A company can have a strong product, smart leadership, and impressive revenue, and still be financially vulnerable if one trusted person has too much control.
That is the hard lesson behind the Manhattan District Attorney’s announcement that Michael Collins, a former marketing executive, pleaded guilty to embezzling nearly $6 million from two employers between March 2016 and April 2024. According to the Manhattan DA, Collins stole nearly $5 million from one financial education company, then later used the same basic scheme to steal nearly $1 million from an education-technology company.
This was not a complicated “hackers in hoodies” situation. It was classic occupational fraud: fake vendors, fake invoices, fake emails, and a real insider who knew how the company worked.
And that is exactly why businesses should pay attention.
What Happened?
According to prosecutors, Collins created and controlled two fictitious marketing consulting companies, Quattro Quadrati LLC and Regiondrivers LLC. He allegedly made them look legitimate by setting up email addresses, phone numbers, websites, and bank accounts. Then, while working as a senior marketing executive, he caused his employers to hire these companies as vendors and submit invoices for work that did not actually exist.
The DA’s office said the financial education company paid 144 fraudulent invoices, and the second company paid five more. To keep the scheme going, Collins allegedly created fake “presidents” and “employees” for the vendor companies, used email accounts in those names, and forwarded those communications internally to make the vendors look real.
Let’s pause there.
The fraud did not work because the companies were careless or foolish. It worked because the process probably looked normal on the surface.
A senior executive recommends a marketing consultant.
An invoice shows up.
The vendor has a website.
There are emails.
The executive says the work is legitimate.
Finance pays the bill.
That is how fraud hides, not in the dramatic moments, but in the routine ones.
The Real Risk: Trust Without Verification
Every business needs trust. You cannot run a company if every decision requires suspicion and drama.
But trust without verification? That is not leadership. That is exposure.
The ACFE’s 2024 Report to the Nations found that more than half of occupational frauds occur because of either a lack of internal controls or the override of existing controls. In plain English, fraud often happens because nobody is checking, or the person with authority can bypass the checks.
That is the danger zone.
A trusted executive should not be able to create a vendor, approve the vendor, validate the work, and push the invoice through payment without independent review. That is not efficiency. That is one-person control over company cash.
How Businesses Can Protect Themselves
Here is where business owners need to get practical. Fraud prevention does not have to be complicated, but it does have to be intentional.
1. Verify Every New Vendor
Before paying a new vendor, especially one recommended by an employee or executive, verify that the vendor is real.
At minimum, check:
- Business registration
- Website history and legitimacy
- Physical address
- Taxpayer information
- Bank account ownership
- Contact information
- Whether the vendor is connected to any employee
Do not rely on a slick website and a professional-looking invoice. Anyone can create those.
A smart question to ask is: “Could this vendor exist only on paper?” If the answer is yes, slow down.
2. Separate Vendor Approval from Payment Approval
The same person should not control the entire process.
For example:
- Department head requests the vendor.
- Finance verifies the vendor.
- A separate manager approves the contract or scope.
- Accounts payable processes payment only after documentation is complete.
Is that a little less convenient? Yes.
Is it cheaper than losing $6 million? Absolutely.
3. Require Proof of Work Before Payment
Invoices should not be paid just because they were submitted by someone important.
For consulting, marketing, technology, or professional services, require documentation such as:
- Signed agreements
- Statements of work
- Campaign reports
- Deliverables
- Meeting summaries
- Performance data
- Approval from someone who actually received or reviewed the work
A vague invoice that says “consulting services” should make your finance team’s eyebrows go up.
4. Review Vendor Payments by Employee Sponsor
This is one of the simplest and most powerful fraud checks.
Run a report showing vendors by the employee or department that requested them. Then look for patterns:
- Does one executive use vendors no one else knows?
- Are multiple vendors going to the same address or bank?
- Are invoices always just below approval thresholds?
- Are payments being made without contracts?
- Are certain vendors paid quickly while others wait?
Fraud often leaves a pattern. The problem is, most businesses never look for it.
5. Watch for Conflicts of Interest
Every company should have a conflict-of-interest policy, and employees should be required to disclose ownership interests, family relationships, referral fees, or financial ties to vendors.
But do not stop with a policy sitting in a folder. Require annual certifications. Ask direct questions.
“Do you or anyone close to you have a financial interest in any company doing business with us?”
That question may feel uncomfortable. Ask it anyway.
6. Use Positive Pay and Payment Controls
Your bank can be part of your fraud prevention system.
Use tools like:
- Positive Pay
- ACH debit blocks
- Dual approval for wires and ACH payments
- Payment limits
- Alerts for new payees
- Alerts for large or unusual transactions
These controls will not catch every fake invoice scheme, but they reduce the chance that one person can quietly move money without review.
7. Rotate Reviews and Bring in Outside Eyes
Fraud thrives when the same person reviews the same process forever.
Have someone independent review vendor lists, payment activity, and supporting documentation periodically. That could be an outside bookkeeper, CPA, forensic accountant, fractional CFO, or internal reviewer who is not involved in the payment process.
Fresh eyes catch things insiders miss.
And let’s be honest, if someone knows no one is looking, the temptation gets bigger.
8. Create a Real Reporting Channel
Employees often notice things before leadership does.
A strange vendor.
An executive pushing invoices too hard.
A payment that does not make sense.
A vendor nobody has actually worked with.
Make it safe for people to report concerns. That can be an anonymous hotline, a dedicated email, or a formal reporting process.
The point is simple: people need a way to speak up before the damage gets bigger.
What This Case Should Teach Every Business Owner
The Collins case is a reminder that fraud is not always buried deep in complex accounting records. Sometimes it is sitting right in accounts payable, dressed up as an ordinary vendor invoice.
The biggest mistake a business can make is assuming, “That would never happen here.”
That kind of thinking is expensive.
Better thinking sounds like this:
“We trust our people, and we verify our process.”
That is the balance. That is how healthy companies protect themselves without becoming paranoid.
The Next Step
Pull your vendor list today. Look at your top 20 vendors by dollars paid over the last 12 months. For each one, ask:
- Who approved this vendor?
- Who verified the vendor was real?
- Who confirmed the work was done?
- Who approved payment?
- Could one person influence all four steps?
If the answer to number five is yes, that is your starting point.
Fraud prevention is not about assuming the worst in people. It is about building a business where one bad decision, one bad actor, or one unchecked process cannot quietly drain the company bank account.
