Tag Archives: Invoice and Sales Commission Frauds

The Hidden Threat to Your Bottom Line: How Sales Fraud is Bleeding Your Business Dry

Posted on by

Paul Curwell

5–8 minutes

Key Takeaways:

  • Fraud costs companies 5% of annual revenue, with economic downturns increasing fraud risks
  • Sales teams present unique fraud vulnerabilities through returns schemes, revenue manipulation, and commission fraud
  • Implementing targeted controls like commission clawbacks and automated monitoring can protect your revenue and reputation

Introduction

Let’s face it – while you’re busy watching your supply chain for external threats, your sales team might be quietly bleeding your company dry. As someone who’s spent years investigating corporate fraud cases, I’ve seen firsthand how sales fraud schemes can fly under the radar while causing massive financial damage. In today’s shaky economic climate (thanks, tariffs), fraud is on the rise, and your sales department is particularly vulnerable.

The Costly Reality of Sales Fraud

Did you know that companies lose a whopping 5% of annual revenue to fraud? That’s billions collectively wasted across industries. What’s more alarming is that according to fraud experts, 55% observed increased fraud during economic downturns – precisely the environment we’re navigating now.

For business leaders and finance chiefs, this isn’t just a financial headache—it’s a direct attack on your business strategy and profitability. While you’re focused on protecting your trade secrets and IP protection from outside threats, your greatest insider threat might be sitting in your sales department.

Six Common Sales Fraud Schemes Killing Your Profits

1. Returns Fraud with Kickbacks

This scheme is particularly sneaky. A salesperson encourages customers to purchase excess inventory (often with unauthorized discounts) to inflate sales figures. Later, the customer returns the excess inventory, but the salesperson keeps their commission. Meanwhile, your inventory numbers and forecasting are completely thrown off.

Red Flags to Watch For:

  • Large sales orders followed by significant returns
  • Sales spikes near reporting periods (quarter-end) that reverse shortly after
  • High return rates for specific salespeople compared to others
  • Unusual relationships between sales staff and certain customers

In 2022, a global electronics distributor discovered a senior salesperson colluding with a key customer on bulk orders at steep discounts. After commissions were paid, the customer returned over 60% of the inventory. Pretty clever scam, right?

2. Revenue Recognition Fraud

This scheme involves manipulating revenue figures or pocketing unrecorded revenue. For example, an employee might issue a credit note and split the refund with a customer. For technology companies especially, recording revenue too early can artificially inflate performance metrics.

Red Flags to Watch For:

  • Customer receipts missing for completed sales
  • Same person handling both invoicing and payment collection
  • Unusual timing of revenue recording (especially at quarter-end)
  • Differences between contract terms and recorded revenue
Channel stuffing fraud – a distribution problem

3. Credit Note Manipulation

Your sales team might be issuing unauthorized credit notes to steal funds or hide theft. Without proper oversight, this fraud can continue for months or even years before anyone notices.

Red Flags to Watch For:

  • Credit notes issued without proper approval
  • Unusual patterns or increased frequency in credit note issuance
  • Credit notes that lack supporting documentation
  • Certain employees processing a disproportionate number of credit notes

4. Inventory Fraud

This classic scheme involves stealing stock via false sales or diverting goods in transit. In 2022, an employee at an Australian parts supply company altered supplier bank details to divert payments while covering up inventory theft through falsified invoices. Their research showed this could be prevented with better automated fraud detection tools.

Red Flags to Watch For:

  • Negative inventory entries or unexplained stock differences
  • Frequent cancellations of sales transactions
  • Differences between physical inventory counts and system records
  • Unusual shipping or delivery patterns
inventory in a warehouse
Photo by Tiger Lily on Pexels.com

5. Discount and Pricing Manipulation

In Asia, employees were caught receiving kickbacks for granting unauthorized discounts. This not only hurts your profits but can disrupt your entire pricing strategy and market positioning.

Red Flags to Watch For:

  • Discounts disproportionately benefiting specific customers
  • Patterns of excessive discounts tied to one salesperson
  • Discounts offered without proper approval or documentation
  • Unusual changes in profit margins across similar sales

6. Commission Fraud

Consider this simple example: if a salesperson fraudulently changes their commission rate from 10% to 20% on $1,000,000 in sales, that’s $100,000 straight out of your pocket. Multiply that across your sales team and years of operation, and you’re looking at potentially huge losses.

Red Flags to Watch For:

  • Cash skimming from sales that go unrecorded
  • Creating fake sales to inflate commission numbers
  • Differences between sales data and bank deposits
  • One salesperson consistently outperforming peers by unusual margins

Software vs. Physical Products: Different Risks

The selling of software brings its own unique fraud risks. While physical product fraud often involves inventory theft and returns, software sales fraud typically involves revenue manipulation and more complex schemes.

For software subscription companies, a common scheme involves selling discounted multi-year subscriptions to partners who later cancel most licenses after commissions are paid. One company discovered a regional manager had colluded with a reseller to inflate sales figures and split the commission.

For physical products, fraud detection may be easier due to inventory checks you can see and touch. Software fraud, however, can be harder to detect since the product isn’t physical. For instance, in 2021, a software company found that a sales manager sold discounted multi-year subscriptions to a partner who later canceled over 70% of the licenses within six months. The manager received commissions based on gross sales but wasn’t penalized for cancellations.

Returns Fraud – a risk for eCommerce companies

Protect Your Bottom Line: Four Action Steps

  1. Implement Commission Clawbacks: Tie commissions to net sales (gross sales minus returns) and implement penalties for canceled subscriptions or returned goods. This single control can eliminate much of the motivation for fraud.
  2. Create Stricter Approval Processes: Require manager approval for large discounts, bulk orders, or unusual contract terms. This creates accountability and transparency. For credit notes, implement a two-person approval system that prevents a single employee from handling the entire process.
  3. Leverage Data Analysis: Monitor return rates by salesperson, product line, and customer using tracking tools. Look for patterns of excessive discounts followed by high return rates. Modern analysis can flag unusual activities long before traditional audits would catch them.
  4. Conduct Regular Internal Audits: Focus on high-risk areas such as discounts, bulk orders, refunds, and return transactions. Surprise audits are particularly effective at catching ongoing fraud schemes.

Call to Action

Stop leaving your revenue vulnerable to insider threats. Review your sales controls today and implement these four steps to protect your bottom line. The economic landscape is already challenging enough without letting sales fraud drain your profitability. In my experience, most companies discover fraud only after significant damage has been done. Don’t wait for your technology investments and research efforts to be undermined by preventable financial losses. As business leaders, we can’t afford to overlook this hidden danger in our sales departments. Take action now before your next earnings report reveals the damage.

Further Reading

DISCLAIMER: All information presented on paulcurwell.com is intended for general information purposes only. The content of paulcurwell.com should not be considered legal or any other form of advice or opinion on any specific facts or circumstances. Readers should consult their own advisers experts or lawyers on any specific questions they may have. Any reliance placed upon paulcurwell.com is strictly at the reader’s own risk. The views expressed by the authors are entirely their own and do not represent the views of, nor are they endorsed by, their respective employers. Refer here for full disclaimer.

Business Email Compromise – persistent threat or consistently mismanaged?

Posted on by

Paul Curwell

4–6 minutes

What is Business Email Compromise (BEC)?

I remember working in banking when BEC first happened – according to Google, this was around 2013. In our bank security department, we worked out how the fraud scheme worked, quickly developed internal controls and process improvements to reduce our vulnerabilities, and effectively treated the risk. So why in 2023, ten years later, are business owners still falling victim to BEC and other scams? More concerning, some executives only hear about BEC when they have become a victim – so what is BEC and how does it happen?

BEC is a type of fraudulent email scheme (scam) – more specifically a cybercrime – where fraudsters attack a company’s internal processes or functions. Most commonly, I come across BEC in relation to invoicing scams or banking transactions, but there are also other less common variations. Criminals use phishing techniques, which involve well crafted or deceptive emails, and in some cases other social engineering tactics as well, to convince an employee or manager that they are legitimate.

an exhausted woman reading documents
Photo by Mikhail Nilov on Pexels.com

At times, these emails may even be combined with other channels such as phone calls to reinforce the sense of urgency, build trust and rapport with the victim. A simple ‘BEC attack example’ involves 4 phases – research & reconnaisance, targeting, attack, escape – as illustrated below:

Here’s an example how BEC could play out:

BEC is still happening – why?

As a cybercrime / online fraud, the simple TTP (Tactics, Techniques, Procedures) employed by criminals mean and the ensuing response by workers means BEC is still going strong. According to the Australian Competition & Consumer Commission (ACCC) ‘Targeting scams 2022‘ report:

  • In 2022, Australian’s reported $569million in losses to ScamWatch, a 76% increase on the previous year
  • The volume of incidents has decreased – but the value of incidents has increased (average losses have increased by 224% since 2020)
  • Losses from False Billing scams totalled $24million in 2022

These statistics demonstrate the size of this problem. Clearly, businesses need to do more to manage fraud, cybersecurity and scam risks.

Why is BEC still this prominent? Simple – because it works.
For criminals, fraudsters and scammers, it’s quick, cheap and profitable.

People are too busy to stop and think about what they are doing or take process shortcuts, to trusting of what happens online due to poor security awareness or inadequate fraud awareness training, or because the way the scammer delivers their ‘attack’ email is so well crafted it gets the recipient on the hook easily and convinces them it’s legitimate.

For managers, its important to realise that BEC has a strong nexus to your Insider Risk Management program – BEC scams cannot succeed without a wilful, complacent or ignorant insider.

Applying the critical-path approach to insider risk management

A strong Trusted Insider program should be mutually reinforced and supported by a strong security culture, where all staff (including contractors and casuals, not just employees) understand and embrace the importance of security to your business. If security awareness is low and you have a poor security culture, employees and contractors can be complacent or even ignorant of the risk.

6 steps to improving security and integrity culture in the workplace

How to prevent BEC and other scams?

Who typically gets targeted? Because BEC frauds primarily target the invoicing process, staff in accounts and procurement are most likely to be targeted, as well as potential line managers, executives and their assistants.

1. Up your game – improve culture and awareness

Whilst all staff in your organisation should have some level of fraud and security awareness, staff in these roles should have a high level of understanding about BEC, it’s various forms, and how prolific it is.

2. Identify, assess and manage the risk

Too often, I find organisations which haven’t stopped to think about how fraud and security issues can materialise in their business. Business need to perform a detailed security risk assessment to understand how and where they may be vulnerable to cybersecurity or fraud compromise. Any security or fraud risk assessments should be regularly updated to reflect changes in the business and its operations.

3. Review your business processes and internal controls

Frauds and scams differ from violent crimes in that they exploit a business process. To succeed, criminals must complete a particular task, often in a specific order. For a business, each of these tasks is a vulnerability unless you have sufficient internal control coverage to mitigate these risks.

In practice, I find overlaying a process map of the scam or fraud from the criminals (external) perspective onto the internal business process helps identify gaps (vulnerabilities). This is often done in Red Teaming and other Security Assurance activities.

Further Reading

DISCLAIMER: All information presented on ForewarnedBlog is intended for general information purposes only. The content of ForewarnedBlog should not be considered legal or any other form of advice or opinion on any specific facts or circumstances. Readers should consult their own advisers experts or lawyers on any specific questions they may have. Any reliance placed upon ForewarnedBlog is strictly at the reader’s own risk. The views expressed by the authors are entirely their own and do not represent the views of, nor are they endorsed by, their respective employers. Refer here for full disclaimer.