5 Ways Your Supplier Master Data is Costing You Money – Compliance Edition
Compliance is not anyone’s favorite word.
by Angela Sarno
VP Marketing
PaymentWorks5 Ways Your Supplier Master Data is Costing You Money- Compliance Edition
This blog was originally published in 2020 but was updated in October 2023 for accuracy and comprehensiveness – and to re-emphasize just how much supplier master data mistakes can cost your organization.
Compliance is not anyone’s favorite word. The angst and tension many procurement and AP staff work with on the daily is only exacerbated by the worry of accidentally violating terms of compliance.
There are the considerations of the external world, such as the OFAC and debarment lists that haunt payments professionals (hello giant federal fine!), but there is also the world of internal compliance- much of it shifting with stunning regularity.
Moreover, the burden of keeping inside the lines for all of these rules and regs falls largely on the shoulders of people deciding to press ‘send’ on a payment file.
That’s a lot of pressure, and there’s a lot that can go wrong. (So much pressure, in fact, that we’ve invented a holiday to honor vendor management professionals! More info at the bottom of this blog!.)
Let’s start by looking at the strategic importance of supplier master data, followed by some of the challenges of vendor management. Then, we’ll dive into the five things you want to look out for to avoid bad outcomes.
Table of Contents
Why Supplier Master Data is a Strategic, Critical Component
The Risk and Compliance Challenges of Supplier Master Data
5 Ways Your Supplier Master Data Could Cause Compliance Headaches
- You might be doing business with suppliers on federal sanctions lists
- Your supplier master data likely does not have up-to-date 1099 information
- Your supplier diversity status is not tracked
- Your supplier onboarding process has no visibility and no audit trail
- ERP access might be piling on risk
How Vendor Management Appreciation Day Can Help
Want Help Aligning Your Teams on Supplier Master Data?
Interested In Regular Supplier Master Data Tips?
Want Personalized Guidance on Your Supplier Master Data Strategy?
Why Supplier Master Data is a Strategic, Critical Component of Vendor Management
We often hear about the “tactical” and “administrative” components of supplier master data management. For instance, Vendor Management teams collect, clean, and standardize data. They beef up data with more information. They keep data in a central place and provide access to that repository as needed.
Sure, it requires tactics.
However, supplier master data is the lifeblood of the organization in many ways, offering strategic opportunities to boost ROI and improve operations.
Strong supplier master data means better insights – and better relationships with stakeholders.
It’s the stuff dreams are made of. Just ask Adeline Coe, Interim Assistant Director of Procurement & Supplier Diversity Services, University of Virginia:
When supplier master data is clean, current, and organized, organizations can make better-informed decisions and reduce risk.
The risk part is key. In other words, accurate, up-to-date supplier master data allows internal teams to more easily identify risk. Empowered by that data, teams can develop effective strategies to mitigate risk and avoid costly compliance violations and losses.
The Risk and Compliance Challenges of Supplier Master Data
One of the biggest deterrents to effective supplier data management is the manual nature of the work. While many organizations are taking steps to automate, many are still stubbornly holding onto the status quo of, ignoring our digital era in favor of a typewriter reality.
This stubbornness can (and does!) cause cascading issues. All it takes is one typo (let’s call it “fatfinger syndrome”) to cause myriad problems all the way down the line.
On top of that, our digital-driven economy moves fast. Governmental and industry-specific regulations can evolve quickly, hampering a non-agile company’s operations.
Your organization is at risk when you don’t adequately know who your suppliers are. You’re at risk when you’re dealing with aged data. You’re at risk when you have no insights into supplier diversity. You’re at risk when you have no supplier audit trail. And you’re at risk when you can’t keep tabs on existing and emerging fraud vectors.
We’ll dive into exactly what each of those means in the next section.
5 Ways Your Supplier Master Data Could Cause Compliance Headaches
Here are five landmines they need to contend with for every payment instruction file they send, and just exactly what each is costing you.
1. You might be doing business with suppliers on federal sanctions lists
Every company knows they should not be doing business with vendors whose names appear on sanctions lists. Your staff likely check the lists when they initially onboard a new supplier. Or at least they are supposed to, and that’s the easy part.
The hard part is for your staff to continually monitor these lists — OFAC and SAM.gov sanctions lists, for example — to ensure there has been no change.
It can be a significant time burden to check the relevant sanctions lists every time a purchase order is issued, we know.
It’s such a burden that even though it is an absolute necessity, we have come across very few companies (maybe zero?) who say with confidence they are currently doing this kind of continuous monitoring. This will obviously be a big problem if a current supplier becomes a barred supplier sometime after you pay their first invoice.
As a result, this costs you:
- Big time fines
- A loss of federal dollars for your organization
- Reputational harm
2. Your supplier master data likely does not have up-to-date 1099 information
The human element of mistakes runs the gamut from typos to using an old remit address to attributing a piece of information to the wrong company.
It’s also, shockingly often, just sloppy handwriting — ask anyone who has ever had to decipher a handwritten W-9.
If you are leaving things to chance by asking your AP staff to collect and input information manually from paper forms into the ERP, then I promise you, your data is not clean.
As a result, this costs you:
- Returned checks for incorrect addresses
- Charges for returned ACH for incorrect routing or account numbers
- Time and effort finding, correcting and reissuing payments
- B notice fines from the IRS for incorrect 1099s
3. Your supplier diversity status is not tracked
In the not-so-distant past, many American companies could merely say they wanted to have a diverse supplier base.
Lip service is no longer enough, however, and from the highest levels down, senior leaders are demanding procurement teams hit specific spend numbers and have proof of a diverse supplier file.
No longer is a cursory audit of vendors enough. Now, certifications are essential for companies to verify they are doing business with minority-owned companies, historically disadvantaged businesses, women-owned businesses and veteran-owned businesses, for example.
And on top of that, they need to steer clear of suppliers who have a history of, say, employment discrimination. Audit trails are also necessary to prove this to shareholders, investors and boards.
As a result, this costs you:
- Reputational harm
- Time spent backtracking to build accurate lists
- More suppliers = more competition = better pricing (it is literally costing you not to diversify!)
4. Your supplier onboarding process has no visibility and no audit trail
Let me lay out a scenario for you and tell me if it seems familiar.
An invoice arrives one day and, lo and behold, the supplier who submitted isn’t anywhere in your system. Nobody knows who invited them or even what work was done. As a result, a ton of time is wasted investigating exactly what this invoice is for.
Then more time is spent getting the new vendor onboarded into your ERP. You’ll need the W9. The remit address. The order address. The banking info. Maybe that certification proving they are a HUB. Meanwhile, their payment term window has passed.
This sort of cart-before-the-horse chaos is so costly to your business. Your staff needs to be able to clearly track who invited a new supplier, who approved this supplier, and that the info the supplier provided is accurate and trustworthy.
If you are relying on manual processes for this, once again I can promise you, mistakes are being made.
Unfortunately, that’s what some organizations must resort to – and they face an uphill battle trying to convince leadership that there may be a better way.
Fortunately, one cup of coffee might do the trick (or at least get you some ammunition to make your case for better tracking). Ayo Oshodi of Chubb certainly thinks so:
Creating a central audit trail that everyone within your company can refer back to (like this one right here) will help you avoid headaches and save an enormous amount of time and money.
How this costs you:
- Maverick spend
- Potential invoice fraud, social engineering fraud or BEC fraud payments
- Audit headaches
- Late fees on overdue invoices
5. ERP access might be piling on risk
This might be a fraud vector that some people don’t worry about too much. Because you trust your employees, right?
Depending on who has access to your ERP, someone on the inside could change bank account details.
This risk alone would be enough of an argument to get out of the business of storing bank account numbers, but you’re also vulnerable to bad actors on the outside being able to hack into your ERP and change an account number.
And trust us (and Linda Miller, CEO of Audient Group), these fraudsters are getting good:
So finding a partner or system that takes banking accounts out of your ERP could eliminate a huge fraud vector that you might not even be considering at the moment.
How this costs you:
- Another opportunity for fraud (inside and outside)
- Reputational harm (no one wants that headline)
- Taking necessary precautions to reduce fraud and human error is just smart business. Audit these five areas now and preemptively put in roadblocks will save you time, money and allow your employees to mind your business, and stop worrying about threats.
Read our FREE guide:
Automation: Pitfalls and Practical Advice in the Quest for a Perfect Vendor Master
How Vendor Management Appreciation Day Can Help
We get it – compliance is no joke. And while the business of supplier master data is not all fun and games, it should be some fun and games.
Therefore, we decided to bring the fun and games.
We know that the people who manage supplier master data face tall orders constantly, and we want to offer a hat tip…and a celebration.
We’re rallying everyone in supplier and vendor management to come together in honor of one of the most important, sometimes under-recognized roles across industries.
Most importantly, we hope you’ll join us in observing Vendor Management Appreciation Day (VMAD) on December 12th.
VMAD is a brand-new holiday geared toward unifying vendor management professionals and celebrating innovation in the field.
We’re also celebrating by releasing spectacular tools and templates each month.
Learn more here, and grab some free vendor management goodies.
Want Help Aligning Your Teams on Supplier Master Data?
Explore our blogs below. They’re filled with action items you can implement right away.
A Vendor Management Template You’ll Actually Use
Who Cares About Vendor Management? The Treasury Function We Don’t Discuss
Tackling Accounts Payable Challenges: Effective Solutions
Vendor Management Tips From the Experts Themselves
Vendor Verification: How NOT to Do it and What to Do Instead
Want Regular Supplier Master Data Tips?
Want Personalized Guidance on Your Supplier Master Data Strategy?
