Category Fraud/Crime

KPMG: Payment fraud on the rise

02 July 2014 KPMG

KPMG has noted a new trend in relation to business fraud which poses a serious risk of significant financial loss.

A payments fraud scheme is on the rise exposing businesses to potential financial and reputational loss. Fraudsters target companies by pretending to be from suppliers and divert otherwise valid payments to the fraudsters bank account.

Fraudsters seem to be targeting businesses using supplier or vendor bank account details. In one such case, a fraudster contacted an individual, a relatively junior staff member, in the accounts department and said that they were calling from one of their suppliers who wished to inform them that their account details had been changed. The accounts clerk, as normal, requested proof of the change in bank details in the form of:
• a signed and stamped letter from the bank confirming the change in bank account details; and
• a signed letter from the supplier on the supplier’s letterhead, confirming a change in bank account details.

The requested (forged) documents were then provided in a matter of minutes via email communication. The documents appeared to meet the requirements necessary to execute the change of supplier bank details on the system. Email spoofing tactics - which involve using technology tools to disguise the source or sender of an email, and make it appear as though it had been sent from a legitimate email address - are normally used to send the requested documents.

The fraudsters take the time to gain an understanding of the business and establish with which suppliers businesses deal as well as which individual in the accounts department to target. In some instances supplier account details are altered, and as soon as the payment is processed, the records are restored. This happens in cases where the fraudsters work in collusion with internal accounts personnel.

Possible solutions

KPMG suggests implementing the following proactive solutions:
• Institute a process in which approval from at least two senior members in the accounts department is required before any changes to supplier details are made.
• Make a simple call to your regular contact at the supplier to confirm the change in details.
• Verify all the details (e.g. address, phone number etc) on the change letter and whether the signatory is employed at the bank issuing the change letter. The details supplied by the fraudsters are usually fictitious and are designed to obfuscate verification thereof.
• Put in place regular data analytics or monitoring procedures to identify recurring changes in supplier details.
• Ensure that all supplier invoices reflect bank account details and the relevant purchase order number before being processed for payment.
• Allocate a dedicated supplier number to each supplier, to be quoted on the invoice for identification purposes.
• Consider an arrangement whereby only duly authorised individuals in the supplier firm sign each invoice for comparison with a signature held by the creditors department.

Quick Polls


The shocking crime and motor vehicle accident statistics shared during a recent SHA presentation suggests that group personal accident and personal accident cover are a no-brainer. Do you agree?


Not sure
fanews magazine
FAnews April 2024 Get the latest issue of FAnews

This month's headlines

FAIS Ombud lashes broker for multiple compliance blunders
TCF… a regulatory misfit initiative?
The impact of NHI on medical malpractice insurance
Fixed versus variable: can you have your cake and eat it too?
The future world of work
Subscribe now