Customer due diligence has to be balanced against a supplier’s duty of care.
22 November 2024
Rising Stars Awards 2024
Recognising the rising stars in the accounting industryThe inaugural Rising Stars Awards will bring the accounting...
KNOW MORECustomer due diligence has to be balanced against a supplier’s duty of care.
Businesses increasingly rely on electronic communication, including email, to conduct transactions. While this brings convenience and efficiency, it also introduces vulnerabilities that fraudsters can exploit.
One such vulnerability is invoice interception, where fraudsters intercept invoices sent via email and alter the bank details to divert payments into their own accounts. This can leave both the supplier and customer in a quandary as to who ultimately bears the financial loss.
Let's take a typical scenario to understand the situation at hand better.
Supplier A sends an invoice to customer B via email, but it is intercepted by a fraudster who changes the bank details on the invoice before it reaches the customer B. Customer B pays the invoice to the fraudster's account, thinking it is the supplier A's account details.
In this scenario, who pays?
The complex legal landscape
The question of who bears the financial burden in invoice interception scams is complex and often depends on the specific circumstances of each case. In some jurisdictions, the customer is considered liable for verifying the authenticity of an invoice before making payment. This is based on the principle of customer due diligence, which holds that customers have a responsibility to exercise reasonable care to ensure they are paying the correct supplier.
However, there are also cases where the supplier may be held liable, particularly if they were negligent in protecting their payment information or failed to implement adequate security measures to prevent invoice interception. In the above scenario for example, it is the supplier's email that is intercepted and they should have used a safer method to send their invoice (e-invoicing), protecting their business as well as their customer. In such instances, the supplier may be deemed to have breached their duty of care to the customer.
Research indicates there are various approaches to who can really be held responsible when facing an invoice interception scam:
The role of e-invoicing
The rise of invoice interception scams has prompted a growing movement towards e-invoicing – a secure electronic invoicing system that uses the Peppol network. Peppol is a pan-European e-invoicing infrastructure that provides a standardised and safe platform for exchanging invoices between businesses.
E-invoicing offers several advantages over traditional email-based invoicing, including:
The verification of an e-invoice from an access point provider ensures that:
In turn, this gives the customer confidence that they are paying the correct supplier for the correct invoice amount and that their payment will be processed securely.
A fraud-resistant future?
As businesses increasingly embrace the digital transformation, e-invoicing emerges as a critical tool for safeguarding financial transactions and ensuring business continuity. By adopting e-invoicing, businesses can protect themselves from the financial and reputational damage caused by invoice interception scams.
Moreover, e-invoicing offers a range of operational benefits, including reduced processing costs, improved data accuracy and enhanced visibility into the invoicing process.
In a world where fraudsters are constantly evolving their tactics, e-invoicing provides a robust defence against invoice interception scams, safeguarding the financial interests of both suppliers and customers.
The adoption of e-invoicing is not merely a technological advancement; it represents a shift towards a more secure and efficient business landscape. By embracing e-invoicing, businesses can protect themselves from fraud, streamline their operations and enhance their overall financial wellbeing.
Robin Sands is CEO of Link4.
You are not authorised to post comments.
Comments will undergo moderation before they get published.