- Customer Blog
- The Cost of Catching AP Errors Too Late
The Cost of Catching AP Errors Too Late
AP risk rarely announces itself. It hides in a supplier record that looks fine, an invoice that clears without a second look, a payment that goes out before anyone spots the pattern. By the time it surfaces, usually during close, an audit, or a supplier escalation, the cash is already gone and the cleanup is expensive.
That was the starting point for our recent webinar, where Basware's Rob Wilson,
Hassan Qasim and Tom Santacroce walked through why invoice lifecycle risk is getting harder to catch and what modern control looks like in 2026.
The numbers behind the risk
Two problems are compounding at once. Ordinary errors are already costly: duplicate and erroneous payments quietly drain up to 2% of every dollar paid out. On a billion dollars in spend, that's roughly $8 million a year, and once it's out the door, getting it back depends on supplier cooperation you can't count on.
Fraud is the more visible problem, and it's accelerating. The share of companies hit by payments fraud jumped from 68% to 78% in a single year (AFP), with seven in ten businesses reporting an increase in AI-generated fraud attempts. Yet less than a third of the market has deployed technology built to catch it.
The session also walked through what this looks like at scale: a $122 million invoice scheme that fooled Google and Meta for nearly two years, a $37 million vendor impersonation loss at Toyota, and a $12 million scheme at Amtrak involving more than 100 employees. Different industries, different failure points, same root cause: controls that caught the problem too late.
Where traditional controls fall short
The webinar broke this down into a few consistent blind spots:
-
ERPs check once, broadly. They catch exact-match issues but miss the near-duplicates and pattern-based risks that matter most.
-
Audits look backward from a point in time, not forward.
-
Manual reconciliation doesn't scale. Most teams only reconcile 10 to 20% of supplier statements, leaving the rest unchecked.
-
Vendor master cleanup, best done quarterly, often happens once a year, if that.
The result is a set of controls built for a slower, less automated threat landscape, not one where AI-generated fraud is showing up in the inbox daily.
What continuous control looks like
This is where AP Assurance comes in, pairing two capabilities that close the gap on either side of the pay run:
AP Protect works before payment, using AI-powered detection (more than 800 algorithms) to flag risky transactions, catch near-duplicates that bypass traditional checks, monitor changes to sensitive vendor fields like bank details, and keep the vendor master clean. Customers using it recover up to $1 million for every $1 billion in spend.
Statement Matching works after payment, automating reconciliation across 100% of supplier statements rather than a sampled slice, surfacing missing invoices and credits, and producing audit-ready evidence when questions come up. Many teams also recover aged, unapplied credits they didn't know they had, often enough to offset the cost of the software itself.
Together, the shift is from reactive cleanup to continuous, proactive control, and from hoping your numbers are right to knowing they are. That distinction matters: BlackLine research cited in the session found that 37% of CFOs don't fully trust their own financial data, and 98% lack complete confidence in cashflow visibility.
Watch the full session
This recap only scratches the surface. For the full conversation, including the live product walkthroughs of AP Protect and Statement Matching and the Q&A on roadmap, implementation effort, and what's really driving customers to act, watch the session below.