Improving Control, Compliance and Business Value with Technology Integration
Managing the risk of a company’s nonaffiliated entities is not a new concept. Whether your company is in the consumer packaged goods industry, healthcare, public sector or financial services, it’s a basic requirement to have insight into the control environment of your third-party vendors. This ensures key risks to your organization in this “extended enterprise” are being managed effectively. The enactment of the Gramm-Leach-Bliley Act in 1999 signified a formal recognition and requirement that financial services companies have a Third-Party Risk Management program with controls to manage key risks. For those of us in financial services, the evolution of these programs brought significant growth in the areas of people, process and technology, especially in the last five years. One of the biggest challenges in this space over the last 20 years has been with a company’s ability to tie the various required program activities together in a way that
1. Links steps in the source-to-pay continuum together for full visibility of how the risks are being managed,
2. Get both internal audit and regulatory examiners more comfortable with the required rigor and governance expected of each organization and
3. Demonstrate business value to the enterprise.
Whether your organization leverages point solutions or a suite solution to enable your Source-to-Pay (S2P) processes, today’s automation options are providing connection and visibility across the supply chain to demonstrate control and compliance like never before.
The pace of technology advancement is greater than ever, as is the expectation for Procurement teams to deliver faster in alignment with broader business objectives and risk management imperatives
At Westfield,we examined automation opportunities in the upstream aspects of our procurement process, and we focused on how to better connect the vendor risk assessment process with our sourcing and contracting processes. Some of the historical challenges include lack of vendor naming conventions across systems, the one-to-many relationships with services to contracts, and disconnect between how vendor risk assessments are categorized (by product, service or application name) vs. their corresponding governing contract. Our solution to this challenge included the following integrations and benefits:
1. Build vendormaster data with standard naming conventions and integrations within the upstream modules of our source to pay technology.
2. Ensure that when new contracts are being worked, the status of the product/service risk assessment is easily accessible and can inform changes to contract terms as needed.
3. Create the link between contract and risk assessment to also leverage contract terms to improve overall vendor management results (risk, performance).
The systems and processes supporting the downstream procurement activities (requisitions, POs, invoicing and payment) are even more disparate and create a larger challenge to solve. However, we are also leveraging today’s technology developments in S2P to bridge the upstream-downstream gap to improve compliance to procurement processes. For example, purchasing systems and payment systems (e.g. ERP and P-card) are on separate platforms. Our 2019 efforts are building links between purchases and contracts through both intra-suite and external integrations. The single biggest benefit will be invoice to contract compliance through automation. All requisitions will be raised in the purchasing system, with two-way integration for purposes of payment (downstream) and compliance to contract rates (back upstream), thus minimizing or eliminating duplicate payments and over spending.
Finally, our investment in new technology capabilities has proven to be a cost savings in and of itself as we eliminated/ streamlined old systems and replaced with new ones. The additional efficiency benefits we expect to achieve from the implementation of new technology include:
• Automated request from the business for procurement services which improves the business experience and provides visibility into the time to fulfill requests;
• Initiation of sourcing events from a single purchase requisition for efficiency gains;
• Contract creation from a sourcing event;
• Supplier data to populate fields in the contract and reduce data entry steps; and
• Provide full visibility and single view of key suppliers’ risk and performance results via executive dashboards and business unit reporting.
The pace of technology advancement is greater than ever, as is the expectation for Procurement teams to deliver faster in alignment with broader business objectives and risk management imperatives. It is critical to look strategically at your company’s procurement technology stack and examine how to leverage new capabilities for immediate and long terms efficiencies and effective risk management.