Alternative payment methods – like Square, PayPal, Stripe and Payoneer – represent a convenient and flexible way for businesses to accept payments from customers. On the flip side, however, allowing your employees to pay vendors through these methods can be a risky proposition.
Because these payment methods are still relatively new, there is often confusion around the unique risks associated with them. However, once you understand these risks and common fraud schemes, you can institute a few best practices to prevent your company from falling victim to alternate payment fraud.
Know who is receiving your payment
One of the most concerning aspects of alternative payment methods is the anonymity that these methods provide to the fraudster. While most companies have strong policies for cutting checks or making ACH payments, few have updated these policies to expand controls related to alternative payment methods. Fraudsters know this and are happy to exploit this weakness.
For instance, a standard component of credit card or ACH electronic transactions is the identification of the payee on the credit card or bank statement. Alternative payment methods usually mask these payment details. Instead, the processor name, such as “Square” or “PayPal,” will first appear on your bank statement. In some cases, however, the payee name will only appear on the statement if the vendor has set up their account to do so. In alternate payment schemes, the fraudster vendor will omit their name or use a misleading company name to hide the true payee identity.
To avoid falling prey to a crafty fraudster, companies should institute a policy of tracking down the supporting documentation relating to any payment that has been processed through an alternative payment method. The goal is to verify that the payment was properly approved and is being made to a legitimate vendor. Supporting documentation can include purchase orders or original invoices.
Restrict access to company accounts and cards
Another best practice concerning alternative payment methods includes restricting the number of employees that have direct access to company bank accounts and credit card numbers. Alternative payment method fraud relies upon the fraudster having access to the company accounts; otherwise, he’ll need to devise a different scheme. Restricting employee use of company accounts is also important in investigating any suspicious activity. With limited users, it is much easier to quickly uncover the fraudster and stop them in their tracks.
Monitor your vendor approval process
While alternative payment fraud is still relatively new, it has quickly gained popularity with enterprising fraudsters due to the ease of the scheme and the high dollars involved. RKL’s fraud and forensic accounting team recently investigated a significant fraud where an employee created a fake vendor and used both Square and PayPal accounts to divert company funds to his bank account. In that case, the fraudster was successful because he was able to circumvent the company’s process for approval of new of vendors, had access to the company credit card and was a “trusted” employee.
Time is on your side
Perhaps the best thing to remember is that sometimes it pays to not be on the cutting edge. While these new payment technologies are exciting and can be great ways for smaller businesses to get paid, there is no need for most companies to pay their vendors through these methods. It is much safer to continue to use traditional payment methods (check, ACH or credit card) until you are comfortable that your policies and procedures are ready. In other words, don’t be afraid to take it slow.
It is also important to remember that as the customer, you hold all the cards during the vendor evaluation process. Specifically outlining accepted payment methods in your company’s vendor approval policy will help eliminate the possibility that a vendor will try and seek payment through an alternative processor, like Square.
Finally, it is important to remember how fast technology can change. For that reason, you will need to continually revisit your policies and procedures to ensure that you have controls in place over new payment methods as they are developed.
Whether it’s crafting stronger payment and vendor policies, strengthening internal controls or investigating suspicious payments, RKL’s team of fraud consultants and forensic accountants can help you protect your business against alternative payment method fraud. Contact your RKL professional or one of our local offices today for more information.
Contributed by Jeremy L. Witmer, CPA, CVA, CFE, Senior Consultant in RKL’s Business Consulting Services Group. He provides forensic accounting, litigation support and business valuation services to companies and organizations across a number of industries. Jeremy’s expertise includes reconstruction of financial records, employee theft investigation, damage calculations for litigation purposes, and valuation of stock for gifting, buyouts and marital settlement.
Don’t miss the latest RKL business analysis and insights. Sign up for the monthly Working Capital e-news.
Working Capital blog disclaimer