Supplier Experience Live 2024 8th October Amsterdam, Official DPW Side Event.

Register Here

Why Supplier Information Management (SIM) Is Key To Detecting and Preventing Fraud

Why Supplier Information Management Is Key To Detecting and Preventing Fraud

Fraud is a prevalent issue that impacts society as a whole and requires ongoing attention to reduce threats from fraudsters’ increasingly sophisticated tactics. It is currently on the rise and is forecast to continue on that trajectory for the foreseeable future. According to procurement consultants Comprara, it is estimated that by 2027, more than $348 billion will be lost globally due to fraud.

Fraudulent acts are a particular concern for the procurement industry and steps have been taken in recent years to combat its escalating impact upon both organizations and suppliers. However, more could be done from within the industry to significantly reduce financial losses. A survey conducted by HICX uncovered that nearly 9 out of 10 organizations are forced to rely on bad supplier data, therefore leaving them susceptible to the risks associated with major fraud.

This associated risk was acknowledged by more than 55% of organizations in the survey, who agreed that poor quality supplier data could be particularly detrimental, leading to supply chain risks and the potential for fraud. Despite these beliefs, poor supplier data remains a major issue within the industry.

The procurement industry does not have to accept poor quality supplier data and its repercussions. In this article, we will examine the root causes of poor supplier data, its role in detecting fraud and what can be done to combat the issue.

The importance of knowing who your suppliers are

While the question “Who are our suppliers?” may seem straightforward on the surface, the reality is, it is a question that most organizations cannot answer. This is a particular issue now that supply chains are increasingly complex and globally interconnected, and data remains the main challenge that CPOs face.

Why does the issue persist?

Organizations must ensure that fraud is being combatted as part of a wholly integrated strategy across the business. Any weakness impacts the whole strategy, but unfortunately, supplier data accuracy is often overlooked.  This is usually due to a greater emphasis on services, risk tools, or monitoring solutions. For example, many businesses rely on checks made during payment, which provides some degree of protection.

However, this does not tackle the issue at the source and instead attempts to address it downstream. Instances of fraud are usually a result of issues that occurred much earlier, and one of the main reasons is that many organizations do not know who all their suppliers are.

Detection of fraud as a use case for Supplier Information Management

It is for these reasons that an organization’s finance department should be heavily focused on the exploration of Supplier Information Management solutions alongside the procurement team. Supplier Information Management (SIM) is facilitated by supplier management software, and is an organization’s system, including the range of processes configured within the system to collect, organize, analyze, and utilize important information related to suppliers.

A key focus of SIM is the rigorous onboarding of suppliers to ensure that organizations capture accurate and necessary information from the beginning of the working relationship. It is also focused on meticulous supplier data governance for the entirety of its lifecycle and providing a clear and central repository from which organizations can access supplier data that can be used across the entire organization and as a single source of truth.

For these reasons, the organization should not view SIM as a mere procurement tool for onboarding suppliers and managing the associated data. Instead, organizations should view fraud detection and prevention as a central use case for SIM and understand its crucial role for the finance team in its fraud prevention strategy.

While it may be tempting to do so, organizations must not address fraud prevention in isolation but should instead work to ensure that it is considered in the broader context of overall supplier information management, alongside other Accounts Payable challenges, including invoice visibility, resolution of supplier inquiries and other similar inefficiencies.

Identifying the root causes of unreliable supplier data

If fraud management is to be successful, finance teams should focus on a range of objectives, including:

  • Complete oversight of all suppliers.
  • Reducing fraud risk associated with activities such as collecting or editing bank details and ensuring SOX compliance requirements when dealing with this information.
  • Enhancing PO compliance and invoice matching.

However, it is essential to consider that these outcomes cannot be reached without full and accurate supplier master data, especially in relation to the following three critical areas:

  • Supplier identification and tax information.
  • Supplier contact details.
  • Supplier payment details.

Unfortunately, ensuring that this vital information is entirely accurate and up-to-date can be highly challenging for organizations, leaving them vulnerable in fraud detection and prevention and undermining investments in other solutions elsewhere. 

Identifying the source of the problem

Supplier master data is usually out of sync due to the organization’s setup of the technology landscape. The setup often relies on transactional or multiple systems to capture and store this information. For example, one of the most common scenarios is that the Procure-to-Pay (P2P) system becomes the master for supplier data and, therefore, one of the main portals for all suppliers to the organization.  Unfortunately, this leads to essential data becoming prone to errors.

When supplier data is part of a transaction, the P2P is subservient to the ERP vendor master. This is not unexpected since the ERP controls the payment to the supplier; however, as soon as you have a second ERP instance, even if it is from the same supplier, the P2P will have a second vendor master. This results in at least one source of duplicated supplier data, leading to inaccurate or incomplete analytics and inefficiencies. It is also felt across the business as a whole and can significantly impact areas such as analytics.

There will be parts of the supplier information that will be common, such as company name and headquarters address, but parts of it will be related to the buying unit. This also has significant implications for adding or modifying supplier data. Data governance issues then become evident and can lead to areas of exploitation that leave the organization open to instances of fraud.

Issues that organizations should be aware of

The following should be considered when looking for the root causes of some of the most common issues.

Inability to onboard suppliers in a standardized, customized manner

Exceptions and processes often exist outside of the required norms, which add manual workaround, the potential for errors, and a lack of required information being established at the beginning of the organization’s working relationship with the supplier.

Lack of data governance

The finance team is usually assigned the responsibility of data governance, but there is often a need for increased levels of communication around the purpose of the data and all the use cases for which it will be required. Again, a lack of governance leads to potential oversights and weak points across the organization.

 Lack of ownership

Unfortunately, and usually because of the two points outlined above, most organizations fail to maintain good master data about their suppliers. Usually, the vendor master has an overload of data that is irrelevant to the business and inadequate for combatting fraud detection and prevention. There is also often a reluctance amongst key stakeholders to take ownership of ensuring that data is of the highest possible quality.

The impact on the organization

When we consider all the above, we can understand the challenges facing organizations in obtaining a single source of truth of supplier data due to the following:

  • Direct and indirect suppliers are rarely managed in the same suite.
  • Suites in enterprises have grown over time or through acquisitions. This means they often contain multiple vendor master records and, therefore, no single version of the truth.
  • Manual intervention is often required, which, unfortunately, can introduce further errors. This decreases automation and increases operational costs and TCO.
  • Automation is limited to use cases within each individual suite. This means that, unfortunately, automating processes across suites is impossible.
  • Vendor self-service is limited to onboarding with little provision for ongoing data management and lifecycle capabilities; this means that data is more readily out-of-date.

How Supplier Information helps organizations overcome these issues

Supplier Information Management helps ensure these issues are overcome and that data is of the highest quality possible for use cases such as fraud detection and prevention in three major ways:

  • It supports a rigorous onboarding process for all suppliers.
  • It provides governance around workflows.
  • It establishes a single source of truth.

Each of these and the implications are explored in further detail below.

Rigorous onboarding

Supplier master data, which should be considered the foundation on which all supplier-related information is built, must be managed with the highest care possible. Organizations must compile the required information at the beginning of the supplier relationship and ensure that it is kept updated on an ongoing basis. This must be done in a structured and controlled manner. This means that rigorous supplier onboarding has to be conducted from the outset and be the foundation on which everything is built.

Since fraudulent activity can occur anywhere and at any time, there is a clear need for 100% compliance and coverage. Supplier onboarding plays a crucial role in ensuring that the right suppliers are approved for all types of suppliers in all the required categories in all instances. It must also be standardized, ensuring that overarching corporate requirements are always adhered to.

Supplier onboarding software, as an aspect of SIM, is required to provide a method of quickly creating configurable workflows that can track end-to-end processes, initiate checks and approvals at all relevant stages, and automatically ensure that the key stakeholders join the workflow for all the aspects for which they have responsibility.

When supplier onboarding solutions are correctly implemented, they capture all information required by all departments across the organization rather than just the bare minimum for the purchasing or sourcing tool, which is usually the case.

It is also required to support relevant checks, such as validating credentials against supplier banking details—in other words, calls to third-party data sources; this information must be accurate and always current.

When organizations have the right solutions in place, data can be checked and validated at creation, ensuring that a golden record is created for master supplier data from the outset. Unfortunately, as P2P suites were not designed for these tasks, ensuring they can play this role is incredibly challenging.

Suites are not designed for the wide variety of supplier base information, so attempting to ensure that 100% of suppliers’ data is valid, unfortunately, means that there will always be use cases that the vendor has not considered. This means the system needs to be redesigned to ensure that the data model and workflow are extended to accommodate every possible variation. This is a timely, costly, and inadequate compromise for any organization.  

Data governance and workflows

Once onboarding has occurred, the next step is to evaluate ongoing data maintenance. This is another area where numerous weak spots from a fraud perspective can become apparent. Naturally, supplier data changes, some of it on a very regular basis, over time. When this takes place across thousands or tens of thousands of suppliers, the organization’s data can quickly become outdated or obsolete if the correct mechanisms are not in place to control it properly.

This means that recording and storing supplier data cannot be seen as a one-time exercise isolated from the onboarding phase. Processes must be in place that support ongoing data changes and enrichment with the required governance and checks and balances.

Organizations should use Supplier Information Management to support activities such as the following:

  • Building and implementing robust workflows to ensure that there is always a different approver from the requester.
  • The ability to monitor and report on changes to invoices.
  • Establish correct, legitimate communication channels between the correct stakeholders. This could, for example, ensure a single point of contact or validated contacts are recorded, helping to reduce confusion that could lead to gaps in security that fraudsters could exploit.
  • Reducing risks associated with supplier data editing processes. For example, using validation workflows that include the necessary data governance, such as those with the ability to authorize changes to bank account numbers.

Single source of truth

A supplier master data management solution must be able to support business processes so that all new data and changes come through a ‘single front door’ to ensure that data quality is maintained permanently. It is only by using this approach that an organization can avoid six of the most common data quality issues:

  • Inconsistencies
  • Inaccuracies
  • Invalidities
  • Incompleteness
  • Redundancies
  • Non-standard entries

SIM ensures that every supplier data system works from the same golden record. Whatever software is used to manage the different parts of the supplier lifecycle, they can all be kept in sync using a single supplier dataset.

Consequently, this makes it easier for organizations to track documents like ISO certifications, bank account information, tax certifications, and certificates of insurance throughout a supplier’s lifecycle. This ensures that SIM leads to greater compliance and organizations are less exposed to instances of fraud, as compliance with sanction lists, tax legislation, and other mandates reduces the risk of being exposed to ‘bad’ suppliers or actors in the ecosystem.

However, most organizations tend to recognize the extent of data quality issues only at the point of use, which is too late. Inevitably, this leads to a tendency to address the issues only at this stage with hotfixes, such as data cleansing. There are only two instances in a data’s life when quality is important—the point of creation and the point of use.

However, there tends to be greater emphasis on the point of use, leading to the point of creation being overlooked. This is far from acceptable when it comes to fraud detection and prevention. Instead, organizations should focus on control of the data rather than cleansing data after the fact. Opting to combat the issue at any other time in-between means that rogue data is available for exploitation.

SIM must be considered as a vital aspect of any integrated approach for organizations combatting fraud. Organizations that have a SIM solution in place and, therefore, have accurate supplier data records are better placed to fight and eliminate fraud by:

  • Having full awareness of who their suppliers. This enhances the ability to identify suspect entries or bad actors.
  • Ensuring that redundant records, such as defunct suppliers, are removed, which might otherwise be used to commit fraud.
  • Ensuring better management of change control and enabling closer audits so that when data has been edited for nefarious reasons, it can be more easily identified.
  • Tightening up approvals processes, including payment approval.

Procurement’s involvement in the financial aspects of supply chains will only augment demands for accurate supplier data within the organization. Having the correct supplier information management tools available will not only make organizations’ investments in other risk and fraud monitoring software more successful but will also ensure the organization is better placed to take advantage of future opportunities presented by other advancing technologies in the fields of AI, cybersecurity, and blockchain as they become available.

Posted in

Share this post