Security Risks of Remote Accounts Payable

Security Risks of Remote Accounts Payable

It was middle March when everything changed. In a matter of days, organizations went from wondering how serious this virus was going to get to facing stay-at-home orders.

Overnight, working remotely became “a thing.” Essential industries were allowed to keep operating, but everyone else had to stay home. In 2020, fortunately, many could stay home and still work.

Working remotely has been less easy for accounts payable. Even companies with a high degree of automation still have some paper coming in. Others are less automated. And checks, according to a 2019 AFP study, still account for more that 40 percent of supplier payments.

AP departments have scrambled to figure out how to manage it. Some work remotely while someone has had to deal with the incoming paper invoices and outgoing checks. Meanwhile as most workers have been operating from bedrooms, living rooms, home offices and basements, IT has been having nightmares. Security is a huge challenge. With computers now outside of firewalls and private networks, the vulnerabilities have increased exponentially.

Accounts payable has focused on its mission, as have workers operating remotely in other departments. With all the disruption, getting the core mission accomplished has taken the energy and attention. But given that AP handles sensitive information all the time, many AP managers have recognized they face new risks. Whether they or IT have had time to adequately address it is another matter.

Borrowing an illustration from Robert Kang, an adjunct professor of cyber-risk management at Loyola Law School, cited in, imagine a castle, protected by moat and wall. While everyone is inside, there’s security. But suppose most everyone moves outside the wall beyond the moat, to individual outposts and cottages. But those are connected by tunnels to the inside of the castle. Suddenly the opportunities to breach security are everywhere.

Malicious parties are working overtime, seizing on the disruption.

Staffs must be diligent in following company policy and good computing practices to protect company, supplier, employee and personal information. We’ve heard most of the ideas before:

  • Use good password practice—change you passwords; do not use the same password for multiple logins and accounts; and do not share passwords.
  • Update all work logins as per instruction from IT. Do it.
  • Whenever possible, employ multi-factor authentication (MFA). Most people are accustomed to MFA as consumers, as when in addition to a password, a code received via email or text must also be entered to access a personal account. It is time to apply MFA to access company networks, systems and databases as well.
  • Update the security password on your home wireless router, especially if you never changed it from the original default! This may be especially critical for those working in denser urban areas but should be done by everyone. Some recommend updating the wireless router password every quarter.
  • Be alert. Look out for email scams, avoid links and downloads that come from unknown sources. Look closely at email addresses to ensure they’re legitimate.
  • Beware pretexting—emails that appear to be from company managers or executives, asking for certain actions to be taken or information supplied. If you’ve never gotten an email from the CFO asking you to rush a payment before, check it out by calling the CFO before following through on the request!

AP must safeguard sensitive information, including financial information, personal information, proprietary business documents and organization secrets.

Ideally, remote staff are able to work from home on company computers rather than personal computers. And ideally companies have a virtual private network (VPN) through which remote staff access company files and systems.  (Note, however, that installing a company VPN on employees personal computers is not recommended, according to Security Professional Morey Haber, writing in Forbes in January 2020. Because personal computers typically lack many of the protections that are part of company computers, VPN installation is highly risky. It provides that tunnel from an “outpost” in behind the castle walls.)

Employees should not use public, unsecured networks. Oh, and they should turn off their computer every night. Less time online is less time subject to breach attempts, and it also can clear some attacks before they fully embed.

Of course all these things should have been done from the start, and if your IT team or just your smart selves have done so, good for you. But if the scramble to achieve the core mission has prevented thoughts of anything else until now, better late than never.

For secure, affordable and easy-to-implement help with vendor inquiries or onboarding, contact us to see how InvoiceInfo and VendorInfo can help.

Simple to Launch.  Simple to Use.

Request a Demo

Stop Calls and Emails, Enhance
Service and Increase Profit!

InvoiceInfo saves labor hours and cost by helping suppliers and internal staff easily and instantly get answers online to their invoice-payment questions.

If you are like many finance leaders today, you are being challenged to reduce costs more quickly. InvoiceInfo delivers real bottom-line results almost immediately, allowing you to deploy your customer service staff to focus on more productive, bottom-line oriented tasks.

Let us show you how InvoiceInfo's vendor self-service portal can help your organization eliminate invoice inquiry emails and calls while enhancing service to your accounts payable customers.


Get Up and Running Quickly and Seamlessly

InvoiceInfo and VendorInfo are standalone applications that can be up and running in as little as two weeks, with little or no IT resources required.

The faster your online portal is up and running, the sooner you will start reaping the benefits. InvoiceInfo and VendorInfo are dedicated solely to helping AP and procurement departments slash the time and expense of servicing vendors, while improving customer service for their suppliers.

InvoiceInfo and VendorInfo are simple solutions with big results. They are easy to implement and easy to use. Here’s how one customer described the process: “You give vendors a URL, provide instructions about what they need to know and tell them to go use it.” It really is that easy.


Improve Productivity with a Self-Service Solution

For most organizations, deploying a technology solution is a significant investment, and like most investments, the decision point ultimately comes down to the expected return on that investment.

According to a recent benchmark study by The Accounts Payable Network, 60% of AP customer service calls are from vendors while 40% are from internal customers. Vendor issues actually make up even more of the AP call volume than the 60% identified. Many times when a vendor has an issue, the vendor contacts their buyer or purchasing representative, who in turn contacts AP. Even though the call comes from an internal customer, the question originated with the vendor.

Vendor calls affect productivity in your organization exponentially. When vendors call the requisitioner, they are affecting that person’s productivity. Your internal customer’s productivity shrinks when fielding the vendor’s call and again when making the follow up call to AP and getting back to the vendor. Finally, AP’s productivity suffers as a result of the internal customer’s call, the payment status research and the follow-up communication.

With a minimal investment of IT time and talent, you can start reducing customer service calls and expense in a matter of weeks. In addition, you improve vendor relations since you are giving your vendors what they want — answers to their questions immediately — a win-win for everyone involved!


Easy and Economical Solution to Serve Vendors Around the World

InvoiceInfo can help you provide best-in-class customer service to your vendors around the world at a fraction of the cost.

Many organizations today have offices and operations throughout the world and are dealing with many time zones, different languages, and in some cases multiple ERP systems. InvoiceInfo currently supports different languages and can easily work with multiple ERP systems in different locations.

The key to good customer service is to provide the information that the customer wants when they want it. Whether your customer is a vendor waiting for a payment or a colleague that needs information on payment status, they want their information right away. If your organization has vendors and offices in other countries, they can be challenging and expensive to serve. But, with InvoiceInfo, your international vendors and internal customers can access the information they need when they need it.

With InvoiceInfo, you won’t have to staff your customer service team with 24-hour coverage in multiple languages to provide high-quality customer service around the world.


Enhance AP’s Role As a Strategic Partner

Learn how InvoiceInfo can help AP do more with less while continuously improving productivity and bottom-line results.

Many automation technologies such as scanning, workflow, e-invoicing, ACH, and electronic invoicing require significant investments of money, time and talent, making it difficult to get buy-in from upper management. Not InvoiceInfo!

If your goal for your AP department is to reduce costs quickly, call or email us today to learn more about how InvoiceInfo can help you achieve this goal through a quick, inexpensive and easy implementation of a vendor self-service portal.


Enhance Vendor Relationships

InvoiceInfo helps suppliers’ AR departments with simple and convenient access to invoice payment status online at a cost savings for all involved.

It may seem that the organization paying the vendor should hold all the cards in the relationship. But sometimes the opposite is true. Past-due payments and customer service perceptions can harm supplier relationships and disrupt the supply chain.

Your vendors and vendor relationship managers are living in a dynamic, fast-paced environment, so when invoice information is required, it is needed quickly and expected to be of high quality. With InvoiceInfo, your suppliers get answers to invoice inquiries real time, 24/7 with no need to leave messages and wait for responses. Studies show that confidence in data increases when suppliers access invoice and payment information themselves.


Give Procurement and Buyers the Tool They
Need to Respond to Vendors Quickly

Not only can InvoiceInfo be used by suppliers to learn the status of invoice payments, it can also be used internally within your organization.

In addition to reducing calls from vendors regarding invoice status, you can also reduce internal emails and calls from co-workers wanting to learn the status of invoice payment, and save time and effort and boost efficiency and productivity across the organization. Studies show that 40% of AP customer service calls are from internal customers. Many of these are from requisitioners who have received calls or emails from the supplier checking on payment status. These calls are often more expensive for the company because the internal staff member has taken the call or received an email from the supplier, contacted AP for the payment status and had to return the call or email the supplier.

By providing the vendor with a convenient and credible online option to get the answers it needs regarding payment status, you can eliminate multiple calls/emails between the vendor and the requisitioner saving time and money.


Eliminate Difficult Vendor Calls and See
Productivity and Staff Morale Soar

Reduce invoice payment inquiries and “promote” your vendor service team to more satisfying and profit-producing tasks.

By sharply reducing inbound calls and emails regarding receipt and payment status that your AP staff must handle individually, your staff can focus their efforts on more productive, cost-saving activities, learn new tasks, feel more confident and boost their careers.

According to a recent American Express survey on customer service, more than one-third of consumers have lost their temper with a customer service professional in the past year. Of those who lost their temper, three in ten “hung up the phone.” Your staff will no longer have to deal with difficult collectors who can be upsetting and disruptive. Your staff will feel that their time and talents are being put to better use and will feel better about themselves, their jobs and their organization. Reducing these calls can be a real productivity and morale booster for your AP department!


Simplify and Streamline Vendor Onboarding

According to Price Waterhouse Coopers, the average organization spends about $20 in labor to file each paper document, approximately $120 in labor searching for each misfiled document and $220 in re-creation of a document.

Wouldn’t it be great to have all your W-9’s, W-8’s and other registration documents completed online and instantly filed online for easy access when needed? With Vendor Self-Service Onboarding Module, VendorInfo, you can onboard your new vendors in one convenient location and eliminate paperwork and hassles.


Verify the Accuracy of Vendor Information and Stay in Compliance with IRS and Treasury Department Regulations

Government regulators are increasing the complexity of regulations and penalties associated with vendor-related non-compliance.

Penalties for incorrect 1099’s have more than doubled in recent years. Over the last several years, OFAC has levied more than $1 billion in fines against American companies or subsidiaries that did business with restricted businesses, organizations and individuals on its SDN list. In addition to fining these companies, the Treasury Department posts the names of infringing organizations along with fines paid.

VendorInfo Onboarding Module verifies the accuracy of vendor information and helps protect your organization by avoiding embarrassing penalties and fines.

Book Your Live Demo


Simple to Launch.  Simple to Use.

Request a Demo