Automated Controls for Vendor Fraud and Risk Management

For multinational corporations, the risks associated with tax evasion are particularly complex due to their cross-border operations and the differing applicable legal frameworks across jurisdictions. In order to reduce the risks of vendor fraud, especially when it comes to unauthorized changes to vendor master data, effective internal controls are essential. One pattern frequently tied to tax evasion is modifications to a vendor's bank details followed by payment and a quick change to the original state. This project explores the development and implementation of an automated internal control designed to detect vendor bank details modifications suggesting tax evasion using SAP HANA. To ensure effective risk management, the solution aligns with the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Framework. The practical implementation of the solution is based on Core Data Services (CDS) views for data extraction and structuring, with an ABAP Managed Database Procedure (AMDP) handling risk assessment. The final solution is integrated with SAP Business Integrity Screening (SAP BIS) and triggers alerts for compliance teams through SAP Fiori, improving fraud prevention and audit capabilities. While this rule-based fraud detection provides a solid basis for internal controls, future fraud prevention capabilities may be improved by using machine learning and artificial intelligence (AI). The project also highlights the importance of tailored fraud prevention strategies and the need for organizations to align internal controls with their operational environment and available technologies.