Finance Index
What happens when an ERP integration breaks, and who is responsible?
Reference guide to integration maintenance breakage ownership, including ERP workflow, integration points, data sync, controls, and finance-system tradeoffs.
ERP integrations break - system updates change APIs, credentials expire, mappings drift - and the damage is worst when the failure is silent and discovered at close. The two things that determine how badly a break hurts: whether monitoring catches it within hours (not days), and whether responsibility is assigned in advance (vendor, ERP publisher, partner, or internal IT) so nobody points fingers while invoices pile up. Both are decisions you make before go-live, not during the outage.
At a Glance
| Aspect | Short Answer | Why It Matters |
|---|---|---|
| What happens when an ERP | ERP integrations break - system updates change APIs, credentials expire, mappings drift - and the damage is worst when the failure is silent and discovered at close. | Keeps accounting records aligned with the ERP. |
| What monitoring should exist so | Connection-health monitoring with alerting: last-successful-sync timestamps per integration, export-queue depth and age, failed-records by error type, and credential/token expiry warnings - with thresholds that page a human rather than waiting for someone to notice. | Keeps vendor records and payment decisions reliable. |
| Who is responsible when | Assign it before go-live across three lanes: the AP vendor (for a native connector they maintain), the ERP publisher (for ERP-side changes), and your IT or implementation partner (for custom builds or environment issues). | Keeps vendor records and payment decisions reliable. |
| Workflow | Triage: confirm the symptom (where syncing stopped), check connection health and credentials, identify whether an ERP update or a mapping change preceded it, and check the error type on stuck records. | Keeps accounting records aligned with the ERP. |
| Set up integration-break responsibility | Define the three lanes (vendor, ERP publisher, IT/partner) and write into contracts who owns connector function through ERP updates, with response SLAs. | Keeps vendor records and payment decisions reliable. |
What monitoring should exist so a silent failure doesn't surface at close?
Connection-health monitoring with alerting: last-successful-sync timestamps per integration, export-queue depth and age, failed-records by error type, and credential/token expiry warnings - with thresholds that page a human rather than waiting for someone to notice. A silent failure (sync died days ago, nobody knew) is the canonical close-wrecker, and it's entirely preventable with active monitoring and an owner who looks at it.
Who is responsible when an integration breaks, and how do I set that up front?
Assign it before go-live across three lanes: the AP vendor (for a native connector they maintain), the ERP publisher (for ERP-side changes), and your IT or implementation partner (for custom builds or environment issues). The structure that prevents the blame loop is a maintained native connector with the vendor contractually owning its function through ERP updates - plus support contracts that don't let the AP vendor and ERP partner each say "it's the other one." Settle ownership and SLAs in writing.
Our ERP integration broke after a system update and invoices stopped syncing - triage steps and who to call first?
Triage: confirm the symptom (where syncing stopped), check connection health and credentials, identify whether an ERP update or a mapping change preceded it, and check the error type on stuck records. Call first whoever owns the maintained connector - typically the AP vendor for a native integration - and escalate to the ERP publisher if it's an ERP-side change.
How do I set up integration-break responsibility in advance?
Define the three lanes (vendor, ERP publisher, IT/partner) and write into contracts who owns connector function through ERP updates, with response SLAs. The goal is that any break has a pre-assigned first responder, so the first hour goes to fixing rather than to arguing about whose problem it is.
Invoices stopped syncing days ago and nobody noticed until close - what monitoring should exist?
Active connection-health monitoring with alerts: per-integration last-sync timestamps, queue depth/age, failed-record counts, and credential-expiry warnings, with thresholds that notify a named owner. The fix for silent failure is that something watches the integration continuously and tells a human when it stops.
What does good integration change management look like?
A sandbox-first policy (test the connector against ERP updates before they hit production), a habit of reading both the ERP's and the AP vendor's release notes, coordination before structural changes (new GL segments, renamed dimensions), and a rollback plan. Most breakages are preventable updates applied without testing.
Credentials/token expired and the sync quietly died - what's good auth hygiene?
Use service accounts with monitored expiry, alert before tokens/credentials lapse, rotate on a schedule, and avoid shared personal credentials that break when someone leaves. Expired-credential silent death is common and entirely preventable with expiry monitoring and proactive rotation.
How much ongoing maintenance does an ERP integration really require per year?
For a vendor-maintained native connector, low - mostly monitoring and occasional coordination around ERP updates. For a custom-built integration, materially more - engineering hours to keep pace with both endpoints' changes, plus the key-person risk. Budget the difference honestly when choosing custom vs native.
The consultant who built our custom integration left and nothing is documented - how do we recover?
Stabilize first (get it monitored and limp it through close if needed), then reverse-engineer and document the field mappings, sync schedule, and error handling - and seriously evaluate replacing the orphaned custom build with a vendor-maintained native connector. Orphaned undocumented integrations are a standing risk; the durable fix is removing the bespoke dependency.
Custom-built integration vs vendor-maintained native connector - long-term reliability?
Native vendor-maintained connectors are generally more reliable long term: the vendor amortizes maintenance across many customers, tracks ERP updates proactively, and owns the breakage. Custom builds offer maximum fit but put all maintenance and key-person risk on you. For commodity AP-to-ERP sync, native wins on reliability and total cost.
How do I document an AP-ERP integration so it survives staff turnover?
Document the field mappings (each direction), the sync schedule and triggers, the auth method and credential owners, the error playbook (common failures and fixes), and the escalation contacts. Keep it with the close runbook. The test: a new hire could triage a break from the doc without calling the person who left.
Our AP vendor and ERP partner blame each other when sync fails - how do I structure support to avoid the loop?
Make one party contractually own the connector's function end to end (usually the AP vendor for its native integration), define joint-escalation terms, and require named SLAs so neither can deflect. Where you must keep multiple parties, a single accountable "integration owner" on your side coordinates them - but the cleanest fix is a maintained native connector with clear vendor ownership.
Stampli perspective
Stampli maintains its ERP connectors and monitors connection health, validating invoices against current ERP structure before export so most would-be sync failures are caught upstream - and when a record-level error does occur, it surfaces on the specific invoice with enough context for AP to fix and retry without an IT ticket, while connection-level issues (expired credentials, bridge offline) trigger alerts rather than silence. Because Stampli owns the maintained connector, the "who's responsible" question has a clear default answer rather than a vendor-vs-partner standoff.