The Finance Manager's Monthly Fraud Detection Checklist

Australian businesses reported $2.03 billion in scam losses in 2024, according to the National Anti-Scam Centre's Targeting Scams report. That figure dropped 25.9% from 2023 — but here's the uncomfortable truth: the frauds that hit hardest are the ones nobody notices for months.

The ACFE's 2024 Report to the Nations found that occupational fraud takes a median of 12 months to detect, with a median loss of $145,000 per incident. For small businesses with fewer than 100 employees, that loss figure sits at $141,000 — often enough to threaten the business itself.

A monthly fraud detection review won't catch everything. But it will catch most things far sooner than waiting for an auditor, a tip-off, or a bank statement that doesn't add up. This checklist is designed for finance managers at Australian SMBs using Xero — practical, repeatable, and built around the risks that actually matter.

In this article:

• Why Monthly Reviews Matter More Than Annual Audits
• The Monthly Fraud Detection Checklist
• Red Flags That Should Stop You Cold
• How to Document Your Reviews
• Building the Habit: Making It Stick
• Related Reading

Why Monthly Reviews Matter More Than Annual Audits

Most Australian SMBs rely on their annual audit or BAS review as their primary fraud detection mechanism. The problem? That's like checking your smoke detectors once a year and hoping for the best.

The ACFE's research shows that 43% of occupational frauds are detected by tips — not by auditors. Internal audits only catch about 15% of cases. The gap between those numbers represents the frauds that slip through because nobody was looking at the right time.

Monthly reviews close that gap. They create a rhythm of scrutiny that makes it harder for patterns to develop unnoticed. A supplier bank detail that changed three days before a large payment is easy to spot in a monthly review. It's invisible in an annual audit buried under twelve months of transactions.

They also create a paper trail that demonstrates due diligence — increasingly important under Australia's Scams Prevention Framework, which places obligations on businesses to take "reasonable steps" to prevent scam losses.

The Monthly Fraud Detection Checklist

This checklist is designed to take 2–4 hours once a month. Block the time in your calendar. Treat it like month-end close — non-negotiable.

1. Supplier Bank Detail Changes

This is your highest-priority check. Payment redirect fraud — where a criminal changes supplier bank details to divert legitimate payments — is the single most effective fraud targeting Australian businesses.

What to do:

1. Pull a report of all supplier contact changes in Xero for the month
2. Cross-reference every bank detail change against a verified source (call the supplier on a known number, not the one in the email)
3. Flag any changes that occurred within 48 hours of a payment
4. Verify that changes went through your approval process

What you're looking for: Changes made by someone who doesn't normally handle supplier records. Changes accompanied by an urgent email. Changes to BSB/account numbers where only one digit differs from the original.

2. Duplicate Payment Scan

Duplicate payments are the most common form of accounts payable error — and a favourite method for internal fraud.

What to do:

1. Run a duplicate invoice report in Xero (matching on invoice number, amount, and supplier)
2. Check for invoices from different suppliers with identical amounts on the same date
3. Look for sequential invoice numbers from the same supplier with matching amounts
4. Review any payments that were processed manually outside your normal batch cycle

What you're looking for: Exact duplicate amounts, especially round numbers. Invoices that bypass your normal three-way matching process. Payments to suppliers you've never heard of.

3. New Supplier Review

New suppliers created in the last month deserve extra scrutiny. Ghost suppliers — fictitious vendors created to siphon funds — are a classic internal fraud scheme.

What to do:

1. List all new suppliers added to Xero in the past month
2. Verify each one has a legitimate ABN (use the Australian Business Register)
3. Confirm you have a signed contract or purchase order for each
4. Check that no new supplier shares a bank account, address, or phone number with an existing supplier or employee

What you're looking for: Suppliers with PO Box addresses only. ABNs that don't match the business name. Bank accounts that match other suppliers or staff members. Suppliers created by someone who also approves their payments.

4. Payment Pattern Analysis

Fraud often hides in patterns that look normal individually but stand out in aggregate.

What to do:

1. Sort all payments by amount and look for clusters just below approval thresholds (e.g., multiple payments of $4,900 when the threshold is $5,000)
2. Check for payments processed on weekends or public holidays
3. Review the top 10 payments by value — do you recognise every supplier?
4. Compare this month's total outflows against the same month last year — flag variances over 15%

What you're looking for: Payment splitting to avoid approval limits. Payments to suppliers with no corresponding purchase order. Unusual spikes in spending categories that should be stable (utilities, subscriptions, maintenance).

5. User Access Review

Who has access to what in your Xero organisation? Permissions tend to accumulate over time as people change roles, and former staff aren't always removed promptly.

What to do:

1. Review the list of active users in your Xero organisation
2. Remove access for anyone who has left the business
3. Check that no single person can both create a supplier and approve payments to that supplier
4. Review any permission changes made in the last month

What you're looking for: Former employees still listed as active users. Staff with administrator access who don't need it. Any user who has both payable creation and payment approval rights (a segregation of duties violation).

6. Bank Reconciliation Review

Your bank reconciliation isn't just an accounting task — it's a fraud detection tool.

What to do:

1. Review all unreconciled transactions older than 30 days
2. Check for manual journal entries that clear reconciliation differences without explanation
3. Verify that the bank balance in Xero matches your actual bank statement
4. Look for payments that were reconciled against unusual accounts (e.g., a supplier payment coded to "sundry expenses")

What you're looking for: Transactions sitting unreconciled for months — they may be payments someone hopes you'll forget about. Manual adjustments that conveniently make the numbers balance. Payments coded to vague categories that don't get scrutinised.

7. Expense and Reimbursement Spot Check

Employee expense claims are a common source of low-level fraud. A monthly spot check keeps things honest.

What to do:

1. Select 5–10 expense claims at random from the month
2. Verify receipts match the claimed amounts
3. Check for expenses that seem excessive or unusual for the claimant's role
4. Look for patterns — the same restaurant every week, round-number claims, receipts that look photocopied

What you're looking for: Duplicate receipts submitted across different months. Personal expenses disguised as business costs. Claims that consistently sit just below the receipt-required threshold.

Red Flags That Should Stop You Cold

Not every anomaly is fraud. But some patterns warrant immediate investigation, not just a note in your review log.

Escalate immediately if you find:

A supplier bank detail change that no one in your team authorised or can explain.

A new supplier that shares a bank account number with an employee.

Payments processing outside business hours with no business justification.

A user account accessing Xero from an unusual location or device.

Invoice numbers that have been manually altered or overwritten.

A staff member who insists on handling a particular supplier relationship alone and resists any oversight.

Any of these could have an innocent explanation. But they deserve investigation within 24 hours, not at next month's review. Document the finding, escalate to your CFO or managing director, and investigate before the next payment cycle runs.

How to Document Your Reviews

A fraud detection review without documentation is just a glance. Documentation serves three purposes: it proves you did the work, it creates a baseline for spotting trends over time, and it protects you if something goes wrong.

For each monthly review, record:

1. Date and reviewer — Who did the review and when
2. Checks performed — Which items from the checklist were completed
3. Findings — What anomalies or concerns were identified (even if they turned out to be benign)
4. Actions taken — What you did about each finding (investigated, escalated, resolved)
5. Follow-ups — Any items requiring further action next month

Store your documentation in a secure location with restricted access — not in a shared drive that everyone in the business can edit. A simple spreadsheet works, but consistency matters more than sophistication.

Under Australia's Scams Prevention Framework, businesses are expected to demonstrate "reasonable steps" to prevent fraud. A documented monthly review is one of the strongest pieces of evidence you can produce.

Building the Habit: Making It Stick

The hardest part of a monthly fraud checklist isn't the checklist itself — it's doing it every single month without fail. Here's what works:

Schedule it like month-end. Block 2–4 hours on the same day each month. Treat it with the same priority as closing the books.

Don't do it alone. Rotate the review between two or three people in your finance team. Fresh eyes catch things familiarity misses, and rotation itself is a fraud deterrent — nobody wants to be the person whose month gets scrutinised by a colleague.

Start small. If this checklist feels overwhelming, start with items 1–3 (supplier bank details, duplicates, new suppliers) and add the rest over the following months. Three checks done properly beat seven done hastily.

Automate what you can. Some of these checks can be partially automated. Tools like OutflowGuard can handle continuous supplier bank detail monitoring, duplicate payment detection, and ghost supplier identification — turning your monthly manual check into a verification of automated alerts rather than a manual trawl through data.

Track your time. The first month will take longer. By month three, you'll have a rhythm. If it's consistently taking more than four hours, you either need better tooling or you're finding enough issues to justify the investment.

Related Reading

• How Duplicate Payments Slip Through Xero (And How to Catch Them)
• Vendor Fraud in Australian Small Businesses: The Silent $2.6B Problem
• 5 Xero Bank Reconciliation Gaps That Cost Australian Businesses Thousands

Conclusion

Fraud detection isn't a single event — it's a discipline. A monthly checklist won't make your business fraud-proof, but it will make fraud significantly harder to commit and far faster to detect. In a landscape where the median fraud runs for 12 months before anyone notices, cutting that window to 30 days changes everything.

The businesses that catch fraud early are the ones that look for it regularly. Start this month. Block the time, run the checklist, and document what you find. Your future self — and your auditor — will thank you.

If you want to automate the most critical checks on this list, OutflowGuard's free tier includes ghost supplier detection, round-number invoice analysis, and duplicate bill scanning — no credit card required.