Preventing payment fraud with SAP Advanced Payment Management and Business Integrity Screening
December 2022
7 min read
Author:
Ravi Ramamurthy
Share:
Rapid advancements in technology and globalization often require cutting- edge payment solutions for corporates with a diverse footprint, but be sure to bake in anti-fraud measures.
Payment fraud originating from within or outside an organization must be guarded against. Read on to learn how SAP Advanced Payment Management (APM) and Business Integrity Screening (BIS) can help.
Compliance requirements, audit needs and external factors like embargos, sanctions imposed by governments, and so on are additional imperatives for corporates and financial institutions (FIs) that want to secure their end-to-end payment lifecycle. Protection must be provided from the time of triggering a payment – or even before – until payment reaches the intended recipient.
In an increasingly digitized world with multiple cybersecurity threats, it is becoming even more important that the payment process is robust and ably supported by a strong technology infrastructure that provides security, speed, and efficiency.
Challenge for Corporates
The reality for many corporates is that they have multiple enterprise resource planning (ERP) systems – SAP or from other vendors – implemented over a period of time, or they have multiple systems due to merger and acquisition (M&A) activity in the past. Such corporates end up having lots of multi-banking relationships with different processes across the entire company, and different systems or banking portals for making payments. In an ideal world, moving to a single system with focused banking relationships, centralized treasury management and harmonized global processes is the end game that every company wants to achieve. But the process to get there is long.
SAP S/4 HANA
Companies using, or moving, to SAP as their primary ERP often aim for a single instance of the S/4 HANA landscape to get a single version of truth, but they may approach it in different ways. The journey most often is long and complex. But payment risk has to be mitigated sooner, rather than later.
Companies can adopt different strategies like ‘Central Finance’, ‘Treasury First’ or centralization of payments through a Payment Factory (PF) solution to enable certain quicker wins and security for the treasury and finance organization.
Advanced Payment Management Functionality
SAP introduced APM in 2019 to help payment centralization, visibility and oversight for those using its systems. APM alongside In-House Bank is its payment factory solution. SAP has continuously upgraded it since, with appropriate functionalities including anti-fraud measures available to users now.
APM allows for centralization of payments originating from any system – be it SAP or non-SAP – and facilitates:
Data enrichment,
Data validations,
Conversions to bank specific file formats where needed,
Batching, along with adding an approval mechanism by integrating with SAP’s Bank
Communication Management option and by using a secured single channel of communication to all banks like SAP’s Multi-Bank Connectivity.
These measures enable treasury to have central and near-real time visibility of all payments going out, allowing corporate treasurers to put controls and checks in place through a robust payment approval mechanism.
Having a strong and auditable payment approval process governed by a unified system will enable reductions in payment fraud. However, payment approval alone is somewhat of a reactive mechanism and relies on a human touch that can sometimes become time consuming, labor-intensive and prone to errors, which can potentially miss some transactions when done on a large scale. A more advanced way of managing payment risk efficiently is through an exception-based procedure, where only absolutely required payments go through a human touch, with low-risk transactions filtered through an automated rules engine that allows for targeted attention on high-risk payments.
The need for Business Integrity Screening
SAP Business Integrity Screening (BIS) is a solution that complements the payment engine of S/4 HANA, including the advanced payment management (APM) function. BIS is a SAP solution that can be enabled on S/4 HANA. At a high level, it is a rules-based engine designed to detect anomalies and third-party risk. It uses data to predict and prevent future occurrences of fraud risk.
By virtue of being on S/4 HANA, BIS handles large volumes of payments, processing through real-time simulations. SAP BIS also integrates with different process areas like master data management, invoice processing, payment execution (payment runs), and with APM for payments originating from other systems. This helps fraud prevention at a much earlier stage.
The below Figure 1 picture depicts a few of the features of BIS where a set of rules can be defined for different scenarios with certain SAP provided out-of-box rules – for example, identified risk factors might include:
Supplier invoice and payment execution stages, like vendor invoices or banks accounts in high-risk countries,
One-time vendors,
Payments made too early,
Changes to vendor banking details just before a payment cycle,
Duplicate invoices,
Manual payments, and so on.
Figure 1: SAP’s Business Integrity Screening (BIS) Key Features
Source: SAP.
BIS has a highly flexible detection and screening strategy for business partners where new rules can be added and it can make composite rule scenarios, resulting in an overall risk score being awarded. For example, a weighted score may be determined based on individual Rules like:
Payment value banding.
Consecutive payments to the same beneficiary.
Beneficiary address in an ‘at risk’ country.
Using the power of S/4 HANA, every payment is processed through all the rules and strategies defined to detect anomalies as early as possible, with real-time alert mechanisms providing further security. Implementations can leverage out-of-the-box rules and create new rules based on internal knowledge to refine anti-fraud measures going forward. BIS also has powerful analytics through the SAP Analytics Cloud solution for evaluating the performance of each strategy and rule, enabling refinements to be made.
BIS & APM Integration
For customers operating a single system environment, BIS was previously integrated with Payment Run functionality. With a multi-ERP Payment Factory landscape, BIS now integrates directly with APM. This means payments across the enterprise can be routed through screening for exception-based handling.
BIS combined with APM has two possibilities (as of writing this article):
online screening for individual items,
or batch screening for larger volumes of payments.
Rules can be set based on the size of payments as well – for example, Low value payments can be set for batch screening, while high value transactions can be set for online screening.
In the current release BIS 1.5 (FPS00), there are pre-defined scenarios specifically for APM. These check recipient bank accounts – for example, in high-risk countries and so on – and business partner (payee) bona fides for sanction screening/embargo checks at the payment order/payment item level. Custom scenarios can be created, and further custom code enhancements built within SAP-provided enhancement points.
While screening online, APM payment orders are validated through BIS detection rules. Payments without any anomalies or risk scores below threshold are automatically approved and processed for further normal processing through APM outbound processing. Payments which are suspicious will be ‘parked’ in BIS for user intervention to either release the payment – remembering, it could be a false positive scenario – or for blocking.
Any blocked payment in BIS automatically moves the APM payment order to the Exception Handling queue within Advanced Payment Management for further processing – for example, taking corrective actions in source systems, validating internal processes, contacting the vendor, cancelling/reversing a payment, and so on.
End-to-End Payment Fraud Prevention
There are different solutions available to cater to the specific needs of corporates across the payment lifecycle. A key first step is to centralize payments where Advanced Payment Management can help. A key benefit of Payment Centralization in a corporate landscape is the opportunity to initiate centralized payment screening and fraud prevention using BIS.
The integration between BIS and the APM Payment Factory enables effective payment fraud and sanction screening detection across the whole payment landscape. Adding Bank Communication Management for further approval control on an exceptions-basis will ensure a robust and automated payment process mechanism, with a strong focus on automated payment fraud prevention.
Once the payment process is secured, the next step is having secure connectivity to banks. This is where solutions like the SAP Multi-Bank Connectivity option can help.
If you are interested in any of the topics mentioned, or Sanction Screening & Fraud Detection more generally, we at Zanders encourage you to reach out to us via the ‘Get In Touch’ button. You can read more about Bank Connectivity Solutions & Advanced Payment Management: APM in our earlier articles.
In the high-stakes world of Private Equity (PE), where exceptional returns are non-negotiable, value creation strategies have evolved far beyond financial engineering. Today, operational
For many, December is the most magical time of the year. It is a season filled with the warmth of family members, the joy of hanging out with friends, and the coziness of gathering around the
The near-final PRA Rulebook PS9/24 published on 12 September 2024 includes substantial changes in credit risk regulation compared to the Consultation Paper CP16/22. While these amendments
The ECB Banking Supervision has identified deficiencies in effective risk data aggregation and risk reporting (RDARR) as a key vulnerability in its planning of supervisory priorities for the
Recently, Zanders' own Sander de Vries (Director and Head of Zanders’ Financial Risk Management Advisory Practice) and Nick Gage (Senior VP: FX Solutions at Kyriba) hosted a webinar. During
The Right Payment Orchestration Strategy: A Critical Factor for Success
The digitalization and globalization of payment infrastructures have significantly impacted businesses in
In our previous article 'Navigating the Financial Complexity of Carve-Outs: The Treasury Transformation Challenge and Zanders’ Expert Solution' we outlined that in a carve-out, the TOM for
In today's dynamic economic landscape, optimizing portfolio composition to fortify against challenges such as inflation, slower growth, and geopolitical tensions is ever more paramount. These
Effective liquidity management is essential for businesses of all sizes, yet achieving it is often challenging. Many organizations face difficulties due to fragmented data, inconsistent
Exploring S/4HANA Functionalities
The roundtable session started off with the presentation of SAP on some of the new S/4HANA functionalities. New functionalities in the areas of
Accurately attributing changes in counterparty credit exposures is essential for understanding risk profiles and making informed decisions. However, traditional approaches for exposure
However, CCR remains an essential element in banking risk management, particularly as it converges with valuation adjustments. These changes reflect growing regulatory expectations, which were
The timelines for the entire exercise have been extended to accommodate the changes in scope: Launch of exercise (macro scenarios)Second half of January 2025First submission of results to
Within the field of financial risk management, professionals strive to develop models to tackle the complexities in the financial domain. However, due to the ever-changing nature of financial
Addressing biodiversity (loss) is not only relevant from an impact perspective; it is also quickly becoming a necessity for financial institutions to safeguard their portfolios against
SAP highlighted their public vs. private cloud offerings, RISE and GROW products, new AI chatbot applications, and their SAP Analytics Cloud solution. In addition to SAP's insights, several
SAP In-House Cash (IHC) has enabled corporates to centralize cash, streamline payment processes, and recording of intercompany positions via the deployment of an internal bank. S/4 HANA
Historically, SAP faced limitations in this area, but recent innovations have addressed these challenges. This article explores how the XML framework within SAP’s Advanced Payment Management
Despite the several global delays to FRTB go-live, many banks are still struggling to be prepared for the implementation of profit and loss attribution (PLA) and the risk factor eligibility
In a world of persistent market and economic volatility, the Corporate Treasury function is increasingly taking on a more strategic role in navigating the uncertainties and driving corporate