Top 10 P2P Advanced Controls to improve your bottom line!

  • 701 views
Uploaded on

See how you can use Oracle's Advanced Controls in your P2P process to reduce cash leakage and improve your bottom line.

See how you can use Oracle's Advanced Controls in your P2P process to reduce cash leakage and improve your bottom line.

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
701
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
78
Comments
0
Likes
2

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal1 Top 10 Advanced Controls for Procure to Pay to Improve the Bottom-Line Mary Schaeffer Publisher & Editorial Director, AP Now Vital Nattuva IT Manager, CISCO Systems Swarnali Bag Product Strategy, Oracle Corporation
  • 2. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal2 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
  • 3. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal3 Program Agenda  Introduction  Top 10 P2P Issues that Impact the Bottom-Line  Oracle Advanced Controls Solution  Case Study: CISCO  Q & A
  • 4. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal4 About Mary Schaeffer Editorial Director & Publisher CRYSTALLUS, Inc. publisher Accounts Payable Now & Tomorrow newsletter  Nationally recognized accounts payable expert and consultant  Write free weekly ezine on AP issues read by over 7,500 professionals  Creator of Institute of Financial Operations Accounts Payable Innovation Certificate program  Editor-at-Large CFO Publishing’s Learning Pro: AP Edition  Frequent speaker at seminars, conferences and online events  Creator of half a dozen CPE courses for CPAs  Writes a free weekly e-zine, e-AP News  Author 18 business books including 101 Best Practices for Accounts Payable  BS in Math from York College (CUNY) and a MBA in Finance from New York Univ  She can be reached at marys@ap-now.com
  • 5. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal5 About Vital Nattuva IT Manager, Cisco Systems Inc  IT Manager in Finance IT  IT Service Owner for Payable & Expenses, Corporate Accounting and Procurement Services  Has been part of the transformational efforts at Cisco to consolidate multiple geographically aligned Finance instances into Single Global Instance on R12  Before Cisco, he has played an instrumental role in Implementing Oracle financials at various renowned companies across the Globe.
  • 6. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal6 Program Agenda  Introduction  Top 10 P2P Issues that Impact the Bottom-Line  Oracle GRC Advanced Control Solution  Case Study: CISCO  Q & A
  • 7. What Do We Mean by Control ‘Issues’  The processes that ensure:  Efficient and effective operations  Reliable and accurate reporting  Fraud resistant operation  Internal  External  Regulatory compliant (c) 2013 Mary S. Schaeffer7
  • 8. Financial Impact  Duplicate pays – often not huge amounts of $$ individually  What’s the big deal? 1)They add up! 2)Impact on sales 3)Impact on EPS 4)Fraud and the honest mistake (c) 2013 Mary S. Schaeffer8
  • 9. Impact on Sales  $1000 – right off the bottom line  1% margin = $100,000 in sales  5% margin = $20,000 in sales  $1,000,000  1% margin = $100,000,000 in sales  5% margin = $20,000,000 in sales (c) 2013 Mary S. Schaeffer9
  • 10. Earnings Per Share (EPS)  A= Total amount of duplicate and erroneous payments  B = Total number of shares of stock  A/B  Number should be small – like half a cent  Hypothetical example, a big company with a $10 million excess might have a hit on EPS of half a cent (c) 2013 Mary S. Schaeffer10
  • 11. Issue #1: Duplicate Payments – Two invoices  Late payments  Payment stretching  Discrepant invoices  Unresolved  Poor processes  Invoices to AP late (c) 2013 Mary S. Schaeffer11
  • 12. Issue #2: Duplicate Payments – Two Payment Vehicles Most Common  Invoice and p-cards  Expense report and petty cash  Statements Best Practice Takeaways  Never pay invoices on expense reports  Get rid of petty cash  Limit payments to one vehicle per vendor (c) 2013 Mary S. Schaeffer12
  • 13. Issue #3: Erroneous Charges on Invoices  Who pays freight, insurance etc.  Complete POs  Special deals (c) 2013 Mary S. Schaeffer13
  • 14. Issue #4: Paying before Due Date  The clean desk syndrome  Due date setting in system Real Life Example  Companies with problems who automate and forget they have due date set to pay on receipt  When was the last time you checked the due date settings in your ERP system? (c) 2013 Mary S. Schaeffer14
  • 15. Issue #5: Late fees  “We never pay late fees”  Open vendor credits Best Practice Takeaways  Avoid the issue completely  Pay on time (c) 2013 Mary S. Schaeffer15
  • 16. Issue #6: Duplicate Vendors in Master Vendor File  Potential duplicate payments  Correspondence issues  Internal control issue  If processors enter data  Segregation of duties concern  Rigid coding standards/naming convention (c) 2013 Mary S. Schaeffer16
  • 17. © 2013 Mary S. Schaeffer Issue #7: Inappropriate T&E Expense  T&E = Travel & Entertainment  The Alcohol Issue  The IRS factor  The morale issue  The bottom line factor 17
  • 18. © 2013 Mary S. Schaeffer Make Managers Responsible  Look before they sign!!!  Consequences  Firing - rare  Part of annual review 18
  • 19. Issue #8: Not Earning all Early Pay Discounts  Best financial return for any company  2/10 net 30 36%  Efficient processing Best Practice Takeaways  Track discounts lost  Investigate why  Fix root causes wherever possible (c) 2013 Mary S. Schaeffer19
  • 20. Tracking Discrepant Invoices, Lost Early Pay Discounts etc.  Why  Duplicates etc.  Fraud  In Excel or system  Regular Follow up and reporting  The list no one wants to be on  Analyze (c) 2013 Mary S. Schaeffer20
  • 21. Issue #9: Tax Errors: Sales and Use Tax, VAT  Wrong amounts  Proper jurisdiction  Proper documentation  VAT Reclaim (c) 2013 Mary S. Schaeffer21
  • 22. Issue #10:Purchase Order (PO) Problems  Split POs  Blanket POs  After-the-fact POs Real Life Example  Is anyone really monitoring ?  Does the PO ever get extinguished?  POs necessary to ensure proper payment  Best bet: All POs done before the fact (c) 2013 Mary S. Schaeffer22
  • 23. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal23 Program Agenda  Introduction  Top 10 P2P Issues that Impact the Bottom-Line  Oracle Advanced Controls Solution  Use Case – CISCO Systems  Q & A
  • 24. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal24 Advanced Controls  Layer of automated controls over ERP controls  Continuously monitor key controls  Detect and Report issues as they occur  Prevent issues from occurring  Quickly see high risk issues with exception based dashboards  Address issues that affect the bottom line  Reduces operational risk and process effectiveness What is it?
  • 25. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal25 Standard + Advanced Controls User Roles 3-Way Match Track Payments Sentiment Analysis Split Purchase Orders Hide Displays of Sensitive Data Duplicate Payments Transaction Threshold Amounts Duplicate Vendors Fine- grained User Access Configuration Snapshots & Audit Trial Transaction Pattern Analysis Fuzzy Logic, ‘similar values’ Advanced Controls Standard Controls Approval Hierarchies Track Discounts
  • 26. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal26 Business Risks Bottom Line Impact  Incorrect Vendor Payment • Cash leakage • P/L Impact ERP Control  Prevent the same invoice number from being entered for the same supplier and same supplier site Advanced Control Detective:  Detect invoices with “Similar” invoice number, same amount to the same supplier  Detect invoices made to the same suppliers but in different business unit  Detect invoices made to incorrect vendor with very similar names Preventive: • Put duplicate invoices on hold until proper investigation is complete Duplicate Vendor Payments
  • 27. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal27 GRC Advanced Controls One Enterprise Foundation Enterprise Risk & Controls Foundation Dashboards, Reports and Alerts NotificationsWorklists Email PerspectivesSearch Risk, Controls & Compliance Management ReviewsDocumentation Assessments RemediationSurveys Continuous Controls & Risk Monitoring SetupsAccess Master Data Audit TestsTransactions User Authored ControlsData Connectors Fraud & Error Patterns RoleBasedAccessSecurity WebServices&APIs Custom or Legacy Applications  Risk & Controls Repository  Assess and Certify  Detect Policy Violations  All Users & Applications  100% of Transactions  All Processes ̶ Procure to Pay ̶ Order to Cash ̶ Financial Reporting ̶ User Access  Manage by Exception  Optimize Processes
  • 28. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal28 Comprehensive Risk & Controls Mgmt. Identification Analysis Evaluate Document Assessments Reviews Author Execute Investigate Steps BUSINESS RISKS CONTROL OBJECTIVES CONTINUOUS MONITORS Assess Risk and Compliance Detect and Fix Issues Continuous Improvement & Monitoring
  • 29. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal29 Optimization Cash Flow Prevent Leakage Business Risks Controls Objectives Continuous Monitors Unapproved or Illegal Suppliers Delayed Supplier payments Incorrect Vendor Payment Capture all Discounts Accurate Supplier Information Valid Invoice Payments Valid Purchase Orders Duplicate Invoice Payments Incident ! Incident ! Incident ! Investigate Close Incident ! ERP Transaction Payment Hold Supplier and Invoices Created by Same User Discounts Lost due to Delays in Payment Multiple Suppliers with the similar email domain Erroneous Payment Purchase Orders created after Invoice Duplicate vendor in vendor master file Split Purchase Order Oracle Advance Control Process Overview
  • 30. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal30 Exception Based Dashboard
  • 31. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal31 Continuous Monitor – Duplicate Invoices
  • 32. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal32 Control Definition
  • 33. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal33 Incident Management
  • 34. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal34 Incident Management
  • 35. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal35 Preventive Measure
  • 36. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal36 Preventive Measure • Enforce controls & policy within the ERP systems
  • 37. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal37 …by Continuously Monitoring Your ERP Applications Advanced Controls Enables you to: Improve Bottom-Line Reduce Operational Risk Increase Process Effectiveness
  • 38. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal38 Advanced Controls Make Processes More Effective, Efficient Reduce Operational Risk Improve Bottom Line Detect unwanted transactions Detect settings that cause loss Detect problematic exceptions Automate policy management
  • 39. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal39 Program Agenda  Introduction  Top 10 P2P Issues that Impact Bottom-Line  GRC Advanced Control Solution  Use Case – CISCO Systems  Q & A
  • 40. Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 40 Oracle Advanced Controls – Customer Experience Vital Nattuva IT Manager
  • 41. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41  Company Overview  Need for Compliance  GRC Advanced Control Use Cases  Implementation Approach  Lessons Learned
  • 42. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42 Our Vision and Strategy Strategy Solve our customers’ most important business challenges by delivering intelligent networks and technology architectures built on integrated products, services and software platforms Vision Change the way the world works, lives, plays and learns Quick Facts Founded in 1984 FY 2013 Revenue: $48.6 billion FY 2013 Earnings per Share: $1.86 GAAP; $2.02 non-GAAP Q4 FY'13 Employee Count: 75,049
  • 43. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43 Business Opportunity in an Evolving World The Internet of Everything Deeper Insights for Greater Decision Making Empower People/ Increase Efficiency Create and Expand New Markets and Services Create Better Experiences to Build Better Relationships
  • 44. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44 Our Priorities Align to Solve your Business Challenges Mobile | Social | Visual | Virtual Video CollaborationData Center/ Virtualization/ Cloud Architectures for Business Transformation Intelligent Network • Routing • Switching • Services Leadership in the Core… Strategic Building Blocks Mobility | Security | Any to Any
  • 45. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45 Purchasing iProcurement iExpenses General Ledger Fixed Assets Accounts Payable Core Financials Employee Self-Service R12.1.3 Travel
  • 46. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46Cisco Confidential 46© 2010 Cisco and/or its affiliates. All rights reserved. Increased quantity and complexity of:  compliance requirement from internal/external audits  global country regulations  acquisitions and new Cisco entities Need for automation is required for:  solution compliance validation  capability to monitor 100% of data  scalability for Oracle and non-Oracle integration Utilize a Policy Maturity Model to measure how effectively a policy: • Identifies policy owner • Dictates requirements • Determines violations • States remediation • Is able to control Current process for policy violation detection and remediation: • Manual audit/sampling • Manual process design/implementation • Manual communication Majority of systems/tools requiring compliance enforcement are not integrated, and require: • Invasive tool development • Scripts to extract data • Manual validation across multiple tools/systems • Leveraging current capabilities Policy Process System
  • 47. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47Cisco Confidential 47© 2010 Cisco and/or its affiliates. All rights reserved. Policy Evaluate policy for requirements and remediation; increase “policy maturity” when required Control Rules Translate policy requirements into data level logic to identify violations Data Integration Environment to consolidate transactions, and apply logic rules to identify violations Remediation & Tracking Track violations, execute and track remediation Policy CCM Create compliance rules in TCG Publish reports for operations Track and manage history Compliance rules in TCG Compliance Tx Reports from TCG Transactions Compliance assessment through Incident and Remediation management Process
  • 48. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48 Duplicate vendors Identify creation of duplicate vendor sites Duplicate payments by vendor Identify duplicate invoice processing by vendor Maverick buying PO date should be prior to the invoice date Duplicate payments by invoice Identify duplicate invoices by similar invoice and by vendor Accounts Payable (Phase I) $ Duplicate invoice Duplicate invoice Duplicate vendor in vendor master file PO related problems
  • 49. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49 Withholding Tax (APAC) Identify the suppliers/ invoices where the incorrect rate of WHT was applied Identifying erroneous high value payments Payments more than 30% increase of the last rolling 6 months payment to the vendor VAT rate Identify different VAT rates applied by the same vendor, for same goods/services, for same bill to entity Accounts Payable (Phase II) $ Tax errors Tax errors Erroneous payment
  • 50. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50 Collusion – analysis of attendees Analysis of attendees to highlight the pattern of interrelationship with co- workers related to suspicious ER activity Amex/cash surfing Verify if same expense has been claimed both as Amex and cash Forensic repeat offenders Identify expenses claimed in iExpenses instead of booking through approved channels Expense splitting Identify expenses that were split to avoid policy violation iExpense (Phase II) $ Key word search in category Identify the expenses claimed using unapproved channels, and by wrong categorization to avoid activating the report for audit File attachment on Expense Reports (ER) Identify ERs with supporting documents in un- acceptable formats (like editable attachments like .txt) Noncompliant expenses Inappropriate T&E claim Duplicate expenses Inappropriate T&E claim Inappropriate T&E claim Inappropriate T&E claim
  • 51. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51 Implementation Approach Phase IIPhase I  Understand GRC capabilities  Identify gaps and issues  Stress test application performance  Enable GRC platform  Rollout AP use cases  Stabilize GRC platform  Rollout iExpense use cases  Achieve adoption Phase III  Expand rollout to other functions
  • 52. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52 For One (1) YearDate Analyzed Approximately 150+No. of Entities Four use cases in Accounts PayablesNo. of Use Cases Graph Initial Build 130M records processed 1.3M records processed Graph Incremental Build
  • 53. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53 Hardware Configuration • TCG analyzes millions of transactions so it needs enough resources (disk space and memory) • Follow Oracle recommended h/w and s/w and make adjustments based on the volume of transactions Model & Control Analysis Assessment • Optimize the design of models • Replicate read-only schema instead of using apps schema of EBS • Implement control data level security (by region) so incidents can only be viewed by the right user for that region Fit/Gap Analysis • Verify the availability of business objects for the use cases • Validate the model results first before running the controls • If you don’t need to secure your incidents, then do not use perspective for security Oracle Support • Early engagement with Oracle • Tight collaboration and partnership with Oracle ETL Performance Assessment • Perform multiple iterations of graph build. Monitor sys resources • Analyze transaction volume of each business object used in models • Understand the ETL design and Data Extraction criterion
  • 54. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54  Expense Management Forensic Strategy Automation  Potential Cost savings through increased compliance in hotel bookings (10% increase in compliance may Yield ~ 2/3 M $/Yr savings)  Potential savings through Procurement spend Channel alignment (realize higher discounts thru P-card program)  Reduced internal and External Audit costs  Cost avoidance of Operations in Audit remediation
  • 55. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55 Thank you.
  • 56. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal56 Program Agenda  Introduction  Top 10 P2P Issues that Impact Bottom-Line  GRC Advanced Control Solution  Use Case – CISCO Systems  Q & A
  • 57. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal58 Oracle Advance Controls OOW2013 Sessions & Demo Pod Slides
  • 58. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal59 Demo Workstation Moscone West 1st Floor #W-013 Monday Tuesday Wednesday Demo ID 3532 Workstation #: W--013 9:45 – 6:00 9:45 – 6:00 9:45 – 4:00
  • 59. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal60 Demo Workstation Moscone West 1st Floor #W-013
  • 60. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal61 General Session: Empowering Modern Governance, Risk, and Compliance  12:15PM Moscone West – 2006/2008  GEN8812 Automate Robust User Access and Security Controls for PeopleSoft  10:45AM Moscone West - 2009  CON8820 Panel Discussion: Intelligent Controls for Key Business Processes & Upgrades in PeopleSoft  3:15PM Moscone West - 3020  CON8822 Deloitte: Leveraging Oracle GRC Technology to Reduce Revenue Loss, Cost Leakage & Fraud  3:15PM Moscone West - 2000  CON8822 Learn More About Oracle Advance Controls Monday
  • 61. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal62 Top 10 Advanced Controls for Procure-to-Pay to Improve the Bottom Line  10:30AM Moscone West – 2003  CON8814 Center for Medicare & Medicaid Services Automates Internal Controls with Oracle GRC  3:45PM St Francis – Elizabethan C/D  CON9346 Enforce Segregation of Duties with Identity Management and Oracle Advanced Controls  5:15PM Moscone West – 3018  CON8827 Learn More About Oracle Advance Controls Tuesday
  • 62. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal63 Optimizing Order-to-Cash with Oracle Advanced Controls for Oracle E-Business Suite  10:15AM Moscone West – 3018  CON8816 Reducing Risk for Oracle E-Business Suite Upgrades and Implementations  1:15PM Moscone West – 3018  CON8830 Panel Discussion: Intelligent Controls for Key Business Processes and Upgrades  3:30PM Moscone West – 2002 / 2004  CON8832 Learn More About Oracle Advance Controls Wednesday
  • 63. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal64 Advanced Access and User Security for Oracle E-Business Suite and Fusion Applications  2:00PM Moscone West – 3018  CON8824 Meet the Governance, Risk, and Compliance Experts  12:30PM Moscone West 2001A  MTE9412 Learn More About Oracle Advance Controls Thursday
  • 64. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal65 The preceding is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
  • 65. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal66 @OracleAdvCntrls
  • 66. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal67 Appendix
  • 67. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal68 Business Risks Bottom Line Impact  Invalid entry of supplier invoices  Cash leakage ERP Control  Prevent same invoice number from being entered for the same supplier and same supplier site Advanced Control Detective:  Detect invoices with “Similar” invoice number, same amount to the one supplier  Detect invoices made to the same suppliers but in different business unit  Detect invoices made to different vendor with very similar names  Detect payment made by procurement card and checks Preventive: • Put duplicate invoices on hold until proper investigation is complete Duplicate Vendor Payments
  • 68. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal69 Business Risks Bottom Line Impact  Overpayment to suppliers  Cash leakage ERP Control  Track scheduled payments so that it never goes over the invoice total  3-way match will compare the purchase order, receipt of goods and invoice if the above two are correct Advanced Control Detective:  Detect invoices where freight was charged when in PO it was supposed to be pre-paid by the vendor  Detect invoices where freight was charged and warehouse charged freight separately  Detect invoices billed for quantities than what was actually shipped Preventive: • Put suspect invoices on hold until proper investigation is complete Erroneous Charges to Invoice
  • 69. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal70 Business Risks Bottom Line Impact  Untimely payment to supplier  Negative Credit Rating  Late payment fines causes negative cash flow  Lose out on opportunity to take early payment discounts ERP Control  Invoice ageing report show invoices due payment  Advanced Collections flags delinquent or pre-delinquent transactions  Invoice get paid based on payment term after it is validated and approved Advanced Control Detective:  Detect invoices that are approaching due date base on supplier/ PO payment term  Identify users who have consistently not paid vendors on time  Detect payments to vendors that are consistently late Preventive: • Send alerts on upcoming payments that are approaching due dates Late Payments
  • 70. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal71 Business Risks Bottom Line Impact  Risk of audit/ fines and penalty (regulatory risk)  Cash leakage ERP Control  Can mandate original employee receipts for foreign trip to reclaim VAT  Tax module calculates applicable taxes which provides a check on amounts stated by the supplier Advanced Control Detective:  Detect sales tax invoices by vendors for non-taxable items  Identifies use tax in error on non-taxable goods and services  Identify all VAT invoices that are approaching due date of the calendar year  Detect if sales tax goes over a threshold value  Identify supplier invoices where VAT is charged based on supplier location vs where the service is rendered Tax Errors: Sales/ Use/ VAT
  • 71. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal72 Business Risks Bottom Line Impact  Inaccurate vendor master  Cash leakage ERP Control  Prevents user from entering duplicate supplier names  When entering a new supplier, it shows you existing suppliers with similar names Advanced Control Detective:  Duplicate payment made to multiple entities of the same supplier  Identify purchases made from unapproved vendors  Identify users having supplier creation privileges and purchase order/ Invoice creation privilege  Identify suppliers with similar or different names but with same Tax ID Number or address  Identify suppliers who exists in the “Do not do business with” suppliers Preventive:  Make supplier Tax ID Number field mandatory  Prevent POs to be created with unapproved vendors Master Vendor Management
  • 72. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal73 Business Risks Bottom Line Impact  Financial fraud and misuse  Cash Leakage ERP Control  No good native controls Advanced Control Detective:  Detect Split PO to work around approval threshold  Detect standard PO issued to a supplier where a blanket PO exists Preventive:  POs over a certain threshold require approvals  Good receipts cannot take place without an approved PO  Mandate PO number during invoice creation Purchase Order Problems
  • 73. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal74 Business Risks Bottom Line Impact  Costly Payment to Vendor  Negative Cash Flow ERP Control  Populates payment term of the supplier or the PO during invoice creation  Based on supplier master configuration, system will force a discount even if discount date has passed Advanced Control Detective:  Identifies special rebate from the PO contract that the invoice failed to mention  Track invoices that missed discount date by a little margin Preventive: • Send alerts on upcoming discounts available for payments above a threshold • Prevent vendors from deducting late fees from open vendor credit Missed Discounts
  • 74. Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Internal75 Business Risks Bottom Line Impact  Untimely payment to supplier  Negative Flow Impact ERP Control  Automatically displays payment term during invoice creation  Payment on receipt option can be disabled Advanced Control Detective:  Detect payments made earlier than supplier payment term  Alerts a user if payment term setup is changed Preventive: • Set up an approval process if payment term is changed • Prevent payment term to be changed • Ensures segregation of duties between invoice creation and supplier creation Early Payment