'%3e%3cpath%20d='M0,0%20v30%20h60%20v-30%20z'%20fill='%23012169'/%3e%3cpath%20d='M0,0%20L60,30%20M60,0%20L0,30'%20stroke='%23fff'%20stroke-width='6'/%3e%3cpath%20d='M0,0%20L60,30%20M60,0%20L0,30'%20stroke='%23C8102E'%20stroke-width='4'%20clip-path='url(%23s)'/%3e%3cpath%20d='M30,0%20v30%20M0,15%20h60'%20stroke='%23fff'%20stroke-width='10'/%3e%3cpath%20d='M30,0%20v30%20M0,15%20h60'%20stroke='%23C8102E'%20stroke-width='6'/%3e%3c/g%3e%3c/svg%3e)
UK
%20--%3e%3cuse%20href='%23s'%20x='0'%20y='0'/%3e%3cuse%20href='%23s'%20x='494'%20y='0'/%3e%3cuse%20href='%23s'%20x='988'%20y='0'/%3e%3cuse%20href='%23s'%20x='1482'%20y='0'/%3e%3cuse%20href='%23s'%20x='1976'%20y='0'/%3e%3cuse%20href='%23s'%20x='2470'%20y='0'/%3e%3cuse%20href='%23s'%20x='247'%20y='210'/%3e%3cuse%20href='%23s'%20x='741'%20y='210'/%3e%3cuse%20href='%23s'%20x='1235'%20y='210'/%3e%3cuse%20href='%23s'%20x='1729'%20y='210'/%3e%3cuse%20href='%23s'%20x='2223'%20y='210'/%3e%3cuse%20href='%23s'%20x='2717'%20y='210'/%3e%3cuse%20href='%23s'%20x='0'%20y='420'/%3e%3cuse%20href='%23s'%20x='494'%20y='420'/%3e%3cuse%20href='%23s'%20x='988'%20y='420'/%3e%3cuse%20href='%23s'%20x='1482'%20y='420'/%3e%3cuse%20href='%23s'%20x='1976'%20y='420'/%3e%3cuse%20href='%23s'%20x='2470'%20y='420'/%3e%3cuse%20href='%23s'%20x='247'%20y='630'/%3e%3cuse%20href='%23s'%20x='741'%20y='630'/%3e%3cuse%20href='%23s'%20x='1235'%20y='630'/%3e%3cuse%20href='%23s'%20x='1729'%20y='630'/%3e%3cuse%20href='%23s'%20x='2223'%20y='630'/%3e%3cuse%20href='%23s'%20x='2717'%20y='630'/%3e%3cuse%20href='%23s'%20x='0'%20y='840'/%3e%3cuse%20href='%23s'%20x='494'%20y='840'/%3e%3cuse%20href='%23s'%20x='988'%20y='840'/%3e%3cuse%20href='%23s'%20x='1482'%20y='840'/%3e%3cuse%20href='%23s'%20x='1976'%20y='840'/%3e%3cuse%20href='%23s'%20x='2470'%20y='840'/%3e%3cuse%20href='%23s'%20x='247'%20y='1050'/%3e%3cuse%20href='%23s'%20x='741'%20y='1050'/%3e%3cuse%20href='%23s'%20x='1235'%20y='1050'/%3e%3cuse%20href='%23s'%20x='1729'%20y='1050'/%3e%3cuse%20href='%23s'%20x='2223'%20y='1050'/%3e%3cuse%20href='%23s'%20x='2717'%20y='1050'/%3e%3cuse%20href='%23s'%20x='0'%20y='1260'/%3e%3cuse%20href='%23s'%20x='494'%20y='1260'/%3e%3cuse%20href='%23s'%20x='988'%20y='1260'/%3e%3cuse%20href='%23s'%20x='1482'%20y='1260'/%3e%3cuse%20href='%23s'%20x='1976'%20y='1260'/%3e%3cuse%20href='%23s'%20x='2470'%20y='1260'/%3e%3cuse%20href='%23s'%20x='247'%20y='1470'/%3e%3cuse%20href='%23s'%20x='741'%20y='1470'/%3e%3cuse%20href='%23s'%20x='1235'%20y='1470'/%3e%3cuse%20href='%23s'%20x='1729'%20y='1470'/%3e%3cuse%20href='%23s'%20x='2223'%20y='1470'/%3e%3cuse%20href='%23s'%20x='2717'%20y='1470'/%3e%3cuse%20href='%23s'%20x='0'%20y='1680'/%3e%3cuse%20href='%23s'%20x='494'%20y='1680'/%3e%3cuse%20href='%23s'%20x='988'%20y='1680'/%3e%3cuse%20href='%23s'%20x='1482'%20y='1680'/%3e%3cuse%20href='%23s'%20x='1976'%20y='1680'/%3e%3cuse%20href='%23s'%20x='2470'%20y='1680'/%3e%3c/g%3e%3c/svg%3e)
USA
uk Work & employment crises someone used my name at work • approvals made in my name • invoices approved under my name • fake purchase approvals • procurement fraud suspicion • accounts payable issue • vendor invoice scam at work • unauthorised approval in system • email account used for approvals • approval workflow misused • finance system audit trail • signature misuse at work • delegated authority abused • worried i’ll be blamed • workplace fraud reporting • whistleblowing fraud at work • raising a grievance at work • identity misuse at workplace What to do if…
What to do if…
you suspect someone is using your name to approve purchases or invoices at work
Short answer
Stop any further approvals under your name and report it immediately (in writing) to your manager and Finance/Accounts Payable (and Procurement if separate), asking them to freeze approvals/hold payments and preserve audit logs.
Do not do these things
- Do not confront the person you suspect or make accusations in a group chat, open email thread, or meeting.
- Do not “fix” it quietly by re-approving, backdating approvals, or editing records to make things “match”.
- Do not delete emails, approval notifications, messages, or log entries (even if they look confusing).
- Do not forward invoices, supplier bank details, or screenshots to personal accounts unless your employer explicitly allows it.
- Do not wait for “more proof” if approvals or payments might still be happening.
What to do now
- Pause anything that could add to the problem (minutes):
Stop using the approval function. Ask Finance/Procurement to temporarily suspend approvals under your user ID/name (or require a second approver) and to hold any pending payments linked to approvals in your name until reviewed. - Report to the right internal owners (today, in writing):
Notify your manager and Accounts Payable/Finance (and Procurement if separate). Keep it factual: invoice numbers, supplier names, amounts (if known), dates/times, and where you saw your name attached. Ask them to confirm in writing they have started a review. - Get IT to secure and preserve access evidence (today):
Contact IT/service desk and ask them to:- reset your password(s) and confirm MFA/2FA is enabled
- check for mailbox rules/forwarding, suspicious logins, and any delegated access
- confirm who has “approve on behalf of” permissions (or shared roles) in the finance/procurement system
Ask them to preserve relevant logs (don’t investigate yourself).
- Preserve what you’ve seen without “digging” (today):
Make a simple private timeline note (date/time/what/where). Save approval notifications and take screenshots that show your name attached to an approval without changing any records. - Ask Finance/Procurement to run a targeted control check (today):
Ask them to verify:- the approval matrix (who can approve what) and whether it changed
- whether any supplier bank details were recently changed
- whether there are duplicate invoices or invoices split to bypass limits
- whether your name is attached via a workflow role rather than your actual login
- If you feel exposed, ask for a protective temporary measure (today):
Ask Finance/Procurement to remove your approval role temporarily (or route approvals away from you) and confirm the interim arrangement in writing so you are not pressured to “keep approving” while it’s unresolved. - If you’re worried the issue involves management or you could face retaliation:
Use your employer’s whistleblowing/protected disclosure route (or confidential reporting channel) if available, and keep your report factual. If you’re unsure what route fits, consider getting general workplace process advice (for example from Acas guidance) before you escalate further. - If it appears to be fraud beyond an internal mistake:
Ask your employer who will make any external reports. If you need to report personally:- If you live in England, Wales, or Northern Ireland, you can report fraud/cybercrime to Report Fraud.
- If you live in Scotland (or it happened there), report to Police Scotland (typically via 101).
If it is happening now or there is immediate risk, use the appropriate emergency route (999).
What can wait
- You do not need to decide now whether to resign, confront anyone, or threaten legal action.
- You do not need to identify the person responsible before reporting — containment and log preservation come first.
- You can wait to take wider personal identity steps (credit checks, protective registration) unless you see signs your identity is being used outside work.
Important reassurance
It’s normal to feel panicked or ashamed — especially if you’re worried you’ll be blamed. Prompt, factual reporting and asking for audit logs to be preserved is a sensible protective step and helps separate an honest concern from wrongdoing.
Scope note
These are first steps to stop further damage and protect you from being wrongly linked to approvals. Later steps (formal investigation, recovery of funds, disciplinary action) should follow your employer’s formal processes and may need specialist support.
Important note
This is general, first-step information, not legal advice. Workplace systems and reporting routes vary by employer and sector. If you’re pressured to approve or “sign off” anything you do not understand, it’s reasonable to pause and insist the issue is handled through documented internal channels.