De-risking procurement by digitalising spend monitoring

Abstract

Managing procurement risk through a conventional adoption of the three lines of defence model does not work effectively. This is primarily because digitalisation is restricted to the first line only through spend management systems, while the second and third lines rely on people armed with checklists undertaking periodic sample-based audits. This allows sub-optimal purchases, non-compliance, process abuse and fraud to slip through undetected and cause irreversible damage. A novel way forward would be to digitalise spend monitoring and create a second line of defence against such issues. Digitalising spend monitoring would entail several actions for it to make a significant dent in reducing procurement risk. The paper discusses how, first, an enterprise needs to study its past behaviour and identify what is abnormal and worth monitoring. Second, the enterprise needs to build an ability to correlate information from both within and outside its boundary so as to take the right decisions. Third, the enterprise needs to digitise a catalogue of controls that can be configured to continuously monitor and flag live transactions based on past and current observations. Fourth, the enterprise needs to build an ability to get actionable recommendations on anomalous transactions and intercept them immediately. Finally, the enterprise needs to ensure that this spend monitoring setup is continuously learning from its users’ actions and tuning itself to improve its accuracy. Meeting all the above criteria will ensure that such a system has a good signal-to-noise ratio and appeals to several stakeholders simultaneously within an enterprise. Global business service (GBS) owners and operations managers could use it to screen transactions at various approval tollgates in the procure-to-pay process and reduce the risk of waste, non-compliance and process abuse. Sourcing directors and category managers could use it to tune sourcing strategies and monitor their effectiveness to reduce supplier and category risk. Risk and compliance officers could use it to continuously audit 100 per cent of transactions and reduce the risk of non-compliance or fraud.