You never plan to have inaccurate data in your vendor master file, but it happens over time. Incorrect and unnecessary vendor data builds up, which can increase the risk of contract and procurement fraud as well as duplicate payments. According to the ACFE, billing fraud is approximately 22% of all monetary fraud and the most common.
Organizations are being held to a higher standard when it comes to governance, risk management and compliance. Federal, state and international laws and regulations make it important to keep accurate and complete information in your vendor master file. It is also key to controlling costs and ensuring accurate analysis in the procure-to-pay process.
Relying on staff to manually monitor the vendor master file is time-consuming and ineffective. Spotting high-risk or duplicate vendors in your vendor master list is not as simple as reviewing your list periodically. And, most companies are operating with less staff to do the monitoring and auditing of finance already. While there isn’t an epidemic of procurement fraud, the risk is real: 26% of companies experienced vendor fraud in 2016.
Below are four key areas to be watching to reduce vendor fraud and to help stay on top of vendor risk with current third-party vendors or those being onboarded.
- Watch the Federal Watch Lists
OFAC, FTO and BIS maintain lists of organizations and individuals that companies must not do business with, and fines for violations can be hefty. Even if only one of these vendors finds its way onto your vendor master list, it creates unnecessary risk. The first level of defense is to check vendors against OFAC and other denied party lists before issuing a contract. But because new parties are regularly being added to the lists, existing vendors need to be periodically checked as well, ideally before cutting a purchase order or disbursing funds. The only practical way to do this is to use an automated procurement monitoring solution that can be configured to check vendors automatically against watch lists at these critical stages of the payment process.
- Identify Unusual Master Data Changes
Vendor name, address and bank account changes and change-backs can be red flags for potential vendor fraud. Automated solutions like Oversight, use advanced data analytics to identify anomalies that require further investigation. These may include new vendors added, address changes, bank account changes, vendor status changes from inactive to active, disbursements made to two vendors with the same address or to vendors with similar names, and vendor addresses that match employee addresses. By leveraging automation in your finance process, you can segment vendors into high-risk types like agents, consultants and facilitators, and quickly weed out those vendors that could be a high-risk. While fraud may not be the intent, such findings should trigger questions about internal processes and controls, including segregation of duties.
- Dump Duplicate Vendors, Reduce Duplicate Payments
Failing to remove duplicate vendors from your master list can cause duplicate payments to occur regularly. Instead of waiting for vendors to say something, detecting duplicate payments becomes easier when you use an automated solution to identify duplicate vendors. Duplicate records may be something as simple as a typo in the original vendor entry. Cleaning up these duplicate vendors from the master list eliminates the most common cause of duplicate payments.
- Complete Missing Vendor Details
Regulators expect you to know how all third-party organizations work with you – and, in some cases, how they work with your customers. Take the steps now to update the master vendor file because correcting missing information can be the easiest way to cut risk. This can be challenging for large organizations that have many business units that track vendors differently, making it hard to compare them across the entire organization. It is recommended to leverage an automated procure-to-pay analytics solution to look across disparate systems and connect the data to create a complete list of vendors.
Not all vendors are high-risk, but the few that are can wreak havoc on any organization’s procurement process and governance, risk and compliance (GRC) strategy. Automating the risk detection by leveraging automation technology such as Oversight enables you to ensure your master vendor list is accurate and up-to-date thereby reducing risk and waste in your procurement process. Watching who you work with and removing unnecessary vendor master risk has never been easier.
Want to see how to operationalize compliance, sign up today for a brief demo of Oversight Insights On Demand.
Nathanael Lheureux is Vice President of Client Engagements at Oversight Systems.