Need Help? Check out our Documentation

Most businesses don't have a procurement policy. They have a loose collection of habits — whoever shouts loudest gets the purchase approved, someone's nephew is always the preferred vendor, and the finance team finds out about large purchases after the invoice arrives.

That's not a policy. That's a liability.

A real procurement policy sets clear rules for how money leaves your business. It protects you from fraud, keeps suppliers accountable, and gives finance visibility before cash is committed — not after.

Here's how to build one that actually works.

Start With the Problems You're Solving

Before you write a single policy line, list the specific things going wrong in your procurement process right now.

Common ones:

  • Purchases happening without any approval
  • Same supplier being used for everything with no competitive check
  • Maverick spending where staff buy from whoever they like
  • Emergency purchases that bypass every control
  • No one knows the total spend with a given supplier

Your policy needs to address your actual problems. A generic template won't cut it.

Approval Limits: The Spine of the Policy

Approval limits define who can authorize what. Without them, everything either gets rubber-stamped at the top (bottleneck) or approved by anyone who happens to be around (no control).

A typical structure for a mid-sized business:

| Amount | Approved By | |--------|-------------| | Up to NPR 25,000 | Department manager | | NPR 25,001 – 150,000 | Operations director | | NPR 150,001 – 500,000 | Finance director | | Above NPR 500,000 | CEO / board |

Set your numbers based on what makes sense for your transaction volumes. A wholesale business doing high-frequency small orders needs tighter low-end limits. A manufacturer with infrequent large equipment purchases needs different thresholds entirely.

Also think about cumulative limits. Some businesses get gamed by splitting a NPR 200,000 purchase into four NPR 50,000 orders to avoid higher-level approval. Your policy should explicitly prohibit purchase splitting.

If you're already dealing with approvals bottlenecking your operations, read why purchase order approval bottlenecks cost more than you think — the fix isn't removing approvals, it's making the right ones faster.

Preferred Suppliers: How to Define and Manage Them

A preferred supplier list is not a cronyism list. It's a pre-vetted pool of suppliers who have been evaluated on price, quality, lead time, and reliability.

Your policy should state:

  • Staff must source from preferred suppliers for standard purchases
  • Using a non-preferred supplier requires justification and approval
  • The preferred supplier list is reviewed every 6–12 months
  • New suppliers must go through an evaluation process before being added

For a framework on how to actually score and select suppliers, see how we cover supplier evaluation frameworks.

The preferred supplier list doesn't mean staff can't use their judgment. It means there's a starting point that protects the business from unvetted vendors.

Competitive Bidding Thresholds

For purchases above a certain value, you should be getting multiple quotes. This keeps suppliers honest and ensures you're not overpaying due to familiarity or laziness.

A reasonable structure:

  • Below NPR 50,000: Single quote acceptable
  • NPR 50,000 – 300,000: Minimum two quotes required
  • Above NPR 300,000: Minimum three quotes, documented selection rationale

The rationale is important. "We chose Supplier A because they were cheaper" is fine. "We chose Supplier B who was more expensive because of faster lead time" is also fine — as long as it's documented. What's not fine is no documentation at all.

Define who holds the quotes and for how long. Disputes with suppliers are much easier to resolve when you have the original quote documentation.

Emergency Procurement Rules

Every business eventually has an emergency purchase — a machine breaks down, a critical material runs out, a client delivery is on the line. Your policy needs an emergency procurement path that's fast but not lawless.

Key elements:

  • Define what constitutes an emergency (be specific — "machine breakdown affecting production" not "we forgot to order")
  • Set a maximum emergency purchase amount per incident
  • Require verbal/WhatsApp approval from a designated authority, followed by written documentation within 24 hours
  • Review all emergency purchases monthly to spot patterns (frequent emergencies often signal poor planning)

Without clear emergency rules, "emergency" becomes the workaround for every inconvenient approval process.

Policy Gaps That Create Financial Risk

The most common financial control failures in SMEs trace back to procurement policy gaps. Here are the ones most businesses overlook:

No policy on who can create a supplier. If anyone can add a new supplier to your system, you're exposed to fake vendor fraud. Restrict supplier creation to finance or a designated approver.

No goods received confirmation requirement. Payment should never happen without confirming goods or services were actually delivered. This is where three-way matching matters.

Blanket purchase orders with no limits. Some businesses issue open-ended POs to suppliers. These need a maximum value and expiry date, or they become blank checks.

No conflict of interest declaration. If a buyer has a financial interest in a supplier, that purchase shouldn't be self-approved. Your policy needs a disclosure and recusal process.

No policy review schedule. A policy written in 2022 may not reflect your business in 2026. Build in an annual review — assign ownership to someone specific.

Getting Team Buy-In

A policy that exists in a PDF no one has read is not a policy. Getting real adoption requires a few things.

First, involve the people affected in writing it. Your warehouse manager knows where the unofficial workarounds are. Your finance team knows which suppliers are problematic. Their input makes the policy better and increases their commitment to it.

Second, train people before you enforce. Roll out the policy with a clear walkthrough — not a memo. Show people the new approval workflow. Answer questions. Give a grace period.

Third, tie the policy to systems. If your approval process lives in email, people will find workarounds. If it's built into your procurement software with actual workflow enforcement, compliance is much higher.

Enforcing It Without Creating a Bureaucracy

The goal is not to make procurement slow. The goal is to make it traceable and controlled.

Good policy design means that routine purchases within clear limits move fast — one person approves, done. The scrutiny kicks in for non-routine or high-value purchases where it actually matters.

Automate what you can. If your software can route a purchase request to the right approver based on value and category, that's faster than manual email chains. It also creates an audit trail automatically.

And enforce consistently. Exceptions made for senior staff who find the process inconvenient destroy the policy's credibility for everyone else.

If your procurement process is currently held together by spreadsheets, email threads, and institutional memory, try Sevenledger free — it gives you purchase request and approval workflows built in, with a full audit trail on every transaction.