Skip to main content

Bogus vendors may be costing your company a bundle




Are you harboring fictitious vendors in your accounting system? These are vendors invented by an employee — usually someone with the authority to approve invoices — to embezzle from the company. Thieves fabricate invoices and deposit payments to the fictitious vendor in their own bank accounts.

This scam is easier to perpetrate in companies with a large number of vendors because fictitious accounts simply get lost in the sheer volume of paperwork. However, small companies are also vulnerable to the scheme because they often lack internal controls, such as segregation of duties.

Spotting the fake

Regardless of the size of your company, there are likely to be tracks for you to follow:

Missing information. You expect to find phone numbers, taxpayer identification numbers, contact names and specific street addresses (not P.O. box numbers) in your vendors’ files. When such routine data is missing, investigate.

Vendor names. Embezzlers may create a company name that is similar to that of a legitimate vendor, or may use their own initials. But a fraudulent vendor won’t be called Microsoft, Wal-Mart or any other widely known corporate name.

Account activity. A fictitious vendor will probably be active. Because the payoffs are proportional to the effort, fictitious vendors usually don’t send invoices for small amounts. The risk of discovery increases with every transaction, so fake accounts are more likely to involve fewer invoices for larger amounts.

Services vs. goods. Most often, fictitious vendors will supply services rather than goods, simply because it’s easier. But occasionally someone — most often a purchasing agent — establishes a fake company from which to order products. This scam usually requires an accomplice on the receiving dock to record receipt of the goods and simultaneously alter inventory records.

More red flags

Also look for:


  • The absence of credit memos, because there won’t be any billing errors,

  • Prompt payments, because the perpetrator wants each transaction completed as quickly as possible,

  • Similar invoice amounts, which will probably be just below the fraudster’s authorization limit, and

  • One invoice listing per check, rather than the more customary bundling of invoices for payment.

Finally, if only one employee is requesting the company’s services, that’s a sign the vendor may not be legitimate.

They can’t hide

If you sense something isn’t right in your vendor records, don’t let it slide. Regardless of how devious the perpetrator and elaborate the scheme, we can help you uncover the fraud.

 Please contact us for additional information

© 2018


Popular posts from this blog

DOL Form T-1

Update: The OLMS will not seek to enforce the filing of the Form T-1 for one year from the original due date. Office of Labor-Management Standards (OLMS) published a final rule on May 30, 2019 establishing a Form T–1 Trust Annual Report which requires annual reporting by Form LM-2 filing labor organizations on financial information pertinent to “trusts in which a labor organization is interested”. On March 29, 2021, the Office of Labor-Management Standards (OLMS) released News 01-2021 – Notice of a non-enforcement policy in connection with an intended rulemaking to rescind the Form T-1 Trust Annual Report. Follow this link for our client bulletin: Non-enforcement Policy Bulletin Please contact us for additional information
Read more

IRS Announces New Pilot “Pre-Audit” Compliance Program for Retirement Plans

  On June 3, 2022, the IRS announced a new pilot pre-examination compliance program for retirement plans beginning in June 2022.   Under the new program, the IRS will send letters to plans advising them that they have been selected for an examination and will have a 90-day window to self-review the plan’s documentation and operation to determine if they meet current tax law requirements. If the plan does not respond within 90-days, the IRS will audit the plan. If self-review reveals non-compliance, the plans will be able to self-correct the mistakes using the correction principles in the IRS voluntary compliance program (EPCRS).    EPCRS’s self-correction program will be available. If a mistake cannot be self-corrected, an IRS closing agreement under EPCRS will be available based on the voluntary compliance program (VCP) fees rather than the normal closing agreement fees. If the plan does respond within 90 days, the IRS will review the submitted documentation, determine whether it
Read more