Ivalua expert talks out: how can the Trustpair and Ivalua integration safeguard your S2P cycle against fraud?

ivalua
IN THIS ARTICLE
Table of Contents
Like it? Share it

In the ever-changing business environment, procurement professionals increasingly struggle to preserve the integrity of their source-to-pay (S2P) processes amidst rising fraud attempts. With 96% of businesses reporting fraud in 2023 alone, the need for robust solutions is clear. Trustpair’s native integration into Ivalua’s platform merges advanced fraud prevention technologies with procurement systems to enhance security and streamline vendor onboarding. Stephen Carter, Director of Product Marketing at Ivalua, gives us more details on this partnership and its benefits.

Learn more about the integration in our latest white paper!

New call-to-action

  • Could you present yourself, and explain your experience in procurement and your work within the Ivalua platform organization?

From a product perspective, I’m primarily responsible for invoicing and payments technology as well as integrations. I look after that from an R&D product development perspective and make sure that we’re developing the right things to meet our customer needs ultimately.

I’ve been at Ivalua for five years and I’ve been in the industry generally since I left school talking about invoices, payments, and all the ERP integrations, I’ve done AP projects, I’ve done supplier side billing, I’ve done almost anything really from sales through to product marketing. So I’ve pretty much seen it all. I’ve worked in different companies – like Bottom Line Technologies for example, very focused on payments and accounts payable.

I’ve also worked in the UK government in Crown Commercial Services, but also working on advisory panels around e-invoicing and P2P.

  • What was your role in the deployment of the Trustpair integration? How did you take part in the process?

I’ve been heavily involved, understanding what the needs are, and working with the R&D teams to make sure we can put the Trustpair capabilities in at the right part of the customer journey and the purchase journey. And its important factor is around the validation of supplier data from a payments perspective. That’s really what Ivalua was most excited about when initiating the collaboration with Trustpair.

This meant cutting out frauds like phishing where someone might infiltrate supplier systems and send fake bank details in and get paid all the way or internal fraud. I’ve seen a lot of internal fraud, it’s a huge risk for companies: an individual within an organization has a certain level of security clearance and edits payment files or banking numbers and then changes them back again. No one can see what happened.

Sometimes there’s also collective internal fraud: an individual sets up a bogus supplier and someone internally will pay the bogus invoices of the fake supplier. And it’s not only on the finance side: all sorts of people can go in there and have rights over the supplier data. They can edit things and have fraudulent activity going on.

The most obvious way of doing all these types of fraud is by changing supplier bank account details. That’s why having a solution like Trustpair that controls these bank account details is the ultimate safeguard. And I think there are two levels of control. First of all: is this bank account used by this supplier or this person? You can check the company ID, the address, and so on. Then obviously, checking the account exists and is linked to this specific supplier.

There’s a very important compliance component as well. Suppliers are sourced and onboarded contractually. During their onboarding phase they send banking details and any change should immediately raise a red flag: from a compliance perspective, you should be paying who’s on your file in your system. If the supplier changes bank account, there definitely should be a process to flag that, identify it, control the new data, and update the contract because that is a legal requirement.

There are two factors here. 1. From a contracting perspective, you should only pay the supplier you’re contracted to pay. 2. You should make sure that the ownership of that bank account is correct before you make your payment. The issue is, I see more and more companies have layers of sticky tape and very complex processes within companies. And the more complex these processes are, the more opportunities there are for fraudsters to commit fraud.

  • You’ve been working in the landscape for over 30 years: what are the main changes and trends that you’ve seen in terms of new risks, new types of fraud, and new techniques? What are your insights and impressions?

Obviously, check fraud was much more prevalent back then. But even though the transition has been made to electronic payments in many countries, it’s not the case everywhere. Checks are still used and with them are fraud risks. I think what’s changed today is the gaps between supply records.

Companies have many tools – ERPs, S2P tools, etc – that creates multiple data pools of supplier information. It’s getting difficult to know which record is the right one, the genuine one, and so on. And obviously, the more loopholes you have in a process, the more opportunities there are for fraud.

It’s all about removing this opportunity of fraud: you can’t really act on the motive or the means, but you can definitely have the right controls in place to remove the opportunity.

  • What about the rise in cyber fraud, is it something that you’ve seen in the past years? Have you had many clients that have been cyber-attacked?

Most cyber-attacks aim at extracting data and then using that data for something else, for malicious means – sometimes to edit supplier records. That’s where our joint systems come in: we can identify and flag any change and trigger an alert but we can also validate the genuine changes in information.

It’s about removing the opportunity to commit cyber fraud. From a cyber-attack perspective around payments, it’s all about ensuring you have the right defenses in place and that you can trap anything that is done to your supplier records and have traceability. And the more supplier databases you have, the more difficult it is to trap these activities.

  • What were your main goals when entering a partnership with Trustpair?

We were getting regular requests from our clients to validate bank account details. And it wasn’t just validating the IBAN was a valid IBAN number, which is fairly simple to do. It was really about validating the ownership of the bank account. This had to be a simple process, and as automated as possible. We needed to be able to validate each supplier when it came on board and when there were any changes. Almost all of our customers were requesting this type of feature.

Many companies have manual processes to phone the supplier up and check. Obviously that is very flawed: you don’t know who you’re actually talking to on the phone. Is this person trying to commit fraud? It’s yet another gap. Many things introduce risk. Automating that process not only cuts down the human effort, but it also cuts down the fraud risk.

  • Can you explain in your own words how the integration works? What features does Trustpair bring to the Ivalua platform?

The connection to Trustpair can be called from a number of locations in the workflow process. It can be called during the initial stage when the supplier is onboarded: we can validate the bank account and the ownership of this bank account at that stage. Most of our clients use it at this stage: it means you’re starting a relationship with a supplier with the right data, the accurate data. Once you start doing business and transactions with this supplier, you can also go back and validate once again the bank account, or validate any changes that were made.

Changes can be requested by suppliers, by users, or by invoices directly. You can check it’s all accurate. Our system calls on Trustpair to check all these supplier details and get a direct evaluation of the bank account. So “this is a valid supplier and his bank account matches” or on the contrary “be careful something is wrong here.”

  • What feedback are you receiving from users of the integration?

The power of the solution is that it’s straightforward and to be honest, most customers don’t even know they’re using it. That’s the strength of the solution and that’s the point in fact. Users are only involved if there’ an alert, or a change in data. It’s very transparent and removes the opportunity for people to fiddle with vendor data.

  • What developments of features could you see in the future?

I think increasing geographical coverage will always be a priority, especially in a context where open banking is gaining momentum. It’s obviously also about keeping track of all the open banking regulations.

  • Is there anything you’d like to add on the main benefits of the collaboration?

What’s most important is the security you’re giving the customers, the ability to reduce fraud. Unfortunately, fraud is here to stay and you can’t remove these external risks: however, your solution manages to remove the opportunity. Automation really reduces the fraud risk. It also saves time and resources for teams.

Nouveau call-to-action

Are you an Ivalua user looking to wipe out vendor fraud? Request a demo to chat with a Trustpair expert!

You’d like these articles

FAQ
Frequently asked questions
Browse through our different sections and find the answer to your question.
No data was found