Abstract

This paper presents a data analytics–driven model for supplier onboarding and ERP-based compliance management that accelerates qualification, strengthens assurance, and mitigates lifecycle risk. The model unifies master-data governance, rule-based eligibility screening, and machine-learning risk scoring with a closed-loop workflow embedded in the enterprise resource planning environment. A standardized digital intake captures identity, regulatory, ESG, cybersecurity, and tax credentials; deterministic rules validate required evidence, while an interpretable gradient-boosted model estimates residual risk using features such as sector, jurisdiction, beneficial ownership depth, sanctions proximity, and historical incident rates. A policy engine links risk tiers to control actions, including enhanced due diligence, dual approvals, and conditional release. All steps write back to ERP vendor master and procurement modules via governed APIs. Operationally, the model defines a golden-record strategy, reference taxonomies, and data-quality rules to prevent duplicate or incomplete vendor profiles. It maps risks to control objectives and embeds preventive gates at supplier creation, contract activation, and first-order release. Continuous monitoring uses event streams and dashboards to detect status changes, expired certificates, adverse media, late attestations, and control drift. Exceptions trigger guided remediation workflows, while feedback loops retrain the model and update thresholds for concept drift. We validate the model through a quasi-experimental design comparing matched business units before and after implementation. Results indicate a 32–45% reduction in onboarding lead time, a 28% decrease in first-year compliance exceptions, and a 19% improvement in audit-readiness scores, while maintaining competition and diversity thresholds. Ablation analyses show the largest effects arise from master-data quality controls and the policy engine’s automated ERP gates. A reference architecture, governance RACI, and value tracking framework are included to support scale-out across multi-ERP landscapes. The contribution is threefold: first, a unified, analytics-first approach that treats onboarding and compliance as a single, data-centric process; second, an interpretable risk scoring method aligned to auditable controls; and third, practical change-management guidance with value realization. Future work will extend causal inference, integrate document intelligence, and explore privacy-preserving data sharing.