# Accounts Payable Fraud Prevention | RankShield Financial

> Most accounts payable fraud is internal: fake vendors, duplicate payments, check tampering, one person who approves and pays. Automate segregation of duties.
>
> Source: https://rankshieldfinancial.com/accounts-payable-fraud/ · RankShield Financial (verifiable pre-settlement payment security)

RankShield Financial · Accounts payable
# Accounts payable fraud is mostly an inside job. Fake vendors, duplicate payments, altered checks, and one trusted person who onboards, approves, and pays. Most AP fraud does not come from a hacker. It comes from a process where a single person can complete a payment unchecked. RankShield makes that impossible.
  Request access  External vendor fraud    payee-verified  independent approval  no self-payment      From the ACFE, 1,921 real cases    22%  of occupational fraud is billing schemes: fake vendors, inflated and duplicate invoices. $100k median loss (ACFE 2024)    12 mo.  median time an AP scheme runs before anyone catches it; losses grow to $875k at five years (ACFE 2024)           01  // two families   Where AP fraud comes from
## An outside deception, or an inside process failure

Accounts payable fraud splits in two. Most guides only cover the loud one.

The external family is the one that makes headlines: a fraudster poses as your vendor and emails new banking details, and your team pays the wrong account. That is business email compromise, and it has its own page here, [invoice and vendor payment fraud](https://rankshieldfinancial.com/invoice-fraud-prevention/). It is real and growing, but it is not where most accounts payable losses actually come from.

The internal family is quieter and, by the numbers, larger. Someone with access to the payables process, alone or working with a vendor, exploits the fact that no one is independently checking. The ACFE’s 2024 Report to the Nations, drawn from 1,921 real cases, finds asset misappropriation in 89 percent of occupational-fraud cases, and the two schemes that live specifically inside accounts payable, billing schemes and check tampering, together account for a third of all cases. This page is about that internal side, because it is the part your bank’s fraud tools and a BEC checklist do not touch.
       02  // the schemes   How the money leaves
## The internal AP schemes, named

### Shell vendor
 a company that isn&#x27;t real
An employee creates a fictitious vendor in the master file and submits invoices for goods never delivered. Payment routes to an account they control. The most common branch of the 22 percent billing-scheme category.

### Duplicate & pay-and-return
 the excess diverted
A real invoice paid twice, or a deliberate overpayment to a genuine vendor, with the “refund” intercepted. It hides inside legitimate activity.

### Check & payment tampering
 $155k median
Forged or altered checks, or changed banking details in the vendor master to redirect real disbursements. The highest median loss of the payables schemes, and 23 percent of cases at small firms.

### Collusion
 two people, no controls
An insider and a vendor split the take. The ACFE found 54 percent of frauds involved multiple people, precisely because collusion is how you get around separation of duties.
        03  // why SMBs   The control you can’t staff
## Small firms get hit harder because one person does it all

Separation of duties is the defense, and it is the exact thing a lean AP function does not have.
    23% vs 9%  Check and payment tampering strikes firms under 100 employees at 23% of cases, versus 9% at large firms — the biggest small-vs-large gap of any scheme (ACFE 2024).    40% vs 90%  Only 40% of small firms have an internal audit function, against 90% of large ones. Fewer eyes, longer-running schemes.    Half  More than half of frauds occurred due to an insufficient system of internal controls: 32% a lack of controls, 19% an override of them (ACFE 2024).
The ACFE states the cause plainly: smaller organizations have fewer checks and balances and less segregation of duties. When the same trusted person onboards a vendor, approves its invoice, and releases the payment, there is no independent step where a fake vendor or a padded invoice would be caught. It is not that small businesses hire worse people. It is that they cannot afford the three-person process that makes the fraud hard, so a single point of trust becomes a single point of failure.
       04  // the fix   One control, both families
## Verify the payee, and require an approval one person can’t self-satisfy

Internal and external AP fraud collapse to the same two failures. Close both and you close most of the exposure.

Strip the schemes down and they share a root. A shell-vendor scheme works because the person who set up the vendor also approved its invoices. A vendor-impersonation email works because the changed banking details were never checked against a trusted record. Both come down to (1) the payee was not independently verified, and (2) no genuine, independent human approved the payment.

### Verify the payee
 against a trusted record
Every payment’s payee is checked against the vendor record you already trust, before it moves. A new or changed account does not clear on an email’s say-so.

### Independent approval
 not the originator
The payment carries proof that an authorized approver, who is not the person originating it, signed off. The segregation of duties a small team cannot staff, enforced automatically.

### No self-completion
 no single point of failure
No one person can onboard, approve, and release a payment end to end. That single rule defeats the shell vendor, the duplicate, the self-approval, and the collusion that circumvents manual controls.

### A checkable record
 who approved what
Every decision leaves a record of who approved what, so a surprise audit, the control the ACFE found cuts loss and duration by half, actually has something to review. See [verifiable attestation](https://rankshieldfinancial.com/verifiable-attestation/).

### Shared across the network
 flagged once, known to all
A payee or account flagged at one member of the [RankShield Network](https://rankshieldfinancial.com/vs/accertify/) is shared across it, so a fake vendor or account seen elsewhere is known before you pay it. Unlike a scoring consortium, every shared verdict is independently verifiable, and the signal compounds as members join.
         What we claim, and what we do not
## Evidence, not adjectives

Every figure on this page is from the ACFE’s 2024 Report to the Nations, drawn from 1,921 real cases, and we cite it rather than paraphrasing it into folklore. We do not claim a fraud network, customer names, or a sealed build we cannot show you, which our [transparency page](https://rankshieldfinancial.com/transparency/) reports honestly. What we offer is the segregation of duties and payee verification that small AP teams cannot staff by hand, automated and applied before the money moves.
       FAQ
## Accounts payable fraud, answered
    What is accounts payable fraud, and how is it different from invoice fraud?  Accounts payable fraud is the broad category of schemes that steal money through the payments process. It splits into two families. External AP fraud is when an outsider deceives you, most often business email compromise, where a fraudster poses as a real vendor and emails fake banking details. Internal AP fraud is when someone inside, or an insider working with a vendor, exploits weak controls: a fake vendor set up in the system, a duplicate payment with the excess diverted, an altered check, or a payment the same person both approved and released. The external kind is covered on our invoice and vendor fraud page. This page focuses on the internal side, which the ACFE finds is where the most common and most damaging AP schemes live.    How common is internal accounts payable fraud, really?  It is the core of occupational fraud. The ACFE’s 2024 Report to the Nations, based on 1,921 real cases, found that billing schemes, which include fake vendors and inflated or duplicate invoices, account for 22 percent of all occupational-fraud cases with a median loss of 100,000 dollars. Check and payment tampering accounts for another 11 percent, with the highest median loss of the payables schemes at 155,000 dollars. And these schemes run a long time before anyone notices: the median fraud lasts 12 months, and losses scale sharply the longer it goes, from 30,000 dollars when caught inside six months to 875,000 dollars when it runs five years or more. AP fraud is rarely a single dramatic event. It is a slow leak through a weak process.    Why are small and mid-sized businesses hit harder by internal AP fraud?  Because the control that stops it, separating who can set up a vendor from who approves and who pays, is the exact control small businesses cannot staff. The ACFE found firms under 100 employees suffer check and payment tampering at 23 percent of cases versus 9 percent at large firms, the single largest gap of any scheme between small and large organizations, and billing schemes at 31 percent versus 22 percent. It names the cause directly: smaller organizations have fewer checks and balances and less segregation of duties. Only 40 percent of small firms have an internal audit function, against 90 percent of large ones. When one trusted person onboards the vendor, approves the invoice, and releases the payment, there is no second set of eyes, and that is precisely the gap these schemes exploit.    We trust our AP person. Isn’t this someone else’s problem?  Trust is not a control, and the data is uncomfortable about this. More than half of occupational frauds, per the ACFE, occurred because of an insufficient system of internal controls: 32 percent traced to a lack of internal controls and another 19 percent to someone overriding the controls that existed. And 54 percent of frauds involved more than one person colluding, with three or more colluders pushing the median loss to 329,000 dollars, specifically because collusion is how people get around separation of duties. The point is not that your AP clerk is dishonest. It is that a process where one person can complete a payment end to end, or where two people can quietly agree to, is a process that depends on everyone staying honest forever. Controls exist so it does not have to.    How does RankShield address both internal and external AP fraud?  Both families collapse to the same two failures: the payee was never independently verified, and no genuine, independent human approved the payment. A shell-vendor scheme works because one person set up the vendor and approved its invoices. A vendor-impersonation email works because the changed banking details were never checked against a trusted record. RankShield verifies the payee against the record you already trust and requires proof that an authorized approver, who is not the person originating the payment, signed off, before the money moves. That single control defeats the fake vendor, the self-approved payment, the duplicate, and the external payee swap, because it removes the ability of any one person, inside or outside, to complete a payment unchecked. It automates the segregation of duties the ACFE says small firms lack.           Verify, then settle
## See your payments verified before they settle.

Most AP fraud runs because one person can complete a payment alone. Verify the payee, require an independent approval, and leave a record — automatically, on every payment. Request access and we will map it to your AP process.
  Request access  How it works
