Two former executives, Michael Vergato and Mark Perlstein, were sentenced in Colorado for orchestrating a fraud scheme that defrauded a data management company of nearly two million dollars.

Vergato, who was the vice president at Arrow Electronics, created a shell company named Oracle Performance Tuning and Optimization LLC (OPTO) which submitted 21 fraudulent contracts and invoices for database performance tuning services that were never actually performed.

Perlstein, serving as CEO of the data management company, approved these fake invoices and wired the payments to OPTO. The proceeds from this scheme, totaling approximately $1.95 million, were divided between the two men.

Vergato concealed his involvement by using his stepdaughter's identity and fake emails for business conducted under OPTO, while Perlstein also employed false identities and corporate entities to hide their activities.

Vergato kept roughly $874,000, which he used for luxury vehicles, credit card payments, retirement funds, and rent, whereas Perlstein received more than a million dollars.

Both were sentenced to federal prison - Vergato received 46 months and Perlstein 35 months - and were fined $20,000 and $15,000 respectively.

They were also ordered to pay restitution for the full amount taken and will serve three years of supervised release following their prison terms.

Source: https://www.justice.gov/usao-co/pr/former-executives-sentenced-19-million-fraud-scheme

The above matter highlights abuse of executive authority for personal financial gain.

Organizations can guard against embezzlement schemes involving false identities and invoice fraud by establishing rigorous internal controls focused on vendor verification and payment authorization.

Ensuring that each vendor is subject to thorough background checks, including validation of their legal identity, bank account information, and contact details, reduces the risk of fraudulent entities entering the vendor system. This should be reinforced by a secure vendor onboarding process that includes multi-factor authentication to prevent unauthorized changes to vendor records.

Invoice processing must involve segregation of duties whereby different staff members manage invoice receipt, approval, and payment to prevent a single individual from having unchecked control over the entire transaction.

Automation technology plays a critical role by enabling real-time matching between purchase orders, goods receipts, and invoices to detect discrepancies and flag suspicious invoices for further review.

Digital invoicing portals centralized for supplier submissions can help monitor changes in vendor profiles and alert staff to any modifications, preventing fraudsters from exploiting identity changes without detection.

Training employees on red flags related to invoice fraud, such as unrecognized vendors, irregular invoice details, and sudden changes in bank information, fosters a culture of vigilance essential for early fraud detection.

Establishing open channels for reporting suspicious activity without fear of retaliation encourages timely whistleblowing, which is crucial for intercepting fraudulent schemes.

Regular audits and data analytics to identify unusual payment patterns further strengthen defenses by uncovering fraudulent behavior that might evade traditional oversight.

Collaboration with suppliers to ensure secure invoicing practices and verification of all payment instructions adds an additional line of defense.

Finally, combining operational best practices with emerging technologies and employee awareness creates a multi-layered approach to safeguarding organizations from financial losses because of invoice fraud perpetrated through false identities.

The final takeaway is that sustained vigilance, supported by robust verification, segregation of duties, and technological safeguards, is essential to prevent identity-based invoice fraud and protect organizational assets.