Canopy employs strict segregation of duties to prevent the same user from both entering and approving information on a Supplier Profile.
It is for this reason that some users may experience being unable to edit or approve certain fields, when their user permissions suggest they should.
By default, Canopy only uses segregation of duties for banking information. However, your specific configuration may vary.
In this article you will learn:
Why Canopy employ segregation of duties
How segregation of duties works on Canopy
Why Canopy employs segregation of duties
Segregation of duties is a fraud prevention technique that means a user is unable to both enter and approve banking information on a Supplier Profile. This technique prevents a rogue user entering erroneous bank details in place of the supplier, which might otherwise result in payment to a fraudulent bank account.
How segregation of duties works on Canopy
If the Profile Admin is set to Supplier, a supplier user will be responsible for entering their banking information, which they submit for verification and approval. Because the banking information came from the supplier, only the supplier will have permission to change these details in future. Users who are internal to the customer will never be allowed to edit the supplier's banking information on their behalf.
If the Profile Admin is set to Internal, a user who is internal to the customer will be responsible for managing the Supplier Profile, and entering their banking information. This user will not be allowed to verify those bank details or approve the supplier, regardless of their user permissions.
By default, no other fields on the Supplier Profile are affected by these rules.