Rob Rogers

Rob Rogers


Bank Account Change Controls
Vendor Monitoring

Bank Account Change Controls

Few areas within accounts payable (AP) and disbursements create more risk than vendor bank account changes. A single fraudulent or improperly validated banking change can redirect large payments into criminal accounts within minutes. Once funds are transferred, particularly through Automated Clearing House (ACH), wire, or real-time payment environments, recovering the money can become extremely difficult. That is why bank account change controls have become one of the most critical components
Evolution of Disbursement Controls in Finance
Controls

Evolution of Disbursement Controls in Finance

From Clerical Safeguard to Strategic Control Function The history of disbursement controls is, at its core, a history of hard-won institutional knowledge — knowledge accumulated through fraud schemes uncovered, funds unrecovered, and audit findings that arrived too late to prevent the loss. To understand where disbursement controls stand today, and why they matter more than ever, it is necessary to understand where they began: as a modest administrative mechanism designed for a far simpler fina
TIN Matching Requirements
Compliance

TIN Matching Requirements

TIN Matching Requirements in Disbursement Controls Accurate vendor data is the foundation of compliant disbursement processes, and at the center of that data is the Taxpayer Identification Number (TIN).  Ensuring that vendor TINs are correct, validated, and properly matched to legal names is a regulatory expectation with direct financial implications. For accounts payable (AP), finance, and compliance leaders, TIN matching plays a critical role in meeting Internal Revenue Service (IRS) reporti
OFAC & Sanctions Compliance
Compliance

OFAC & Sanctions Compliance

Ensuring that funds are not sent to prohibited individuals, entities, or jurisdictions is a fundamental requirement of effective disbursement control.  Regulatory scrutiny around sanctions compliance has intensified, and organizations are expected to implement robust, defensible processes to prevent violations. At the center of these requirements is the Office of Foreign Assets Control (OFAC), which administers and enforces U.S. economic and trade sanctions.  For accounts payable (AP), treasury
AI-Driven Payment Fraud Threats: When the Attack Learns Faster Than the Defense

AI-Driven Payment Fraud Threats: When the Attack Learns Faster Than the Defense

A New Threat Category — or an Old One Transformed? There is a temptation, when discussing artificial intelligence and fraud, to treat AI-driven threats as a distinct category of attack — something separate from, and in addition to, the BEC schemes, vendor impersonation tactics, account change fraud, and internal risk that the preceding articles in this series addressed. That framing is partly right and importantly wrong. AI has produced at least one genuinely new attack capability that did not
Internal Payment Fraud Risks
Fraud

Internal Payment Fraud Risks

The Most Familiar Fraud — and the Most Underestimated When organizations think about payment fraud, their attention has increasingly turned outward — to the BEC attacker crafting a convincing wire request, the vendor impersonator with a forged bank letter, the cybercriminal monitoring an email thread for the right moment to redirect a payment. These external threats are real, well-documented, and rightly treated with urgency. But the fraud that has historically caused the most consistent damage
Bank Account Change Scams: The Last Line — and the Most Broken One
Fraud

Bank Account Change Scams: The Last Line — and the Most Broken One

The Simplest Fraud with the Highest Body Count Of all the payment fraud schemes that confront accounts payable and treasury functions, phony bank account change scams are, mechanically, among the simplest. An attacker — posing as a vendor, an employee, or an internal colleague — requests a change to banking information on file. The change is processed without independent verification. The next payment goes to the attacker's account instead of the legitimate recipient. By the time anyone notices
Vendor Impersonation Fraud: How It Works and How to Stop It
Fraud

Vendor Impersonation Fraud: How It Works and How to Stop It

The Fraud That Starts Before the Invoice Arrives Vendor impersonation fraud is not a new phenomenon. Organizations have always faced the risk of someone claiming to be a supplier they are not. What has changed is the precision, the scale, and the sophistication of the deception — and the degree to which a threat once associated with unsophisticated schemes has evolved into one of the most technically and operationally advanced forms of payment fraud facing AP functions today. According to the
Business Email Compromise
Fraud

Business Email Compromise

The Attack That Doesn't Need to Hack Anything Most fraud prevention thinking is organized around technical intrusion — firewalls, endpoint security, multi-factor authentication. Business Email Compromise largely ignores all of it. The most financially damaging form of cyber-enabled payment fraud in the world today does not, in most cases, require the attacker to penetrate a network, plant malware, or exploit a software vulnerability. It requires only a convincing email and an AP or treasury fun
Payment Fraud Prevention Strategies
Fraud

Payment Fraud Prevention Strategies

The Question Is No Longer Whether — It's When Every organization that disburses funds is a target. That is not a rhetorical provocation; it is the operating reality that fraud data consistently confirms. The 2024 Report to the Nations from the Association of Certified Fraud Examiners found that a typical organization loses five percent of its annual revenue to fraud. The FBI's Internet Crime Complaint Center reported that Business Email Compromise alone accounted for more than $3 billion in los
Real Time Payments & Instant Payment Risks
Payments

Real Time Payments & Instant Payment Risks

Introduction: The Newest Rail and Its Unforgiving Characteristics Real-time payments are the newest entrant in the organizational disbursement landscape, and they arrive with a risk profile that finance and treasury functions have not fully absorbed. The operational appeal is straightforward and genuine: funds move in seconds, settlement is final, and the rails operate around the clock every day of the year. For time-sensitive vendor payments, emergency disbursements, and counterparties who pla
Virtual Card Payment Controls
Payments

Virtual Card Payment Controls

Introduction: The Payment Method Marketed as a Control Virtual cards occupy an unusual position in the payment risk landscape. Every other payment method covered in this series — ACH, checks, wire transfers and real-time payments — is evaluated by finance and risk professionals primarily in terms of the fraud exposure it carries. Virtual cards are frequently evaluated in the opposite terms: as a control mechanism, a fraud reduction tool, a way to impose transactional discipline on disbursements