The procure-to-pay process (or P2P) is at the core of financial departments. While it ensures your company functions as it should and maintains good relationships with your suppliers, it also represents a risk.
Scams are on the rise, and any breach in the P2P process is the first target of fraudsters. Therefore, a robust and optimized procure-to-pay process is essential for good vendor management and to guarantee your company’s safety.
So, how do you keep optimizing your procure-to-pay process to protect yourself from fraud? Keep reading to find out!
At Trustpair, we help financial execs secure their P2P processes by continuously checking third-party information. Contact an expert to learn more !
Introduction to the Procure-to-Pay Process.
What is the procure-to-pay process?
“Procure-to-pay” describes the process used in organizations to purchase goods and services, from the selection of a commodity, a good, or a service, to its payment.
It’s an important part of your supply chain management. It’s also called the purchase-to-pay process, or P2P.
The process can be done manually, but these days it tends to involve software like SAP, Oracle, or other ERPs.
What are the steps of the P2P process?
The P2P process goes from the initial procurement to the payment of goods and services. Here are the steps of the procure-to-pay process:
- Identifying the business needs for specific goods/services, and sourcing them through suppliers. This can be done automatically through a purchase order system (like procurement software) or bidding from various vendors. Negotiations usually happen at this stage
- Issuing a purchase order to the selected supplier.
- Receiving and invoicing. Suppliers deliver the goods or services and then send an invoice.
- Invoice verification and payment approval. Invoice approval needs to happen before payment matching happens.
- Paying the supplier. Actually sending the funds to your suppliers – is the riskiest and most overlooked step in the P2P process (more on this later).
Who is involved in the purchase-to-pay process?
Some companies have a procurement department, with its own procurement officer. Others have a departmental procurement management strategy.
In all organizations, however, the accounting and/or financial departments are involved in the payment reconciliation (when purchase number, invoice, and payment are matched).
The P2P process specifically involves Accounts Payable, Procurement, Treasury, and even Internal Control – which in large corporations are whole departments.
Regardless of who’s involved in it, the goal is to increase your operational efficiency over your P2P as it can be a costly, labor-intensive process.
Making it more efficient leads to cost reduction, while increasing your cash flow management and your company’s security.
Common Challenges and Risks in the Procure-to-Pay Process.
Having a P2P process doesn’t come without its sets of inherent challenges and risks. Let’s have a look at some of them, which could prove dangerous for your organization.
Inadequate procure-to-pay process.
As companies grow, it can be a challenge to keep their business processes up-to-date. P2P is no exception.
It’s not uncommon for organizations to have a procurement system that’s irrelevant, either because it’s too old, or because it doesn’t meet the needs of your current business.
When that happens, every line manager or department can decide to take the matter into their own hands and turn to another purchasing system. You end up having a siloed P2P, with no global procurement management.
It’s also an increased security risk for your company if your employees decide to use their own procurement software or process. By multiplying the number of software used in your company, you multiply the risks of security breaches.
Non-compliance to internal standards.
Similar to the previous point is when an employee decides to make an exception to your procurement policy. They decide to do it their way either by foregoing the bidding process, stopping negotiations with a specific supplier, or ignoring some quotations from others.
While making exceptions can happen for specific, strategic sourcing sometimes, it’s not a great practice to create a precedent. Whatever the reason, varying your internal policy puts your company’s internal safety on the line.
It’s an open door to making an “urgent transfer” to a well-known supplier or even to the CEO, which are common excuses used by scammers in wire transfer scams.
Those risks can be reduced by making sure you carry out 3 way matching before payment approval, meaning you check the invoice against its purchase order and order receipt.
Your internal standards are here for internal control, but also to guarantee the safety of your company.
Lack of transparency over the procure-to-pay cycle
In large corporations, P2P is a business process that can become opaque and confusing – especially for people outside of the financial department.
It’s important that everyone – not only the chief procurement officer – understand the necessity and implications of your procure-to-pay process.
If your employees don’t have visibility over your P2P, they won’t be able to follow the rules, correct mistakes, or even spot fraud attempts.
While essential, the P2P can turn into a gateway to fraudsters.
Financial fraud attempts.
The biggest risk of your procure-to-pay process is financial fraud. And changes in suppliers’ credentials are actually the number one way financial fraud happens.
Between the moment you place your order and the moment payment is sent to your supplier, scammers have numerous opportunities to commit fraud. They can for example impersonate your vendor (spoofing) and send you an email changing their bank details.
That’s what we call vendor fraud. It’s done either by hacking into your system or your suppliers’. If you don’t do systematic account IBAN validation (or use a tool that does it for you like Trustpair), you won’t notice it and pay the wrong person.
Because of the nature of their jobs, your accounting and financial employees are most at risk. That’s why we recommend adopting the “4 eyes principle”: having two different people check everything when making your payment campaigns.
To learn more about B2B financial fraud, download our latest report!
The missing piece to your procurement software.
Nowadays, most companies streamline their P2P through procurement software. While the idea of not using e-procurement is laughable, it still represents a risk.
Procurement software speeds up the process, but it falls at the last hurdle: third-party checks.
Even with the best workflow automation, your company is still at risk of fraud if it doesn’t automatically check third-party information before approving payment.
Anti-fraud software like Trustpair does automatic, systematic, and real-time checks of your third-party information, so you always know you are paying the right person when you send payment.
Our tool integrates with Procurement software, TMS software, and ERPs. It’s additional security on top of your existing P2P process that completely eradicates the risk of fraud.
Best Practices to optimize your Procure-to-Pay Process.
Now that we’ve had a look at the potential breaches in your P2P, let’s have a look at some of the best practices you can implement today to increase your security and your operational efficiency.
Standardize and keep your processes up-to-date.
When’s the last time your procure-to-pay process was updated? As companies evolve, their business processes must evolve with them too.
Regardless of what your actual process is now, it could probably benefit from being reviewed and refined.
If you don’t already do it, three-way matching is a great way to limit your risk of supplier fraud. Before payment approval, you check the invoice against the purchase order and the order receipt of your supplier.
Supplier risk management should be a priority for your business. Standardizing your P2P can include streamlining your contract management process with your vendors, for example.
It could also look like setting up some new KPIs and a dashboard to increase your visibility (it’s easier to react to fraud when you know it’s happening!).
The goal is to make your procure-to-pay process more transparent and more traceable. That’ll ensure compliance throughout your company.
It also leaves an audit trail, making it easier for internal controls as well as potential external auditors. An improved P2P can also make it easier to manage your accounts payable and generate accurate financial reporting.
Become a cyber-aware organization.
Protecting your company against fraud attempts requires a holistic approach to the matter – it cannot be only one person’s (or one department’s) job.
Rather than implementing a set of floating measures, you need to move towards becoming a cyber-aware company. By instating this into your company’s culture, you’ll be much more successful – and protected!
For this, you need to communicate on two points:
- Your P2P process: we recommend sending regular reminders and updates of what your internal standards are, the tools to use, your payment policies, etc.
- Your security risks: train your employees to detect fraud across your company. Cyber-security training can include doing due diligence for the tools they use, as well as the common scams. It’s important to involve operational employees as well as management.
Use software to optimize the whole process
Using software will help you to automate parts of your process. It, therefore, reduces your labor cost and the human errors that’d irremediably be made if done manually.
For example, using anti-fraud software like Trustpair guarantees that your procure-to-pay process is safe from end to end.
To be completely safe, account details should be verified before every payment transfer. Doing so manually is time-consuming and error-prone. It’d be virtually impossible to check all the information of all your suppliers, all the time.
Our solution automatically checks your third-party information in real-time against international data sources. Thanks to machine learning, we’re able to quickly detect anything suspicious and raise the alert to your dashboard. Contact one of our experts to learn more.
To conclude..
Procure-to-pay (or purchase-to-pay) is the process used in organizations to purchase goods or services. It encompasses every step from vendor selection to order payment. In companies, it’s ususally carried out either by a procurement department or by each department that manages its own procurement process. Nowadays, it’s often done through e-procurement, with online tools. While it makes the process more efficient, most procurement software falls at the last step: third-party checks.
Common challenges of the procure-to-pay process are: using an inadequate process, non-compliance to internal standards, and lack of transparency over the process. That leaves an open doorway to fraudsters. Adhering to a few best practices to optimize your P2P will also result in decreasing the risk of financial fraud. Some of them are: ensuring compliance with your standards, becoming a cyber-aware organization, and using procure-to-pay software that carries out third-party checks.
