Point of View

Stepping beyond traditional T&E audit and compliance reviews

Why companies must do more than receipt validation and policy compliance

  • Facebook
  • Twitter
  • Linkedin
  • Email

With global business travel on the rise, organizations are struggling to keep track of employee spend. Travel and expense (T&E) costs represent between 6% and 12% of a company's annual spend. And it is one of the most complex operating expenses to manage and monitor, given that anyone in the organization can make transactions. It is therefore no surprise that T&E spend and compliance are under the spotlight.

T&E transactions are highly vulnerable to non-compliance and fraud. It's not unheard of for employees to claim non-business-related expenses or claim a personal expense on their company card. And with high volumes of transactions and limited visibility at an organization level, many organizations struggle to maintain high levels of compliance with T&E policies and regulatory requirements.

Kept unchecked, incidents of non-compliance can increase cost substantially and potentially snowball into multimillion-dollar penalties. For example, a leading pharmaceutical company had to pay a penalty of $490 million on account of counterfeit fapiao (an official invoice recognized by the Chinese tax authorities) submissions, in which bribes to doctors and healthcare professionals were routed through T&E claims.

How companies choose to manage their T&E audit and compliance process, and the solutions they implement, can prevent spend leakage and avoid significant damage to reputations in an environment where stakeholder trust is business critical.

Take a copy for yourself

Download PDF

Tackling the challenges

Despite the strategic, financial, and regulatory implications, many organizations are still unable to review T&E claims effectively or be sure of their authenticity and validity. There are varying degrees of maturity when it comes to auditing T&E expenses.

Some companies still manually check a sample of expense reports against policies or have static rulesets built into expense management platforms to highlight exceptions. More advanced organizations are adopting digital technologies, such as artificial intelligence (AI), machine learning, behavioral science, and language neutralization to address the challenge.

While there are a number of T&E audit applications that allow an organization to increase its overall transaction coverage and reduce manual effort to a certain extent, they struggle to provide a comprehensive approach to managing regulatory non-compliance or fraud.

In building a robust T&E audit program, there are key challenges to consider and overcome:

  • No single source of information: It's more than likely that your travel and expense data resides in different ERP systems, expense-management platforms, and even Excel spreadsheets. With disparate sources and inconsistent formats, building a centralized review mechanism is challenging for global companies, especially those that are growing organically or through M&As.
  • Unstructured receipt formats: While technology creates value, it can't fully replace people. For example, machine-vision processing can review printed and structured receipts, but you need to manually review receipts that are unstructured or handwritten.
  • Keeping up with global and local regulatory variations: Multinational companies must factor in both local and global compliance requirements when designing T&E audit methods. For instance, a US organization that has significant presence in Europe and Latin America must comply with regulations such as the UK Bribery Act, French Sapin II, the Brazilian Clean Company Act, and more. These regulations frequently change, too.
  • Multilingual data sets: Digital enablers for fraud and compliance programs need language neutralization capabilities to support data sets and receipts in local languages.
  • Lack of risk and compliance expertise: Highlighting the exceptions from T&E data is not enough to identify potential fraud or regulatory non-compliance. Companies need deep regulatory domain and risk expertise to identify potential exposure and true cases of non-compliance.

Enhancing T&E audit programs with digital

Automation and analytics can transform existing T&E audit processes, enabling companies to enhance their risk and regulatory coverage while also generating efficiencies.

Advanced organizations use a variety of digital technologies to build a robust T&E audit program to drive greater compliance and address spend leakage. These technologies enable:

  • Data aggregation: A single platform that spans multiple expense management and ERP systems allows companies to automatically access data from disparate sources. This helps centralize and standardize data with pre-configured rules for validation and cleansing.
  • Language neutralization: Language technologies work on multilingual data sets, so when employees around the world submit T&E expenses, the company can still report on expenses in one common language.
  • Advanced analytics: AI-enabled algorithms can review 100% of T&E transactions and continuously learn and include the latest insights from the business environment. The algorithms focus on basic policy compliance and threshold checks, as well as regulatory and fraud elements. They identify scenarios such as unusual or repetitive payments, high-risk transactions, inconsistencies in travel, meals, or mileage claims, while also checking merchant category codes for fraudulent claims.
  • Access to external data: Curating data from external sources, such as merchant databases, the US Office of Foreign Assets Control and list of Specially Designated Nationals, companies can, for example, identify transactions with suspicious or prohibited vendors, and transactions in high-risk countries.
  • Pattern analysis: By reviewing transactions against defined risk markers, behavioral science analyzes patterns and trends to identify high-risk employees, business units, or regions.
  • Continuous learning: Applying machine-learning techniques to better understand exceptions helps audit teams improve their manual reviews. Over time, the system learns and helps reduce false exceptions.
  • Automated receipt review: Digital technologies can validate receipts and supporting documents submitted by employees as part of their expense reports. While companies need manual reviews for unstructured and handwritten receipts, machine-vision processing can speed up the process and improve accuracy.
  • Workflows: Case-management workflows for handling exceptions enhance audits, as they create an end-to-end trail and back-up review documentation . Workflow capabilities also allow you to automate follow-ups communications and escalations, enabling you to track each step and quickly close control gaps.

Balancing digital and domain expertise

Automation and analytic technologies can improve efficiency, speed, and accuracy, but you still need a team of risk and compliance experts to analyze and review exceptions. An audit or review is only complete once you've performed substantive reviews, i.e., validated the exceptions, completed a root-cause analysis of the final gaps, and defined a remedial action plan (figure 1). When organizations understand the source of non-compliance, they can act on it to minimize the possibility of it happening again, adjusting policies and encouraging behavioral change.

Figure 1: The T&E audit lifecycle


Delivering value with a digitally enabled T&E audit process

By combining automation, analytics, and compliance expertise, companies can go beyond the capabilities of standard approaches and transform their T&E audit processes. This enables them to:

  • Reduce risk exposure with 100% coverage of T&E transactions and the ability to detect all potential incidents of non-compliance, this enhances overall regulatory compliance and fraud detection.
  • Improve governance and transparency. With near real-time visibility of non-compliance through interactive dashboards, companies can accelerate action and remediation, and boost compliance health.
  • Change employee behavior. By using root-cause analysis to create remediation plans and improving policies and procedures, you can prevent fraud and improve overall compliance health.
  • Enhance savings. By identifying avoidable, duplicate, and policy non-compliant expenses, organizations can prevent spend leakage of between 1-3% of the annual T&E spend.
  • Cut audit costs by reducing the manual audit work required to review T&E transactions by around 80%. As a result, overall audit costs can drop by approximately 40%.

A data-driven, digitally enabled T&E audit program, supported by a team of risk and compliance experts, offers major advantages over standard methods. It can significantly increase your ability to monitor regulatory and fraud risk and de-risk your organization. By stepping beyond standard approaches with a complete user-friendly and industry-agnostic T&E monitoring solution, your company can benefit from actionable insights and feedback mechanisms that cut the time spent on expense reviews, deliver fewer errors, and reduce spend.

Authored by Subhashis Nath, Service Line Leader, Enterprise Risk, and Compliance, Genpact

Visit our risk and compliance page

Learn more