Every modern age application system have a facility to block vendors. SAP to my knowledge has more elaborate facilities like 'Posting Block' and 'Payment Block'. When the business user applies a system block to a vendor, one would generally assume that the block would be applied to a specific vendor code. Now in the eventuality that a single vendor name has multiple vendor codes one could hypothesize that the block would apply to one code while the other code/s could be free from a block and thus susceptible to unauthorized payments.
IDEA can be used to identify cases reflected above -
a. Download the Vendor Master file from the application system. Import the same into IDEA using the Import Assistant.
b. Using Duplicate Key Exclusion check for the same 'Vendor Name' having multiple or different 'Vendor Codes'
c. On the Duplicate child file generated in b. above apply a Direct Extraction to identify unblocked vendors amongst the multiple codes per vendor.
d. Now download the Vendor Payment file from the application system. Import the same into IDEA using the Import Assistant.
e. Take the Vendor Payment file as the primary database. Use Join and select the Direct Extraction child file generated in d. above as the secondary database.
f. Set the matching key field as 'Vendor Code'. Check 'Matches Only'. The Join will reveal all unauthorised payments made to unblocked vendors.