See if your information has been exposed in a data breach with our latest free tool Check Now

Part 3: Post Clean-Up in Your Vendor Master File

photo of niek dekker
Niek Dekker
4 Min

Maintaining the ongoing integrity of the data in your Vendor Master File requires constant vigilance. Data hygiene is more easily achieved when you have clear rules for how data should be handled and encoded, with the essential oversight to ensure these rules are being adhered to by all members of your team.

In Part 1 of this series, we explored the importance of establishing clear rules for how data should be entered into your Vendor Master File. In Part 2 we explored the steps you need to follow when actively cleaning your Vendor Master File.

In this final part of the series, we explore how you can keep your Vendor Master File data clean and up-to-date over the long-term.

Supplier Updates

From time to time suppliers will notify you of changes to their details. There may be a new individual who will act as your primary contact moving forward. They may need to update their contact details. From time to time they may be updating their banking details.

The first thing to bear in mind is that you should never delete old data by simply overwriting it with new data.

It is essential to maintain a complete audit trail of all data changes, so in the event of any future problems you will be able to go back and identify precisely what data changes took place and when they were changed.

If your ERP system has fields where you can enter notes, make it clear what the previous data was.

For example, if a supplier’s primary contact is changing, you can enter the following:

  • OLD Primary Contact = Jane Simons
  • NEW Primary Contact = Barry Davis
  • As per email sent by 10/10/2021

The name of the Accounts Payable team member who made the update should be recorded against the note as well. This will make it easy in any future investigation to retrieve and check the supplier email requesting the name change.

Naturally when it comes to changing supplier details, particularly any sensitive data such as banking information, your Accounts Payable team should have undertaken a call-back verification to ensure the change is legitimate. Details of this call back should also be recorded in the ERP.

Click here to read about doing call-backs the right way.

Ongoing Training

For any large Accounts Payable function, ensuring all the members of your team are handling and encoding data consistently requires ongoing training.

Having established rules for how data should be encoded, as per Part 1, you now need to ensure all staff members receive training in order to adhere to those consistent standards. Firstly, ensure that all the rules are documented in a comprehensive manual. This should be approved by the CFO, and it needs to be clear to all your team that adherence to these rules is mandatory with consequences for repeated or deliberate deviation from them.

It will be likely that refresher training will be required, at least during the first few months after these rules are implemented.

Monitor Audit Trail

As mentioned above, it is essential that any data changes not simply overwrite old data. Maintaining a comprehensive audit trail of any data changes is an essential control.

In line with segregation of duties principles, at least one individual who is not responsible for encoding data should be tasked with monitoring data changes. Their responsibilities should extend to verifying that records have been retained of the old data, and to double check email records from suppliers requesting the change to ensure any changes made were valid and accurate.

Newly Onboarded Suppliers

Just as there needs to be oversight of updates to existing supplier data, there also needs to be oversight of newly onboarded suppliers.

An individual not responsible for encoding data should be tasked with conducting spot checks of newly onboarded suppliers. Vendor Master File onboarding usually occurs once a Purchase Order is issued to a new supplier. When undertaking spot checks of newly onboarded suppliers, not only should the veracity of the data be checked to ensure necessary control procedures were followed, however it is also important to check that the data was encoded consistent with your internal standards.

Supplier Communications

Ensure you have communications with your suppliers that make it clear to them what data you require from them and the format in which that data should be supplied.

For example, suppliers should make sure they supply you with their corporate name as per the ASIC register, as well as any trading names. They should clearly specify the address of their corporate headquarters if distinct from any branch you may have been dealing with.

By encouraging suppliers to provide their complete data in the right format, you can make it clear to them that the payment of invoices will be expedited and won’t be subject to any unnecessary delays.

If you have a vendor portal, all supplier data should be submitted through the portal for data integrity and security purposes.

How can eftsure help?

Ongoing data integrity is a challenge that many organisations struggle with. Even once you have cleaned and standardised the data in your Vendor Master File, maintaining long-term data hygiene requires ongoing effort.

All too often, a supplier needs to receive a payment long after they were initially onboarded and verified. During this interim period, malicious actors may have manipulated data or the supplier’s details may have changed. This can result in you processing a payment using incorrect or outdated information.

With eftsure addresses this issue by sitting on top of your accounting processes. By automating your continuous controls over data, each time a supplier needs paying, eftsure cross-checks their data against our up-to-date database. Anomalies can be identified immediately prior to issuing a payment.

For a full demonstration of eftsure’s capabilities, contact us today.

Related articles


Pros and cons of faster payments

Faster payments are part of our every day – but cybercriminals are exploiting the system. Discover how you can reduce the risks in your business.

Read more

The new security standard for business payments

End-to-end B2B payment protection software to mitigate the risk of payment error, fraud and cyber-crime.