Alternative Risk Finance Part 3 – Cell Company 101

| 02-11-2020 | Mark Roelands | treasuryXL

The introduction to a most utilized form and key alternative to a traditional captive

As described in this series: an in-house insurer can be of great added value to your company. In the current hard insurance market, the possibility to utilize an own vehicle instead of the turbulent market is a direct and tangible benefit. But it is not a free alternative, the cost of setup of an insurer and operating it in a compliant manner might be too high to generate an overall positive business case. That issue is being addressed in utilising a centralised facility taking care of a.o. most of capitalisation and compliance matters, while the risk taker can operate an in-house insurer. This light-weight route is what can be named a “Cell Company”.

A Protected Cell Company, Incorporated Cell Company, Segregated Accounts Company, Segregated Portfolio Company are all different names for a centralised facility each buidling on local legislation, which we will collectively name “Cell Companies”.

In this part of the series of Alternative Risk Financing the generalised concept of a Cell Company is described.

Structure explained

Where a fully-owned captive insurance entity imposes the full requirements on the parent company, the Cell Company utilises a centralised facility, a “Core”, which provides the infrastructure to be leveraged by multiple insurance entities. In the illustration the full hexagon is the Cell Company, with the Core representing the infrastructure.

The Small grey hexagons represent the Cells, which are segregated units within the facility and which belong to a specific client. Assets and Liabilities and legally segregated from other Cells and the Core. Cell A will for instance belong to Company A, while Cell B belongs to Company B. In most Cell Company structures the number of cells is not limited to 8 but is practically unlimited. In order to generate the segregation a split is made between Cellular Assets and Cellular Liabilies (the A-H hexagons) and non-cellular assets and liabilities (The Core).


Owning Cell A will enable a client to participate in an insurance program in a compliant manner, while building on the centralised facility which provides both a compliant governance structure, as well as the required capital amount.

As an individual client a key requirement however is to fund the ‘risk gap’, any open underwriting exposure being retained by the Cell needs to be collateralised somehow. Either via a guarantee. Letter of Credit, Capital or perhaps reinsuring more of the cover. This also ensures that each cell is able to sustain itself.

Key question: Is it safe?

Leveraging on the infrastructure of another company, which also facilitates other companies raises the obvious question: is it safe? Are my funds secure, and can I be held liable for the liabilities of other companies?In short: Yes it is safe … but …it builds on carefully drafted agreements, hence careful due diligence is required.

Basically, it comes down to default legislation of the domicile involved. In the Netherlands for instance there is no separate legal form of a Cell Company, and legal segregation critical fort he structure cannot be achieved. In Malta the for instance the “Cell Companies Act” recognizes the type of entity and segregation involved. A recent Montana case also recognized the structure including legal segregation.

Domiciliation

As mentioned several times, in order to make use of a Cell Company, legislation needs to be in place recognizing this particular form of a captive. Domiciliation is one of the the key considerations when an alternative risk finance structure is considered, as has been explain in Part 1 and Part 2 of this series.

In the Netherlands the required legislation for a Cell Company is not available. Within Europe therefore either Malta, Guernsey, Isle of Man or Gibraltar needs to be utilised. With Malta having the edge being within the EU. Ireland and Luxemburg have hinted on establishing Cell Company legislation as well, but Brexit (and moving insurance companies into these domiciles) has shifted supervisory priorities and no information has been published on any plans for a few years now. While Vermont is often the go to domicile within the US, there are more States with Cell Company legislation like Montana. Establishing a Cell Company close to an office of your company could be regarded to be beneficial. Vermont however does have an extensive captive servicing industry which is also a benefit.

Within Asia Vanuatu or Labuan would be interesting domiciles and the popular captive domiciles of Bermuda and Cayman Islands also both enable Cell Companies, and both have a solid supporting industry. This however needs to pass tax requirements in the organisation.

What’s next?

In Part 1 and Part 2 Captive Insurance and Building the Business Case is described. A Cell Company can possibly allow a business case to be positive, as the cost of operating and capitalising the Company is much lower then a fully-owned Solvency II compliant Insurance company. For building the business case please review Part 2, but when considering a Cell Company also take the following into consideration:

  • Due diligence on the Cell Company itself
  • Lock-in effects with a facility provider: brokers and insurers provide the facilities, but there are also some independent facility providers

This may unlock the potential for an in-house insurer allowing you to pool your risks centrally and finance them in the most efficient manner, while operating in the most light weight manner.

Check my previous blogs of this serie:

  1. Alternative Risk Finance in a hardening insurance market
  2. Alternative Risk Finance Part 2 – Building the Business Case

 

 

Mark Roelands

Risk and Compliance Specialist

 

 

Only 5 days left until the International Treasury Management Virtual Week 2020

| 16-09-2020 | Eurofinance | treasuryXL |

Don’t miss the Treasury Event of the Year! If you haven’t signed up already, here is a reminder to join this great virtual event with incredible speakers and live sessions.

Virtual Event

Now more than ever, we need to learn and engage with other treasury professionals around the world, so that we can navigate and overcome the unprecedented challenges we are facing.

As the current situation unfolds, the role of the corporate treasurer is evolving and becoming more strategic than ever before. The complexities and function of treasury within the business is changing even more rapidly. The question is: What does the future of treasury look like and how will this affect my team? And where can I turn for world-class advice on building resiliency, supporting the business and addressing future challenges?

Look no further than EuroFinance’s International Treasury Management Virtual Week taking place 21-25 September. It will see world-leading treasurers and economists come together to address these issues, deliver big picture global insights and share the essential granular knowledge you and your team need for the path ahead. In the spotlight will be the latest on cash flow forecasting, supply chain finance, tech, liquidity and FX and payments plus much more.

Speakers and Live Sessions

The line-up of speakers is impressive with the likes of Shell, Alibaba Group, HP Inc., eBay, Finnair, Microsoft, Intel Corporation, Schlumberger, Booking Holdings Inc. and Rio Tinto holding centre stage in one of the 75+ live sessions. But don’t worry if you miss a session, they will be available on-demand for you to watch at a time that suits you.

The custom-built virtual conference platform will bring the experience of a live event to life in a virtual world. It offers plenty of opportunities to network and learn from your global peers, plus a smart calendar to build your schedule.

Free Registration

The great news is, the 2020 event comes without a price tag! It is free for corporate treasurers. So, you can get all the world-class expert knowledge and insights you expect from the leading treasury event without the costs of registration, flights, accommodation or even expenses.

What are you waiting for? Set your treasury team up to thrive not just to survive.

Register for free today!

 

Alternative Risk Finance Part 2 – Building the Business Case

| 09-09-2020 | Mark Roelands | treasuryXL

In this 4-Part series on Alternative Risk Financing, our Expert Mark Roelands highlights upon the importance of Alternative Risk Financing.
Part I reflected the alternatives of risk financing in the current hard insurance market. Now, Part 2 reflects upon the business case and how to build it, in order to enable decision making and finally decide whether to pursue the alternative risk financing route.
Building internal support is critical in getting to the go / no – go decision. Defining the Business Case will go hand in hand with generating internal buy-in by involving internal stakeholders like tax and legal during the analysis process. This blog will be about the business case set up, and how the relevant stakeholders should be involved during the process. The business case setup then is managed together with a companies’ internal dynamic. Let’s find out how to build the business case with the relevant components……..

Building the Business Case

As introduced in Part I, a structured framework is required in order to get to structured decision making. The framework used is the Risk Financing Framework by Roelands GRC Consulting. The main question on whether to start an in-house insurer is divided in 4 sub questions with 4 modules

1. Foundation> Achieve the risk finance objectives

What is your strategy with respect to retaining risks? What risks are you willing to retain?
As a treasury department for instance, the currency exposures are managed and hedged. To a certain degree, hedging is either too costly or priced into forwards (with limited risk transfer implications). This also applies to insurable risk. A certain level of claims can be expected which will either be within the deductible level or priced into premiums. Critical is to understand what volatility is acceptable to the organisation. Stakeholder expectations and requirements can be key determinants. What headroom is available on financing arrangements and on what percentage deviations will supervisors and auditors start to raise questions? What quarterly earnings deviation would be possible, and has Covid19 changed that position? Bottom line, in most alternative risk financing structures the corporate retention is increased, and a crucial question therefore is when a negative scenario unfolds are you able to defend the impact of the insurable risk retention?

What is the ultimate objective to be achieved? 

2. People & Organisation > Matching the organisation, policies and people

How would an in-house insurer fit within your organisation? This is about aligning internally on the conditions that need to be met for an in-house insurer. There are several countries or domiciles, and several forms of captive insurance which are possible. Within the organisation risk management resources and governance structures need to be aligned. Hence,

What form of captive would match your organisation best? 

The trend in domiciliation, which is strengthened by BEPS, is offshoring or onshoring and to choose a domicile where there is substance. A treasury centre domicile would be a good alternative, as is the HQ domicile or certain domiciles which have a big captive insurance support industry. Within Europe, this would be Ireland, Luxemburg, Guernsey or Malta. Going outside of the HQ domicile may have some obvious tax consequences that will need to be addressed with the colleagues from tax. A Cell Company could be an interesting alternative, but it is important that this is understood correctly within the organisation (more on this in Part 3 of this series). The Legal department will need to be involved, and as this will have domiciliation implications, the Tax department as well. As a larger part of risk is retained within the company, it is critical that risk management processes are directed to managing the risk, and certain functions may need to be involved as well. For instance when employee benefits is a risk to be underwritten, then HR will definitely be involved as coverage provided is key.

Depending on the type of captive that is established and in what domicile certain governance structures may need to be established (for instance in the Netherlands, the Corporate Governance Codes applied as a captive is an NV, implying 2 independent members of the Supervisory Board), service providers need to be found and external resources may need to be purchased. These will often become partners which the company will be working with for multiple years, so how will they be selected? Brokers and insurers offer their captive or alternative risk finance facilities, which may be very good, but there is a certain lock-in aspect to it.
Therefore, decisions need to be considered carefully.

3. Processes > Adaptive, effective and efficient operations

Relevant processes need to be established or adjusted to fit the new situation. From an operational point of view, adjustments will need to be made to ensure effective and efficient operations.

  • Premium setting: Premiums will be based on indications received during the business case setup and claims analysis. Furthermore, they need to be allocated to operating companies on an arms’ length basis. This will require some analytical input. Usually, a fronting insurance company is involved in taking care of premium collection and direct policy issuance. Otherwise, that will need to be done by the captive as well.
  • Claims handling: Which parties are involved in loss adjustment? Who is able to authorise claim payments? Will the fronting insurance company take care of it? As treasury or insurance function, there will already be some involvement. Retaining more risk provides a clear incentive for advancing control measures.
  • Cash Management: Which bank is used by the captive insurer, and can it be connected to the cash pool? Different cash pool structures may have different capital implication.
    For example, a Protected Cell Company may need to use a bank account outside of the home jurisdiction.
  • Investment: Can the captive return liquid assets to the parent company?, or do local regulations require some investments to be held in certain (liquid) categories like government bonds?
  • Capitalisation: the minimum level depending on the risk underwritten within the EU is EUR 1,2M, but usually the capital required is a multiple of this figure. Key benefit of a Cell Company is the capital efficiency (more on this in Part 3)
  • Reporting: Usually done quarterly to the regulator and depending on internal requirements on a monthly basis

Sub question for the third part: How to align processes operationally, and to highlight relevant action points which will need to be addressed once a go-decision is made.

4. Data and Technology > Generating an optimal Total Cost of Risk

Deciding on whether or not to start an in-house insurer requires a well worked out quantified business case, based upon different scenarios in order to judge the risk appropriately. In order to generate a fair comparison, a total cost overview will need to be made. This compares the total costs, which will be paid externally i.e intercompany flows like premium to the inhouse insurer will thereby be excluded. Sub question of part four is whether the business case makes sense from a financial perspective. Which costs are in scope will be determined by the analysis resulting from the previous 3 steps.  The simplified example business case below describes an imaginative Netherlands based captive insurance company. Although figures are purely indicative, the size of the amounts is representative of a captive business case.

Example Financial Business Case
x 1.000 Continuation – Expected Captive – Expected Captive – Negative
 
Total External Insurance Premium 10.000 7.500 7.500
Total Losses Retained
Below deductibles 1.000 1.000 1.000
Above (sub) limits 0 0 0
Excluded cover 0 0 0
Within in-house insurer 0 750 5.000
Operational costs
Insurance Premium Tax 2.100 2.100 2.100
In-house insurer costs 0 350 350
Insurance function costs 200 250 250
Risk Management costs 15 15 15
Total Costs 13.315 11.965 16.215
Change 1.350 -2.900
Capital Required 3.800 3.800

Premium observations

  • Sufficient premium volume is required. In the example, EUR 2,5 M premium reduction is assumed which will then be retained in-house and thereby is not part of the total (external) cost.
  • IPT will also have to be paid on the captive premium (@21% in the Netherlands)

Losses retained observations

  • Flip side of a significant premium reduction is a significant retention in the captive. In the below example at least EUR 5M is assumed, which will be hit in the negative scenario.
  • Usually this is complemented with an annual aggregate limit in order to limit losses in the entity
  • Part of the business case setup entails a careful claims analysis to make appropriate assumptions

Cost observations

  • Operational costs : accounting, actuarial, audit, independent supervisors as well as a cost allocation for the time used from the insurance manager/function
  • This will need to be outlined in different scenarios for decision making

Overall observation

Bottom line, in the expected scenario here a positive result is projected, but when an incident occurs a negative result (compared to traditional insurance) is projected. This is a very common trade-off requiring a deliberate choice.

Summary

Deciding to start captive insurance is a structural decision (and forms a multiyear commitment) requiring a structured approach, it may help to involve external expertise from a broker, insurer, actuaries, or independent consultants as each business case is specific. The overview in this blog however does describe the main steps and considerations to be taken. When this business case is carefully set up, assumptions clearly described and financial projections are well worked out, this then already provides a solid basis for applying for an insurance license. The initial effort will pay-off at the end, so do not rush the decision making process

This is Part 2 of the Alternative Risk Finance Series, Part 3 will be “Cell Companies 101” and Part 4 will be “Risk Trading and Future Alternative Risk Finance”. Together this generates an overview of the current and future landscape of alternative risk financing.

 

 

Mark Roelands

Risk and Compliance Specialist

 

 

EuroFinance International Treasury Management Virtual Week 21-25 September 2020

| 25-08-2020 | Eurofinance | treasuryXL |

The pandemic sent shockwaves through global financial markets and confronted businesses with extreme scenarios.

Virtual Event

Now more than ever, we need to learn and engage with other treasury professionals around the world, so that we can navigate and overcome the unprecedented challenges we are facing.

As the current situation unfolds, the role of the corporate treasurer is evolving and becoming more strategic than ever before. The complexities and function of treasury within the business is changing even more rapidly. The question is: What does the future of treasury look like and how will this affect my team? And where can I turn for world-class advice on building resiliency, supporting the business and addressing future challenges?

Look no further than EuroFinance’s International Treasury Management Virtual Week taking place 21-25 September. It will see world-leading treasurers and economists come together to address these issues, deliver big picture global insights and share the essential granular knowledge you and your team need for the path ahead. In the spotlight will be the latest on cash flow forecasting, supply chain finance, tech, liquidity and FX and payments plus much more.

Speakers and Live Sessions

The line-up of speakers is impressive with the likes of Shell, Alibaba Group, HP Inc., eBay, Finnair, Microsoft, Intel Corporation, Schlumberger, Booking Holdings Inc. and Rio Tinto holding centre stage in one of the 75+ live sessions. But don’t worry if you miss a session, they will be available on-demand for you to watch at a time that suits you.

The custom-built virtual conference platform will bring the experience of a live event to life in a virtual world. It offers plenty of opportunities to network and learn from your global peers, plus a smart calendar to build your schedule.

Free Registration

The great news is, the 2020 event comes without a price tag! It is free for corporate treasurers. So, you can get all the world-class expert knowledge and insights you expect from the leading treasury event without the costs of registration, flights, accommodation or even expenses.

What are you waiting for? Set your treasury team up to thrive not just to survive.

Register for free today!

 

Alternative Risk Finance in a hardening insurance market

| 30-06-2020 | Mark Roelands | treasuryXL

Insurance premium rates are reported to increase on average with about 2% in Europe, confirming the overall market trend of a hardening insurance market. Some markets have, however, seen double-digit growth in premiums, like D&O and Motor Third Party Liability. Other markets witnessed important coverage elements actually being excluded from cover, making the premium comparison apples and pears. As Covid-19 is impacting claims experience across all lines as well as causing negative investment returns, the hardening insurance market trend is expected to continue and get worse in 2020. Premium increases are to be expected and retention levels are expected to be increased.

It is therefore critical to work with your insurance broker in time to understand and mitigate effects for the treasury and insurance function. What is the action plan when retentions are being driven upwards or when cover is disappearing? What alternatives are available next to traditional insurance? Will your organisation be forced to retain risk above the risk appetite or accept double digit premium increases?
Although retaining additional risk may not be the worst solution, as premium increases may not reflect the actual risk that is being transferred and there are awareness benefits to being exposed to risks, the possibility to transfer alternatively is very valuable in the current hardening market.

Captive insurance

A captive is an in-house insurer, enabling efficient and centralized risk pooling while providing cover to operating companies and thereby bridging the gap between corporate and local risk appetite. Key arguments for establishing a captive are to smooth the impact of hardening insurance markets as well as provide additional flexibility in cover. The current market environment is therefore a textbook example for establishing an insurance entity. However, a captive is a licensed insurance company that comes with added costs and a compliance burden. This is especially true since Solvency II became active in 2016. As a general rule of thumb a minimum threshold of captive premium of EUR 2Mio would be required for a Dutch based captive, allowing for claims expenses (70-80% claims ratio), operating costs as well as building some reserves. Establishing a captive in other jurisdictions can make sense, as the route to licensing might still be feasible in 2020 (for the Netherlands at least 6 months are to be expected) as well as the opportunity of some more light-weight operational structures.

An interesting alternative to the fully owned, traditional captive is a Cell Company; either an Incorporated Cell Company (ICC) or Protected Cell Company (PCC). These alternatives provide the benefit of a shared structure (including initial capitalisation) and enable a ring-fenced environment for your organisation. In order to arrange that ring-fencing, specific legislation is required, which is found in Malta in the EU. Guernsey (leaving tax considerations aside) might be very interesting as well. Ireland and Luxemburg did give some hints for establishing cell company legislation but after Brexit this was delayed indefinitely. A Cell Company can provide the same functionality as a fully owned captive, but treasury and insurance will have to work with legal and tax to get a solid business case in place in order to address questions proactively.
Both Aon-Willis and Marsh have Cell Companies and would be able to assist, but insurers can also facilitate this (which has a lock-in effect) while there are also more independent providers like Artex, SRS (completing the top 5 of largest captive managers 2020) and firms like Atlas or Robus which can potentially be of added value as well.

Parametric Insurance

Next to captive insurance, parametric insurance is a promising route to follow.
Parametric insurance has historically been connected to weather insurance (e.g. rainfall exceeding a threshold leading to a pay-out) as well as longevity cover for pension funds (in the form of Insurance Linked Securities, Longevity Swaps). Parametric products enable a highly transparent and quick risk transfer and enable the route to other markets than the insurance market. A parametric product can be structured in an insurance structure but in a derivative structure as well. Conceptually an insurance-linked derivative will not be different than the plain vanilla currency instruments that are traded.

Covid is also attracting significant attention for parametric cover, as lockdown measures can be clear-cut triggers for parametric cover. Most importantly, for parametric cover clear risk information and data analysis is required and both are increasingly available. Increasingly better data and analysis techniques enable to minimise basis risk i.e. the risk in which an incident occurs but the derivative trigger is not being met. For instance site-specific weather stations are set up to ensure rainfall or water level at your organisations’ sites are being monitored. Increasingly, non-weather risks are being covered, for instance Ryskex GmbH and Axis Capital have worked together to develop  parametric cyber-insurance cover.

Where traditional insurance has deductibles and exclusions, parametric risk transfer has basis risk which needs to be managed. Next to that other operational processes may be impacted, claims management for instance and therefore it is recommended to make a well founded and analysed decision.

Roadmap

Starting financing risks in a different manner is not a decision to be made in isolation and to be done quickly. It is a structural decision requiring a structured approach. In our practice, we use our Risk Finance Framework which is composed of (1) Foundation, the objectives to be met (2) People & Organisation, matching the organisation, policies and people involved (3) Processes, adaptive, effective and efficient (4) Data and Technology, the business case based on solid risk information.

In our view, this provides a very practical and structured approach allowing stakeholders like tax and legal to be involved throughout the process. Back planning from a January renewal date, it is critical that conversations with your broker and insurers are taking place in order to ensure no last-minute surprises are presented as a treasury or Insurance professional. In parallel, the (internal) business case can be analysed in order to make a decision.

Therefore, it is recommended to start preparations early, or actually on an asap basis.
Alternative Risk Financing can be highly interesting, but it is not an instant go-to solution and requires some preparations.

 

 

Mark Roelands

Risk and Compliance Specialist

 

 

Corporate Governance and Treasury | Embrace the Corporate Treasury Policy

| 18-02-2020 | François de Witte | treasuryXL |


Corporate Governance

Corporate Governance is a mechanism through which boards and directors can direct, monitor and supervise the conduct and operation of the corporation and its management in a way that ensures appropriate levels of authority, accountability, stewardship, leadership, direction and control.

The ultimate responsibility for Treasury management within an organization lies with the board of directors. Due to the practicalities and technical aspects involved in corporate treasury, the board typically delegates the daily management of risk to responsible individuals in each department. In the case of financial risks, many of these are delegated to the treasurer.

Whilst, due to its specific activities, the corporate treasurer needs to take a lot of actions and decisions independently, it is important that he does this within a framework and Governance. Quite a lot of corporates have formalized this in a “Corporate Treasury Policy”.

Corporate Treasury Policy

The Corporate Treasury Policy is the mechanisms by which the board, or risk management committee (RMC), can delegate financial decisions in a controlled manner. This document should be a summary of all the principles approved by the Board or the Financial Committee of the Board as a mandate of the Board to the treasurer (the Treasury Mandate).

The Corporate Treasury Policy is a framework document, which covers the following areas:

Organization of the Treasury Function

In most of the companies, the Corporate Treasury Reports to the CFO. The CFO is usually himself a Member of the Executive Committee, which itself reports directly to the Board of Directors. (Treasurer – CFO – Treasury Committee – Audit Committee – Board):

A policy should set out clearly which decisions are delegated to the treasurer and when the treasurer should refer a decision back to the board or other person within the organization. Within several corporate, the Board of Directors have delegated the decision process to dedicated committee, like the Risk Committee, and the Liquidity and Funding Committee.

Treasury Control Framework (including the Code of Conduct)

Procedures and controls to manage the risk should be put in place to provide an overall framework for decision-making by the treasury team.

Ideally, this should also include a code of conduct. The Corporate Treasurer should act as a Corporate Custodian. In other words, he is Protector of the company’s assets, and should act according to a strict Code of Conduct and Ethics. There exist examples of codes developed by professional organizations such as IGTA, ATEB, AFTE, ACT and ATEL.

Liquidity and funding

The board should be informed about funding possibilities to put currency, maturity, cost and equity/debt character into a wider context. The board should decide on the strategy but can delegate fund raising decisions and actions to treasury. However, I recommend that Treasury asks the final board approval for strategic decisions (e.g. major syndicated loans, bond issues, etc.).

The board should have an overall view on the liquidity risk of the company. The Board should also define the financial policy, covering the gearing and maturity issues, fixed and variable interest rate obligations, dividend policy and covenants.

Banking Relationship

Banks chosen by the treasurer must be able to meet the needs of the organization, both domestically and internationally. I recommend that the Board approves annually criteria for selecting the banks with whom it will work.

Risk Management

The Treasurer must identify the various risks to which the company is exposed, quantify the impact, and should inform the Board thereof. He should estimate the size of these exposure risks and their impact on the he overall operations and financial performance of the company, and make recommendations in these areas

The board must approve the hedging policy, the company’s foreign exchange, interest rate and commodity risk management policy and its attitude to risk. It should define which part of the risks must be hedged and the hedging horizon. I recommend that the Treasurer submits at regular intervals to the Board the list of authorized instruments, the amount per instrument and their term

Investment Policy – Counterparty Credit Risk

The board should approve the treasury’s Investment policy including the choice of instruments, the list of counterparties used + the maximum amount/counterparty & maturity. It is recommended that the Board provides guidelines and limits per instrument.

It is recommended that the Board approves the guidelines for fixing counterparty limits, and maximum exposure per counterparty.

Authorized instruments and Arrangements – Authorized Approvers

The Treasurer should make sure that the board must understands and approve the strategies and instruments used and sets guidelines for the appropriate limits for their use. These guidelines need to ensure that treasury has not sacrificed long-term flexibility or

survival for short-term gain, especially in view of the volatile financial market’s situation.

Treasury Operational Risk

The treasurer should make the Board aware of the operational risks to which the company is exposed. He should provide recommendations in this area. Furthermore, the treasurer should also submit recommendations to the board on the treasury organization and the ways to reduce the operational risks.

Monitoring

A Corporate Treasury Policy has only sense, if there is a regular follow up and control framework; Hence procedures and controls to manage the risk should be put in place to provide an overall framework for decision-making by the treasury team.

It is also important to provide to the Board a regular update on the way the treasurer complies with the policy. The policy should also be regularly reviewed.

Treasury must alert the board to external changes and internal strategic developments, which may have long-term implications for the organization and make proposals for managing them.

The policy needs also to be reviewed at regular intervals each “Policy” in function of the market and of other internal or external developments. I recommend having treasury on the Board’s agenda on a quarterly basis.

Conclusion

Treasury is not an island in the company. It is closely linked to the corporate governance. Hence it is important to define the right framework.

I recommend to corporates to put in place a treasury policy validated by the Board of Directors and reviewed regularly. It is important to update the Board at regular intervals about strategic topics, such as strategic financing topics and risk management.

The treasurer has also an important educational role, as he must be able to make complex treasury topics understandable for the board members.

Hence there must be a good interaction between the treasurer, the CFO and the Board is key, where the Treasurer is the linking pin.

 

François de Witte
Founder & Senior Consultant at FDW Consult
Managing Director and CFO at SafeTrade Holding S.A.
treasuryXL ambassador

Managing treasury risk: Operational Risk (Part VII)

| 21-3-2017 | Lionel Pavey |

 

There are lots of discussions concerning risk, but let us start by trying to define what we mean by risk. In my last article on how to manage treasury risk I will write something about operational risk. The Bank for International Settlements (BIS) defines this as “the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events.  If you want to read my earlier articles on managing the different treasury risks please refer to the complete list at the end of today’s article.

 

Whilst this is the last article in this series, it is actually – potentially – the most significant risk that a company can face, as there are many different ways that a loss could occur, together with the fact that when it happens the amount lost can be very large. Even if the size of the loss could be considered small, there is always the threat of reputation risk which, once identified, is very difficult to erase from the memory.

While it is possible to insure against rogue trading for a company (the risk present in the Treasury function can be quantified and qualified) it is very rare that damage is caused by just one individual – a financial version of the lone wolf theory. Operational risks tend to be interlinked – a fraudulent payment could be initiated by human involvement (either as fraud or human error) and facilitated by weak processes together with insecure technological systems.

There are 2 main areas of operational risk within treasury for a company

  1. Internal
  2. External

There are 3 main categories of operational risk within treasury for a company:

  1. Computer System, Information Technology
  2. Theft and Fraud
  3. Unauthorised Activity

Computer System, Information Technology

A lack of robustness and deficiencies in the technology and systems contribute to circumstances for failures, errors, data losses, corruption and fraud. Internally considerable care and attention should be given to the protocol for Static Data. This encompasses all the relevant reference data for a counterparty and should be subject to at least an input and verification procedure before entering the computer system. Changes to Static Data have to be recorded, together with the proper paper trail and authorization matrix. Externally the risks relate mainly to illegal entry (hacking), together with the complete theft of data.

Theft and Fraud

Both internally and externally main areas include:

  • Theft – both physical and electronic
  • Extortion
  • Embezzlement
  • Forgery
  • Misappropriation
  • Willful destruction
  • Bribes
  • Kickbacks
  • Insider Trading

Unauthorised Activity

From the Treasury point of view, this is an internal activity and mainly relates to 2 types of transactions – unauthorized by transaction and or type; transactions that are not captured in the system and reported. These can lead to monetary losses (though a gain is possible – at the price of an operational risk), together with loss of reputation.
The last category clearly shows where the biggest risk occurs within a company – at the human level. Generally speaking, these are caused by incompetence, lack of knowledge, misuse of power or compulsion to act caused by external factors – extortion.
It is clear therefore that whilst the electronic systems employed by a company can be a liability if not properly programmed or safeguarded, even here, most of the errors can be traced by to human intervention.

So why are the human risks so often underestimated? Naturally a company wishes to have the feeling that its staff can be trusted (within reason). After all, the company felt that the staff were the right people to employ. It is not my intention to formulate the reasoning and thinking of people who perform illegal acts. However certain areas that can be considered include how staff are treated; the demand placed on them; the rewards given; the levels of transparency and inequity within the company; a closed-off attitude (problems in one department are kept within that department and not discussed throughout the company); the role model set by owners, directors and managers; loss of personnel, reduction in morale; disinterested and unmotivated staff.

 Solutions

An effective framework of operational risk management needs to be designed and implemented within the business. This requires input and commitment from all departments within the company, meeting one agreed standard and not being shaped to every individual department’s wishes. The framework has to run and meet the requirements for all different strategies within the company.

I wish to finish with 2 examples of operational risk to illustrate how large they can be.

In 1995 the world’s second oldest merchant bank (Barings Bank) collapsed due to the actions of a rogue trader. Corruption and a lack of internal control led to a loss of GBP 827 million.

Around the same time I was employed as an international money broker working in the interbank market and travelled every day from The Hague to Amsterdam via train. As I knew the route off by heart, I read all the time – magazines, papers, books – anything. I purchased a book called “The Cuckoo’s Egg” as it seemed interesting and would pass the time away sitting on the train.
The synopsis told me that an unreconciled accounting discrepancy of just 75 cents would lead to a world of computer espionage and spies. I highly recommend reading the book to understand how a simple error can grow to show the dangers of ignoring operational risks. If you like acronyms then you will enjoy reading about the FBI, CIA, NSA and KGB – all hacked via a UNIX server at a laboratory linked to the University of California.The story is true and threatened national security.

Trust people – but do not place temptation in their way.

Lionel Pavey

 

 

Lionel Pavey

Cash Management and Treasury Specialist

 

 

More articles of this series:

Managing treasury risk: Risk management

Managing treasury risk: Interest rate risk 

Managing treasury risk: Foreign exchange risk

Managing treasury risk: Commodity Risk

Managing treasury risk: Credit Risk

Managing treasury risk: Liquidity risk

Safety of payments

| 3-1-2017 | Lionel Pavey | GT News

Fraud and cybercrime protection is of major importance for corporate treasurers. In the past year a new risk had to be added to the list: connectivity. Reports of banks being hacked and losing millions through unauthorised payments appeared more and more frequently and since protecting payment connectivity workflows was not a high priority item on the list of treasurers, it created damage in the industry.
GT News deals with the topic of how to protect payments in their article’ ‘Five tips for keeping your payments safe‘ on december 21st, 2016. We asked our expert Lionel Pavey to comment on the article and give us his own view on how to protect payments.

Safety of payments

As even medium size companies can easily have over 100,000 bank transactions per year, it is imperative for a company to ascertain the validity of all payments so that no fraudulent payments take place.

Authorisation Matrix

It is necessary to embed a clearly defined matrix within the company. This should follow a six-eye principle and be traceable within the payment system – invariably a bank payment system. The matrix should include the names of all those authorized; the amount they may authorize; the distinct legal entities they may represent etc. This data also needs to maintained and secured away from the payment centre (IT or legal department). If a new person needs to be added to the list who implements the procedure – Treasury or IT?

Types of payments

There are various workflows that will generate payments and these should be mapped and a complete process should be designed for each one – procurement system and creditors in the book keeping; financial obligations from the existing financing operations (loans, bonds etc.); tax on wages; social premiums; Value Added Tax (BTW); manual payments normally arising from expense claims and incidental purchases outside the normal procurement channel.

Validity of payments

Normal payments relating to creditors are relatively easy to follow – authorization has taken place in 2 different areas (procurement and book keeping). VAT requires data from book keeping for both debtors and creditors. Tax on wages and social premiums are normally presented just once a month either through the administration/controller channel or directly from HR. The biggest area of concern relates to manual payments.

Manual payments

These generally relate to purchases (normally one-off). The obvious question that arises is why is there a need for suppliers that are not in the existing procurement system? It is not impossible to ensure that there are preferred suppliers for all normal desires. Another source is repayments to debtors that are not balanced off against outstanding balances. If a company does not have dedicated software relating to the financing operations who, beyond the Treasury Department, can verify the amounts and dates? The area that requires the greatest vigilance relates to expense claims. Just because a line manager authorizes an expense claim does not mean that it is always compliant with company policy – this is an area where the onus should be on the controller to validate the integrity of the expense claim. Is the expense a genuine expense made in direct relationship to working for the company? An employee away on business and staying in a hotel is entitled to a meal at the expense of the company, but what is the policy towards alcohol and entertainment? Is the amount being claimed excessive and work related?

Integrity of bank systems

How secure is the bank system? When a batch is prepared for payment and an authorisation code produced, how is the code produced – what are the underlying factors that generate the code? Is it possible to alter the beneficiary’s account number after the batch has been produced? Would an alteration be seen by the system, resulting in an incorrect authorisation code? Banks generally do not provide a lot of information as to how their system generates codes.

Reconciliation

Who can extract data from the bank systems? Does this occur daily? Are all entries processed the following day in the book keeping system? What happens to items that are not immediately reconciled?

Conclusion

With regard to standard procurement, it should be easy to construct a solid working system that can be followed at all times. Manual payments are a weak link and a serious amount of time and effort has to be used in constructing a strong framework that has to be enforced and maintained at all times.

Lionel Pavey

 

 

Lionel Pavey

Cash Management and Treasury Specialist