Case Studies
Real-life examples of how organizations use PaymentWorks to improve compliance, reduce workload, and add value.
Stuff to Watch
Library of short and sweet videos featuring product demos, customer interviews, and sessions with experts.
Podcasts
The perfect way to geek out on all things vendor management, and get tips from our guests, partners, and customers.
Vendor Management Appreciation Day
Dedicated to celebrating the unsung heroes of vendor management and up-leveling your strategy.
Events
We go places. We do things. Join us!
This blog was originally published in 2020 but was updated in November 2023 for accuracy and comprehensiveness – and to re-emphasize just how vulnerable organizations are to supplier fraud.
Ever wonder what your organization and one as big as Toyota have in common? It’s simple: you’re both at risk of fraud and the related insurance headaches fraud can cause.
This article features an interview with a leading broker about the various types of supplier fraud, available coverage options and consideration for vendor management folks. If you worry about your process and it’s insurability- read on!
Quick Primer on Supplier Fraud
Episode Takeaways on the Perils of Supplier Fraud
Must-Read Episode Quotes about Supplier Fraud
How Automation Stops Supplier Fraud in its Tracks
How Vendor Management Appreciation Day Can Help
Want Help Aligning Your Teams to Improve Your Vendor Risk Management Framework?
Interested In Regular Vendor Risk Management Framework Tips?
Want Personalized Guidance on Your Vendor Risk Management Framework?
You don’t want to miss this podcast episode on the many forms of supplier fraud – and how that impacts insurance coverage.
Matt Klein, National Fidelity Product Leader at Willis Towers Watson, explains what social engineering fraud is, talks about the limited types of coverage that currently exist for supplier fraud, and offers his prediction about the future of fraud.
If your supplier onboarding and management processes keep you up at night, you should listen. You’ll hear real-life examples of how supplier fraud plays out and learn the best ways to protect your organization (along with what to do if your business becomes a victim).
Matt serves as the National Fidelity Product Leader of the FINEX Financial Institutions Practice with more than 17 years of insurance experience. As FINEX’s Fidelity Product Leader, Matt provides strategic advice and develops creative fidelity and computer crime solutions for current and prospective Willis clients.
Before joining Willis Towers Watson, Matt was an advisory specialist at Marsh, specializing in fidelity and computer crime coverages for large financial institution risks. Prior to his time at Marsh, Matt spent ten years as a financial institutions underwriter, with a focus on the bank and insurance sectors, and three years as a professional lines claims analyst.
Matt holds a JD/MBA from the University at Buffalo School of Law/School of Management and a BS from the University of Illinois at Urbana-Champaign.
Matt is admitted to practice law in New York.
Unfortunately, supplier fraud comes in many shapes and sizes – and it impacts organizations of every kind. Matt walks through a few different types of fraud in this episode. Because of this, we thought it might be helpful to give you a quick rundown of some of the top types and what they are:
Fraudsters are going to defraud. However, when you don’t have automated vendor onboarding or documented, airtight workflows in place, their attacks become a lot easier.
Next, we’ll dive into the key takeaways from this episode.
At the end of 2019, Toyota announced that there was a business email compromise. This is not a mom-and-pop shop. To clarify, we’re talking about a large, major auto manufacturer. By all appearances, they seem to be fairly sophisticated.
But they also make a compelling target. As a company dealing with large transactions with high-value materials for the manufacturing of cars, they transfer large sums of money regularly.
Even this organization was not immune to this type of cyberattack.
As Matt put it, “I think it really hit a chord when a company like Toyota suffered a loss I think was four billion yen. It was 37 million dollars worth of fraudulent transfers that they suffered…You’re talking about one of the largest car manufacturers in the world being hit with a pretty significant loss due to a B2B type of fraud situation.”
If the Toyota scenario above doesn’t disrupt a REM cycle or two, this next story might. Matt emphasized that “the criminals are getting very sophisticated.”
He went on to describe a particular scheme in which the bad actors were able to access an organization’s computer system and were watching…waiting…
They could see all of the communications being directed back and forth between people in the wire room and other executives within the organization. As a result, they knew when a transaction was going to happen And they could use that information to manufacture a mass email where they impersonated a person within the organization responsible for approving transactions.
You can guess what happened next.
And if that doesn’t have you on the edge of your office chair, you can listen to Linda Miller, CEO of Audient Group, wax poetic about the state of supplier fraud below:
Matt recommends filling a claim with your insurer for even the smallest claims. Yes, it’s going to be a detailed process that involves cyber experts, forensics, and a post-mortem on what occurred and which controls (if any) failed.
Matt explains, “You are going to need to put together a narrative that explains, “This is what was taken from us. This is how we believe it was taken from us, and this is why we believe it should be covered under our law.”
The reason it makes sense to file the claim, even for the “small” stuff is because that instance of supplier fraud might be a test.
Matt says “Sometimes the criminals are doing that with the hopes that you’re kind of like, ‘It’s not a big deal. We figured out how they did it. We’re going to close that entryway into our system. Obviously, they were watching us. There was some malware. We eliminated the malware.’”
But there might be something else lurking just around the corner. Fraudsters are smart. Sometimes they want to get caught so they can perpetrate an even bigger fraud scheme while your hands are tied dealing with the “small stuff.”
“People are going to continue to find or look for ways to steal,” says Matt.
It’s such a stark reality, that Matt expects that clients will start budgeting for these types of thefts as a business expense because it’s so prevalent. Yep, the costs of supplier fraud are simply becoming the cost of doing business.
Insurance coverage is one way organizations can ease this burden. And Matt also predicts that companies will outsource some of the payment verification processes. Rather than budgeting to lose money to supplier fraud, they can budget for vendor management automation that helps prevent it.
The vendor desk is piled high with compliance and security checks — many of which are still happening manually. You have to verify things like tax ID and address, typically with a third-party tool that is not automated.
Then you have to check sanctions lists at onboarding AND prior to each PO issued (yes, manually). The fun doesn’t stop there.
The vendor desk must also somehow gain confidence that the banking information is legitimate, either through a third party or with phone calls (again, manually).
Each of those checks is an opportunity for supplier fraud to creep in. All it takes is one missed check (especially if your supplier onboarding process isn’t documented), one compliance misstep, or one “Can we make an exception, just this once?”
However, automation can change the game. Tax IDs and mailing addresses can happen automatically, noting whether the entries are valid or invalid. Sanctions lists can be checked at the time of onboarding — and continually monitored for any changes, which trigger updates and new approval workflows.
And banking risk assessment can be done within an automated platform, ensuring that you’re paying who you think you’re paying, always and forever.
Need to see it to believe it? Listen to this tale of fraud stopped in its tracks:
Ready to up-level your vendor management strategy? Want to get the latest tips, tools, and checklists to geared especially for the vendor desk? Would you like a reason to party?
We have just the thing for you: Vendor Management Appreciation Day (VMAD). It’s our home-grown holiday happening December 12th and it’s all about celebrating one of the most under-recognized roles across industries: vendor management.
VMAD is all about unifying vendor management professionals and celebrating innovation in the field.
People are already talking about this, and we want to extend an invitation to join the party.
Learn more here, and grab some free vendor management goodies.
Explore our blogs below. They’re filled with action items you can implement right away.
A Vendor Management Template You’ll Actually Use
Who Cares About Vendor Management? The Treasury Function We Don’t Discuss
Tackling Accounts Payable Challenges: Effective Solutions
Vendor Management Tips From the Experts Themselves
Vendor Verification: How NOT to Do it and What to Do Instead
