Maritime AP Payment Fraud Arrives by Email. Most Workflows Let It Through.

This article is part of our series on how to close the control gap in maritime's procure to pay workflow (article six of seven)

How does supplier bank account change fraud work in maritime AP?

Supplier bank account change fraud involves a fraudulent email requesting updated banking details for a known supplier. It works because most maritime AP workflows verify bank details once at onboarding and do not always require re-verification when changes are submitted. The payment runs to the fraudulent account before the legitimate supplier reports the missing payment. Recovery rates are low. Fewer than a quarter of organisations recover 75 percent or more of their losses

Vendor onboarding is a 'one and done'

Most maritime AP teams have onboarding controls in place. Suppliers go through a verification process. Bank details are recorded. The compliance framework looks sound. The question is whether those controls are still active at the moment any given payment executes.

They usually are not.

Vendor onboarding happens months or years before most payments are made. Bank details are verified at setup and stored. The invoice approval workflow and the payment release workflow may not share the same compliance data layer. By the time a payment instruction is generated, the verification work is complete. The only thing the system requires is that an approved invoice exists.

Fraudsters know which gaps to exploit

Supplier bank account change fraud exploits the gap between when verification ran and when the payment executes. A fraudulent email arrives requesting updated banking details for a known supplier, typically with enough surrounding context to appear legitimate. The change is processed. The next payment runs to the new account. By the time the legitimate supplier reports the missing payment, the funds have left.

 The FBI's Internet Crime Complaint Center documented over $55 billion in business email compromise losses in the decade to 2023. The AFP's 2025 Payments Fraud survey found 79 percent of organisations experienced attempted or actual payments fraud in 2024, with 63 percent experiencing business email compromise specifically. Wire transfers, the primary payment method in maritime supplier relationships, were the most targeted. Only 22 percent of organisations recovered three-quarters or more of their losses.

Marcura's own research found payment fraud targeting maritime running three to five times higher than traditional banking, adjusted for transaction volume. High-value payments. Fragmented compliance. A longer window between payment runs. Each makes maritime a more attractive target than general industry statistics suggest.