improve regulatory compliance & risk management using best practices
TRANSCRIPT
![Page 1: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/1.jpg)
CONFIDENTIAL 2015
Improve Regulatory Compliance & Risk Improve Regulatory Compliance & Risk Management using Best PracticesManagement using Best Practices
February 26, 2015February 26, 2015
LIVE WEBINAR
Speakers: Joe Flynn, Lavante Inc.Mary Schaeffer, AP Now & Tomorrow
![Page 2: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/2.jpg)
ReadyTalk Webinar Interface
Listen–only mode teleconference
Ask Questions• Question function in ReadyTalk webinar at the
Left side of your console• Submit questions privately• We will answer them during the presentation as
well as at the end
Listen through your computer. • There is no dial in number
2
![Page 3: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/3.jpg)
Mary SchaefferEditorial Director & PublisherAP Now and TomorrowEducation Director & [email protected]://www.linkedin.com/in/accountspayable
Introductions – The Panelists
Joe Flynn
Co- Founder of Lavante, Inc
http://www.linkedin.com/in/jflynn10
![Page 4: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/4.jpg)
Agenda
• Introduction
• Strategic Objectives
- Challenges- Solution
• Main Elements of a Supplier Management Process
• Top 6 Best Practices
• ROI Calculator
• Q&A
4
![Page 5: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/5.jpg)
Main Elements of Supplier Management
1. The Communication Gap
2. Data Collection
3. 3rd Party Integration & Validation
4. KPIs and Reporting
Communication is the Foundation to Regulatory and Risk Reduction
5
![Page 6: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/6.jpg)
Main Elements: #1 Communication Gap
• Multiple internal locations &
divisions
• Numerous departmental needs
• Many documents and data required
• Diverse supplier population
• Supplier data constantly decays
• Compliance to internal controls
requires multiple manual touches
Manual Intervention – Poor Compliance
6
![Page 7: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/7.jpg)
The Vendor Master File Solution – Simplified
• Internal controls configuration
• Establish configurable workflows
• Leverage contact information
• Utilize multimode outreach
• 3rd Party integration / validation
• Cross company visibility
• Real-time reporting
• Auditable process
Automated Controls – Great Compliance
7
3rd Party Validations
![Page 8: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/8.jpg)
Main Elements: #2 Data Collection
• Multiple contacts details
• Document collection
• Regulatory details
• Diversity information
• Tax documents
• Contracts
• Other…
Deploy configurable, time based workflows
8
![Page 9: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/9.jpg)
Main Elements: #3 Third Party Integration
• IRS – Tin validation
• OFAC -Terrorist watch list
• EPLS – Excluded parties list
• W8 Collection - management
• USPS address validation
• International ID collection
• Other…
Define Controls to Mitigate Risk
9
![Page 10: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/10.jpg)
Main Elements: #4 Reporting and KPIs
• ROI
• Reporting
• Configurable workflow
• Configurable fields
• Communication engine
• Cross department visibility
• Other…
The benefits of the changes must outweigh the costs
10
![Page 11: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/11.jpg)
Supplier Management: 6 Best Practices
11
Improve processes and controls
1. Vendor Master File cleanse process
2. Close the supplier communication gap
3. Automate compliance and validation
- IRS, OFAC / SDN, USPS, EPLS
4. Define internal risk tolerance
- TIN Verification
- W8 FATCA compliance
5. Review supplier statements for open credits
6. Deploy supplier portals
![Page 12: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/12.jpg)
• Managing suppliers is a process, not a project.
• Severely limit editing access to the vendor master file.
• Role-based SoD (segregation of duties) controls can prevent fraud.
• Do not share IDs and passwords.
• Vendor change reporting by user.
• Deactivate old suppliers while maintaining old data.
Best Practice #1- Cleanse the Vendor Master File
Best Practice #1
![Page 13: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/13.jpg)
Ongoing Vendor Management / VMF Cleansing
Eliminate duplicate suppliers– Advanced duplicate supplier algorithms
– Multiple scans
Associate related suppliers– Eliminate duplicate vendor master files created
– Identify related suppliers: parent and subsidiary
– Manage suppliers’ multiple addresses
Existing vendor file – Request aged data, such as insurance certificates
– Portal to accept data changes
– Document management
13
![Page 14: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/14.jpg)
Best Practice #2 - Close the Communication Gap
• Good information flow to suppliers, leads to good supplier relations and an efficient AP department
• Provide information via internet for suppliers
• Make a welcome letter available spelling out terms and where to find information
• Inform the supplier of their various contacts
Best Practice #2
Establish a repeatable process to communicate relevant information to vendors
14
![Page 15: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/15.jpg)
Best Practice #3 - Define your Internal Risk Tolerance
15
Best Practice #3
•Create companywide risk-tolerance plan with defined controls.
•Automate supplier outreach to collect data accurately and efficiently.
•Leverage filtering tools to determine document and data accuracy against internal control set.
•Use auto-validation service to continually check supplier data against TIN, OFAC, SDN, address and other databases, providing alerts when suppliers are non-compliant.
•Deploy dashboard to track progress on strategic projects.
![Page 16: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/16.jpg)
Understanding Your Risk Mitigation Strategy
Which validations are right for us?•TIN collection and matching— EU VAT
•W-8 collection— FATCA compliance
•OFAC (Office of Foreign Assets and Controls)
•SDN (Specially Designated Nationals)
•SAM (System for Award Management)
•OIG — LEIE (List of Excluded Individuals and Entities)
•Regulatory compliance
•Bank routing validation
16
Organizational alignment
![Page 17: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/17.jpg)
Best Practice #4 - Automate Compliance
17
• Automatically collect, store and manage all supplier data
• Patented communication engine automatically performs outreach to collect supplier data accurately and efficiently
• Auto-validation service continually checks supplier data against TIN, OFAC, SDN, address and other databases, providing alerts when suppliers are non-compliant
• Track progress on strategic projects
• Dashboard tracks progress on strategic projects such as ACH, COI collection and tracking
Best Practice #4
![Page 18: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/18.jpg)
IRS TIN Matching
18
![Page 19: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/19.jpg)
Foreign Account Tax Compliance Act
19
![Page 20: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/20.jpg)
OFAC Screening
20
![Page 21: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/21.jpg)
Best Practice #5 – Review Supplier Statements
21
• A vendor credit is money held by the vendor which rightfully belongs to the customer.
• Vendor credits are created for a variety of reasons.
• Reviewing vendor statements should be looked at as a process not a project.
Best Practice #5
![Page 22: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/22.jpg)
What is Statement Recovery?
22
Statement Recovery: Identifies Overlooked Supplier Credits
• Duplicate payments
• Overpayments
• Returns
• Rebates
• Quantity Discounts
• Contract Discrepancies
• Overpaid Sales TAX
• Freight Overpayments
![Page 23: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/23.jpg)
Implement an external Vendor Portal to reduce risk within your supply chain while
improving your internal controls.
It is better to crawl than to stand still.
• Identify your internal controls and risk tolerance profile.
• Automate the labor-intensive process of vendor communication
• Leverage the vendor communication for other important tasks:
- Vendor file cleansing
- Collecting W-9s and matching TINs
• For FACTA, collecting W-8s and determining 1042-S withholding
• Performing integrated supplier on-boarding
• Ongoing government validations for OFAC/SDN, SAM, EPLS, VAT
• More…
Empower your staff
23
Best Practice #6 – Deploy Vendor Portal
Best Practice #6
![Page 24: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/24.jpg)
A Vendor Portal is an online interface that allows you to exchange
data online with your suppliers electronically.
The 3-Step Deployment1) Establish your internal supplier communication controls and needs
• Data collection
• Document management
• Segregation of duties
2) Integrate workflow for data validation• Internal approval workflow
• External workflow — third parties to validate data
3) Enable E-commerce• Invoicing and discounting
Best Practice #6 – Steps to Success
![Page 25: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/25.jpg)
Vendor Portal Obstacles Consistent
• Lack of money for AP projects (cited by 45.1%)
• AP is far down the overworked and understaffed IT department’s list of things to do and departments to please
– 44.4% cited limited IT resources
• Lack of management support (cited by 34%)
– The bills are getting paid
– They have no idea what’s going on behind the curtain
• Many respondents just don’t know where to start!
25
![Page 26: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/26.jpg)
3 Major Themes
• Managing the Vendor Master File is becoming the norm– Manual processes and lack of automation
– “Need” not a “want”
– Government regulations increasing
• Many competing strategic objectives– Needs as diverse as the companies themselves
– Cross-department workflows
– Each task labor-intensive
• No clear way to quantify cost/benefit of projects– Manual processes daunting – do not want to ask for
headcount
– No clear way to value compliance
– Lack of automation tool set
26
![Page 27: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/27.jpg)
Understanding Your Current Expenses and Processes
• Analyze current cost structureby department
• Identify targeted areas for improvement
• Establish level of investment against level of savings: Create ROI model
• Evaluate progress
27
Supplier Management Cost Analytics
![Page 28: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/28.jpg)
Closing Thoughts
• All business should use a Vendor Portal as part of their risk mitigation and control strategy.
• It is better to crawl toward supplier compliance than to stand still
• Supplier Management should be looked at as a controlled process not a project.
• Vendor Portals should reduce internal labor – High ROI
• Government regulations issues are increasing
• Know your strategic objectives
28
![Page 29: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/29.jpg)
Thank you / Questions
Q&A
29
Mary SchaefferEditorial Director & PublisherAP Now and TomorrowEducation Director& [email protected]://www.linkedin.com/in/accountspayable
Joe Flynn
Co- Founder of Lavante, Inc
http://www.linkedin.com/in/jflynn10
![Page 30: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/30.jpg)
About Lavante
13 years delivering supplier management software solutions
– 125+ Fortune 1000 customers
– Patented technology and processes
– Long-term customer relationships
Lavante Connect™ Platform– SIM: Reduces Risk & Enhances compliance
– Automation of supplier qualification and VMF cleansing
– Recovery: Identifies open credits and provides highest recovery rate quickly
– Open platform enables 3rd party development and integration partners
– >2 million supplier connections in database
Speed to Value– Ease of deployment
– Quick outreach and immediate vendor compliance
– Ease of use
30
• SaaS Enabled
• Open API
• Multi-Language
• SSAE16
• SOC2 Type2
• ERP Integration
• User Controls
• SSO Integration
• Reporting & Analytics
![Page 31: Improve Regulatory Compliance & Risk Management Using Best Practices](https://reader033.vdocument.in/reader033/viewer/2022052316/55aa93591a28aba53e8b461a/html5/thumbnails/31.jpg)
31
About Mary Schaeffer
• Publisher and editorial director of the Accounts Payable Now
& Tomorrow monthly newsletter
• Editor-in-Chief; Education Director IFO
• Publisher of weekly e-zine, e-AP News
• Nationally recognized accounts payable expert and consultant
• Creator of Institute of Financial Operations Accounts Payable
Innovation Certificate program
• Creator of numerous NASBA CPE courses for CPAs and AP
professionals
• Author more than 15 business books including the Controller
& CFO’s Guide to Accounts Payable and Fraud in Accounts
Payable: How to Prevent It
• M.B.A. Finance, NYU; B.S. Math, York College (CUNY)
• She can be reached at [email protected]