Exclusive Webinar - Wednesday 18th May -2:30 PM BST - Perspectives and challenges: Transformation Projects - Register now to secure your spot!

The State of Procure-to-Pay Protection

05th May 2022

Senior finance managers were recently surveyed about what supplier information they are checking within their Procure-to-Pay cycle. Let’s break down the results to see what’s happening now, and what can be improved.

Suppliers are central to your P2P cycle, and in a position to make this run smoothly or slowly with a high level of risk that something could go wrong. To this end, all organisations conduct one or more checks on their suppliers, looking for issues that could blow-up later.

Our survey showed a broad range of aspects are being checked, with three stand-out areas: bank detail changes, suppliers that may be duplicated, and missing/incorrect VAT details. These 3 types of check were the most common response, selecting multiple options was allowed.

Supplier Details Validated

Whilst it is good news that there is checking for these 3 types of problem in supplier data, as these are long-established problems, it’s no surprise that there is widespread use of these basic controls.

However, we know that the risk landscape for Procurement and Accounts Payable teams is continuously changing. The risk of data errors has been replaced by the risk of fraud as the most concerning of supplier risks:

Are we be doing enough to prevent fraud? Very few organisations conduct “employee details” checking (only 3.7% of responses), yet this accounts for 15% of the concern about supplier risk – where suppliers collude with employees in order to gain an unfair and often illegal financial advantage at various points in the P2P cycle. Collusion is one of the largest contributors to the estimated £137 billion1 lost to fraud in the UK each year.

With supply chains under huge strain, any factors that can interrupt the flow of supplies needs to be prevented wherever possible. A supplier that suddenly falls outside of your accepted standards could cause a delay in supplies, as alternatives are sought (which if done in a hurry is a new source of risk).

Pre-emptively checking your key suppliers to see if they appear on any government or security service sanction list is a straightforward check, which should be done daily. Similarly, checking to see if your suppliers appear in any adverse media reports, have a poor ESG rating, or employ Politically Exposed People (PEP) should be regular checks – to protect your reputations – as much as your supply chain, from costly interruptions.

The majority (55%) of survey responders believe there is more value available from increasing the scope of their supplier checks. Whether through a reduction in fraud, protection of brand reputation, or simply reducing slow and expensive P2P processing, improving the quality of supplier data – and keeping it clean, is a sensible, easily attained, and profitable investment that all finance teams should consider.

You can see the full PPN report “Supplier Risk Management in Procure-to-Pay – New research uncovers widespread vulnerabilities in financial operations’ risk protection” by clicking here.

Our previous blog, taken from this report: “How often are suppliers checked?” can be found here.

  • The Financial Cost of Fraud 2021. The Centre for Counter Fraud Studies, University of Portsmouth.



Subscribe and get the latest expert advice, practical tips, and useful risk and compliance information delivered straight to your inbox