The Autonomous Procure-to-Pay  /  Page 02 — ClaraVis Procurement Brief
Requirements Fabric Overview Page 03 → GitHub →
The Autonomous Procure-to-Pay / Page 02

ClaraVis Medical Systems
Procurement Brief & Requirements

The requirements layer of the TOGAF ADM[cite: 3]. Every architectural decision in the six P2P design modules traces back to a documented requirement on this page[cite: 3]. This is the single source of truth for what the Autonomous Procure-to-Pay is designed to achieve for ClaraVis Procurement[cite: 3].

TOGAF Phase A Input MoSCoW Prioritisation EU AI Act · GDPR Art. 22 9 Stakeholders 8 Use Cases CSRD · LkSG
ADR-001 · ADR-002 referenced on this page[cite: 3]
Architectural Positioning

The Autonomous Procure-to-Pay alongside SAP SRM / legacy SAP procurement — five domains that determine the boundary.

ClaraVis runs SAP S/4HANA with legacy SRM modules for procurement[cite: 3]. SAP's built-in procurement automation handles catalogue purchasing and standard PO workflows within the SAP boundary[cite: 3]. The first question any CPO or enterprise architect asks is: why build on GCP when SAP covers procurement? The answer is architectural, not commercial[cite: 3].

Canonical Positioning Statement

SAP SRM and standard S/4HANA procurement deliver automation within the SAP data model. The Autonomous Procure-to-Pay delivers intelligence across the full P2P landscape — spanning the supplier ecosystem, the contract corpus, the AP platform, and the CSRD/LkSG compliance obligations that no single ERP boundary contains[cite: 3]. Where SAP automates transactional procurement, the Autonomous Procure-to-Pay orchestrates the full Source-to-Pay-to-Compliance lifecycle, with explainability and human oversight engineered in to satisfy EU AI Act and GDPR Article 22 requirements that SAP's ML models cannot meet[cite: 3].

ADR-002 · GCP alongside SAP, not instead of it[cite: 3]

DOMAIN — 01
Autonomous Procure-to-Pay on GCP — SAP has no access to this domain[cite: 3]

Supplier intelligence across 1,400 external counterparties

Supplier risk data, CSRD compliance signals, LkSG due diligence records, and market intelligence about 1,400 suppliers do not live in SAP and never will[cite: 3]. SAP SRM is a transactional platform, not a supplier intelligence fabric[cite: 3]. Scoring supplier risk across financial, ESG, and delivery dimensions requires Vertex AI, BigQuery, and external data enrichment pipelines — none of which SAP provides with explainability or HITL by design[cite: 3].

DOMAIN — 02
Autonomous Procure-to-Pay on GCP — architectural requirement SAP cannot satisfy[cite: 3]

EU AI Act Annex III & GDPR Art. 22 — explainability that satisfies the law

GDPR Article 22 prohibits fully automated decisions with significant effects on suppliers without a human in the loop[cite: 3]. EU AI Act Annex III requires SHAP explanations per inference, written to an immutable audit log before any action commits[cite: 3]. SAP's ML models are proprietary — feature attribution is not exposed to the operator[cite: 3]. For a German medical OEM, this is a structural disqualification, not a configuration gap[cite: 3].

DOMAIN — 03
Autonomous Procure-to-Pay on GCP — cross-system orchestration outside SAP boundary[cite: 3]

3-way match across SAP S/4HANA, SAP Ariba, and legacy AP

ClaraVis's 3-way match requires reconciling purchase orders from SAP S/4HANA, goods receipt notes from the warehouse system, and invoices arriving via the legacy AP platform and Ariba Network[cite: 3]. These three data sources have no common event stream[cite: 3]. SAP's standard matching operates within the ERP boundary[cite: 3]. The Autonomous Procure-to-Pay is the orchestration layer that unifies them — with exception ML, tolerance-band logic, and HITL routing built in[cite: 3].

DOMAIN — 04
Autonomous Procure-to-Pay on GCP — document-native reasoning beyond ERP metadata[cite: 3]

Full-document contract and SOW intelligence

Clause-level risk scoring, non-standard term detection, and supplier MSA analysis require reasoning across the full contract document[cite: 3]. Gemini 1.5 Pro reads an entire supplier framework agreement in one pass via its 1M token context window[cite: 3]. SAP Ariba CLM operates on structured contract metadata — not the source document[cite: 3]. The gap is every non-standard clause that lives in unstructured text[cite: 3].

DOMAIN — 05
Autonomous Procure-to-Pay on GCP — purpose-built for cross-system P2P scope[cite: 3]

Cross-system P2P orchestration — the layer nobody owns

ClaraVis's procurement landscape spans SAP Ariba (sourcing), SAP S/4HANA (ERP), a legacy AP platform, a supplier portal, a document management store, and a CSRD compliance register[cite: 3]. No single vendor owns all of that[cite: 3]. The Autonomous Procure-to-Pay is the connective tissue — a coherent, explainable, human-supervised orchestration layer across every system ClaraVis operates for procurement[cite: 3].

SAP Ariba
Sourcing · CLM
Requisitions · RFx · Contracts
REST API
ADR-001
Autonomous P2P
Orchestration Layer
Orchestration · XAI · HITL
BAPI / IDoc
via middleware
SAP S/4HANA
ERP · Finance
PO · GRN · AP · Payment
Pub/Sub
streaming
GCP
Google Cloud
Vertex AI · BigQuery · MLOps
Organisation Profile

ClaraVis Medical Systems — the anchor client.

A composite of real regulated-industry enterprise patterns[cite: 3]. Every requirement, constraint, and architectural decision on this page is grounded in the specific procurement context of a medical imaging OEM operating under EU AI Act, GDPR, CSRD, and LkSG simultaneously[cite: 3].

Legal name
ClaraVis Medical Systems GmbH
Headquarters
Munich, Bavaria, Germany
Revenue
€1.2B (FY2025)
Employees
4,200 across 12 countries
Active suppliers
1,400+ across 34 countries
Annual spend
~€340M direct + indirect
Invoice volume
~22,000 invoices / year
Invoice cycle
11 days · €3.2M late penalties

Regulatory Environment

EU AI Act — Annex III
High-Risk AI Systems
2 procurement ML models flagged in Q3 2025 audit. No SHAP. No HITL. Supplier delistment with no explanation path[cite: 3].
High Risk
GDPR — Article 22
Automated Decision-Making
Supplier scoring and payment blocking require human oversight. No current HITL architecture. Structural non-compliance[cite: 3].
High Risk
CSRD / LkSG / EUDR
Supply Chain Due Diligence
63% of suppliers not assessed in 18 months. Manual spreadsheet process. No continuous monitoring[cite: 3].
Moderate
ISO 20400 : 2017
Sustainable Procurement
ESG criteria not encoded in sourcing evaluation logic. Sustainability scoring is manual and inconsistent across categories[cite: 3].
Moderate
GDPR / EU DPDP
Data Protection
Supplier PII in procurement systems. Data residency enforced at infrastructure layer via VPC-SC. CMEK required[cite: 3].
Native to Infra
ISO 27001
Information Security
BeyondCorp zero-trust. All service-to-service calls via Workload Identity. Secrets via Secret Manager only[cite: 3].
Native to Infra

Procurement Systems Landscape

Live
SAP Ariba
Sourcing · CLM · Supplier Mgmt

Strategic sourcing, RFx events, contract lifecycle management, and supplier onboarding[cite: 3]. Autonomous Procure-to-Pay integrates via Ariba REST APIs[cite: 3]. Ariba remains system of record for sourcing events[cite: 3].

Autonomous Procure-to-Pay reads and writes via Ariba APIs — augments, does not replace[cite: 3]

Live
SAP S/4HANA
ERP · Finance · Logistics

Purchase orders, goods receipt notes, accounts payable, general ledger, and payment execution[cite: 3]. Source of truth for financial transactions[cite: 3]. Autonomous Procure-to-Pay writes PO and payment instructions via middleware after HITL approval[cite: 3].

Autonomous Procure-to-Pay writes to SAP only after HITL checkpoint — immutable audit record created first[cite: 3]

EU AI Act Risk
2 ML Models in Production
Supplier Risk · Spend Anomaly

Built by ClaraVis data science team[cite: 3]. Both classified as high-risk under EU AI Act Annex III and GDPR Art. 22[cite: 3]. Neither produces SHAP explanations[cite: 3]. Neither has documented HITL checkpoints[cite: 3]. Flagged in Q3 2025 audit[cite: 3].

Both models require Autonomous Procure-to-Pay XAI and HITL retrofit before next compliance review[cite: 3]

Legacy
Legacy AP Platform
Invoice Processing · Payment

Standalone AP platform handling invoice capture, 3-way match (manual), and payment scheduling[cite: 3]. No integration with Ariba or SAP event streams[cite: 3]. 3-way match done in spreadsheets by a team of six[cite: 3].

3-Way Match Agent addresses this domain — replaces manual spreadsheet process[cite: 3]

Disconnected
Supplier Portal
Onboarding · Self-Service

Basic self-service portal for onboarding forms and document uploads[cite: 3]. No integration with Ariba vendor master or SAP supplier records[cite: 3]. Onboarding cycle averages 18 days[cite: 3]. No automated compliance checks[cite: 3].

Supplier Onboarding Agent addresses this domain — automated compliance screening at intake[cite: 3]

Disconnected
Compliance Register
CSRD · LkSG · Audit

Manual spreadsheet maintained by a two-person compliance team[cite: 3]. Annual supplier questionnaires[cite: 3]. No real-time monitoring[cite: 3]. 63% of suppliers not assessed in 18 months[cite: 3].

Supplier Performance Agent + CSRD continuous monitoring addresses this domain entirely[cite: 3]

Stakeholder Register

Nine stakeholders. Nine different conversations.

An autonomous procurement architecture that satisfies the CPO's efficiency requirements but cannot answer the Compliance Officer's audit question will not be adopted[cite: 3]. Each stakeholder has a primary concern, a specific question the Autonomous Procure-to-Pay must answer, and the modules that address their domain[cite: 3].

S-01 · Executive Sponsor
Chief Procurement Officer
Procurement & Supply Chain
Primary Concern
End-to-end P2P cycle time and spend visibility[cite: 3]. Whether the Autonomous Procure-to-Pay creates genuine procurement intelligence or adds another system to manage[cite: 3]. ROI must be measurable in cycle time, cost per invoice, and compliance posture[cite: 3].
Question the system must answer
"Show me the P2P cycle time before and after — and show me which agent handled which step and what a human approved."[cite: 3]
All ModulesADR-002Spend Analytics
S-02 · Financial Governance
Chief Financial Officer
Finance & Treasury
Primary Concern
The €3.2M annual late payment penalties and 11-day average invoice cycle[cite: 3]. Early payment discount capture — currently near-zero — is also a CFO priority worth ~€280K/year[cite: 3].
Question the system must answer
"How does this eliminate the late payment penalties and unlock early payment discounts — with evidence, not projections?"[cite: 3]
3-Way Match AgentPayment AgentSpend Analytics
S-03 · Risk & Compliance
Chief Compliance Officer
Legal & Regulatory Affairs
Primary Concern
EU AI Act Annex III and GDPR Article 22 exposure on the two production procurement ML models[cite: 3]. Whether the Autonomous Procure-to-Pay brings them into compliance before the next regulatory review without full re-architecture[cite: 3].
Question the system must answer
"Show me the audit trail for a supplier risk decision made last Tuesday. Every feature weight. Every human approval. Every system it touched."[cite: 3]
Supplier PerformanceXAI LayerHITL
S-04 · Legal & Contracts
General Counsel
Legal Affairs
Primary Concern
Non-standard supplier contract terms passing through procurement without legal review[cite: 3]. Indemnity caps, liability exclusions, and IP ownership clauses carry material financial risk if not flagged before countersigning[cite: 3].
Question the system must answer
"What is the agent's confidence threshold for escalating a clause to Legal, and can I see the precedents it compared against?"[cite: 3]
Contract AgentHITL CheckpointClause Scoring
S-05 · Procurement Operations
Head of Category Management
Strategic Procurement
Primary Concern
Sourcing cycle time and RFx quality[cite: 3]. Strategic categories — MRI components, rare earth magnets, gradient coils — require rigorous supplier evaluation[cite: 3]. The Autonomous Procure-to-Pay must enhance, not shortcut, category management discipline[cite: 3].
Question the system must answer
"Does the Sourcing Agent understand category-specific evaluation criteria, or does it apply generic scoring to every RFx?"[cite: 3]
Sourcing AgentContract AgentSupplier Performance
S-06 · Supplier Relations
Head of Supplier Relations
Supplier & Partner Management
Primary Concern
Supplier experience[cite: 3]. Delayed PO confirmations, slow onboarding, and opaque dispute resolution damage strategic supplier relationships[cite: 3]. The Autonomous Procure-to-Pay must make ClaraVis a preferred customer, not just a faster one[cite: 3].
Question the system must answer
"What does a supplier see when they interact with the Autonomous Procure-to-Pay? Can I show them a dispute resolution trail without calling my AP team?"[cite: 3]
PO AgentSupplier OnboardingSupplier Performance
S-07 · Accounts Payable
AP & Finance Operations Manager
Finance Operations
Primary Concern
The manual 3-way match process consuming six people's time[cite: 3]. Invoice exceptions, missing GRNs, and price discrepancies are resolved by email[cite: 3]. Every exception is a re-keying event[cite: 3]. The team is underwater at month-end[cite: 3].
Question the system must answer
"What percentage of invoices will flow straight-through without my team touching them, and what does the exception queue look like?"[cite: 3]
3-Way Match AgentPayment AgentHITL Approval UI
S-08 · IT Architecture
Enterprise Architect
IT & Digital Transformation
Primary Concern
Integration complexity[cite: 3]. The Autonomous Procure-to-Pay touches SAP Ariba, SAP S/4HANA, the legacy AP platform, and the supplier portal[cite: 3]. Each integration point is a failure mode[cite: 3]. The net integration surface must shrink, not grow[cite: 3].
Question the system must answer
"Show me the TOGAF Phase D diagram. Where are the integration points, the event contracts, and the failure recovery patterns?"[cite: 3]
TOGAF Phase DAll ADRsLayer 04 Infra
S-09 · Information Security
Chief Information Security Officer
Security & Risk
Primary Concern
Supplier PII and commercially sensitive contract data[cite: 3]. No supplier financial data, pricing data, or contract terms leave the EU boundary[cite: 3]. Every access is authenticated, every agent action is logged, every log is tamper-evident[cite: 3].
Question the system must answer
"What is the data residency guarantee and how is it enforced at the infrastructure layer — not just configured in a policy document?"[cite: 3]
VPC-SCCMEKBeyondCorpLayer 04
As-Is Architecture

The current state — mapped precisely.

The TOGAF ADM Phase B input[cite: 3]. Understanding where process latency and architectural debt accumulate in the current state is the prerequisite for designing the To-Be architecture[cite: 3]. The diagrams below represent ClaraVis procurement as it operates today[cite: 3].

Diagram 01 — As-Is Sourcing Value Stream
Seven organisational handoffs · Average sourcing cycle: 28 days · No end-to-end owner[cite: 3]
Ariba-managed
Manual handoff
SAP-managed
No audit trail
28 days average sourcing cycle time[cite: 3]
Procurement
Need Identified
Requisition
RFx Prepared
Manual / Ariba
~4 days
RFx Published
Ariba Network
Responses Scored
Manual / Excel
~5 days
Legal / Finance
Supplier Selected
No audit trail
~3 days
Contract Negotiated
Email / Word
~10 days
Contract Signed
Ariba CLM
Vendor Created
SAP S/4HANA
~6 days
No SLA on evaluation
RFx scoring and supplier selection have no defined SLA[cite: 3]. Delays accumulate invisibly across Category Management, Legal, and Finance[cite: 3].
Contract negotiation in email
Redlines exchanged via email and Word[cite: 3]. No clause-level risk scoring[cite: 3]. Legal review triggered by relationship, not by risk threshold[cite: 3].
Manual SAP vendor creation
Vendor master data re-keyed from Ariba into SAP[cite: 3]. Average 6-day lag[cite: 3]. Error rate ~3.5%[cite: 3]. CSRD compliance check not performed at onboarding[cite: 3].
To-Be: Agent-mediated sourcing state machine · HITL at award decision · Contract Agent replaces email redlines · Automated vendor master sync · CSRD screening at intake[cite: 3]
Diagram 02 — As-Is AP & Payment Value Stream
Eight handoffs · Average invoice cycle: 11 days · 3-way match done manually in spreadsheets[cite: 3]
11 days avg. invoice cycle · €3.2M annual late payment penalties[cite: 3]
Accounts Payable
Invoice Received
Email / Post
Data Entry
Manual keying
~2 days
3-Way Match
Spreadsheet
~3 days
Exception Review
Email chain
~4 days
Finance / Treasury
Invoice Posted
SAP S/4HANA
Payment Run
Manual batch
~2 days
Payment Executed
SAP / Bank
Supplier Notified
Email
Manual 3-way match
Team of 6 matching invoices against POs and GRNs in spreadsheets[cite: 3]. First-time match rate: ~58%[cite: 3]. Every exception is an email chain[cite: 3].
No early pay discount capture
11-day cycle makes early payment discount windows (typically 10 days) structurally unavailable[cite: 3]. Estimated missed savings: €280K/year[cite: 3].
Batch payment runs only
Payment runs executed twice weekly[cite: 3]. Dynamic discounting and real-time payment optimisation are not possible with batch-only treasury operations[cite: 3].
To-Be: 3-Way Match Agent with tolerance-band logic · >90% straight-through rate · Exception ML with HITL routing · Dynamic discount optimisation · Real-time payment scheduling[cite: 3]
Diagram 03 — As-Is System Landscape
Five disconnected domains · Two EU AI Act-exposed models · No cross-system P2P orchestration layer[cite: 3]
CLARAVIS PROCUREMENT BOUNDARY (AS-IS)[cite: 3]
SAP Ariba
Sourcing · CLM · Supplier Mgmt
Requisitions · RFx · Contracts[cite: 3]
Ariba Network
SAP S/4HANA
ERP · Finance · Logistics
PO · GRN · AP · GL[cite: 3]
Manual re-key from Ariba[cite: 3]
Legacy AP Platform
Invoice Processing
Manual 3-way match · Batch payment[cite: 3]
No event stream[cite: 3]
2 ML Models — EU AI Act Risk
Supplier Risk Scoring · Spend Anomaly
No SHAP · No HITL · Audit flagged Q3 2025[cite: 3]
Annex III · GDPR Art. 22[cite: 3]
Supplier Portal
Onboarding forms · Doc uploads
18-day avg. onboarding · No compliance check[cite: 3]
Disconnected[cite: 3]
Compliance Register
CSRD · LkSG · Manual spreadsheet
63% suppliers not assessed — 18 months[cite: 3]
Disconnected[cite: 3]
Architectural gap: No orchestration layer connects SAP Ariba · SAP S/4HANA · Legacy AP · ML Models · Supplier Portal into a coherent, auditable, human-supervised P2P flow[cite: 3]
Requirements Catalogue

What ClaraVis requires — documented and prioritised.

Every requirement below is traceable to a stakeholder concern, a regulatory obligation, or a procurement pain point[cite: 3]. Prioritised using MoSCoW[cite: 3].

8
Business Requirements
Commercial outcomes ClaraVis requires the Autonomous Procure-to-Pay to achieve[cite: 3].
12
Architecture Requirements
Structural properties — explainability, HITL, compliance. Non-negotiable[cite: 3].
7
Constraints
Fixed boundaries — systems, regulatory, integration[cite: 3].
IDRequirementDescriptionMoSCoWPillar Module
BR-01
P2P cycle time reduction
The end-to-end P2P cycle must be orchestrated with defined SLAs per transition and an immutable audit record at every handoff[cite: 3]. The current 11-day invoice cycle and 28-day sourcing cycle are the primary operational pain points[cite: 3].MustPO Agent · 3-Way Match · Payment Agent[cite: 3]
BR-02
EU AI Act & GDPR compliance
Both procurement ML models must be brought into EU AI Act Annex III and GDPR Art. 22 compliance — SHAP explanations per inference, documented HITL checkpoints, and a versioned risk management system before next compliance review[cite: 3].MustSupplier Performance · XAI Layer[cite: 3]
BR-03
3-way match automation
The manual 3-way match process — PO vs GRN vs invoice — must be automated with tolerance-band logic, exception ML classification, and HITL routing[cite: 3]. Target: >90% straight-through processing[cite: 3]. Current first-time match rate: 58%[cite: 3].Must3-Way Match Agent[cite: 3]
BR-04
CSRD / LkSG monitoring
Supplier due diligence obligations must be satisfied continuously[cite: 3]. Every supplier must have a real-time compliance score[cite: 3]. Threshold breaches must trigger automated HITL escalation to the Compliance Officer with a full evidence brief[cite: 3].MustSupplier Performance · Sourcing Agent[cite: 3]
BR-05
Contract clause intelligence
Every inbound supplier contract must be analysed at clause level — indemnity caps, liability exclusions, IP ownership, governing law — with non-standard terms flagged to Legal with a risk score, precedent references, and a draft counter-position before countersigning[cite: 3].MustContract Agent[cite: 3]
BR-06
Data sovereignty constraint
All supplier PII, contract data, pricing data, and procurement transaction records must remain within the EU GCP region boundary[cite: 3]. Enforcement must be architectural — VPC-SC — not policy-based[cite: 3].MustLayer 04 Infra · VPC-SC[cite: 3]
BR-07
Early payment discount
The Payment Agent must identify early payment discount opportunities on every eligible invoice and schedule payment within the discount window when cash position permits[cite: 3]. Estimated annual savings: €280K[cite: 3].ShouldPayment Agent · Spend Analytics[cite: 3]
BR-08
Tail spend visibility
The ~23% of spend currently classified as unmanaged tail spend must be made visible, categorised, and routed to preferred suppliers where possible[cite: 3]. Tail Spend Intelligence module addresses this domain with spend classification ML and policy enforcement[cite: 3].ShouldTail Spend Intelligence[cite: 3]
IDRequirementDescriptionMoSCoWRegulatory Basis
AR-01
SHAP explanation per inference
Every ML model inference informing a procurement decision must produce a SHAP explanation identifying the top contributing features, their directional effect, and the model confidence score — written to the audit log before any downstream action executes[cite: 3].MustEU AI Act Art. 13 & 14[cite: 3]
AR-02
HITL as formal state node
Every high-risk procurement decision must route through a named human approver via a formal HITL state with defined entry condition, presentation contract, decision interface, timeout behaviour, and immutable audit record[cite: 3]. HITL is a first-class architectural component, not a process note[cite: 3].MustEU AI Act Art. 14 · GDPR Art. 22[cite: 3]
AR-03
Immutable audit trail
Every agent action — tool call, state transition, HITL event, model inference — must be written to an immutable audit store (Firestore) before the action is considered complete[cite: 3]. The audit record must be queryable but not modifiable[cite: 3].MustEU AI Act Art. 12 · GDPR[cite: 3]
AR-04
SAP Ariba system of record
The Autonomous Procure-to-Pay reads from and writes back to SAP Ariba via REST API[cite: 3]. Ariba remains the source of truth for sourcing events and contract metadata[cite: 3]. Any data written to Ariba by the Autonomous Procure-to-Pay is tagged with the agent action ID that produced it[cite: 3].MustADR-001 · ADR-002[cite: 3]
AR-05
Model Cards for architecture
Every model in production must have a Model Card documenting intended use, training data summary, evaluation metrics, known limitations, bias analysis, and the HITL checkpoint specification[cite: 3]. Versioned alongside the model in Vertex AI Model Registry[cite: 3].MustEU AI Act Art. 11[cite: 3]
AR-06
VPC-SC perimeter tracking
All data processing must occur within a VPC-SC perimeter configured to prevent data exfiltration outside the EU GCP region[cite: 3]. The perimeter is enforced at the infrastructure layer via Terraform — not a network policy overridable by application configuration[cite: 3].MustGDPR · EU DPDP · BR-06[cite: 3]
AR-07
CMEK encryption setup
All data at rest and in transit must be encrypted using Customer-Managed Encryption Keys via Cloud KMS[cite: 3]. ClaraVis retains key custody[cite: 3]. Key rotation policy: 90 days[cite: 3].MustISO 27001 · GDPR[cite: 3]
AR-08
3-way tolerance rules
Tolerance rules — ±2% price variance, ±5% quantity variance — encoded as write-path constraints applied at match time, before any payment action executes[cite: 3]. Configurable per category by the AP Manager without a code deployment[cite: 3]. Out-of-tolerance invoices route to HITL automatically[cite: 3].MustP2P Domain · BR-03[cite: 3]
AR-09
Atomic vendor master sync
Every new supplier approved in Ariba must write simultaneously to the SAP vendor master, the CSRD compliance register, and the Autonomous Procure-to-Pay supplier risk profile — in a single atomic transaction[cite: 3]. Vendor activation in SAP must not precede CSRD screening completion[cite: 3].MustCSRD · LkSG · BR-04[cite: 3]
AR-10
ADR documentation rules
Every significant architectural decision must be documented as an Architecture Decision Record with status, context, decision, alternatives considered, and consequences[cite: 3]. ADRs are version-controlled and linked from the relevant module page[cite: 3].MustTOGAF ADM · Portfolio Standard[cite: 3]
AR-11
Pub/Sub event bus bus
All cross-system procurement events — Ariba sourcing events, SAP PO confirmations, GRN receipts, invoice arrivals — must be published to a Pub/Sub topic before downstream systems consume them[cite: 3]. Decouples producers from consumers and enables event replay for audit purposes[cite: 3].ShouldArchitecture Principle · BR-01[cite: 3]
AR-12
Drift detection pipelines
Both procurement ML models must have Vertex AI monitoring jobs configured to detect data and concept drift[cite: 3]. Drift beyond threshold triggers an alert and routes to the ML Engineer HITL checkpoint before any automated retraining executes[cite: 3].ShouldEU AI Act Art. 9 · MLOps Standard[cite: 3]
IDConstraintDescription & Impact on DesignMoSCoWSource
C-01
Zero additional software cost
The Autonomous Procure-to-Pay portfolio is a demonstration system built on free-tier and open-source components[cite: 3]. No paid API subscriptions, no commercial data connectors, no licensed dataset providers[cite: 3]. All GCP services operate within the free tier or GCP credits until the build phase begins[cite: 3].MustPortfolio Constraint[cite: 3]
C-02
SAP Ariba REST integration
Ariba integration uses the Ariba Network APIs and SAP Open Connectors pattern only — no paid middleware, no licensed SAP BTP integration flows[cite: 3]. The integration pattern must be demonstrable with Ariba Developer sandbox data (ADR-001)[cite: 3].MustADR-001 · C-01[cite: 3]
C-03
SAP S/4HANA middleware abstraction
Direct SAP S/4HANA integration is not implemented in the portfolio demo (SAP license cost)[cite: 3]. The Autonomous Procure-to-Pay design shows the integration architecture — BAPI/IDoc via middleware — and the demo uses BigQuery tables seeded with SAP-schema data to represent the ERP layer[cite: 3].MustC-01 · ADR-002[cite: 3]
C-04
EU data residency limits
All GCP resources must be provisioned in europe-west3 or europe-west4 only[cite: 3]. No multi-region configurations including non-EU endpoints[cite: 3]. Enforced via Terraform variable and Organisation Policy constraint[cite: 3].MustGDPR · BR-06 · AR-06[cite: 3]
C-05
MVP-plus build context
Each module is built to demonstrate one complete end-to-end P2P flow — sufficient to demonstrate to a CPO or enterprise architect in a live session[cite: 3]. Production hardening is out of scope for the portfolio phase[cite: 3].MustPortfolio Scope[cite: 3]
C-06
Preserve existing ERP layer
The Autonomous Procure-to-Pay does not replace SAP Ariba or SAP S/4HANA[cite: 3]. Both systems remain in place and the Autonomous Procure-to-Pay augments them[cite: 3]. Any design decision that requires replacing either system is out of scope[cite: 3]. The Autonomous Procure-to-Pay is the orchestration and intelligence layer (ADR-002)[cite: 3].MustADR-002 · BR-06[cite: 3]
C-07
SAFe delivery frameworks
The Autonomous Procure-to-Pay modules map to Agile Release Trains consistent with SAFe 6.0 principles[cite: 3]. Full Program Board and PI Planning artifacts are documented at the architectural level but not operationally executed for the portfolio build[cite: 3].CouldSAFe · Delivery Governance[cite: 3]
AI Readiness Assessment

Where ClaraVis Procurement stands today — five dimensions.

The AI Readiness Assessment is the input to the TOGAF Architecture Vision[cite: 3]. It defines the starting position across five procurement-specific dimensions and frames the gap the Autonomous Procure-to-Pay is designed to close[cite: 3]. Scored 1–5[cite: 3].

Spend Visibility
3/ 5

Ariba and SAP S/4HANA maintain structured spend data for strategic categories[cite: 3]. The gap is the ~23% tail spend — fragmented across purchasing cards, direct requisitions, and non-PO invoices with no common classification[cite: 3]. BigQuery spend fabric is not deployed[cite: 3].

Action: Unified Pub/Sub spend event pipeline + BigQuery spend fabric + tail spend classification model as Day 1 infrastructure[cite: 3].

Supplier Data Quality
2/ 5

Supplier master data is fragmented across Ariba, SAP, the supplier portal, and the compliance register[cite: 3]. No golden supplier record exists[cite: 3]. Deduplication is manual[cite: 3]. 18% of supplier records have conflicting data across systems[cite: 3].

Action: Supplier master data unification is a prerequisite for the Supplier Risk Model and CSRD monitoring — blocks all supplier intelligence modules[cite: 3].

Process Maturity
2/ 5

Ariba automates RFx publishing and basic approval routing[cite: 3]. SAP handles standard PO workflow[cite: 3]. Everything else — 3-way match, exception resolution, contract redlining, compliance checks, payment scheduling — is manual[cite: 3]. Straight-through processing rate across the full P2P cycle is below 30%[cite: 3].

Action: 3-Way Match Agent and PO Agent are the highest-ROI Day 1 automations — they address the two largest manual effort concentrations[cite: 3].

Regulatory Posture
2/ 5

ISO 27001 and GDPR baseline compliance is established[cite: 3]. AI-specific obligations under EU AI Act Annex III and GDPR Article 22 are not addressed for the two production ML models[cite: 3]. CSRD/LkSG supplier monitoring is manual and 18 months behind[cite: 3]. Q3 2025 audit flagged structural non-compliance across all three domains[cite: 3].

Action: XAI layer + HITL spec + Model Cards + CSRD continuous monitoring — all required before next compliance review[cite: 3]. Blocks production deployment of any new ML model[cite: 3].

Org Change Readiness
3/ 5

CPO and CFO are active sponsors[cite: 3]. The AP Manager team is enthusiastic about eliminating manual 3-way match[cite: 3]. Legal and Compliance are cautious but engaged following the Q3 2025 audit[cite: 3]. Category Management requires assurance that the Sourcing Agent enhances, not replaces, strategic sourcing discipline[cite: 3].

Action: HITL visibility and the SHAP explanation interface are the organisational unlock for Legal and Compliance[cite: 3]. Demonstrate them first[cite: 3]. Expand second[cite: 3].

Use Case Catalogue

Eight flagship use cases — one per module.

Each use case is a specific, demonstrable P2P capability the Autonomous Procure-to-Pay delivers for ClaraVis[cite: 3]. Structured for stakeholder mapping, regulatory classification, and MoSCoW priority[cite: 3].

UC-01 · Sourcing Agent
Autonomous RFx orchestration with scored supplier shortlisting
From need identified to RFx published in under 24 hours[cite: 3]
Strategic category sourcing requires 4–5 days to prepare an RFx and shortlist suppliers[cite: 3]. The Sourcing Agent reads the requirement, queries the supplier master, applies category-specific evaluation criteria, generates the RFx, and publishes to Ariba Network — with HITL at the award decision point[cite: 3].
UC-02 · Contract Agent
Clause-level risk scoring with Legal HITL escalation
Every supplier MSA analysed before countersigning[cite: 3]
Non-standard liability caps and indemnity clauses pass through procurement without Legal review[cite: 3]. The Contract Agent reads the full supplier MSA, classifies 150+ clause types, scores risk against ClaraVis policy, and routes non-standard terms to Legal with precedents and a draft counter-position before any countersigning event[cite: 3].
UC-03 · PO Agent
Autonomous PO generation with policy-governed routing
Catalogue items under €5,000 — straight-through, no human touch[cite: 3]
Requisition intake, budget validation, preferred supplier selection, and PO generation handled fully autonomously for catalogue items within policy thresholds[cite: 3]. Non-catalogue items, new suppliers, and above-threshold values escalate to the Category Manager with a full briefing document the agent prepared[cite: 3].
UC-04 · 3-Way Match Agent
Automated PO · GRN · invoice reconciliation with exception ML
From 58% to >90% straight-through match rate[cite: 3]
Manual 3-way match consumes a team of six[cite: 3]. The Match Agent reconciles POs from SAP, GRNs from the warehouse system, and invoices from the legacy AP platform — applying tolerance-band logic, classifying exceptions with ML, and routing genuine discrepancies to the AP Manager via the HITL interface with full context[cite: 3].
UC-05 · Payment Agent
Dynamic payment scheduling with discount optimisation
€280K/year in early payment discounts currently uncaptured[cite: 3]
Batch payment runs twice weekly make early payment discount windows structurally unavailable[cite: 3]. The Payment Agent monitors the approved invoice queue, identifies discount opportunities, checks treasury cash position, schedules payments dynamically, and executes via SAP — with CFO HITL above configurable payment thresholds[cite: 3].
UC-06 · Supplier Performance Agent
Continuous KPI scoring with CSRD/LkSG compliance monitoring
1,400 suppliers monitored continuously — not annually[cite: 3]
Annual questionnaires leave 63% of suppliers unassessed[cite: 3]. The Supplier Performance Agent continuously scores every active supplier on delivery, quality, financial stability, and ESG dimensions — flagging threshold breaches to the Compliance Officer via HITL with a SHAP explanation, evidence brief, and remediation recommendation[cite: 3].
UC-07 · Tail Spend Intelligence
ML-driven spend classification and maverick spend detection
23% of spend invisible — classified and governed in real time[cite: 3]
~23% of ClaraVis procurement spend is unclassified tail spend[cite: 3]. The Tail Spend module classifies every transaction, identifies maverick buying, surfaces consolidation opportunities, and routes policy violations to the appropriate Category Manager[cite: 3].
UC-08 · Supplier Onboarding Agent
Automated compliance screening and vendor master provisioning
18-day onboarding cycle reduced to under 3 days[cite: 3]
Supplier onboarding averages 18 days with no automated compliance checks[cite: 3]. The Onboarding Agent screens new suppliers against CSRD, LkSG, and financial risk criteria at intake — atomically provisioning approved suppliers in Ariba, SAP vendor master, and the CSRD compliance register in a single transaction[cite: 3].
Success Criteria

How ClaraVis Procurement will know the Autonomous Procure-to-Pay is working.

Observable architectural outcomes — not percentage projections[cite: 3]. Each criterion is measurable at the system level and traceable to a specific requirement[cite: 3].

EU AI Act & GDPR Compliance
Every high-risk procurement inference is explainable and human-supervised[cite: 3]
  • Every ML inference above a defined risk threshold produces a SHAP explanation written to the audit log before the downstream action executes[cite: 3]
  • Every high-risk supplier decision routes through a named human approver via a formal HITL state — no exceptions, no bypasses[cite: 3]
  • Every model in production has a versioned Model Card in Vertex AI Model Registry, reviewed and approved before promotion[cite: 3]
  • A compliance audit query returns a complete, unbroken decision trail for any procurement inference made in the last 24 months[cite: 3]
P2P Cycle Time
Every procurement handoff has a defined SLA and an immutable record[cite: 3]
  • Every state transition in the P2P flow has a defined SLA — the agent tracks elapsed time and escalates automatically on breach[cite: 3]
  • Every handoff produces an immutable audit record in Firestore before the next state is entered[cite: 3]
  • Invoice cycle time reduced from 11 days to under 3 days for straight-through invoices[cite: 3]
  • Ariba sourcing event status and SAP PO status synchronised via the platform event bus — no manual re-keying[cite: 3]
3-Way Match Performance
Straight-through processing above 90% — exceptions routed, not queued[cite: 3]
  • First-time match rate above 90% — measured against PO, GRN, and invoice data from the live Pub/Sub event stream[cite: 3]
  • Every exception classified by the Match ML model with a confidence score before routing to HITL[cite: 3]
  • Every tolerance-band approval written to the audit log with the rule that triggered it[cite: 3]
  • Every HITL exception resolution actioned within the SLA defined in the AP Manager's HITL contract[cite: 3]
CSRD / LkSG Compliance
1,400 suppliers monitored continuously — no annual questionnaire backlog[cite: 3]
  • Every active supplier has a current compliance score updated on every new compliance signal[cite: 3]
  • Every threshold breach triggers an automated HITL escalation to the Compliance Officer within the defined SLA[cite: 3]
  • Every new supplier screened against CSRD, LkSG, and EUDR criteria before SAP vendor master activation[cite: 3]
  • The compliance register is a query against the operational log — not a manually maintained spreadsheet[cite: 3]
Data Sovereignty
No procurement data leaves the EU boundary — enforced at infrastructure layer[cite: 3]
  • VPC-SC perimeter provisioned via Terraform — data residency constraint is in infrastructure code, not network policy[cite: 3]
  • CMEK keys provisioned and owned by the ClaraVis Cloud KMS project[cite: 3]
  • All GCP resources deployed to europe-west3 or europe-west4 — enforced by Organisation Policy constraint[cite: 3]
Architecture Decision Records
Every significant design choice documented and traceable[cite: 3]
  • Every module page links to the ADRs that govern its design decisions — no component exists without a traceable decision record[cite: 3]
  • Every ADR states the alternatives considered and the reasoning for the choice made[cite: 3]
  • The ADR index is maintained as a living document — updated when decisions change[cite: 3]
ADR-001 · SAP Ariba Integration Pattern
Ariba REST API — sourcing system of record
Selected over direct SAP SRM API, CSV export, and mock data patterns[cite: 3]
Ariba Network API integration was selected because the P2P domain depth of this portfolio is only demonstrable with a live system of record integration[cite: 3]. A mock data pattern makes the sourcing intelligence claims unverifiable[cite: 3]. Ariba Developer sandbox provides a free, permanent integration target with production-representative data structure[cite: 3].
Status: Accepted[cite: 3]
ADR-002 · GCP alongside SAP Ariba and S/4HANA
Augmentation, not replacement
The Autonomous Procure-to-Pay addresses five domains outside SAP's boundary[cite: 3]
The Autonomous Procure-to-Pay addresses five domains structurally outside SAP's capability: supplier ML intelligence with EU AI Act-compliant explainability, cross-system 3-way match across SAP and non-SAP AP, CSRD/LkSG continuous compliance monitoring, full-document contract intelligence, and cross-system P2P orchestration[cite: 3]. SAP Ariba and S/4HANA remain the systems of record[cite: 3].
Status: Accepted[cite: 3]

Requirements captured. Architecture follows[cite: 3].

The following pages take every requirement above and express it as concrete architecture artifacts — agent state machines, ML pipeline designs, and module-level technical specifications[cite: 3].