Twenty-four percent of governmental frauds are billing schemes such as fictitious vendor theft, so says the Association of Certified Fraud Examiners. Fictitious vendor fraud is usually committed by a person with the ability to establish new vendors in the accounting system (often the accounts payable clerk). If you are going to prevent this fraud, you need to know how it works.
Fictitious Vendor Fraud
First, the clerk creates the fictitious vendor in the accounts payable system using his own address (or that of an accomplice). Alternatively, he may use a personal P.O. box (which is more common). Second, the clerk creates fictitious vendor invoices to support the payments; often, these invoices are for services rather than for a physical product. Since no shipped asset will be received by the government, it’s easier to conceal the fraud. Finally, the accounts payable clerk issues the vendor checks: since the fictitious vendor check address is that of the accounting clerk, the check is mailed directly to the fraudster (or his accomplice).
Here’s an example of how this fraud might happen.
Accounts Payable Clerk Fraud
John, the accounts payable clerk, sets up the fictitious vendor, Rutland Consulting, and keys his (John’s) address (P.O. Box 798, Atlanta, Georgia, 99890) into the vendor master file. To save time, the city has elected to have all checks signed electronically by the computerized system, so printed checks have signatures on them, and it just so happens that John prints all checks. John records an accounts payable amount of $53,322 to Rutland Consulting.
To conceal the fraud, John creates a fictitious consulting services invoice from Rutland Consulting (especially designed for the auditors), and he codes the expense to an account which has plenty of remaining budgetary appropriation. Now John prints and mails the checks (including the fictitious vendor check).
Two days later John picks up his check at his P.O. box. John has opened a bank account for—you guessed it—Rutland Consulting; he is the only authorized check signer for the account. After depositing the city-issued check to the Rutland Consulting checking account, he writes checks to himself. Soon John’s friends are impressed with his shiny new bass boat.
Other Fraudulent Disbursement Schemes
While reading about John’s fraud, you may be thinking, “Not a problem in my government. Our checks are physically signed.” Consider, however, that signed checks can be created by:
- Forging signatures on manual checks
- Signing checks with signature stamps
The fraudster might also, in another twist to this scheme, just wire the money electronically and record the transaction with a journal entry. If the fraudster can get a fake vendor added to the payables system and create a signed check or wire funds, then the fictitious vendor scheme becomes a possibility.
Banks generally do not visually inspect checks as they clear (how could they, given the volume of daily checks?), so a forged signature will usually suffice. John’s theft described above becomes easier if he also reconciles the related bank statement—no second pair of eyes will inspect the cleared checks.
Department Head Fraud
City or county department heads can also use a fictitious vendor scheme if they can submit believable new-vendor documentation. Many governments do not verify the existence of new vendors; therefore, a department head can merely send a fake invoice to the payables clerk and receive payment.
Oftentimes when an accounts payable clerk receives an invoice, he will add the new vendor to the accounts payable master file without verifying that the vendor is real. Since department heads often code and approve invoices (by writing the expense account number on the invoice and initialing the same), the payment will be recorded in an account of the department head’s choice.
Again, such invoices are usually for services (e.g., electrical repair)—that way, the accounts payable department is not waiting for receiving documents (e.g., packing slips) before payment is made.
Fictitious Vendor Fraud Factors
The fictitious vendor fraud hinges on three factors:
- Getting the fictitious vendor added to the accounts payable vendor list (along with the false address)
- Getting the payment made (either by controlling the whole payment process or by having the authority to approve disbursements)
- Getting the payment posted to an account where its presence goes unnoticed
Lessen Fictitious Vendor Threat
To mitigate the risk of fictitious vendors, do the following:
- Require vendors to provide a physical address (even if payments are to be mailed to a P.O. box)
- Require the accounts payable clerk to verify the existence of the new vendor (by calling the vendor or googling the vendor’s address)
- Have someone outside of accounts payable (e.g., controller) review new vendors added
- Segregate duties (namely the ability to add new vendors and the power to authorize payments); have at least two persons involved in processing all payables
- Have someone other than an accounts payable person reconcile the bank statement and require that that person compare the payee on cleared checks to the general ledger; if this suggestion is not viable, periodically review all cleared checks for a month and review the payees on the checks
- Periodically review the list of vendors in your accounts payable system
While this is not a comprehensive article about fictitious vendor fraud, hopefully it will prompt you to consider whether your internal controls are sufficient in relation to this threat.
Learn More About Fraud
For more information about fraud prevention, check out my book: The Little Book of Local Government Fraud Prevention.