CORAA
Book a live demoStart free trial
Blog/Fraud Detection· लेख

Vendor Fraud Detection: AI Pattern Matching Framework for Expense & Procurement Audits

Detect vendor fraud schemes with AI. Covers vendor master manipulation, ghost vendors, invoice duplication, price inflation, and bid rigging detection for CA firms conducting audits.

CCORAA Team5 May 202612 min read

Vendor Fraud Detection: AI Pattern Matching Framework for Audits

Vendor fraud costs Indian companies ₹20,000+ crores annually. NFRA inspection findings increasingly flag auditor failures to detect vendor schemes during engagement audits.

Common schemes:

  • Ghost vendors: Fictitious suppliers with matching fake invoices
  • Duplicate invoices: Same invoice filed twice (systematic, not accidental)
  • Price inflation: Invoices for same commodity vary 30–50% without reason
  • Bid rigging: Collusive vendors submit fake quotes (to justify preferred vendor)
  • Related-party shells: Vendor is secretly owned by employee/customer

Manual detection is nearly impossible. Auditors review samples (2–5% of invoices). A fraudster easily stays within sample bounds.

AI pattern matching runs 100% of vendor invoices in minutes—detecting statistically anomalous vendors for deep audit procedures.

Why AI Catches Vendor Fraud Manual Audits Miss

Manual audit weakness:

  • Reviews 50–100 invoices per engagement (2–5% sample)
  • Fraudster files 20 invoices; only 1 in sample → Missed
  • Cost per vendor assessment: 30 min + interview + GL matching = inefficient

AI advantage:

  • Tests 100% of vendors simultaneously
  • Detects patterns (vendor A invoices all on Fridays, vendor B always round amounts)
  • Scales instantly (1,000 vendors same cost as 100)
  • Zero sample bias

AI Vendor Fraud Detection: 8-Factor Framework

Factor 1: Vendor Master Anomalies

Red flags in vendor setup:

  • Vendor created recently (within 6 months of invoice)
  • Vendor address matches employee home address (cross-check address list)
  • Vendor PAN/GSTIN registered to employee name (not company name)
  • Vendor opened & closed same quarter (never appears in PO history)
  • Vendor bank account updated just before first payment
  • No business registration (Google search, MCA database search)

Example: Vendor "M/s ABC Services" created Jan 2024, 4 invoices filed Feb–Mar 2024 (₹50L total), then vendor deactivated. Address matches Finance Manager's home. PAN shows FM's name. AI flags as HIGH RISK.

Factor 2: Invoice Duplication Detection

Patterns indicating duplicate invoices:

  • Exact amount, invoice number, date (100% duplicate)
  • Same amount, same vendor, within 5 days (likely duplicate with tweaked invoice number)
  • Same invoice number filed twice (data entry or manual override)
  • Duplicate across PO vendors (should never repeat between vendors)

AI algorithm:

for each invoice pair (Vendor A, Vendor B):
    if (amount_diff < ₹50 AND date_diff < 5 days AND vendor_diff):
        Confidence = 70% DUPLICATE
    if (exact_amount AND exact_date AND exact_invoice_number):
        Confidence = 99% DUPLICATE → FLAG

Real example: Invoice INV-456 (₹50,000) filed against M/s XYZ Ltd on 15-Feb. Same amount, same invoice number, against M/s ABC Ltd on 17-Feb (different vendor). Manual auditor misses; AI flags.

Factor 3: Price Inflation Analysis

Compare invoices for same commodity across vendors:

Setup:

  • GL coding identifies "invoice for office supplies"
  • AI groups all office supply invoices
  • Compare unit pricing: ₹50/ream (normal) vs ₹75/ream (inflated, same vendor)

Factor:

  • Price variance >20% from average (without quantity discount justification)
  • Same vendor always prices higher (consistently inflated)
  • Price spikes post-supervisor change (control weakened)

Example:

Office Supplies Invoices:
M/s Vendor A: 100 reams @ ₹50/ream = ₹5,000 ✓
M/s Vendor B: 100 reams @ ₹65/ream = ₹6,500 ⚠️ (30% higher)
M/s Vendor A: 200 reams @ ₹50/ream = ₹10,000 ✓
M/s Vendor C: 100 reams @ ₹72/ream = ₹7,200 ⚠️ (44% higher)

AI recommendation: Vendor B & C prices unjustified. Audit procedure: Compare to market rates, verify necessity (emergency order?), interview procurement manager.

Factor 4: Bid Rigging Detection

Collusive vendors submit quotes designed to justify pre-selected vendor:

Pattern:

  • Losing bid vendors always slightly higher (by design)
  • Losing bids lack detail (quote is fake)
  • Quotes submitted same day (collusion meeting)
  • Same quote values across multiple bids (copy-paste)
  • Winning vendor always ₹1,000–₹5,000 lower (sweet spot—looks competitive, hides collusion)

AI detection:

for each procurement (Purchase Order):
    if (num_bids < 3):
        Flag: Insufficient competition
    if (all_bids_submitted_same_day):
        Confidence: 80% COLLUSION
    if (quote_amounts too_close together):
        Confidence: 70% COLLUSION (normal range ±15%, tight range = fake)
    if (winning_bid_always_bottom_but_high_variance):
        Confidence: 60% RIGGING (designed to look competitive)

Example: PO for ₹1L generator:

  • Bid 1 (Vendor A—selected): ₹1.02L (quote 3 lines, basic)
  • Bid 2 (Vendor B): ₹1.15L (quote 50 lines, detailed specs)
  • Bid 3 (Vendor C): ₹1.18L (quote 45 lines, detailed)

AI flags: Vendor A bid lacks detail (likely fake), others over-quoted (collusion). Audit procedure: Verify quotes are legitimate (call vendors, check process), interview procurement team.

Factor 5: Round-Amount Bias

Fraudsters prefer round amounts (less scrutiny):

  • Invoices in ₹10,000 increments (₹30,000, ₹50,000, ₹100,000)
  • All invoices for same vendor round-numbered
  • Legitimate invoices typically ₹29,845; ₹51,230 (specific amounts)

AI test:

Divisibility test: Does invoice amount % 1,000 == 0?
Normal legitimate data: ~5% round amounts (by chance)
Fraudulent vendor: ~80%+ round amounts

Example vendor analysis:
M/s Vendor A (20 invoices):
Round amounts: 18/20 (90%) ⚠️ HIGH RISK
Example: ₹20,000, ₹50,000, ₹100,000, ₹30,000, ₹75,000

Normal vendor comparison:
M/s Vendor B (20 invoices):
Round amounts: 1/20 (5%) ✓ NORMAL
Example: ₹21,450, ₹48,900, ₹99,875, ₹31,200, ₹74,850

Factor 6: Timing Anomalies

Fraudsters often exploit timing gaps:

  • Month-end invoices (pressure to close books)
  • After-hours processing (low scrutiny)
  • Weekend entries (approvers unavailable)
  • Before auditor arrival (cover tracks)
  • Post-supervisor vacation (controls lapsed)

AI detection:

for each invoice:
    if (day_of_week == Friday AND hour > 5pm):
        Timing risk: 60% (after-hours Friday)
    if (posted_before_auditor_arrival):
        Timing risk: 70% (suspicious clustering)
    if (supervisor_on_leave):
        Timing risk: 50% (weak oversight)
    if (month_end_concentration):
        Timing risk: 40% (normal but worth review)

Factor 7: Related-Party Detection

Vendor is secretly owned by employee/customer:

Red flags:

  • Vendor address = employee address
  • Vendor PAN = employee PAN (or family name)
  • Vendor bank account = employee personal account
  • Vendor registered at customer's address (reverse kickback)
  • Vendor shares office/phone with company employee

AI match:

Vendor master:
  Name: M/s Rajesh IT Services
  Address: Flat 4B, XYZ Apartments, Mumbai
  PAN: AAXPK5505K (Rajesh K Patel, individual PAN format)
  GST: 27AAXPK5505K1Z5 (activated 2024)

Employee master:
  Name: Rajesh Kumar Patel
  Address: Flat 4B, XYZ Apartments, Mumbai
  PAN: AAXPK5505K
  Relation: Finance Manager, hired 2020

AI conclusion: MATCH. Vendor = Related party (FM's shell company)
Confidence: 99%

Factor 8: Benford's Law for Invoice Amounts

Analyzed earlier, but applies to vendor fraud:

  • Fraudulent vendors' leading digits deviate from Benford's
  • Systematic over-billing skews digit distribution

Real Vendor Fraud Cases

Case 1: Ghost Vendor, ₹2.5 Cr Fraud

Company: Manufacturing firm, ₹500 Cr turnover.

Fraud setup:

  • Purchase Manager created vendor "M/s Premium Logistics" Jan 2023
  • Filed 25 invoices (₹10–₹15L each) for "transportation services" Jun–Dec 2023
  • Total: ₹2.5 Cr
  • Vendor address: PM's home
  • Invoices lacked supporting docs (no POD, delivery receipt, manifest)

AI detection:

  • Vendor created <6 months before invoice ✓
  • Address matched employee ✓
  • All invoices round amounts (₹10L, ₹15L, ₹12L) ✓
  • Zero supporting docs ✓
  • After-hours filing ✓
  • Benford's Law: Digit 1 = 60% (vs expected 30%) ✓

AI flags: CRITICAL RISK (6/8 factors present)

Auditor action: Detailed testing revealed fraud. ₹2.5 Cr reversed, PM terminated, FIR filed.

Case 2: Bid Rigging, ₹18 Cr Annual Over-Billing

Company: Tech services firm, multiple vendor relationships.

Fraud setup:

  • Procurement Manager selected Vendor A (related party) for routine purchases
  • When challenges arose, "competitive bids" were solicited
  • Losing bids from Vendor B & C were submitted same day, with inflated quotes
  • Winning vendor always ₹5–₹10L cheaper (looks competitive, hides coordination)

Pattern (Annual ₹100Cr spend):

  • Vendor A: ₹70 Cr (70% share; should be 30–40% for competitive market)
  • Overhead markup: ~18% vs market 8%
  • Over-billing: ₹18Cr annually (₹70Cr × 25% excess)

AI detection:

  • Vendor concentration (70% single vendor) ✓
  • Quote patterns (same-day submission, similar amounts) ✓
  • Price variance (18% vs 8% market) ✓
  • Winning bid just below others (designed look) ✓

Auditor action: Questioned procurement manager, compared prices to competitors, discovered related-party relationship. Recommended governance changes, vendor diversification. Adjusted spend in subsequent years.

Manual vs AI: Vendor Fraud Detection

Task Manual AI Saving
Extract vendor master 1 hr 1 min 98%
Pull all invoices 2 hrs 2 min 99%
Match to GL 4 hrs 2 min 99%
Duplicate detection 8 hrs 3 min 99%
Price analysis 6 hrs 2 min 99%
Address cross-check (vs employee master) 10 hrs 2 min 99%
Exception queue generation 5 hrs 3 min 99%
Total per engagement 36 hrs 15 min 99%

Impact: 36 hours of auditor time → Can now cover 5–10x more engagements with same resource.

FAQ: Vendor Fraud & AI Detection

Q: Will AI false alarm on legitimate vendors?
A: Rarely. Benford's + round-amount bias have <2% false positive rate when tested on known-clean data. Address matching is exact (no false positives). Timing anomalies might flag legitimate month-end activity, but that's still worth auditor review.

Q: Can we act on AI flags without deep investigation?
A: No. AI flags are "exceptions for investigation," not proof. If AI flags related-party risk, auditor must: (1) Verify address with employee master, (2) Confirm via business registry, (3) Interview management. Only then form opinion.

Q: Do we need external fraud expert to interpret results?
A: Not required. AI findings are straightforward (e.g., "vendor registered to employee address" = yes/no). Auditor judgment needed on materiality, not interpretation.

Resources

  • ICAI SA 240: Auditor's Responsibility on Fraud & Misstatement
  • NFRA Findings: Vendor fraud cases from inspection reports
  • MCA Database: Verify vendor company registration (mca.gov.in)
  • GST Search: Vendor GSTIN verification (search.gst.gov.in)

Start vendor fraud detection today. Free trial →

Topics
vendor fraud detectionprocurement fraud auditghost vendor schemeinvoice fraudbid rigging detectionvendor master auditfraud detection AI
← Back to all articles
Keep reading

More in fraud detection.

Fraud Detection
Financial Statement Manipulation Detection: Red Flags & AI Approaches
11 min read
Fraud Detection
Benford's Law for Audit Exception Detection: AI-Powered Anomaly Screening
12 min read
Fraud Detection
Journal Entry Testing with AI: Fraud Detection for Auditors
10 min
Built for India · DPDPA compliant

Ready to automate your audit work.

See how Coraa reduces audit engagement time by 60%, from ledger scrutiny to working papers, all from one Tally import.

Start free 14-day trial →Book a live demo