Our organization is implementing S/4HANA 1909 with MDG and we’re debating governance models for expense management master data. Currently running a hybrid approach that’s causing friction.
Centralized governance would mean our corporate data stewards control all vendor, cost center, and GL account creation with strict approval workflows. This ensures compliance with SOX requirements and maintains data quality, but regional teams complain about 3-5 day delays for simple vendor setups.
Decentralized governance lets each business unit manage their own master data with local stewards. Faster execution but we’ve seen duplicate vendors, inconsistent naming conventions, and audit findings on segregation of duties.
What governance model has worked best for expense management in large multi-national implementations? How do you balance compliance requirements with operational speed?
The answer isn’t binary-it’s about risk-based segmentation. High-risk master data (vendors with payment terms, GL accounts affecting financial statements) should be centrally governed. Low-risk data (internal cost centers, statistical accounts) can be decentralized to regional teams. Use MDG’s governance scope to define different approval chains based on data type and materiality thresholds. This hybrid model gives you compliance where it matters and speed where it’s safe.
From a compliance perspective, decentralized governance is a nightmare for SOX and GDPR. You lose control over who can create payment-related master data, which auditors flag immediately. We tried regional stewards and got audit findings on inadequate segregation of duties because the same person could create vendors and process payments. Centralized governance with proper role separation is the only way to maintain clean audit trails and pass regulatory reviews.
Consider the organizational maturity factor. Centralized governance requires sophisticated MDG implementation with workflow automation, data quality rules, and 24/7 steward coverage across time zones. If you don’t have that infrastructure, you’ll create bottlenecks. Decentralized works if you have strong data literacy in business units and robust monitoring tools. I’ve seen companies start decentralized, measure the pain points, then gradually centralize critical data domains as they build MDG capabilities.