I’m sure for many of us this will sound familiar. For those of us in finance anyway, and especially if we’re in accounts payable.
The great validation headache
It’s been a long week. And with it being the end of the month, we need to make sure that we close it out with financial reporting that’s all aligned and ready for distribution. And for that, we need to make sure that the numbers add up and that all the due invoices have been sent out.
We need to make sure that each invoice is approved and service or goods were indeed provided according to the terms and conditions. But, do we have the correct bank account details to actually pay the invoice?
Reach out & verify
This means that we need to reach out to each payee and verify with them what their bank account details are.
The way this usually works, is that as part of this supplier onboarding process or in some cases when we need to pay an invoice, we need to ask the vendor for some proof of account ownership – such as a blank check or bank statement, or both.
Then, we usually need to go through another contact person for further verification, just to be on the safe side, and make sure that we’re getting the accurate and most up-to-date information.
What happens if the vendor have changed a bank account or in cases were the invoice comes with bank account details that are different than the details provided originally from the vendor – again we need to verify that the new bank account is legitimate and indeed belong to the vendor we need to pay to,
Over and over again
Now, if that isn’t inconvenient enough – we have to do this every month for every incomplete invoice, without a correct bank account details. And when you have dozens to hundreds (and sometimes thousands) of suppliers and other entities that receive payment, it can seem like the work involved is never done.
Is there anybody out there?
Not to mention, contact people aren’t always easy to reach. Many are often located abroad, in different time zones, and speak different languages. The whole chain of communication is challenging and inefficient. There are so many emails and phone calls, and lots and lots of time wasted.
Are you sure you’re safe?
But that’s not the end of it. This process is not only about the time and effort overhead. It’s also about the fact that it’s wholly insecure.
When you’re reaching out to someone to get their bank account details – how can you be sure that:
- you’re getting the right details?
- a cybercriminal hasn’t hacked into your line of communications?
- a fraudster hasn’t given you fake information?
- you aren’t ultimately making a payment to a fraudster’s account?
The perfect hacking targets
Emails, phone calls, and digital documents such as Word or PDF are hacked all the time. They’re just too easy for cyberfraudsters to manipulate.
How they do what they do
For example, fraudsters can hijack payments by sending you an email with a domain name that looks like your supplier’s (but isn’t), asking you to make changes to bank account info on record.
These emails can be very convincing and looking legit. So, you make the change, and unknowingly and unintentionally you wind up ‘aiding and abetting’ the crime.
To err is human
Payments mishaps don’t only happen because of fraudsters. There’s also the issue of human error, which happens all the time. Someone makes a typo, or, even worse, someone inside the organization is misdirecting payments to fraudulent accounts.
Bottom line, the risk is great.
Does it really have to be this way?
Imagine it was different. Imagine you could easily and quickly validate any bank account anywhere in the world – without a single email, phone call, blank check, bank statement, or other manual means.
What if you could ask payees to validate their bank accounts, on their own, in a very easy, fast, secured, technology-powered process?
And what if they would need to do this only once (for each account that receives payment from you)?
How it should be
This way, by rallying up the support of technology that cybercriminals can’t hack, and finally saying good-bye to manual validation processes, you could be confident that the bank info you need is always legitimate.
You could protect yourself from all these different kinds of threats. You could secure your master data, validate the relevant information before making payments, and know that the bank account you’re about to transfer money to does actually belong to your payee.
The great news is that you don’t have to imagine. This is because nsKnox has what you need to do just this with our Bank Account Certificates.
To learn more about it and avoid the validation risk and headaches, we invite you to reach out to us to get a free demo.