Skip to end of metadata
Go to start of metadata

High-risk countries are highly corrupt, infamous for intense fraudulent activity, dangerous because of warfare, or subject to strict trade regulations. You may be allowed to do business with them, but it might make your internal auditor or government inspector raise an eyebrow, or two.

It's therefore a good idea to enrich your detection with detection methods that check your business documents for partners located in high-risk countries.


Enter and upload high-risk country lists in the tile High-Risk Countries and the associated screen High-Risk Country Lists. Each list has an ID, and consists of a ranked list of countries. A country's rank represents its risk: the higher the rank, the higher the risk. For example, a country with rank 174 is riskier than one with rank 4. Multiple countries can have the same rank, but each country can occur only once.


To implement an execution procedure for a high-risk country rule, use the helper procedure PR_GET_BOTTOM_RANKED_HIGH_RISK_COUNTRIES in package sap.hana-app.fra.generic.dt.hiriskcntry. The procedure receives the list's ID and the number of ranks that shall be returned from the bottom of the list.


KPNorth Korea175


  • 1 will return the country AF, because it occupies the single highest rank.
  • 2 will return the countries AF, IQ, and KP because they populate the two highest ranks. Note how the parameter does not equal the number of returned countries.
  • 3 will return the countries AF, IQ, KP, and DE because they populate the three highest ranks. Note how the procedure ignores gaps in the numbering and includes DE although it is "way ahead" of IQ.


The output provides SAP country codes, i.e. primary keys from database table T005. If you need other code formats, like ISO alpha-2 or -3, join the output to table T005 and retrieve the codes from its INTCA fields. For descriptions, join to table T005T.


Do not rely on any order in the procedure's output. Currently it is sorted by rank descending, country code ascending, due to its internal workings, but this may change without notice. If you need order, apply a SELECT ... ORDER BY ... to the output as needed. Note however, that sorting in an execution procedure is usually counterproductive because it slows down processing without adding value.


Your execution procedure will look similar to this. The first two statements get the parameters HIGH_RISK_COUNTRY_LIST_ID and BOTTOM_N_RANKS from the procedure's input. Then the helper procedure is called with these parameters. Finally, the received countries are matched against the business documents, that is, the business partners therein.

For a real example, refer to the execution procedure PR_POITEM_HI_RISK_CNTRY_EXEC in package sap.hana-app.fra.suite.pur.dt.purchaseorder.item.ex.


  lv_list_id nvarchar(40);
lv_bottom_n_ranks integer;


INTO lv_list_id
FROM :parameters;

INTO lv_bottom_n_ranks
FROM :parameters;

    CALL "_SYS_BIC"."sap.hana-app.fra.generic.dt.hiriskcntry/PR_GET_BOTTOM_RANKED_HIGH_RISK_COUNTRIES"(
FROM bseg AS data
INNER JOIN :lt_countries AS risk
ON = risk.sap_country_code;


Yellow Flag

Rules of this kind usually are only weak indicators for fraud, hence they should contribute only low scores and ought to be supported by other rules to raise an alert. Such rules are commonly known as yellow flags, in contrast to the strong red flags that suffice to raise alerts on their own. Consider this when scoring your detection strategies; otherwise your high-risk country rule can lead to lots of undesired false positives.

After all, dealing with your vegetable trader in Afghanistan may raise an eyebrow or two, but may be perfectly legal.

  • No labels