Enterprise Resource Planning Blogs by SAP
Get insights and updates about cloud ERP and RISE with SAP, SAP S/4HANA and SAP S/4HANA Cloud, and more enterprise management capabilities with SAP blog posts.
Showing results for 
Search instead for 
Did you mean: 
Product and Topic Expert
Product and Topic Expert
This blog provides you with the latest and greatest innovations that our SAP S/4HANA Cloud 2102 release has in store for you in the area of Governance, Risk, and Compliance. In addition to my last blog on Governance, Risk, and Compliance (GRC) with SAP S/4HANA Cloud 2011we introduce a brand-new cloud GRC product for Financial Compliance, the redesigned access certification process with SAP Cloud Identity Access Governance and further enhancements regarding SAP S/4HANA for International Trade.

Watch my video to get a quick overview of our SAP S/4HANA Cloud 2102 highlights for GRC:

In this blog, I illustrate the following topics:

Financial Compliance

Access Governance

International Trade Management

Financial Compliance

Quick Intro: SAP Financial Compliance Management

In parallel to SAP S/4HANA Cloud 2102, we are very proud to announce the availability of the first version of SAP Financial Compliance Management which is a brand new kid on the block in our cloud GRC portfolio regarding enterprise risk and compliance. The aspects of financial compliance are as numerous as they are varied, and knowing which ones are relevant for your organization can be challenging. SAP Financial Compliance Management provides all the tools needed to ensure that your organization adheres to local laws and regulations. From documenting the processes in place for your organization to setting up checks and controls, the solution enables you to fulfill all tasks necessary to ensuring financial compliance.

SAP Financial Compliance Management is built on SAP Business Technology Platform (formerly known as SAP Cloud Platform) and provides end-to-end financial compliance. In the light of constantly rising efforts and cost regarding financial compliance, companies are looking for more more and more automation. With SAP Financial Compliance Management, you can establish a proactive risk management instead of just fixing after-the-fact issues. This way, the role of GRC is changing from a cost factor to a strategic differentiator allowing you to optimize your business.
With this release, compliance specialists can design controls and link them to existing organizational units and business processes, monitor the performance of controls and determine their effectiveness, they can document a regulatory framework of applicable laws and regulations and last but not least detect issues in the implementation of controls and create remediation plans.

Fig. 1: With the 2102 release, compliance managers can design controls and monitor their performance

Financial Operation Monitoring with SAP Financial Compliance

By integrating SAP S/4HANA Cloud and SAP Financial Compliance Management, compliance managers define controls and procedures to monitor financial operation processes and detect anomalies when connected to the SAP S/4HANA system. As you are well aware, financial processes generate a multitude of documents every day. Aside from manual checking and review, the new scope item 'Financial Operation Monitoring with SAP Financial Compliance' (3KY) enables continuous monitoring of transaction information and detects activities that may cause financial loss. The results from these monitored processes provide insights for the financial process in a company. Please note that this scope item requires additional licensing.

Video 2: With the first version of SAP Financial Compliance Management, compliance specialists can detect issues in the implementation of controls and create remediation plans.

The following use cases are currently supported by the new scope item:

  • G/L entries entered on weekends:
    Accounting transactions are usually processed during normal business hours. When this is done over weekends, this should be investigated as it raises concerns over the validity of respective journal entries.

  • Recently created G/L accounts:
    To confirm authenticity, newly created general ledger accounts should be investigated as unapproved or invalid accounts could be used for fraudulent or other suspicious activity.

  • General journal entries posted to prior fiscal period:
    According to SOX regulations, general journal entries to prior fiscal periods should not appear and should therefore be investigated.

  • Duplicate payments in the selected period:
    Duplicate payments can occur as a result of fraudulent or non-fraudulent errors, such as duplicate vendor invoices.

  • Blocked sales orders which have been released manually:
    These are sales orders where the customer credit limit has exceeded and which have been blocked because of this and which have afterwards been released manually

More Information

Access Governance

Quick Intro: Access Certification Service

As you are might know SAP Cloud Identity Access Governance is a cloud-based solution for access governance and consists of several services:

  • Access Analysis is about finding segregation of duties issues, meaning critical access of users within the system landscape, and running mitigation processes in order to solve these issues.

  • The functionality of the Privileged Access service is also known as fire fighter capability meaning superuser access.

  • Next, we have the Role Design service which is about clustering very technical roles into business roles that are aligned with the corresponding business processes which makes it very easy to define and manage compliant roles across landscapes.

  • The Access Request service provides self-service capabilities and allows end users to request access in specific systems. After a successful approval process, the access is then provided to the end users.

  • The service that we will look at in this blog in more detail is Access Certification. In the on-premise world, this functionality is called user access review.

Fig. 2 The Access Certification service of SAP Cloud Identity Access Governance allows to review and certify user access

With the Access Certification service, compliance administrators can manage user access in the landscape and always have full transparency regarding the current user access situation. To ensure that users only have the access that they need for their work, automated periodic access reviews are executed and authorized reviewers decide whether the access of a user should be approved and kept as is or whether it should be removed for compliance reasons. The service allows you to manage the review process and perform the reviews according to your organization needs. Moreover, it supports large-scale reviews and provides access data-driven views for the review process.

Redesigned Access Certification Process

With the new release, the access certification process has been redesigned in order to optimize performance and usability. Administrators now benefit from a new and dedicated app for creating, editing, and submitting certification campaigns. Thanks to this redesign, response times are much faster now and the look and feel of the user interface is consistent. Various filter options allow to tightly align the periodic reviews process to the needs of your respective organization.

In addition, we offer more choices to campaign administrators when creating new campaigns as they can now choose from three available workflow templates:

  • one-step approval by manager

  • one-step approval by role owner

  • three-step approval by manager, role owner, and security expert

Thanks to this, you can increase efficiency by reducing the number of mandatory reviewers and review items whenever possible from a compliance perspective.​​

Video 3: With the new release, the access certification process with Cloud Identity Access Governance has been redesigned to optimize performance and usability

More Information

International Trade

Display of International Trade Compliance Status in SD Sales Documents

My next highlight for GRC is from the area of International Trade Management. With SAP S/4HANA Cloud 2102, Internal Sales Representatives can display the legal control, embargo, and watch list screening status of sales documents relevant for trade compliance directly in the respective apps.

Value Proposition

  • The trade compliance status can also be displayed in filter and result lists of Manage Sales Orders, Manage Sales Orders without Charge, and Customer 360 apps.


  • Display direct information about the legal control, embargo, and SAP watch list screening status of trade-compliance relevant sales documents on the status tab

  •  Select trade-compliance relevant documents in analytical list pages:

  • Manage Sales Orders 

  • Manage Sales Orders without Charge apps

Video 4: As of S/4HANA Cloud 2102, Internal Sales Representatives can display the trade compliance status in the 'Manage Sales Orders' app


If you’re interested to learn more about these innovations, join our SAP Learning Hub and participate in our SAP S/4HANA Cloud Early Release Series. Read this blog to find out how you can license for the Enterprise Support Edition as a Customer / Partner and benefit from our regular release series either live or on-demand.


For more information on SAP S/4HANA Cloud, check out the following links:

  • GRC Collection Blog (roadmap, quarterly release highlights, microlearnings) here

  • SAP S/4HANA Cloud release info: http://www.sap.com/s4-cloudrelease

  • Latest SAP S/4HANA Cloud Release Blogs here and previous release highlights here

  • Product videos on our SAP S/4HANA Cloud and SAP S/4HANA YouTube playlist

  • SAP S/4HANA PSCC Digital Enablement Wheel here

  • Early Release Webinar Series here

  • Inside SAP S/4HANA Podcast here

  • openSAP Microlearnings for SAP S/4HANA for Finance and GRC here

  • Best practices for SAP S/4HANA Cloud here

  • SAP S/4HANA Cloud Customer Community for Finance here

  • Feature Scope Description here

  • Help Portal Product Page here

  • Implementation Portal here

Follow us via @Sap and #S4HANA, or myself via LinkedIn or @DeissnerKatrin