Background & Purpose
Xledger integrates with Bottomline PTX to transmit BACS payments generated from the Xledger application. This document will explain the data flow, processes and controls in place for the payment integration.
Bottomline is a BACS bureau, meaning they are given authorisation by clients to transmit payments through the BACs network on behalf of users, upon instruction. Bottomline PTX is the software platform used to manage that process.
To use the integration, Xledger clients must first obtain from their bank an indirect service user number (SUN) linked to Bottomline’s bureau number B40000. This is the authorisation for Bottomline to initiate payments to the BACs network on your behalf.
Xledger.net Application
Data flows and processes
Invoices for payment approvals are actioned by the customer’s payment approvers. Payment approval setup can be configured to support multiple payment approvers, with the function of supporting the use of approval limit by the invoice amount for individual payment approvers.
Xledger will trigger the BACS payment process at 10.30 am UK time to collect all invoices that have met the conditions for payment and have also passed payment validation checks.
Controls and checks
At the payment approval stage, Xledger displays a ‘traffic light’ warning to indicate whether the payment bank accounts had been used with the supplier previously. A red or amber warning highlights that the supplier has not been previously paid to this account, indicating either that the supplier is new, or that bank details have been changed. This should be used as a prompt for manual verification of bank details.
Xledger can be configured to require two or more approvals for each invoice to be paid. The server processes to collect approved invoices will only collect invoices fully approved by all approvers.
It is possible to activate the two-factor authentication for invoice payment approval. This requires all approvers to authenticate their approval with a security code, to provide additional assurance over the approvers' identity.
Only Domain Administrators in Xledger are able to add or edit payment approvers. This role is only available to client users. This means Xledger support and consultant employees do not have access to amend payment approvers in client entities.
An automated server process conducts payment validation checks to authenticate that each invoice has an address, a bank account, a sort code, and an invoice number. The bank account number must be an 8-digit referenced in UK standard format. If any of these conditions are not met, Xledger will not allow the invoice to be paid.
Xledger dev ops team monitor the automated server job for payment processes. If the process fails to run successfully, Xledger will attempt to identify the issue and rerun the process.
In the event the automated process and attempted retry fails, customers will be contacted by the Xledger support team to plan for the best alternative solution to minimise the potential disruption to the payment process.
Once invoices are approved for payment by your payment approvers, the validation and payment processes are entirely automated. In the normal course of the business, there is no manual intervention by Xledger or any third-party at any stages in the payment process.
Xledger Servers
Data flows and processes
When the Xledger payment process has finished, payment profiles will be created from Xledger.net and they will be stored in our secured servers.
Controls and checks
The payment files are generated automatically according to the payment information in the approved invoices. The payment files are stored in a folder on a secure server entirely within the Xledger infrastructure, and subject to the same security controls as the rest of the Xledger application. Access to this server and folder are heavily restricted to the smallest possible number of Dev Ops employees for the purpose of troubleshooting only.
Xledger’s Dev Ops team monitors the server jobs and validates that all payment files are created as expected. In the event that the process fails to generate the correct files, Xledger will attempt to identify the issue and re-run the process to generate the correct files.
In the event that this fails, customers will be contacted by the Xledger UK support team to plan for the best alternative solution to minimise the potential disruption to the payment process.
Bottomline PTX
Data flows and processes
Bottomline PTX software automatically monitors the Xledger server to check for new payment files. When Bottomline PTX finds a new payment file, it imports the file from the Xledger server to Bottomline PTX for processing.
Controls and checks
Xledger Dev Ops team monitors the Xledger server that stores the payment files and validates that all payment files for the day have been transmitted correctly to Bottomline PTX environment. If the files have not been transmitted successfully, Xledger Dev Ops team will work with the Xledger UK support team to identify the issue and reattempt the transmission.
In the event this fails, customers will be contacted by the Xledger UK support team to plan for the best alternative solution to minimise the potential disruption to the payment process.
BACS Bureau
Data flows and processes
Each client bank account (as defined by the BACS Service User Number (SUN)) has a separate profile in Bottomline PTX, created and maintained by both Xledger and Bottomline. Payment files are imported to the relevant SUN profile in Bottomline PTX, and thereafter Bottomline will initiate the payment as instructed through the BACS network.
Controls and checks
The SUN profile is created in Bottomline PTX by Xledger UK. A second user of PTX platform from Xledger UK checks, approves and signs off all aspects of the SUN profile setup for verification of accuracy. Only a very limited number of trained Xledger UK employees have access to the PTX application to manage SUN profiles. No members of Xledger Dev Ops team have access to Bottomline PTX, ensuring segregation of duties.
Before a client can use the BACs process, Xledger ensures that two tests are conducted with the client. In both tests, we ask the client to process a payment of £0.01 from the Xledger application, to a recipient that can monitor and verify payment receipt (e.g. Xledger Ltd).
For the first test, Xledger ensures the profile in PTX is not fully activated. This way we test that the process to transfer the payment details from Xledger to Bottomline runs as expected prior to payment transmission. For the first test, no payment is actually transmitted. Once this is verified, we activate the profile and perform a second to transmit the £0.01 payment. We then verify that payment was correctly received by the intended recipient. We will not allow a client to use the integration before these two tests are completed.
Any changes to the client’s SUN profile in PTX require a dual authorisation. An application control in PTX prevents any changes to a SUN profile taking effect until they have been approved in-application by a second reviewer. We have an additional control outside the application, which ensures the reviewer completes a checklist form, ensuring the review is sufficiently thorough.
Bottomline monitors the process of transmission to the BACs network. In the event of an issue with Bottomline transmitting payment files from PTX to the BACS network that Bottomline cannot solve, Bottomline will contact the Xledger UK support team. Xledger UK support team will investigate the issue, and contact our customers to plan for the best alternative solution to minimise the potential disruption to the payment process.
Further Payment Journey
Once the payment files have been submitted by Bottomline to the BACS network, there are no additional procedures or steps from Xledger.
It is recommended that the client subscribes to BACS submission reports directly with BACS. These reports confirm the progress of all payments submitted through the BACs network from each client’s integrated bank account.