By Maximilian Clarke

‘Big Four’ professional services firm, PwC, have reported a sudden resurgence of a scam in which fraudsters imitate suppliers in order to receive lucrative payments.

It all starts with a letter or email: “Dear Accounts Payable department, our bank details have changed to the following. Please can you update your records.” Companies that fall victim to this ’change of supplier bank details’ scam, currently staging a comeback, , may end up paying out large sums to the wrong people, according to fraud experts in PwC’s forensic services.

“Although in 99% of the cases this type of scam fails, in the 1% where the fraudsters succeed, it is very lucrative, with six figure losses by no means unusual,” says Andrew Gordon, forensics partner, PwC. “The combination of the current difficult economic climate and continuing pressure in companies to reduce staff headcount, including finance control functions, is definitely encouraging fraudsters to try their luck with this type of scam again.”

To avoid being the next victim, PwC forensic experts advise companies to take some simple precautions. The first of these is to check procedures for dealing with such change requests. Their tips include:

• Phoning the supplier using a number taken from their website, ideally speaking to someone you know and have known for some time, to confirm the details of the change.
• Making a note of the call.
• Checking if the resulting change to the supplier master file requires a senior level of dual authorisation, for example, the same as for authorising a salary payment run.
• Confirming the change back to the customer in writing, preferably before processing the next payments.

“Companies should also watch out for the giveaways,” continued Gordon. “For example, the letter will often include the invitation “in order to confirm this instruction, please call me on my direct dial number xxx” — this will be an unconnected rented line or a service office manned by the fraudsters.

“Similarly they should beware of supposedly confirmatory emails from almost identical email addresses, such as .com instead of, or an address that differs from the genuine one by perhaps one letter that can be easily missed.”

PwC also advises warning staff of the potential for such a scam because before sending the letters, the fraudsters will often make “pretext” calls to try and get information to increase their chances of success. This includes asking for the names or direct telephone numbers of people in the accounts payable department, or the supplier reference number for a particular supplier or to confirm month end balances payable. Information is also gathered by fraudsters through Freedom of Information requests and via compulsory public sector disclosure requirements. Businesses should make sure they don’t disclose more than they need to.

“Don’t forget to consider also the inside job. Is there anyone in your organisation who could create such a letter him/herself, and then arrange for a supplier’s bank details to be changed? If so, that person probably has too much authority. Segregation of responsibilities between processing and approval remain key along with regular reconciliations and follow up of exceptions,” concluded Gordon.

Join us on
Follow @freshbusiness