5 Ways Your Vendor Master is Costing You Money- Compliance Edition
Compliance is not anyone’s favorite word.
Compliance is not anyone’s favorite word. The angst and tension many procurement and AP staff work with on the daily is only exacerbated by the worry of accidentally violating terms of compliance. There are the considerations of the external world, such as the OFAC and debarment lists that haunt payments professionals (hello giant federal fine!), but there is also the world of internal compliance- much of it shifting with stunning regularity.
The burden of keeping inside the lines for all of these rules and regs falls largely on the shoulders of people deciding to press ‘send’ on a payment file. Here are five landmines they need to contend with for every payment instruction file they send, and just exactly what each is costing you.
1. You might be doing business with vendors on federal sanctions lists
Every company knows they should not be doing business with vendors whose names appear on sanctions lists. Your staff likely check the lists when they initially onboard a new vendor. That’s the easy part. The hard part is for your staff to continually monitor these lists — OFAC and SAM.gov sanctions lists, for example — to ensure there has been no change.
It can be a significant time burden to check the relevant sanctions lists every time a purchase order is issued, we know. It’s such a burden that even though it is an absolute necessity, we have come across very few companies (maybe zero?) who are currently doing this kind of continuous monitoring, and that will obviously be a big problem if a current vendor becomes a barred vendor sometime after you pay their first invoice.
How this costs you:
- big time fines
- a loss of federal dollars for your organization
- reputational harm
2. Your vendor master likely does not have up to date 1099 information
The human element of mistakes runs the gamut from typos to using an old remit address to attributing a piece of information to the wrong company. It’s also, shockingly often, just sloppy handwriting — ask anyone who has ever had to decipher a handwritten W-9.
If you are leaving things to chance by asking your AP staff to collect and input information manually from paper forms into the ERP, then I promise you, your data is not clean.
How this costs you:
- returned checks for incorrect addresses
- charges for returned ACH for incorrect routing or account numbers
- time and effort finding, correcting and reissuing payments
- B notice fines from the IRS for incorrect 1099s
3. Your vendor diversity status is not tracked
In the not so distant past, many American companies could merely say they wanted to have a diverse supplier base. Lip service is no longer enough, however, and from the highest levels down, senior leaders are demanding procurement teams hit specific spend numbers and have proof of a diverse supplier file.
No longer is a cursory audit of vendors enough. Now, certifications are essential for companies to verify they are doing business with minority-owned companies, historically disadvantage businesses, women owned businesses and veteran owned businesses, for example, and on top of that, they need to steer clear of suppliers who have a history of, say, employment discrimination. Audit trails are also necessary to prove this to shareholders, investors and boards. How are your staff fulfilling this mission?
How this costs you:
- reputational harm
- time spent backtracking to build accurate lists
- more suppliers = more competition = better pricing (it is literally costing you not to diversify!)
4. Your vendor onboarding process has no visibility and no audit trail
Let me lay out a scenario for you and tell me if it seems familiar.
An invoice arrives one day and, lo and behold, the vendor who submitted isn’t anywhere in your system. Nobody knows who invited them or even what was work done. As a result, a ton of time is wasted investigating exactly what this invoice is for. Then more time is spent getting the new vendor onboarded into your ERP. You’ll need the W9. The remit address. The order address. The banking info. Maybe that certification proving they are a HUB. Meanwhile, their payment term window has passed.
This sort of cart-before-the-horse chaos is so costly to your business. Your staff needs to be able to clearly track who invited a new supplier, who approved this supplier and that the info the supplier provided is accurate and trustworthy. If you are relying on manual processes for this, I can promise you mistakes are being made. Creating a central audit trail that everyone within your company can refer back to will help you avoid headaches and save an enormous amount of time and money.
How this costs you:
- maverick spend
- potential invoice fraud, social engineering fraud or BEC fraud payments
- audit headaches
- late fees on overdue invoices
5. You don’t know if the certificates of insurance your vendors have are expired
This might be a fraud vector that some people don’t worry about too much. Because you trust your employees, right? Depending on who has access to your ERP, someone on the inside could change bank account details.
This risk alone would be enough of an argument to get out of the business of storing bank account numbers, but you’re also vulnerable to bad actors on the outside being able to hack into your ERP and change an account number. So finding a partner or system that takes banking accounts out of your ERP could eliminate a huge fraud vector that you might not even be considering at the moment.
How this costs you:
- another opportunity for fraud (inside and outside)
- reputational harm (no one wants that headline)
Taking necessary precautions to reduce fraud and human error is just smart business. Audit these five areas now and preemptively put in roadblocks will save you time, money and allow your employees to mind your business, and stop worrying about threats.
Read our FREE guide:
Automation: Pitfalls and Practical Advice in the Quest for a Perfect Vendor Master
