EY Uses Power Platform and SAP for Fast Journal Posting and Cash Matching

EY’s Global Finance organization has reworked core month-end and cash processes by pairing its SAP ERP backbone with Microsoft Power Platform — building low-code apps, Dataverse staging, Power Automate flows and a Copilot Studio agent to replace a labor‑intensive, third‑party GL posting tool and to automate payments at scale. The internal app suite (best known inside the firm as PowerPost for journals and PowerMatch for cash application) is credited with dramatic throughput gains — lead times for journal preparation dropped by roughly 95% and projected operational cost savings exceed 30%, while automated payments processing is reported to free up ~230,000 hours annually — outcomes EY and Microsoft have documented in their customer case materials.

Background / Overview​

EY operates a sprawling global finance estate: hundreds of thousands of professionals, hundreds of thousands of clients, and finance processes running across many countries and local SAP instances. That environment creates a classic enterprise tension: SAP provides the authoritative transactional ledger, governance and auditability; but user experience, edge workflows and occasional high-volume, low-complexity interactions are often better served by modern low-code front ends and automation.
Power Platform offered EY a pragmatic middle path: keep SAP as the transactional system of record, and use Power Apps + Power Automate + Dataverse (and later Copilot Studio agents) as a flexible orchestration and UX layer that connects to SAP via Microsoft’s pre-built SAP connectors and the on‑premises data gateway. The resulting projects — PowerPost (GL posting) and PowerMatch (cash application) — are emblematic of that approach and form a repeatable pattern for large SAP customers seeking fast wins without ripping out ERP foundations.

---

What EY built: PowerPost and the architecture that matters​

The problem PowerPost solves​

Before PowerPost, EY relied on a semi‑manual, regionally divergent process and a legacy third‑party posting tool that carried licensing, maintenance and throughput penalties. The process required finance users to prepare journals in spreadsheets and route them across multiple handoffs — an error-prone, slow and costly cycle at month‑end. The legacy tool also imposed per‑transaction or per‑seat costs that scaled poorly in a global firm.

High‑level architecture (what’s running under the hood)​

EY’s implementation follows a clear pattern that other enterprises can reproduce:

• A Power Apps canvas app provides the user interface for preparing journals or uploading Excel templates.
• Power Automate cloud flows move submitted data into Dataverse and orchestrate the approval and posting cycle.
• The SAP ERP connector (RFC/BAPI-based) is used to write back journal entries directly into the on‑premises SAP system.
• An on‑premises data gateway and the SAP .NET Connector (NCo) enable secure, auditable connectivity between cloud flows and EY’s SAP instances.
• A Copilot Studio agent was later added to streamline repetitive steps, validate bulk postings, and enable intelligent approvals or error simulations prior to posting.

This combination keeps the transactional integrity with SAP while shifting the UX and orchestration to the Power Platform stack — improving developer velocity, centralising controls in Dataverse and enabling reusable flows and approval patterns.

Key functional capabilities introduced by PowerPost​

• In‑app journal creation and Excel template uploads for mass loads.
• Single Power Automate flow handling multiple posting types (ledger‑specific, FX postings, etc..
• Configurable approval workflows per country/region.
• Role‑based access and enhanced controls so only authorised personnel can post.
• Bulk simulations and validations (via the Copilot agent) to detect posting errors before they hit SAP.

---

Beyond GL: PowerMatch and the automation of cash application​

EY did not stop at journals. The firm also built PowerMatch to dramatically increase automatic matching and clearing of client payments in SAP. Reported results from the PowerMatch project are substantial: automated match/clear rates rose from about 30% to roughly 80% (with a further portion matched and manually cleared inside the app), reducing manual processing from millions of operations to a far smaller population and realizing an estimated 230,000 hours saved per year. That program reused the Power Platform + SAP integration model — Dataverse staging, Power Automate schedules that pull payments from SAP, AI Builder models to extract payment attributes, and rule‑driven matching algorithms.

---

Why this approach works — strengths and practical wins​

1) Speed: from weeks to production​

Low-code development and pre-built connectors let EY produce workable proofs‑of‑concept in weeks, not months. Power Apps and Power Automate dramatically shorten the dev cycle for forms, approvals and back-end orchestration compared with building custom middleware or full SAP extensions. Microsoft’s coverage and EY’s reporting both emphasise rapid PoC timelines and faster time‑to‑value.

2) Cost avoidance and license rationalisation​

Replacing a commercial, transaction‑priced third‑party posting tool with an in‑house Power Platform app eliminated a direct ongoing fee and reduced processing costs. EY reports meaningful operational savings (over 30% in some measures) after switching to PowerPost, mostly driven by removing third‑party license fees, labour savings and fewer posting errors. Those are vendor‑reported figures but align with common TCO patterns when task users move off priced SAP seats.

3) Democratization with controls​

By putting a modern app in front of complex SAP transactions, EY made certain finance tasks accessible to a wider user base while embedding approvals, role checks and audit trails in Dataverse and Power Automate. This balances user productivity with control — a key requirement in regulated finance functions.

4) Reuse and platform convergence​

The same integration fabric (SAP connectors + Data Gateway + Dataverse models) was reused across multiple finance processes (journals, payments, reporting), allowing faster replication and more consistent controls across regions. That reuse is essential to scale low‑code beyond the sandbox.

---

Technical verification: what is factual and what must be configured carefully​

EY’s public numbers and the high‑level architecture are consistent with documented Power Platform capabilities and Microsoft guidance:

• Microsoft documents a supported SAP ERP connector (RFC/BAPI) and an SAP OData connector, both compatible with ECC and S/4HANA when properly configured. The connector supports RFC actions, BAPIs and IDocs, and works with on‑premises data gateways. Deploying it requires the SAP .NET Connector (NCo) and gateway installation on a Windows VM.
• The on‑premises data gateway is the supported pattern for secure connectivity to SAP from cloud flows. Microsoft’s guidance includes gateway sizing, clustering for resilience, and authentication options (Basic, Windows/Kerberos, Entra ID certificate‑based). These steps are essential — misconfigured gateways are a frequent operational failure point.
• Dataverse as the staging and control plane is an intended pattern for enterprise Power Platform solutions: it provides schema, role‑based security, and audit trails that are critical for financial posting scenarios.

Those technical building blocks are publicly documented and consistent with the implementation pattern EY describes. The vendor‑reported percentage improvements (95% lead time reduction; 37% cost savings; 230k hours) are plausible given automation at scale, but they remain organization‑reported metrics — useful for benchmarking, but not independently audited in the public record. Treat these headline figures as indicative outcomes rather than absolute guarantees for other organisations.

---

Real risks — and how to mitigate them​

Power Platform’s ability to accelerate delivery brings a unique set of operational, contractual and security risks. EY’s case illustrates the benefits — but other organisations must be explicit about the following hazards.

1) SAP “indirect access” and licensing exposure​

The legal doctrine of indirect access (aka over‑deployment) is a material risk for any architecture that lets external apps or third‑party systems read/write SAP data. Courts have ruled in favor of SAP in prominent cases (for example, the Diageo litigation), where third‑party gateway systems or portals were found to give indirect usage that required additional named user licenses. This is not theoretical: companies have faced multi‑million‑dollar retroactive claims. Organisations must document usage patterns, agree license treatments with SAP, and prefer architectures that limit the number of technical users or use contractually aligned API access models. Mitigations:

• Run a full SAP license entitlement and usage audit before rolling out mass Power Platform integrations.
• Centralise heavy writes under a small set of audited technical users or service principals where contracts permit.
• Keep legal and architecture teams engaged; document the integration pattern and runtime controls for audit readiness.

2) Shadow IT, governance and ALM debt​

Low‑code empowers citizen developers but also multiplies the risk of ungoverned apps, inconsistent data models and security gaps. Without a Power Platform Center of Excellence (CoE), organisations quickly accumulate technical debt and compliance exposure. EY’s program succeeded in part because it standardized patterns, approval flows and controls; others must build equivalent governance.
Mitigations:

• Create a CoE that enforces environment strategy, templates, approved connectors and ALM pipelines.
• Enforce runtime telemetry and cost controls for Dataverse and Power Automate flows.

3) Hidden cloud and AI consumption costs​

Power Platform line items are often smaller per user than full SAP seats, but large‑scale automation, Copilot/AI usage and Dataverse storage can generate significant Azure consumption (compute, storage, model credits). Budget surprises are common if consumption is not instrumented and capped. Copilot Studio adds agent credit metering that must be managed to avoid runaway costs. Mitigations:

• Instrument Power Platform environments with cost telemetry and set consumption budgets.
• Use monthly Copilot credit limits and environment‑level caps for agents.

4) Performance and SAP CPU impact​

Even though the SAP ERP connector uses API/BAPI layers (which are typically lighter than GUI interactions), large-scale programmatic writes can still increase CPU/DB load on SAP servers. Plan performance testing and throttle bulk posting windows to avoid impacting transactional SLAs. Microsoft documentation explicitly warns about gateway and connector sizing considerations.

5) Security, auditing and data residency​

Moving staging data into Dataverse introduces new storage points for sensitive finance data. Enterprises must ensure encryption, retention and data residency compliance, and tie Dataverse audit trails into finance audit processes. Copilot Studio agents and AI-driven steps require additional scrutiny to avoid accidental data exposure via prompt logs or agent outputs. Mitigations:

• Apply least privilege access and conditional access policies for agents and service principals.
• Integrate Dataverse audit logs with SIEM and regular access reviews.

---

Practical governance checklist for CIOs and finance leaders​

• Inventory and rightsize SAP licenses, document where Power Platform will read/write SAP data, and confirm contract alignment.
• Stand up a Power Platform CoE to manage approved templates, connectors and ALM/CI pipelines.
• Configure the on‑premises data gateway in HA clusters and install SAP NCo as required by Microsoft guidance.
• Design integrations that centralise heavy writes under a limited set of technical service principals to reduce indirect access surface.
• Instrument cost and consumption telemetry for Dataverse, Power Automate and Copilot/agent credits; set caps and alerts.
• Build a compliance playbook — audit trails, approval gates, retention policies — that meets finance/regulatory requirements.
• Run pilot scopes with clear KPIs (time saved, license delta, error reduction) before scaling.

---

What EY’s experience proves — and where to be cautious​

EY’s results are a powerful demonstration that modern low‑code platforms can complement legacy ERPs: speed, democratization and cost avoidance are achievable without replacing SAP. The PowerPost and PowerMatch programs show the pragmatic path: keep SAP as the single source of truth, move UI/UX and orchestration to Power Platform, and use Dataverse as the control plane.
However, the most important lessons from EY are organizational, not purely technical. Success requires executive sponsorship, cross‑functional governance (legal, procurement, SAP licensing), and an operational muscle that can manage gatekeepers such as the on‑premises gateway, agent identity, and cost controls. Headline figures (95% lead‑time reduction, 230k hours saved) are compelling — but they should be treated as outcome examples to benchmark against, not as guaranteed results for other firms without similar scale, governance and investment.

---

Final assessment: a balanced verdict for WindowsForum readers​

• Strengths: The EY program is an exemplar of applying Power Platform to remove friction around SAP — giving users faster UX, lower transaction cost and repeatable integration patterns. The technical building blocks are mature and documented: SAP connectors, Data Gateway, Dataverse and Copilot/agent tooling are production-ready and supported.
• Risks: The largest exposures are contractual (indirect access), governance/ALM debt, and hidden consumption costs. Industry precedent around SAP indirect access makes preemptive legal and license strategy non‑optional.
• Recommendation: Treat Power Platform as a force-multiplier for SAP-centric finance functions — but operationalize it with a CoE, license audits, gateway HA, cost telemetry and a legal playbook before scaling beyond pilot deployments. Start with a tight set of KPIs, document the integration patterns exhaustively, and use a small number of controlled service principals for writes to SAP when license exposure is uncertain.

EY’s experience demonstrates a pragmatic future for enterprise ERP modernization: you do not have to replace the ledger to modernize the work that surrounds it. With disciplined governance and a cross‑functional operational plan, Power Platform can free finance teams from repetitive toil, reduce reliance on expensive third‑party posting tools, and unlock automation at scale — while preserving SAP’s role as the authoritative system of record.

---

Source: Microsoft EY transforms its global finance operations by integrating SAP with Power Platform | Microsoft Customer Stories