Now Hiring: Are you a driven and motivated software consultant?


Scam emails & company procedures


Scam emails & company procedures

A recent experience by one of our Sage CRE clients serves as a valuable lesson for all staff to be aware of and follow internal procedures, and the importance of backing up internal procedures with automated system alerts.

An Accounts Payable team member received an email from a long-time Vendor to advise their bank accounts details had changed for all future EFT payments.  The email contained all the appropriate Vendor details such as signature, logo and appeared to be a genuine communication.   The usual procedure that all written notifications from Vendors must be followed up with a return phone call to the Finance Manager at the Vendor to confirm the communications are legitimate.  In this instance the internal procedure was not followed and the bank account details were updated in Sage CRE, without the usual double verification.

 The vendor was then paid $116,000 as part of the end of month EFT run.

The following month the Vendor advised the invoices were now overdue and investigations began.  The original email sent to our client was a scam (and also sent to a number of other companies) with the end result being hundreds of thousands of dollars were sent to a fraudulent bank account.  A police investigation continues.

After approximately 7 months, our Sage CRE client received payment on their insurance claim less deductible excess of $10,000. 

The consequences of this procedural error for our client was costly in dollars and time.  While their internal procedures were in place, human error can occur, but coupled with a program such as Sage Alerts any internal procedure can be strengthened.

Sage Alerts is a program where you can create rules to alert any number of defined users to an event.  In this case a rule could be put in place to alert the Finance Manger if a Vendors bank account details are modified.  Also consider an alert for overdue customer invoices, employee birthdays and anniversaries, job cost over-runs, late PO’s, unposted batches – the list is endless.  Errors may always occur, but reducing the cost and impact can be controlled.