Protecting your business against invoice fraud
Is your business aware of a potential threat which could severely impact on your cash flow through no wrong doing of your own and your customers?
We have seen an increasing number of cases involving invoice fraud recently, where an invoice is correctly sent (generally by email or some other electronic form) to the customer but, before reaching the customer is intercepted by a criminal who changes the bank details. The criminal then forwards the amended invoice using a spoofed email address seemingly from the creditor. Payment is then made by the customer using the bank details of the criminal and leaving you out of pocket.
This matter is highlighted in the case of J Brazil Road Contractors v Belectric Solar Ltd  (Case Number C1EQ331C2), a case where Brachers represented J Brazil Road Contractor.
In this matter, invoice fraud had occurred when Belectric Solar Ltd (the customer) made payment to a criminal after failing to make checks around the validity of the bank details provided to them in an invoice that seemed to be from J Brazil Road Contractors (the contractor).
The contractor later made a claim against the customer for payment which, in their view, remained outstanding. The customer argued against this, stating:
- They could rely upon the details on the invoice received as it, seemingly, had been sent from the contractor’s email address.
- As the email had, seemingly, been sent from the contractor’s email address then the contractor had given ostensible authority for their email address to be used and for which the contractor was responsible.
- This was one or, probably, many cases of this type and therefore matters should go to trial as being of public importance.
These arguments were rejected by the Judge, who said both parties had been victims in the fraud and that it could not possibly find that the hacker had been an agent of the contractor; to do so would render the contractor liable for matters which were out of their control. Accordingly the customer’s appeal was dismissed and the judgment in favour of the contractor remained.
The Judge did comment that factors that would have supported the customer’s arguments included:
- If they could show that the contractor was aware their email account had been hacked and done nothing about it.
- If they had argued that disclosure of fraudulent activity on the contractor’s server was required, this could have avoided a summary judgment.
This is one of many cases which we have seen involving this type of fraud. To combat such potential criminal activity we suggest:
- You provide your bank details to your customers upon initial instruction with confirmation that these will remain unchanged. Such advice should be provided on paper via the post or by hand delivery to the customer.
- We also suggest that you clearly state on your invoices that the bank details are as previously communicated and, if in any doubt, the customer should check the details with you first.
There may be instances where, despite your very best efforts a fraudster infiltrates your system but, by doing all you can to prevent this, you will be in a far better position when you have to seek payment of the outstanding balance.
At Brachers we offer a full range of services for your debt collection needs. Should you have a similar issue please do not hesitate to contact Jodene Conway on 01622 690691.