The purchasing process in organisations has been digitized to become more efficient, compliant, and secure. Procure-to-Pay, or Purchase-to-Pay (P2P), refers to a whole process and not just electronic invoicing. As the name suggests, it covers all the steps from initial procurement to payment for goods or services.
Although designed to be speed up systems and add extra security, most P2P systems fall at the last hurdle. They do not provide third-party bank checks as part of the process. This is one of the elements most at risk of fraud attacks, either by internal or external perpetrators.
Business email compromise fraud cost businesses over USD 26 billion from 2016-2019. A common tactic used by fraudsters is taking over email accounts of employees and intercepting requests for payments with fraudulent account information. They can also make legitimate-seeming requests for funds but, again, these are paid into the scammer’s account.
Without robust and comprehensive systems and processes organisations will continue to put themselves at serious risk of fraud and all its regulatory, legal, and financial implications. The Procure-to-Pay process is one step in safeguarding a company’s financial transactions. We will tell you how to make them even safer.
What is the Procure-to-Pay process?
- Identifying and approving a requirement
The need for a product or service will be identified by an employee and approved by a manager. At this point a request can be sent to the procurement department.
- Purchase order
The procurement department creates a purchase order (PO) to be automatically routed for approval and transmitted to a supplier (supplier choice can also be automated).
- Receipt of goods/services and e-invoicing
Once the goods or service have been sent the supplier sends their invoice to the accounts payable department. This can be done electronically through the P2P supplier portal. If sent by email or post they will be converted to e-invoices.
- Matching and approval
The e-invoice will be matched against the PO and receipt of goods. If terms match it will automatically be sent for approval. Rules can be established that invoices over certain amounts need extra approval, for example, and these will automatically be forwarded to the relevant person.
Once payment has been authorised suppliers receive their money as scheduled. Without third-party bank checks this element of the process is still open to fraud.
The Benefits of P2P
There are various benefits to using a procure-to-pay process. Firstly, the system is streamlined and faster. Employees receive the goods or services more quickly and suppliers can invoice more quickly.
Employees can perform tasks of greater value to the company than manually raising purchase orders and invoices. Going paperless obviously has environmental implications that align with corporate social responsibility goals as well.
Supply chain visibility means that invoice status can be seen throughout the process. This should enhance supplier relationships, help manage expectations, reduce the number of queries on payment progress, and so on. Suppliers who can see payment schedules may be open to improving terms, for example.
Exceptions are more immediately obvious and more quickly dealt with. Invoices requiring additional approval will be flagged and approved faster, reducing delays that can cost a company money.
It is easier to use data captured in a system by running a report than it is to collect, sort and present data manually.
Perhaps most importantly, however, using a Procure-to-Pay process will reduce fraud risk and risk relating to human error. Having a full audit trail of suppliers, purchase orders, approvals, invoices, and payments makes it harder for employees or outside perpetrators to divert funds.
However, adding third-party bank security checks to a P2P process will greatly improve your chances of preventing fraud.
Third-party bank detail checks make P2P more secure
Employees and systems that deal with making payments are at the most risk of being targeted by fraudsters.
Finance department employees need to be properly trained in the scams fraudsters can use to divert funds. They need to know suppliers well to recognise suspicious behaviour. They should forward emails to addresses held on file rather than hitting reply. Account details should be independently verified before payments are made to avoid falling victim to business email compromise. This all takes a huge amount of time. It is open to both human error and deliberate diversion of funds by employees themselves.
Trustpair’s Third Party Management and Payment Security software runs an automatic check of payment files to detect suspicious behaviour. Our Bank Supplier Check software verifies bank and corporate details worldwide. Our systems save time, money, and risk.
Please get in touch so we can demonstrate how our software can make your company’s P2P process more resilient and resistant to fraud. Contact us to request a demo and help protect your business against fraud.
- The Procure-to-Pay process makes companies more resilient to fraud
- Third-party bank security checks are needed to make P2P systems more robust
- Trustpair software will add extra security and peace of mind