Procurement plays a key role in our business's health, involving every department. Understanding our procurement process and sustainable procurement approach is essential, especially as it aligns with our B Corp certification.
To support our commitment to sustainability, please first review our Procurement Policy to see how procurement connects to our B Corp values.
We primarily use Ramp to manage procurement, including any subscriptions. Please note:
- Each subscription should have a unique Ramp card.
- Avoid assigning multiple subscriptions to one card. This simplifies transitions during role changes and prevents disruptions if a card expires.
<aside>
💳 Follow these steps to request a Ramp card.
</aside>
Procurement steps ✅
Subscriptions
-
Evaluate the software:
- [ ] Do we already have a subscription with similar capabilities?
- [ ] If so, could the new software be consolidated with the existing one?
- [ ] How many seats are required? If use is minimal, consider sharing logins.
- [ ] Are the support hours and processes aligned with your team’s needs?
- [ ] Is the software scalable based on department projections?
- [ ] Is it a B Corp (not necessary but if there is two competing services, that have equal offerings - go with the B Corp)
-
Security review (SRE / SOC 2 compliance):
- [ ] Does this tool involve storing or processing customer or team member data?
- [ ] If yes, request a security review by messaging Chris to run it through Vanta.
- [ ] Ensure the tool meets our SOC 2 requirements before proceeding.
-
AI tool check (ISO 42001 — AI Compliance):
- [ ] Is this tool an AI tool or does it include AI features (e.g. built-in AI assistants, LLM-powered outputs, AI-generated content)?
- [ ] If yes, check whether it is already on the approved AI tools list in our AI use policy before proceeding
- [ ] If not on the approved list, raise a ticket in the SRE helpdesk for Chris to review before any data is shared with the tool
- [ ] Confirm whether the vendor processes personal data on Float's behalf — if yes, a DPA is required before activation
- [ ] Confirm whether the vendor will use Float data to train its AI models — this must be explicitly opted out of via the enterprise agreement or DPA
- [ ] Confirm whether the vendor is or should be listed as an approved sub-processor in Float's DPA (check with Chris or Sarah)
- [ ] For any AI tool that will interact with customer data, confirm zero data retention (ZDR) or equivalent data deletion policy is in place
<aside>
More on our ‣
</aside>
-
Assess the cost:
- [ ] What is the billing frequency? If an annual option is available, designate someone to secure the most cost-efficient plan post-trial.
- [ ] DM your Manager, Sarah and Georgie with your business case and cost. Get sign-off from Georgie on the cost (even if it’s a renewal).
- [ ] Ask Sarah or Georgie to do a Ramp review to see if there are any discounts available via Ramp for the new vendor (we can get great discounts on a wide range of vendors for being a Ramp customer) 🤑
-
Complete the subscription process:
- [ ] If the software meets all criteria, log in to Ramp and request a Subscription Spend card. For subscriptions that cannot be paid by card, follow the AP Process.
- [ ] Finally, add the contract details to the Contract Repository and update the Contract Google Calendar.
Service contracts
For service contracts, including freelancers and agencies, please refer to our Engaging Freelancers and Agencies guide. The steps include:
- Ensure the service provider aligns with project goals and budget.
- Submit the contract details in Ramp or follow the AP Process if card payment is not an option.
- Document the contract in the Contract Repository and add it to the Contract Google Calendar.
Best practice: NDAs for new vendors
As a best practice, always use a Non-Disclosure Agreement (NDA) when working with new vendors, especially if you need to share any private data, team information, or proprietary details during the procurement process.