The software has built-in checks for fraud and error. Each check is an ABAP report that is executed as a background job by the software.
The checks can be identified by their name:
/REM/_
where rem_area defines the business process area (Procure-2-Pay=P2P, Order-2-Cash=O2C, etc.) and rem_id the single check.
All checks have parameters. These can be maintained via transaction /REM/ADMIN (enter /n/rem/admin into the TCODE field in SAP GUI). The parameters are stored in table /REM/CONFIG.
In case the checks detect a red flag (suspicious transaction) they create an entry in the alerts repository, table /REM/TMDATA. Each alert is created and entered here exactly once.
To enable exactly-once creation of alerts a unique identifier is derived from data in the alerts.
Alerts have a status: NEW when the software creates the alert, and APPROVED or REJECTED once a user reviewed the alert and approved or rejected accordingly.
Users also can enter additional information, comments. Comments are stored in table /REM/TMCOMMENT.
Configuration changes are logged in table /REM/TMLOG and log entries can be viewed in /REM/ADMIN.
The software can be used to continuously monitor business data and transactions (Continuous Monitoring, CM mode) and for auditing (audit mode). Configuration data and results are separated for the two modes.