperfect. For example:

Collecting a voided check or account info on bank letterhead

This is an old-school way that predates the digital age. When vendors and organizations primarily exchanged information via snail mail (like W9s and remit details), it was much harder for fraudsters to commit vendor impersonation fraud. But in the digital era where emails rule, new doorways open. Emails can be hacked or spoofed and letterhead can be easily forged. Organizations must dig deeper to confirm the authenticity of bank account information – and it shouldn’t involve collecting paper documents.

Calling the vendor to confirm the change

This method is rife with the possibility of error, too. Firstly, there’s no good way for AP staff to confirm they are speaking to the actual vendor, especially if the “vendor” is returning a call from an unrecognized number. Even calling the vendor back at the official corporate number is not a failsafe. Why? Because what happens when the AP team is stationed remotely? And what about creating an audit trail to document the verification process?

Multiple internal approvals for changes

This one is a little trickier. On the surface, yes – having multiple levels of approvals, especially for change requests, is good. You have more eyes on the verification process and more opportunities to spot a mistake or a fraud.

BUT.

Internal approvals as the only failsafe in your vendor bank account verification process is asking for trouble. For one thing, it’s prone to cause chokepoints on the entire vendor onboarding process. Secondly, it adds to the administrative burden, which can also slow down your entire operation. You’re left with inefficiencies and a larger workload for nearly everyone involved – layered with competing priorities and internal politics. And let’s not forget the impact on morale that people in these positions face. They are the only ones standing between you and a potential million-dollar fraudulent payment. Pressure, anyone? Listen to Rodney Harris of Cabarrus County describe the toll this can take in harrowing detail below:

None of the above are attractive (or effective) ways to go about vendor bank account verification. What’s more, they are all reliant on manual time and effort, placing greater pressure on a vendor desk that is already strapped for time and resources.

Automating to Avoid Heartbreak

A robust vendor bank account verification process can guard against the heartbreak of being duped by fraudsters – or of simply making a mistake. Automating vendor bank account verification not only removes human error from the process and eliminates the potential for fraud but also allows procurement and finance teams to refocus on value-adding initiatives.

Using an automated platform that completes the vendor bank account verification process within the platform helps to secure ACH payments and gives the vendor desk a break from carrying the mental load of a potential fraud happening on their watch. (If you’re curious about how this works, we can show you).

Not only can this streamlined method of vendor verification keep payments secure, but it can also ensure that any changes or updates automatically go through compliance and security checks. And there can be a digital trail of approvals. An automated platform that uses multi-factor authentication during the vendor onboarding process also virtually eliminates the risk of an account takeover.

And if that doesn’t make your heart sing, I don’t know what will.

Get Ready For Vendor Management Appreciation 2024

It’s February and love is in the air. But if you know anything about us, love for vendor managers is in the air year-round. That’s why our hearts are already bursting at the seams with excitement for the next Vendor Management Appreciation Day (VMAD)! That’s right! The celebration continues in 2024!

As a reminder, VMAD is a year-long party to honor one of the most critical, under-recognized roles across industries: vendor management.

VMAD is a brand-new holiday geared toward unifying vendor management professionals and celebrating innovation in the field.

We’ve released gifts each month to help you supercharge your vendor management efforts. We’re also planning some awesome events so everyone can connect and celebrate the important, strategic role of vendor management.

Learn more here, and grab some free vendor management goodies.