Ottimate vs Quadient AP vs Esker for AP Automation

For a multi-location services company running check payments through Ottimate's VendorPay module, positive pay file generation is built into the payment execution workflow. After each check run, Ottimate supports positive pay by providing a file including issued check information upon payment execution; this file is formatted to your bank's specifications and is sent on an hourly basis. The setup process requires the buyer to submit Bank of America's file specification to Ottimate, which then configures the output accordingly. Ottimate currently supports .txt and .csv file formats, and the file may be delivered via email, FTP/SFTP, or SFTP with SSH. This is a contractual commitment: Ottimate will facilitate the positive pay file in the customer's bank preferred format at no charge for all Vendor Pay customers. Note that positive pay setups can take 2-4 weeks to complete based on the partnering bank.

For a $120M multi-location services company running bi-weekly check runs through Bank of America, Quadient AP does list Positive Pay as a named section within its Payments Module. The Payments Module navigation includes a 'Positive Pay' section alongside filtering and reporting capabilities. Separately, Quadient AP offers a 'Payment File' (Bring Your Own Bank) option that allows buyers to process payments through their own bank rather than Quadient's payment partners. The Payment File solution allows use of the buyer's own bank for processing payments through Quadient AP, described as a custom-built solution and an alternative if the buyer cannot use one of Quadient AP's standard payment providers. Critically, this custom path is not a self-service format builder: eligibility and requirements differ depending on the buyer's bank file formats, and the buyer must contact their Customer Success Manager to determine fit. No public documentation names Bank of America's fixed-width positive pay format specification as a pre-built or configurable template inside either mechanism.

Your team runs bi-weekly check runs and needs a Bank of America-formatted positive pay file transmitted after each run to enable BofA's CashPro fraud-matching service. Esker's payment module, Esker Pay, documents payment approval workflow automation and supplier bank account verification through a Sis ID FinTech integration, which flags changes to supplier banking details during onboarding. However, no documentation found across Esker's product pages, help center, or published datasheets describes a positive pay file export feature: a formatted output file listing issued check number, amount, account, and date that a buyer transmits to their bank after each check run. The distinction matters: Sis ID-based bank account verification screens supplier records before payment execution, while positive pay file generation is a post-run outbound file in a bank-specific format (Bank of America requires a fixed-width layout) that the company uploads to BofA's CashPro portal.

For a multi-location services company with AP approvers going on PTO, Ottimate provides a 'Stand-in Approvers' feature within its Advanced (Rule-Based) Approvals tier. An administrator or any user with 'Manage Users' permission navigates to Settings > Manage Users and assigns a stand-in approver for the absent user, specifying an optional start date and end date for the coverage window. Once the end date is reached, the delegation ends automatically and the original approver's routing resumes. The feature sits squarely in the pre-processing journey at the approval stage (step 2 through 5 of the review chain), keeping invoices moving through policy-based routing while the primary approver is away. However, the documentation describes calendar-date fields for start and end, with no documented business-day-aware countdown logic; a buyer who needs '5 business days' would need to manually calculate the correct calendar end date. Additionally, the stand-in must be configured by an admin, not self-initiated by the departing approver, and if no end date is entered the delegation persists indefinitely until manually removed.

For a 6-location services company moving from email-chain approvals to structured workflows, Quadient AP's Approval Channel Delegation feature directly addresses the PTO delegation scenario. A System Administrator (or the approver themselves via their profile) opens the Vacation Coverage menu, selects a delegate user, and sets a Start Date and End Date for the temporary coverage window. During that window, the delegate sees all pending invoices and POs in their Approvals tab, and the audit trail records every action as 'Delegate approved on behalf of Approver.' This operates at the approval routing stage of the pre-processing journey (step 5 in the legitimacy-to-cost-allocation chain). However, the buyer's specific requirement is automatic expiration after a defined period (e.g., 5 business days), and the documented mechanism uses calendar dates, not a business-day counter: the delegation runs from a calendar Start Date to a calendar End Date, with no documented logic to skip weekends or holidays. There is also no documented auto-trigger that initiates delegation when an out-of-office status is set; an admin or the approver must configure it manually before the absence begins. Chain delegation (Approver A to B to C) is explicitly not supported.

For your three-person AP team processing 1,800 invoices monthly across two Sage Intacct entities, Esker handles approver absence coverage in two ways: approvers who are physically away from their desks can approve invoices through the Esker Anywhere mobile app, and when an approver is on vacation or extended leave, a different approver can be manually added to the workflow to cover the queue. The second mechanism addresses the core absence scenario but relies on a manual workflow modification rather than a proactive, system-managed delegation rule. No Esker help center documentation or product page reviewed confirmed a formal delegation feature with configurable start and end dates, business-day-aware countdown logic, or automatic reversion of approval authority to the original approver upon expiration.

For a $120M multi-location services company transmitting invoice images, GL coding data, and payment instructions across its AP workflows, Ottimate addresses both encryption surfaces on its dedicated security page. For data in transit, Ottimate explicitly documents protection via industry-standard SSL and HTTPS connections, covering all traffic between user browsers, the Ottimate platform, and its integrations with Sage Intacct. For data at rest, Ottimate describes 'robust security and encryption' safeguarding AP data, backed by SOC 2 Type I and Type II certification: the Type II audit validates that encryption controls were not merely designed but actually operated effectively over a sustained observation period, which is the operative compliance standard enterprise buyers rely on. Ottimate also provides role-based permissions, SSO/MFA integration, regular system audits, and a full digital audit trail as complementary access control layers that work alongside the encryption controls.

For a $120M services company moving AP data across 6 locations and 2 Sage Intacct entities, Quadient AP (formerly Beanworks) covers the encryption requirement at both layers the buyer specified. The UK Government Digital Marketplace service listing for Quadient AP explicitly states that "data is encrypted in transit and at rest, and is logically separated and available to the client upon request" (Quadient AP Automation, Digital Marketplace). At the platform level, Quadient's Digital Trust Center confirms the AP product operates under a compliance program that includes encryption controls and is subject to SOC 2 certification, with the program regularly reviewed by internal and independent external auditors. The SaaS infrastructure runs on Microsoft Azure and Amazon Web Services, both of which apply AES-256 encryption for stored data and TLS for data in transit as baseline platform controls, consistent with the SOC 2 CC6.7 expectations that apply to the product.

For a 6-location, 2-entity Sage Intacct shop running invoice processing through Esker's cloud platform, both halves of this requirement are covered by documented Esker infrastructure controls. Data in transit is protected by TLS (Transport Layer Security), described on Esker's cloud platform page as using the same secure protocol standards applied to banking transactions; this applies to all data moving between user browsers, APIs, and Esker's servers. Encryption of data at rest is also available within the Esker on Demand cloud platform and is listed as a security feature on the same platform page, though Esker's documentation describes it as 'optional,' meaning it is an electable configuration rather than a default-on setting. Esker holds ISO 27001 certification for its Information Security Management System, verified by independent auditor A-lign, which provides third-party validation that encryption and related security controls are implemented and managed across the organization.