The first platform to integrate directly with the UK Fair Payment Code

Tips and Tricks

Five red flags your supplier's bank details have been compromised

A change of supplier bank details is the single most exploited moment in accounts payable fraud. Here are five red flags that a request is not genuine, and the simple checks UK finance teams should run before sending money to a new account.

Five red flags your supplier's bank details have been compromised

Table of contents

The most expensive AP fraud rarely involves a fake supplier. It involves a real one whose bank details have been changed. Here are five red flags, and what to do about them.

The most expensive accounts payable fraud rarely involves an invented supplier. It involves a real, trusted supplier whose bank details have apparently changed, and a finance team that updates the record and pays the new account in good faith. The change-of-details request is the single most exploited moment in AP, because it turns your own trust into the attack. Here are five red flags that a request is not what it seems, and what to do about each.

1. The request arrives by email, with urgency attached

The classic pattern is an email, often appearing to come from a known contact, announcing new bank details and a reason to act quickly: a missed payment, an audit, a switch of bank. Urgency is the tell. Legitimate suppliers rarely need their details changed before the next payment run, and fraudsters rely on pressure to short-circuit your checks. Treat any urgent change request as suspect by default.

2. The sender's email domain is subtly wrong

Look closely at the address, not just the display name. A single swapped or added character, a .co instead of .co.uk, or a lookalike domain is a strong signal of a compromised or spoofed account. The display name will say the right thing; the underlying address is where the lie lives.

3. The new account name does not match the supplier

Run a Confirmation of Payee check on the new details. If the account name does not match the supplier's registered name, stop. A mismatch, or an account in a personal or unrelated business name, is one of the clearest indicators of fraud, and it is exactly what the check exists to catch.

4. The change comes soon after first contact, or from a new contact

Be especially careful when the request comes from someone you have not dealt with before, or early in a relationship before patterns are established. Fraudsters often impersonate a new finance contact precisely because you have no baseline for what is normal. A change of both contact and bank details at once deserves extra scrutiny.

5. The details change but nothing else lines up

Cross-check against what you already know: the supplier's registered details at Companies House, their usual invoice format, the bank and country you would expect. A UK supplier suddenly requesting payment to an overseas account, or details that do not reconcile with their public record, should not be paid until verified through a channel you trust.

What to do before you pay

The defence is simple to state and easy to skip under time pressure. Verify any change of bank details out of band, by calling the supplier on a number you already hold, never the number on the request. Run Confirmation of Payee on the new account. And do not rely on a one-off check at onboarding, because details can be changed at any point in the relationship.

This is where a connected network changes the economics of fraud. When supplier identity and bank details are verified across the network and monitored continuously, a change is flagged and re-verified rather than quietly accepted, and the assurance is shared across every buyer the supplier works with. That turns a moment of individual trust into a network-level verification signal, backed by visible payment behaviour data. See how continuous verification works across the network.

FAQs

Why are supplier bank-detail changes such a common fraud target?
How should a finance team verify a change of supplier bank details?
Can Confirmation of Payee alone stop bank-detail fraud?