Home
  /  
Learning Center
  /  
Accounts receivable fraud: Types & how to detect them

Accounts receivable fraud: Types & how to detect them

Josh Krissansen
Contributor
Table of contents
Get more from BILL
Subscribe to finance insights and thought leadership content delivered straight to your inbox.
By continuing, you agree to BILL's Terms of Service and Privacy Notice.

Is your organization vulnerable to accounts receivable fraud?

Most business leaders assume not, but few really understand how AR fraud works and the various ways it can present.

In this article, we’ll explain what accounts receivable fraud is, the different types that exist, and how to protect your own company against AR fraud.

Key takeaways

Accounts receivable fraud happens when someone inside a company steals money by messing with invoices and payment records.

Common tricks include stealing payments before recording them or using new customer money to hide old stolen cash.

Companies can stop fraud by making sure no single person controls every step of the payment process.

What is accounts receivable fraud? 

Accounts receivable fraud occurs when individuals within the company intentionally manipulate invoicing, payment records, or customer accounts to misappropriate cash or to conceal financial losses.

It targets the point where revenue should convert into cash. This makes it especially damaging because it directly distorts both cash flow and reported performance.

In practice, AR fraud exploits gaps between billing, collections, and reconciliation. It can involve:

  • Falsifying invoices
  • Diverting customer payments
  • Altering customer credit balances
  • Delaying write-offs to hide missing funds

Since accounts receivable sits at an intersection (between sales, finance, and customer relationships), fraud in this area commonly persists undetected, especially where controls and oversight are weak.

For finance teams, accounts receivable fraud is not just a compliance issue.

It undermines cash forecasting, inflates reported revenue, masks operational problems, and can create false confidence in a company’s financial health. Early detection and prevention are critical to protecting liquidity, trust, and decision-making.

Different types of accounts receivable fraud 

AR fraud can take multiple forms. The types of fraud your own organization is most vulnerable to depend on how payments are received, recorded, and reconciled.

Understanding the most common schemes helps finance teams recognize red flags and design controls that close off opportunities for abuse.

Skimming

Skimming involves diverting a customer's payment before it is recorded in the accounting system. Since the transaction never appears in AR, skimming is difficult to detect via standard reconciliations.

This form of accounts receivable fraud is most common in environments with manual payment handling and weak segregation of duties.

Lapping

Lapping occurs when an employee steals a customer payment and covers the shortage by applying a later customer payment to the first account. The cycle continues until it collapses or is discovered.

This scheme relies on control gaps between cash receipt, posting, and reconciliation, and often shows up as frequent payment reapplications or unexplained timing differences.

Fictitious sales

Fictitious sales are a form of AR fraud where fake invoices or customer accounts are created to inflate revenue.

These false receivables are typically later written off or offset to conceal the fraud.

This scheme distorts both revenue and AR balances, which can mislead management as well as external stakeholders.

Fraudulent write-offs

Fraudulent write-offs involve deliberately writing off valid customer balances to hide stolen cash or favour certain customers. This type of fraud often appears as unusually high write-off rates, vague explanations, or repeated write-offs for the same accounts.

Check or payment tampering

This form of fraud includes:

In some cases, payments may be deposited into an unauthorized account before later being disputed as a posting error or customer dispute.

ACH or email phishing schemes

ACH and email phishing schemes rely on social engineering rather than system access. 

Fraudsters impersonate customers or executives to request changes to bank details or payment instructions. Once updated, future payments are diverted to fraudulent accounts, often without immediate detection.

How to detect AR fraud and how to prevent it 

Detecting and preventing accounts receivable fraud requires a combination of strong controls, active monitoring, and informed employees.

The truth is that no single measure is sufficient on its own. Effective prevention against fraud depends on layered safeguards. Here are some measures you should consider implementing.

Implement internal controls

Strong internal controls limit the opportunity for fraud to occur.

  • Segregate duties so no single employee controls invoicing, cash application, adjustments, and reconciliation.
  • Require management approval for write-offs, credit memos, and changes to customer payment details

Standardized processes and documented approvals create accountability and make irregular activity easier to spot.

Maintain secure accounts receivable processes

Secure processes protect against both internal and external threats. 

Processes to implement include:

  • Verifying all changes to customer banking or remittance instructions through secondary confirmation
  • Limiting system access based on role and review permissions regularly
  • Enforcing strong authentication controls and standardized workflows so exceptions are visible and traceable

Monitor transactions and trends

Regular monitoring helps finance teams surface anomalies before losses escalate.

Leaders should review aging reports, unapplied cash, write-off volumes, and adjustments for unusual patterns.

Look for:

  • Frequent reapplications of payments
  • Persistent timing differences
  • Accounts that require repeated manual intervention 

Trend analysis over time is often more revealing than single-period reviews.

Investigate customer complaints promptly

Customer inquiries about incorrect balances, unexpected collection notices, or missing payments should be treated seriously and quickly.

Often, complaints like this provide the first external indication of AR fraud like lapping, skimming, or payment diversion.

Utilize technology and software for fraud detection

Technology plays a critical role in detecting anomalies at scale.

Modern accounting and receivables platforms can flag unusual payment patterns, repeated adjustments, delayed postings, or abnormal write-off trends. Automated matching between bank deposits and receivable records reduces manual handling and highlights discrepancies quickly. 

Audit trails and role-based access controls further strengthen detection and support investigations when issues arise.

Train employees

Regular training reinforces expectations, reduces susceptibility to social engineering, and strengthens the organization’s overall fraud awareness culture.

Employees should understand common fraud schemes, recognize phishing attempts, and know how to escalate concerns safely.

Get paid 2x faster with AR automation.
Get started

Signs of accounts receivable fraud 

Accounts receivable fraud often blends into normal day-to-day activity.

The key to early detection is understanding which red flags truly matter, then reviewing consistently across both employee behavior and transaction data.

These are the red flags to pay the most attention to:

  • Unusual payment patterns and discrepancies: Look for irregular payment activities, recurring posting corrections, unexplained delays between cash receipt and account updates, and a growing balance of unapplied cash.
  • Discrepancies between customer records and bank activity: Check for differences between lockbox reports, bank deposits, and AR postings. Patterns matter more than isolated errors.
  • Employee behaviors that require attention: Look for employees who resist oversight, avoid audits, refuse to take leave, or consistently access systems after hours. While these signals do not prove fraud, they warrant closer review of transactions under that individual’s control.
  • Customer complaints: Check for recurring complaints about missing payments, unexpected collection notices, or incorrect balances

The role of employee training in fraud prevention 

Employee training is a critical control in preventing accounts receivable fraud.

After all, the best systems and policies will only work when the people operating them understand how fraud occurs, how to detect it, and what they should do when something feels wrong.

Ensure that anyone on your team who handles invoicing, cash application, collections, or customer communications has access to the common indicators of lapping, skimming, payment diversion, and phishing attempts. This will make them more likely to question irregular activity and escalate concerns before losses grow.

Effective training programs combine practical examples with clear guidance.

This can include:

  • Internal workshops
  • Role-specific training for finance and customer-facing positions
  • Phishing simulations
  • Written procedures that explain verification and escalation steps so employees feel empowered to take action 

External resources such as professional training courses, industry guidance, and fraud awareness materials can also support internal programs and keep content current as risks evolve.

Creating a culture of awareness and accountability

Above all, training should reinforce that fraud prevention is not solely a finance function but a shared responsibility.

Employees must feel responsible for protecting company assets and confident that raising concerns is expected and supported.

Clear reporting channels, visible leadership support, and consistent follow-through on issues help create a culture where accountability is normal, and suspicious behavior is addressed promptly.

How to respond to accounts receivable fraud 

When accounts receivable fraud is suspected, speed and structure matter. A disciplined response limits financial loss, preserves evidence, and ensures the organization meets its legal and reporting obligations.

Immediate response to accounts receivable fraud

If AR fraud is suspected, the first step to take is to contain the risk:

  • Restrict system access for individuals linked to the activity
  • Freeze affected customer accounts
  • Halt any payment changes, write-offs, or adjustments connected to the suspected fraud
  • Preserve transaction data, system logs, and communications to avoid compromising evidence

Avoid alerting suspects prematurely, as this can lead to data destruction or further losses.

Escalating identified fraud

From there, escalate the issue through formal reporting channels, which typically include finance leadership, legal counsel, and those responsible for internal auditing.

A structured investigation should follow, reviewing transaction histories, approval records, bank activity, and customer communications to determine how the fraud occurred, its duration, and its financial impact.

Where appropriate, involve external auditors or forensic specialists to support independence and credibility.

Legal considerations and potential repercussions

Legal considerations should be addressed early.

Depending on the jurisdiction, as well as the type and severity of fraud, your organization may be required to notify regulators, insurers, lenders, or auditors. Customer notification may also be necessary if payments were misdirected or financial statements were affected.

Seek legal advice as to whether employee actions, civil recovery, or criminal proceedings are an appropriate next step.

Accurate documentation throughout the process is essential to support regulatory compliance and potential legal action.

Preventing AR fraud with BILL 

Accounts receivable fraud thrives in gaps between invoicing, cash application, and oversight. Preventing it requires strong controls, visibility, and disciplined processes across the entire AR lifecycle.

BILL helps close those gaps by:

  • Enforcing role-based access controls and approval workflows to limit who can create, modify, or write off receivables
  • Creating a clear audit trail for invoices, payments, adjustments, and user activity
  • Reducing manual handling through automated invoicing, payment tracking, and reconciliation
  • Securing payment data with bank-level security and controlled access to sensitive details
  • Making exceptions and irregular activity more visible so finance teams can investigate issues early

Get started with BILL today.

Automate your financial operations—demo BILL today
Demo
Author
Josh Krissansen
Contributor
Josh Krissansen is a freelance writer, who writes content for BILL. He is a small business owner with a background in sales and marketing roles. With over 5 years of writing experience, Josh brings clarity and insight to complex financial and business matters.
Author
Josh Krissansen
Contributor
Josh Krissansen is a freelance writer, who writes content for BILL. He is a small business owner with a background in sales and marketing roles. With over 5 years of writing experience, Josh brings clarity and insight to complex financial and business matters.
Get more from BILL
Subscribe to finance insights and thought leadership content delivered straight to your inbox.
By continuing, you agree to BILL's Terms of Service and Privacy Notice.
Accounts Receivable

Continue learning with BILL

Dashboard mockup
BILL and its affiliates do not provide tax, legal or accounting advice. This material has been prepared for informational purposes only, and is not intended to provide, and should not be relied on, for tax, legal or accounting advice. You should consult your own tax, legal and accounting advisors before engaging in any transaction. BILL assumes no responsibility for any inaccuracies or inconsistencies in the content. While we have made every attempt to ensure that the information contained in this site has been obtained from reliable sources, BILL is not responsible for any errors or omissions, or for the results obtained from the use of this information. All information in this site is provided “as is”, with no guarantee of completeness, accuracy, timeliness or of the results obtained from the use of this information, and without warranty of any kind, express or implied. In no event shall BILL, its affiliates or parent company, or the directors, officers, agents or employees thereof, be liable to you or anyone else for any decision made or action taken in reliance on the information in this site or for any consequential, special or similar damages, even if advised of the possibility of such damages. Certain links in this site connect to other websites maintained by third parties over whom BILL has no control. BILL makes no representations as to the accuracy or any other aspect of information contained in other websites.