TT Talk - Procurement fraud

man at his desk with his head in his hands_s

In the ordinary line of business, companies transact with numerous other businesses to support their activity. Whether it be for freight services, key commodities (such as fuel) or simply stationary supplies, purchases are frequent and almost exclusively these days completed electronically, giving rise to increased risk of fraud through the procurement process.

Continuing our fraud awareness series, we here highlight procurement fraud, which affects businesses throughout the global supply chain and is particularly facilitated by today’s fast-paced digital environment. 

In mitigating the risks, effective due diligence is critical. Regardless of value or frequency of a purchase, or whether your supplier is on the same industrial estate or another continent, the same fundamental rule around due diligence applies: know at all times exactly who you are dealing with.

Know at all times exactly who you are dealing with

There are many common procurement fraud schemes. Here we focus on two: duplicate or false invoices and the phantom vendor. 

Duplicate or false invoices

What is it?

Such invoice frauds involve the intentional submission of false, duplicate or inflated invoices, purportedly from an established supplier or contractor. These are in fact submitted by a fraudster infiltrating the process to deceive your business into paying amounts not due. 

Inevitably, any payment made will fall under the control of the fraudster. The erroneous transaction will take time to be revealed, by which stage the funds will have been transferred, typically through a series of other banks, and lost forever.

This type of fraud requires a degree of sophistication, building a profile of the type of transactions your business makes, with whom, with what frequency and at what approximate values. Recognise that profiling a victim, infiltrating email exchanges and digitally altering documents require relatively low investment in cost or expertise. It has never been easier to generate an invoice that looks genuine and does not attract additional scrutiny.

It has never been easier to generate an invoice that looks genuine

Those conducting this type of fraud will typically use spoof email addresses and target individuals they have been monitoring, placing them under pressure to pay an invoice immediately. The fraudster may pose as a known contact, using an almost identical email address and a familiar tone of language. They might claim that the invoice is already overdue or assert negative effects on credit ratings or commercial standing, and threaten legal action in the event of non-payment to force the transaction through.

How it happens – a real life example

X Logistics purchases all truck fuel from Y Oils. One day, when staffing levels are low due to a seasonal holiday period, somebody purporting to be from Y Oils contacts John, who works in the accounts department of X Logistics. The Y Oils representative is irate, demanding immediate payment of an outstanding invoice. John is presented with what appears to be a legitimate invoice, of which there is no record in the accounting system. The Y Oils representative threatens to restrict the available payment credit facility severely, which John recognises would be catastrophic for the company. He is unwilling to take the risk and arranges payment. The following day John calls Y Oils to apologise for the oversight and seek confirmation of receipt of the funds. Nobody at Y Oils knows anything about the invoice or the call the previous day. The fraudsters had intercepted an earlier invoice, created a fictitious copy, and convinced X Logistics to make payment.

The phantom vendor

What is it?

The phantom vendor procurement fraud scheme is an insider threat, involving someone who has access to business critical information and systems, and sufficient operational knowledge to disguise their actions.

Someone who has access to business critical information and systems, and sufficient operational knowledge to disguise their actions

The fraudster, often an employee, creates a fictitious vendor within the accounts system. All know your customer (KYC) and due diligence processes may be completed. The fictitious vendor then submits invoices which are duly authorised and paid as if genuine.

Such frauds may be difficult to detect depending on the size and structure of your business. 

How it happens – a real life example 

John, who works in the accounts and compliance department of P Logistics, creates a new vendor account named Q Oils and completes all of the required KYC verification requirements. The banking details attached to the Q Oils account are for a bank account under John’s control. Every other month, John generates a false invoice for a value around US$2,000, carefully not using a rounded value to avoid suspicion. On each occasion John enters the invoice into the accounts system and duly authorises the payment.

Mitigating the risks of procurement fraud

Detecting a fictitious company or business transaction will be challenging in periods of higher demand, particularly where businesses operate with a skeleton or remote workforce. Fraudsters generally study the victim in order to strike at a vulnerable time.

Management controls should be developed and tested which incorporate robust due diligence, ‘four eyes’ checking and escalation procedures. Awareness training will increase the likelihood of fraud detection within your business and escalation procedures will expedite investigation, leading to decisions by those in authority to protect the business. 

TT Club’s top tips to avoid procurement fraud:

  • Talk regularly about fraud, engendering a sceptical and politely paranoid mind-set
  • Be alert to the insider threat and develop effective whistle-blowing procedures
  • Incorporate a multi-step, segregated authorisation process for payments; don’t be rushed, always ‘take five’
  • Develop strict verification processes for any changes to existing account details (e.g. phoning a known contact to validate a request)
  • Check your bank statements carefully and report suspicious activity to your bank
  • Above all, take this seriously; even the most experienced staff can be duped
Above all, take this seriously; even the most experienced staff can be duped


We hope that you have found the above interesting. If you would like further information, or have any comments, please email us, or take this opportunity to forward to any colleagues who you may feel would be interested.

We look forward to hearing from you.

Peregrine Storrs-Fox

Risk Management Director, TT Club


  • TT Talk 276 Chinese Translation 679 KB


    Download PDF

Mike Yarwood

TT Club