The Autonomous Procure-to-Pay  /  PG 02  /  PG 03 — Sourcing / RFx
Decision Engine Core Overview Page 04 →
PG 03 · The Autonomous Procure-to-Pay · Sourcing / RFx

From 23 candidates to 3 awarded.
Every scoring decision explained.

The RFx Agent monitors contract expiry signals in SAP Ariba, screens the full approved vendor list against EU CSRD/LkSG compliance registries, scores shortlisted suppliers with an XGBoost model whose SHAP output is written to the audit log before any downstream action executes, and routes every award decision to a named human approver. No black-box shortlisting. No autonomous award.

Supplier Shortlisting RFx Automation XGBoost Scoring SHAP Explainability HITL Award Gate CSRD / LkSG Screen SAP Ariba Integration GCP / Vertex AI EU AI Act — High Risk GDPR Art. 22
Governed by ADR-001 · ADR-003 · ADR-004 · ADR-005
Agent Architecture · State Machine

Eight states. Two human checkpoints.
Every transition auditable.

The RFx Agent is a deterministic state machine. HITL_REVIEW and HITL_AWARD are first-class states — not exception handlers. The machine cannot advance past either without a named human decision written to Firestore. Step through the simulation below to watch the active state update in real time.

S0
IDLE
S1
INTAKE
S2
MARKET_SCAN
S3
COMPLIANCE_SCREEN
S4
ML_SCORE
⏸ HITL
HITL_REVIEW
S6
RFX_DRAFT
S7
RFX_ISSUED
S8
RESPONSE_EVAL
⏸ HITL
HITL_AWARD
S10
AWARDED
Current active state
HITL checkpoint node (Art. 14 mandated)
Completed processing state
Workflow Simulation · Sterile Packaging Film RFx

Scenario: Sterile packaging film.
Contract expiry in 47 days.

Four incumbent suppliers. One active LkSG remediation flag. Annual spend €3.4M across 6 EU manufacturing sites. CSRD compliance mandatory. Step through each state to see the agent's reasoning, data reads, confidence scores, SHAP outputs, and both HITL checkpoints.

ML Model Specification

Supplier Shortlisting Model — XGBoost v2.1

XGBoost was selected over an LLM-based scorer because supplier shortlisting is a high-risk AI Act decision: it must be deterministic, reproducible, and natively SHAP-explainable. An LLM produces stochastic outputs that cannot be reliably audited across identical inputs. See ADR-003.

Model Engine Architecture
XGBoost multi-criteria scorer (v2.1) — gradient-boosted decision tree ensemble. Trained on 48 months of ClaraVis Ariba award history. Retrained quarterly via Vertex AI Pipelines. Deterministic output for identical inputs.
Evaluated Input Features
Six distinct criteria lines processed synchronously out of core data vaults:
On-time delivery rate (24m) Quality rejection rate CSRD / ESG tier Geographic coverage score Financial stability index Price competitiveness index
Inference Target Output
Composite score 0.0–1.0 per supplier, plus top-3 SHAP feature contributions (signed, normalised). Scores and SHAP values written to audit/rfx/{event_id}/shap/{supplier_id} in Firestore before the shortlist is presented to any human — EU AI Act Article 13 compliance.
Confidence Threshold Gates
≥ 0.72 — Auto-shortlist threshold passed (agent automated continuation)
< 0.72 — HITL_REVIEW fallback triggered (mandatory supervisor check block)
Any Active LkSG Flag — Instant terminal hard disqualification (un-bypassable)
Single-Source Risk Condition — High-risk bypass block instantly shifts to human review
Explainability UX Contract
Top-3 SHAP features per supplier rendered as a horizontal bar chart in the HITL interface. The approver sees why a supplier was scored — not just the score. Negative contributions shown in amber/red; positive in green. This is the EU AI Act Article 13 transparency obligation expressed as a UX contract, not a compliance checkbox.
Model Lineage & Registry
Every production model version stored in Vertex AI Model Registry with a Model Card documenting training data, evaluation metrics, bias assessment, and intended use. Model version hash written to every inference log entry — enabling point-in-time audit of any past scoring decision.
HITL Specification · Oversight Framework

Human oversight is a designed mechanism.
Not a fallback.

EU AI Act Article 14 requires that high-risk AI systems allow human oversight with the ability to intervene, override, or halt automated decisions. Both HITL states below satisfy this obligation independently and produce immutable Firestore audit records regardless of the decision made.

HITL-1 — Shortlist Review Block
Entry State Criteria
Single-source risk (only 1 shortlisted supplier covers all 6 manufacturing sites) OR any top-5 supplier score < 0.72 OR any incumbent supplier carries an active compliance flag
Policy Route Target
CPO (S-01) — named approver defined in procurement policy register. Deputy CPO if primary is unavailable beyond 8h.
Presentation Contract
SHAP bar chart per shortlisted supplier · Geographic coverage map (sites covered per supplier) · Risk flags with source citations · Agent recommendation with confidence score and reasoning
Decision Schema Scope
Approve shortlist as-is / Modify (add or remove suppliers with justification) / Reject and request re-screen. Mandatory justification field on Modify or Reject (minimum 50 characters). Justification stored verbatim in audit log.
Timeout Timeout SLA
24 hours from routing — auto-escalate to Deputy CPO. 48 hours — escalate to CPO + CFO with SLA breach record and contract expiry countdown. Agent remains paused; no autonomous action on timeout.
Audit Payload Schema
{approver_id, timestamp, decision, justification, shortlist_version, model_version, shap_ref} → Firestore (immutable append — IAM write-only role, no update or delete permitted)
HITL-2 — Sourcing Award Gate
Entry State Criteria
Always Mandatory — every RFx award is human-approved. EU AI Act Article 14 is non-negotiable for high-risk procurement decisions. Additional trigger: spend > €500K requires CFO co-signature (this scenario: €3.4M — both CPO and CFO required).
Policy Route Target
CPO (S-01) — primary approver. CFO (S-02) — co-approver when spend > €500K. Both decisions are required; the agent awaits both signatures before writing the award record.
Presentation Contract
Full evaluation matrix with weighted scores per criterion · SHAP outputs per shortlisted supplier · Agent recommendation (single or split award with rationale) · CSRD compliance tier per supplier · Total estimated contract value · Contract expiry countdown
Decision Schema Scope
Approve agent recommendation / Split award (adjust percentage allocation per supplier) / Override supplier selection with mandatory justification. Agent creates Ariba sourcing event award record and fires Pub/Sub event on approval — no pre-emptive system writes.
Timeout Timeout SLA
48 hours from routing — escalate to CPO + CFO with contract expiry countdown and supply continuity risk flag. Agent remains paused. No autonomous award under any circumstances.
Audit Payload Schema
{approver_id, co_approver_id, timestamp_primary, timestamp_cosign, decision, award_split, justification, contract_value, model_version} → Firestore (immutable append)
Integration Points

What the agent reads. What it writes.

The RFx Agent reads only from systems of record via published APIs. It writes only to defined targets via documented event contracts. No direct database mutations. Every write to Ariba is preceded by a Firestore audit entry — the audit record is always created first.

Pattern System Context Transacted Payload Element Protocol Profile
READPATTERN
SAP Ariba
Sourcing data vault · ADR-001
Supplier master · Contract expiry signals · Approved vendor list · Historical award data (48 months) Ariba REST API (Sourcing v2)
READPATTERN
SAP S/4HANA
ERP Master System of Record
24-month spend history by category · Goods receipt quality data · Budget availability by cost centre SAP OData v4
READPATTERN
EU Compliance Registries
CSRD / LkSG external gate hub
CSRD compliance status per supplier · Active LkSG remediation flags · EUDR applicability Public API / 24h batch ingestion
WRITEPATTERN
SAP Ariba
Sourcing record creation on human sign
Sourcing event · RFx document · Supplier invitations · Award record (post HITL-2 only) Ariba REST API (write scopes)
WRITEPATTERN
Firestore
Audit trail ledger · IAM bounded write
All state transitions · SHAP explanations per supplier · HITL decisions + justifications + approver IDs · Model inference logs with version hash Firestore SDK (append-only role)
WRITEPATTERN
GCP Pub/Sub
Asynchronous system event fabric
rfx.shortlist.approved · rfx.issued · rfx.awarded (triggers Contract Agent loop on page 04) Pub/Sub push topics
WRITEPATTERN
Vertex AI Registry
Model operations audit sink
Inference log per event: model version hash · input feature hash · output score · timestamp · event_id Vertex AI SDK
Architecture Decision Records

Every design choice has a record.

No component in this module exists without a traceable decision record. Each ADR states the context, the alternatives considered, and the reasoning for the choice made.

ADR-001 · SAP Ariba Integration Pattern
Ariba REST API — sourcing system of record
Ariba Network API integration was selected because the P2P domain depth of this portfolio is only demonstrable with a live system-of-record integration — a mock data pattern makes the sourcing intelligence claims unverifiable. Alternatives rejected: SAP SRM API (deprecated path, not forward-compatible with S/4HANA); CSV export (breaks the real-time event-driven model); Ariba Developer sandbox mock data (unverifiable claims).
Status: Accepted
ADR-003 · XGBoost over LLM for Supplier Scoring
Deterministic, auditable, natively SHAP-explainable
An LLM-based scorer produces stochastic outputs across runs with identical inputs — this fails EU AI Act Article 13 (explainability) and GDPR Article 22 (meaningful information about automated decisions). XGBoost produces a deterministic score and a SHAP decomposition from a single forward pass. Alternatives rejected: GPT-4 scoring prompt (stochastic, non-reproducible, not SHAP-native); weighted average rule (no learned signal, no SHAP, brittle to new supplier data).
Status: Accepted
ADR-004 · Firestore for Audit Log
Immutable append — full audit trail queryable in under 30 seconds
GDPR Article 22 and EU AI Act Article 12 require a complete decision trail for every automated procurement inference. Firestore with append-only IAM rules provides immutable append semantics, sub-second writes, and a queryable log returning a complete audit trail for any decision in the last 24 months without a data warehouse query. Alternative rejected: BigQuery (acceptable for analytics queries but too slow for real-time HITL context loading at the point of human decision).
Status: Accepted
ADR-005 · Two-HITL Pattern for Sourcing
Risk-triggered shortlist review + regulation-mandated award gate
Single-HITL designs (award gate only) pass EU AI Act Article 14 but fail the single-source risk requirement: an agent that shortlists a single qualified supplier has already constrained the human decision before the HITL state is entered. The two-HITL pattern ensures a human reviews the candidate pool before the RFx is issued, and approves the final award independently. Alternative rejected: single award-only HITL (cheaper operationally, but fails single-source risk gate and gives the human a constrained choice set rather than a genuine oversight decision).
Status: Accepted
Cost & ROI Model

What the RFx Agent costs.
What it saves. What it returns.

Three views: infrastructure cost per 1,000 RFx events on GCP europe-west3, annual savings from cycle time and labour reduction at ClaraVis volumes, and combined year-1 ROI. All figures sourced or referenced below.

€4.20
GCP infra cost per single RFx event
Cloud Run + Firestore + Vertex AI calculations · GCP Calculator ↗
€1.4M
Estimated annual savings at benchmark
Labour overhead + cycle time compression matrix · McKinsey Insights ↗
214×
Calculated Year-1 ROI yield ceiling
Based on ClaraVis volume run rate scale of 340 events/annum
GCP Infrastructure Cost Matrix (Per 1,000 runs)
Cloud Run Compute Tasks€1,100
Firestore Audit Log Storage Semantics€420
GCP Pub/Sub Bus Messages€80
Vertex AI Model Endpoint Interrogations€1,900
Ariba REST Sync Overheads€700
Total Pipeline Cost Per 1,000 Runs€4,200
Annual Savings Projection (ClaraVis Context)
Labour Compression (34 Days → 4 Days)+€680,000
Pool Filter Optimisation Engine+€240,000
LkSG Exposure Risk Deflection+€320,000
Early-Award Expiry Penalty Breakers+€180,000
Total Realized Annual Savings€1,420,000
Methodology Reference. Labour savings assume a blended procurement FTE rate of €90,000/year (fully loaded), 340 sourcing events/year, and cycle time reduction from 34 to 4 days per event — consistent with Hackett Group benchmarks on AI-assisted sourcing (2024). Compliance risk reduction modelled as 60% reduction in LkSG remediation exposure at €320K/year average ClaraVis exposure per BMAS LkSG Guidance. Infrastructure costs calculated on GCP europe-west3 on-demand pricing via GCP Pricing Calculator. All figures are indicative estimates; actual results depend on implementation quality, data completeness, and ClaraVis-specific event volumes.