Quantum-Era Cybersecurity & AP

How Quantum-Era Cybersecurity Could Affect Accounts Payable

In a February 2026 blog post, Google warned that advances in quantum computing pose a serious and accelerating cybersecurity challenge for businesses. While quantum computers are still developing, their impact could eventually reach everyday business functions, including Accounts Payable.

Accounts Payable teams manage highly sensitive data such as invoices, vendor bank details, payment approvals, tax records, and contract files. Today, this information is protected using encryption. The concern is that powerful quantum computers could eventually break common asymmetric encryption methods like RSA and ECC. These methods are widely used for secure logins, digital signatures on invoices, and payment instructions. Symmetric encryption, such as AES, is expected to remain more secure, but many AP workflows still rely on systems that could become vulnerable.

One major risk is known as “store now, decrypt later.” Attackers can steal encrypted data today and save it. Years from now, possibly in the 2030s, they could decrypt it using quantum technology. For AP teams, this could expose decades of vendor payment history, tax records, and contracts. Since many financial records must be retained for seven to ten years or longer, this creates long-term fraud, audit, and regulatory risks.

There is also a trust concern. AP systems depend on digital signatures and secure portals to confirm that invoices and vendor bank changes are legitimate. If those protections weaken, fraud tactics like fake vendor updates and business email compromise could become easier.

AP teams do not need to panic or replace systems overnight. However, now is the time to plan. AP leaders should work with IT to map where encryption is used, ask vendors about post-quantum security plans, and prioritize flexibility in future system upgrades.

By acting deliberately now, Accounts Payable teams can safeguard financial integrity, preserve stakeholder trust, and position their organizations ahead of inevitable security and regulatory shifts toward quantum-safe standards.

Further Reading

For more on quantum-era cybersecurity and its implications for finance and payments:

Google's February 2026 warning: "The quantum era is coming. Are we ready to secure it?" by Kent Walker and Hartmut Neven.

Federal Reserve analysis: "Harvest Now, Decrypt Later": Examining Post-Quantum Cryptography and the Data Privacy Risks for Distributed Ledger Networks (September 2025).

Nacha report: Protecting Payments in the Quantum Era: What You Need to Know (Payments Innovation Alliance publication).

AI Generated Receipts

Don’t Ignore the Threat: AI-Generated Receipts and the AP Control Gap

As accounts payable professionals, we’ve long known that fraud is a rising risk in AP and expenses. What’s new, and alarming, is how generative artificial intelligence (AI) is fundamentally shifting the risk landscape. What used to require photo-editing skill or insider access now takes seconds with text prompts. In many cases, fraudulent expenses can now pass through reimbursement before anyone has time to look closely. That raises a serious question: is your AP and expense control environment keeping up?

What’s happening now

• According to vendor-reported data from AppZen, AI-generated receipts represented approximately 14% of detected fraudulent documents processed on its platform in September 2025, up from near zero the year prior. [2]
• Surveys show that nearly 70% of CFOs believe it is likely, or already confirmed, that employees are using AI tools to falsify travel and expense receipts. [3]
• Third-party AP and expense platforms report flagging over US$1 million in suspected fraudulent invoices and expenses in a 90-day period using AI-enabled detection systems during late-2025 pilot deployments. [4]

These figures are being reported by vendors operating at scale, processing millions of expense and invoice submissions annually, which provides early visibility into AI-driven fraud patterns before they appear in traditional loss statistics.

What’s striking is the low barrier to entry. No advanced Photoshop skills are required anymore. A user can prompt a generative-AI model (such as those from OpenAI or Google LLC) to output a receipt image with realistic textures, logos, timestamps, and even signatures. [7]

Why this matters for AP teams

Here are some of the direct implications for AP and expense processes:

• Traditional receipt review based on visual inspection alone is increasingly unreliable. As one controls leader put it, “Do not trust your eyes.” [8]
• Expense reimbursement processes sit squarely within AP or AP-adjacent workflows. Fraud here translates into direct financial losses, audit findings, and internal control failures.
• The growing sophistication of fake receipts elevates regulatory, tax, and compliance risk, including false business-expense reporting, improper tax deductions, and policy violations.
• As AP teams migrate toward automation and digital workflows, the attack surface expands. More electronic submissions, remote approvals, and faster processing can reduce time available for manual controls.
• For APPG members advising or operating in mid-market firms (10–30+ invoice or expense submissions per month), the assumption that small size equals low risk no longer holds. AI-enabled fraud scales quickly and cheaply.

It is also important to note that AI-detection tools are not perfect. Screenshots can strip metadata, some generators leave fewer artifacts, and human judgment still plays a role. Effective defense increasingly requires a hybrid approach combining technology, analytics, and informed review.

Key control gaps AP teams should assess today

Here are control areas AP leaders should audit or strengthen:

Control Area	Risk Gap	Remediation Focus
Receipt and image verification	Visual inspection only; no metadata or image-artifact checks	Use software that analyzes image metadata and pixel-level artifacts to flag suspicious patterns. [9]
Expense submission workflows	Delayed submission and weak policy enforcement	Require receipt upload at time of expense, enforce corporate card usage, and restrict cash reimbursements.
Approval and vendor verification	Approvers lack vendor familiarity; fictitious vendors go unnoticed	Strengthen vendor master controls, review high-frequency expense vendors, and monitor items outside normal patterns.
Data analytics and monitoring	Spot audits only; anomalies remain undetected	Implement analytics to flag repeated vendors, out-of-band amounts, rapid post-trip submissions, and shared image metadata.
Audit and detective controls	Fraud discovered after reimbursement	Deploy real-time alerts alongside retroactive sampling and integrate findings with AP and risk teams.

What AP teams can do now (90-day action plan)

Here is a practical action plan AP leaders can execute in the next 90 days:

1. Schedule a focused control-risk review addressing AI-generated receipts and document authenticity within the AP and expense framework.
2. Inventory expense submission channels, including paper versus digital, number of reviewers, and payment methods such as corporate cards, P-cards, or personal reimbursements.
3. Evaluate AI-detection or image-artifact analysis capabilities now available in many AP and expense platforms. [10]
4. Update expense and vendor policies to reinforce receipt requirements, defined submission time windows, corporate card usage, and random audits of high-risk claims.
5. Build analytics dashboards to monitor unusual patterns such as frequent small vendors, clustered submissions, or receipts sharing similar metadata or image characteristics.
6. Communicate clearly with AP teams and business units that AI-driven document fraud is a priority risk area for FY26, and that approvers are a critical part of the control environment.
7. Conduct a retrospective audit focused on high-risk expense categories, such as cash reimbursements, repeat vendors, and frequent low-dollar claims, rather than attempting a full historical review.

Why this matters for APPG members

For professionals working in accounts payable and expense management, this issue touches core APPG themes: process integrity, risk management, automation, and advisory value for internal stakeholders and clients.

As generative AI continues to improve in realism and accessibility through 2026 and beyond, staying reactive is no longer enough. Proactively strengthening AP controls around document authenticity is quickly becoming a core competency for modern AP teams.

Discussion prompt for the APPG community

Let’s turn this into a practical discussion. I invite APPG members to respond:

• When was the last time your organization reviewed its expense-reimbursement controls specifically for fraud and document authenticity?
• Do you currently use any tool or process to detect AI-generated or manipulated receipt images? If yes, what works; if not, what is the barrier?
• What is the biggest manual bottleneck in your expense workflow, and how might it be increasing fraud risk?

If you would like to help build an APPG peer checklist or benchmark on AP and expense fraud controls, reply below or send me a DM and we will organize a short member survey.

Thanks for reading. Let’s stay ahead of the fraud curve and continue elevating the strategic value of AP.

💡 Support Our Community:
Our sponsor helps AP teams reduce errors and speed approvals (fewer late fees and happier vendors).

Want tailored guidance on AP automation and vendor spotlights? Book a 15 minute chat

---

Robert Ruhno Director Accounts Payable Professionals Group

🟥 LinkedIn 🟧 X (formerly Twitter) ⏹️ Facebook 🟨 Instagram

Back to top ↑

PEPPOL Intro

PEPPOL, a simple introduction for Accounts Payable professionals

A 5-minute, plain-English guide for AP teams who are hearing “PEPPOL” for the first time.

PEPPOL is a global network that lets companies and governments send electronic invoices and other business documents in a standard, secure way. Instead of emailing PDFs, PEPPOL sends structured data directly from one system to another. This reduces errors, speeds up processing, and makes automation easier.

A brief history

PEPPOL was launched in 2008 as a project funded by the European Commission. Its goal was to help businesses send invoices to government agencies across Europe. In 2012, governance moved to OpenPeppol, and the network expanded globally. Today, PEPPOL is used in many regions and is no longer limited to Europe.

Where PEPPOL is required vs. growing

Most mandates began with government invoicing (B2G), but business-to-business rules (B2B) are expanding.

Country	Status	Notes
Italy	Mandated	Required for most B2G and B2B invoices
Belgium	Mandated	B2B mandatory as of Jan 1, 2026 (3-month tolerance for good-faith efforts such as connecting to PEPPOL)
Singapore	Mandated	National e-invoicing mandate using PEPPOL
Norway	Mandated	Strong public sector mandate
Denmark	Mandated	Public sector required
Finland	Mandated	Public sector required
Sweden	Mandated	Public sector required
Australia	Mandated	Government suppliers increasingly required
New Zealand	Mandated	Government suppliers increasingly required
Germany	Phasing in	B2B receipt mandatory; issuance phased 2027 to 2028
Netherlands	Voluntary	Strongly recommended for public sector
United Kingdom	Voluntary	No broad mandate
Japan	Limited	Small-scale use
United States	Very limited	No federal mandate

Will PEPPOL be used in the United States?

PEPPOL could grow in the US because many companies work globally and want one invoicing standard. It also helps reduce fraud and manual work. However, there is no federal e-invoicing mandate, and sales tax rules vary by state. Adoption today is voluntary, with pilot programs and industry efforts such as the Business Payments Coalition exploring standardized B2B exchange models inspired by PEPPOL.

Why this matters

Most US AP teams do not use PEPPOL today. Still, it is becoming part of global AP conversations. PEPPOL also supports more than invoices, including orders and other purchase-to-pay documents. Understanding the basics now helps AP professionals stay prepared as invoicing standards continue to evolve.

Quick question: Have you ever received a PEPPOL invoice, or is this brand new to you?

Last updated: January 2026. PEPPOL requirements change frequently. Always check official country guidance.

Accounts Payable Operations

How Big Can an Accounts Payable Department Really Get?

APPG research note (updated January 2026)

Accounts Payable is often described as a “back-office” function, but at scale, it becomes a major operational engine. This article examines what the largest Accounts Payable departments in the United States actually look like today, using conservative, defensible benchmarks rather than inflated estimates or guesswork.

First, let’s define scope (this matters)

For clarity, “Accounts Payable” in this article refers to:
Vendor invoice processing, supplier payments, AP help desk activity, and exception handling.

It does not include:
Procurement, payroll, insurance claims, customer refunds, treasury investing, or benefits administration, unless explicitly stated.

Many published headcount estimates become misleading because they quietly expand the definition of AP. The ranges below intentionally stay narrow and conservative.

Executive handout (PDF)

Forwardable, executive-safe summary of the definitions and benchmarks used in this article.

• Clear scope definition (what counts as AP)
• Realistic staffing ranges (modern in-house teams)
• Quick explanation of why estimates vary

PDF (short), no signup.

View the Executive FAQ (PDF)

So, how big is the biggest Accounts Payable department?

Based on AP benchmarking data, shared services research, and observed operating models, the largest modern, in-house Accounts Payable organizations in U.S.-based companies typically fall within this range:

Practical upper range (modern enterprises):
500 to 1,200 Accounts Payable full-time equivalents (FTEs)

In rare cases with unusually high invoice complexity or limited automation, totals may approach about 2,000 FTEs, but this is not typical.

Why do Accounts Payable headcounts vary so much?

• Invoice volume: Millions of invoices per year require scale, even with automation.
• Invoice complexity: Services, partial shipments, and multi-PO invoices increase manual work.
• Automation maturity: Best-in-class teams process 25,000 to 30,000 invoices per FTE.
• Centralization model: Shared services are often 30 to 40% more efficient.
• Scope definition: What counts as “AP” varies widely between organizations.

Sources and methodology

This article synthesizes publicly available benchmarking data, industry research, and practitioner insights, including commonly referenced metrics from APQC and IOFM related to invoices per FTE, staffing efficiency, cost per invoice, and automation maturity. Ranges reflect practical operating models rather than theoretical maximums.

Accounts Payable Around the World

APPG Quick Read

Accounts Payable Around the World (Same Job, Different Words)

AP is global. The invoices change, currencies change, even the tools change, but the mission stays the same: keep vendors paid and the business moving. What’s fun is what AP is called in different places.

One function, many names

Work in Accounts Payable long enough and you’ll notice a pattern: different languages describe AP in slightly different ways. Some emphasize “accounts.” Others emphasize “suppliers.” A few go straight to “money we owe,” which feels extremely AP.

A quick world tour

In Spanish and Portuguese, it’s refreshingly direct (literally “accounts to pay”). In French and Italian, the focus shifts to the vendor or supplier. German takes the scenic route with a longer phrase that reads like “liabilities from deliveries and services” (no shortcuts, just precision). Head north and you’ll see the “supplier debt” theme across the Nordics. In many Asian languages, the meaning lands close to “accounts that should be paid” or “purchase liabilities.”

Different words, same responsibility: trust, timing, accuracy, and strong vendor relationships.

Common translations for “Accounts Payable”

Note: These are common business and accounting terms, not just literal translations.

Language	Common term
Spanish	Cuentas por pagar
French	Comptes fournisseurs
German	Verbindlichkeiten aus Lieferungen und Leistungen (often shortened to Verbindlichkeiten)
Italian	Conti fornitori
Portuguese (Brazil / Portugal)	Contas a pagar
Dutch	Crediteuren
Swedish	Leverantörsskulder
Norwegian	Leverandørgjeld
Danish	Leverandørgæld
Finnish	Ostovelat
Polish	Zobowiązania handlowe
Czech	Závazky vůči dodavatelům
Hungarian	Szállítói kötelezettségek
Romanian	Datorii către furnizori
Greek	Υποχρεώσεις προς προμηθευτές
Russian	Кредиторская задолженность
Ukrainian	Кредиторська заборгованість
Turkish	Borç hesapları
Arabic	الحسابات الدائنة
Hebrew	ספקים / חשבונות לתשלום
Hindi	देय खाते
Chinese (Simplified)	应付账款
Chinese (Traditional)	應付帳款
Japanese	買掛金
Korean	매입채무
Thai	เจ้าหนี้การค้า
Vietnamese	Phải trả người bán
Indonesian	Utang usaha

What this tells us about AP

• Supplier-first language: Many regions talk about the vendor or supplier first (because that’s who feels the impact).
• Debt and obligations: Plenty of translations highlight “liability” or “debt,” which is the accounting reality.
• Action-oriented: Some versions basically say “what must be paid,” which is the most honest definition of AP on earth.

Quick question for the APPG community:

If you’ve worked with international teams or global vendors, what’s the biggest communication challenge you’ve run into (terms, payment methods, tax forms, time zones, something else)?

Visit AP-Professionals.com

AI Invoice Scams

Image by DC Studio / Freepik

AI Is Making Invoice Scams Smarter: How AP Teams Can Stay Ahead

AI has made fraud attempts look more legitimate, from convincing invoices to vendor email impersonation and urgency tactics that pressure AP teams to pay fast. The good news is that the strongest defenses are still practical and repeatable.

Why AI Has Supercharged Invoice Fraud

Business email compromise (BEC) remains one of the most costly fraud patterns for organizations, and AI lowers the effort it takes to imitate vendor language, fabricate documents, and tailor messages to your process.

How to Protect Your AP Process

Start with these five controls:

1. Require two-person verification. One person enters, another approves. Make it standard, not optional.
2. Verify vendor changes using trusted contact information. Confirm banking or remit-to updates by calling or messaging the vendor using details already on file, not what appears in the request.
3. Create an “expected invoice” habit. Regular check-ins with purchasing and operations help you spot surprises early.
4. Slow down urgency. New email domains, odd tone, or “pay today” pressure should trigger a pause and verification.
5. Train like fraud evolves (because it does). Short refreshers beat annual once-and-done training.

A 3-Minute AP Fraud Self-Check

Use this quick checklist to spot gaps in your current process. If you hesitate on any item, it is worth tightening.

• Vendor changes: Do bank or remit-to updates require independent verification using previously saved contact details?
• Approvals: Are invoice entry and payment approval always handled by separate people, even under time pressure?
• Urgency signals: Does your team know to pause when emails push same-day payment, secrecy, or last-minute changes?
• Invoice quality: Would an AI-generated invoice blend in perfectly with your real ones today?
• Training cadence: Has your team discussed fraud scenarios within the last 90 days?

Tip: If you answered “not sure” to more than one item, that uncertainty is exactly what fraudsters exploit.

Looking Ahead

Finance teams are increasingly looking at AI for practical workflow automation and fraud detection, but strong controls and clean vendor data still do the heavy lifting.

Rule of thumb: When something feels off, verify first. Over-communicating is cheaper than cleaning up a bad payment.

Join the Accounts Payable Professionals Group

What fraud signal has your team seen most recently, vendor change requests, urgency pressure, or invoice formatting that looks “too perfect”?

Sources

• FBI: Business Email Compromise
• CFO.com: Payments fraud remains rampant
• CFO.com: Invoice fraud costs and deepfakes
• CFO.com: Gartner finance conference takeaways

Disclosure: Some links may be affiliate links. If you buy through them, we may earn a small commission at no extra cost to you.

Stress, go away. Top 5 products to combat it

Written by Stephanie Danielle Garcia.

Work can take a real toll on a person’s well being. Stress is often the first sign that things are out of balance, both at work and in everyday life. So how do we calm the mind, relax the body, and bring things back to center?

Here are my top 5 products to help melt stress away.

Quick list: Eye mask | Headphones | Diffuser | Shower steamers | Tea

---

1. USB-Powered Heated Eye Mask with Massage

Eye strain and tension headaches are two of the most common signs of stress. One simple solution is a heated steam eye mask. The gentle warmth helps relax tight muscles around the eyes and temples, creating the perfect moment of decompression.

Check price on Walmart

---

2. Noise canceling headphones

A noisy office, honking traffic, or loud household can make it hard to relax. Noise canceling headphones lower the background chaos and create a personal bubble of quiet or music. They are one of the best investments for peace of mind. My personal favorite brand is Bose.

Check price on Walmart

---

3. Aromatherapy diffusers

There is nothing better than walking into a room that feels peaceful the moment you enter it. A diffuser with essential oils can transform your space with calming scents like lavender, eucalyptus, or chamomile. It is a simple way to create an atmosphere that supports relaxation.

Check price on Walmart

---

4. Shower steamers

A warm shower already feels relaxing. When you add shower steamers infused with essential oils, it becomes a full stress relieving ritual. These dissolve in the steam and fill your shower with soothing aromas. They are especially great before bed to wash the day away.

Check price on Walmart

---

5. Tea

A cup of tea can work wonders for the mind and body. Herbal teas like chamomile, lemon balm, lavender, and peppermint contain natural compounds that support relaxation. Tea has been used for centuries because it works. Take a break from coffee and make space for something calming.

Check price on Walmart

---

However you choose to unwind, remember that stress relief is not a luxury, it is a form of self care that helps you show up better at work and at home.