Compliance Tech Challenges: The T&E Example

There we were last week, 14 of us, sitting around a large restaurant table to enjoy lunch and talk about data analytics tools to help compliance officers do their jobs. One participant vented about his company’s software to track travel and entertainment expenses.

“I don’t like it,” the person said. “You get training on how to use the system once, and that was months ago, and then you don’t use it all that often, and when you do need to use it there’s a log-in, the classification codes, and it’s a different system than everything else.”

The speaker made a face half unhappy and half exasperated. Heads nodded in agreement around the room—and remember, compliance officers are the ones who are supposed to tell all the other employees that using these systems is a good thing.

That vignette happened last week when Convercent came here to Boston, holding one of its Compliance Tech Talks. The conversation was excellent, and the speaker’s outburst struck a chord. The real problem here isn’t that software designed to help compliance officers doesn’t work. It generally does. The compliance officer above, for example, uses one of the largest vendors that sells software to track T&E expenses.

The problem is that too often, the software designed to help compliance officers isn’t designed to help employees.

Let’s deconstruct our unhappy compliance officer’s example. First, the T&E reporting system is separate from other financial reporting systems that employees use—so the employee sees it as an extra step, a bolt-on exercise after the travel expense has been incurred. Right there, compliance has become something that slows business operations more than it enhances them.

Don't be that IT system.

Don’t be that IT system.

Second, the T&E reporting system is hard to use. At this point I wish I could name the vendor involved to give more specific detail, but we held the meeting under rules of confidentiality. Suffice to say, an ideal system should require single sign-on, so employees aren’t creating yet another ID and jotting down yet another password on a Post-It note. It should allow employees to report what they’ve done, rather than sift through menu options, check boxes, and text fields where the system steers them to what the system allows you to report.

My personal dream is some automated image-recognition system, where employees can snap a photo of a receipt as they get one, and upload that automatically into a master report for each business trip. I know the technology is getting there but hasn’t fully arrived, and I appreciate that IT budgets to buy all these solutions do not grow on trees. For now, just question how easy your reporting system truly is for employees to use.

Think Holistically

And while our compliance person above didn’t mention it, we have a third variable worth considering, too. How much does your T&E reporting system complement other efforts in your compliance program to prevent misconduct in fraudulent expense reporting? What does the whole picture look like?

For example, if you have a strict policy on entertainment expenses for employees traveling overseas, and considerable training that they receive at the start of employment—but then nothing else, and many moons later they fire up the expense reporting system after that trip overseas is already done, you haven’t accomplished much.

The ideal approach to fight the risk of fraudulent T&E expenses by marshaling numerous controls and processes to work as one whole. Training on expense policies and reporting systems is important, of course. If your company has its own travel office to book trips for employees, use its potential: remind employees just before their trips of what company policies are, ideally by automated email or text message alerts.

The broader point here is that a successful fight against T&E fraud is a process—one that involves training, software tools, policies, subtle reminders, messages from the executive corps, and more. It is a whole process, and one that respects how employees need to work if they’re to do their jobs.

Or you can implement a lone control, in the form of a software application, without respecting how humans function and employees work. And you’ll be lucky if you like it yourself.

 

Leave a Comment

You must be logged in to post a comment.