Cash Flow Forecasting – Why having the right tools can prove a significant advantage

| 10-11-2021 | treasuryXL | Nomentia | LinkedIn

Introduction David Kelin



David Kelin is the Managing Director of DNA Treasury Limited. He is a cash management specialist with over 30 years of experience working with corporates and financial institutions. Expertise in helping companies analyse their cash management requirements. He has experience in providing advice on treasury management systems selection. Recently he attended a roundtable discussion on cash flow forecasting for Nomentia, and tells us why cash flow forecasting is a crucial activity for every treasury department.




Round table on cashflow forecasting

I recently chaired a roundtable discussion on cashflow forecasting for Nomentia, a market-leading cash management & treasury solutions provider headquartered in Finland. The group included a cross section of treasury professionals representing a wide range of industry sectors and companies of varying sizes but each shared one common objective: how to best improve their cashflow forecasting processes and methods.

Of the many interesting themes to emerge, one challenge remained agnostic to each treasurer: securing ongoing collaboration from their business units and subsidiaries in the provision of reliable, consistent and accurate cashflow data. Given the importance of accurate cashflow forecasting for organisations of all sizes in today’s economic climate, this is one area of the cash forecasting process we’ll return to at a later stage in this article.

According to the Office of National Statistics (ONS) in the UK, 90% of businesses fail due to cash flow issues. Sir Richard Branson summed it up very well when he said, “Never take your eyes of the cash flow because it’s the life blood of the business.”

Focus on cash flow

Cash flow management is crucial for business survival and well-informed decision making around cash flow maximisation can ensure companies are adequately equipped to navigate times of uncertainty and plan for the long-term. Focussing on cash flow, rather than profit, is what successful businesses do. Let’s think of this in simple terms: a profit-making business that does not manage its cash flows effectively can struggle to pay suppliers and suffer from subsequent delays in meeting customer demand. The end result is unhappy suppliers, lost customers and a negative impact on profits.

The burning question therefore remains, if we unanimously agree that cash flow management is vital to business success, then why does it continue to prove an ongoing headache for many organisations. A sentiment I regularly encounter when meeting with treasurers across my network and hotly resonated during the course of the roundtable in question.

Data is key

When we explored this matter in more detail there was a broad consensus that cash flow forecasting is only as good as the data it comprises. The old adage of Garbage In, Garbage Out (GIGO) is true for cash flow forecasting. Inaccurate data leads to inaccurate forecasting, rendering the process inadequate and almost unfit for purpose.

The key outcome? Data is absolutely key. But data can come from many different sources for example the P&L, ERP systems, payroll etc. These data sources tend to be reliable in so much as they reflect known activities, however as a panel member correctly pointed out, relying on data that is derived from the P&L alone, to produce the forecast, does not lead to accuracy. You must also get the business units to provide and update cash flow forecast data in order to complete the picture.

Securing business unit ‘buy-in’ to the benefits of the forecasting process and, just as importantly, being able to depend on their full collaboration around accurate data provision can sometimes prove a hard challenge – here’s some guidelines to increase your likelihood of success:

  1.  Get senior management buy-in: the panel agreed it’s not enough for Treasury to simply tell the businesses to provide accurate, timely and reliable data. The process should be endorsed and championed by senior management through regular communication to the business units
  1.  Communication, Communication, Communication!: business units must also buy-in to the process. Companies that are the most successful at cashflow forecasting agree that when business units understand the importance of good forecasting, they tend to do a better job of providing quality data. A good example of this was offered by one of our panel members –

We meet with our business units on a regular basis to explain why we ask them for cash flow forecast information. We always say that poor cash forecasting affects our bottom line. If you get your forecasting wrong, then your exposures are wrong, your hedging is wrong and this can ultimately lead to a potential FX loss which in turn, affects the P&L.”

Another treasurer further explained:

The best business units are those who have bought into the forecasting process and understand its importance to the whole organisation. They take pride in providing accurate data in a timely manner. This behaviour doesn’t happen overnight but as a result of a change in the company culture which they have bought into. Cash flow forecasting is now part of our Key Performance Indicators (KPI’s).”

  1.  The right tools for the job: getting buy-in from business units takes more than just great communication. Panel members were clear that you need to make the data provision process as easy as possible, given most business units are busy running day-to-day operations and have limited bandwidth.

Providing the right tools for the job demonstrates treasury’s commitment to supporting business units with their part of the process. Spreadsheets can be a quick, no-cost tool of choice but are prone to human error and require consolidation at treasury level. Spreadsheets are also time-consuming, not user-friendly and limit data manipulation capabilities around forecast comparisons, variance analysis, what-if scenarios etc. Modern and affordable specialist cloud cash forecasting systems are fast replacing spreadsheets as the forecasting tool of choice, allowing business units input or update data from anywhere, quickly, efficiently and accurately.

In summary, cash flow forecasting is a crucial activity for treasury departments everywhere but to do it well you need to ensure that the entities supplying the information have bought into the process and are provided with the best tools for doing it.







A 360 Degree View On Security

| 13-10-2021 | treasuryXL | Nomentia |

One would think data protection and security measures are baked into our identity as digital people, especially in a year where we are working remote more than ever. But is it though? The breaches show that security is too often seen as something to kind of ‘wing it’. And there is an eternal question whether the best way to a secure IT environment is to educate the employees to make the right decisions or to put measures into place.

We personally believe that security and combatting Fraud is a combination of people, processes, and tools. Security literacy is a skill everyone should have and constantly develop, and companies can further support this by making use of tools such as multi-factor authentication to mitigate risks and implementing processes to keep their corporate environments safe. We think security deserves a 360 degrees view in an organization that is implemented throughout their solution landscape.

Login & User access control

This is a simple thing organisations can implement either with Single-Sign-On and/or multi-factor authentication. Multi-factor authentication (MFA) is a method of authentication that requires the use of more than one verification method and adds a critical second layer of security to user logins. A user is only granted access after successfully passing all authentication phases. The different factors are based off of different things as opposed to a simple password which bears some vulnerability. The first authentication phase is based on knowledge. A person needs to know their username and password, and this can also be initiated through single sign on with corporate credentials for a further security increase. The second authentication phase is based on possession. A person must possess and have access to a mobile phone to for example receive a code per text message or a phone call to double authenticate the log-in.

In practice this means, even if a username and password get compromised, cyber criminals will still not be able to login to the account protected with multi-factor authentication. And neither does a stolen mobile phone as both phases are required for a successful login.

One of the potential downsides to multi-factor authentication is that it adds one extra step in the process. And I can admit myself, every time I am going through the process of logging into our internal tools, we are sometimes a bit impatient while waiting for the text message. But it’s a small trade-off for security. Especially since single-sign on also adds convenience.

Single sign on means that people can log into systems with their corporate credentials and just speed up the process on that end. It’s fast and adds an additional security layer which is extremely powerful if paired with MFA.


This is a crucial part in terms of security. We believe that monolithic enterprise platforms are dead and best-of-breed solutions that are highly integrated are the future. This best-of breed approach however also ads emphasis on the need to ensure the integrations are safe. Which data is travelling via which channels from where to where? How is the data in transit being secured from theft and man-in-the-middle attacks?

The first step is to map out all needed integrations and systems and create a use case scenario and based on this define the needed setup. For instance, in the context of cash management you might for instance end up protecting payment information with a higher security standards than a simple accounts payable extract that is used to cash forecasting only. The key is to have a companywide and regularly maintained risk analysis process that recognizes risky areas, measures the levels of set controls (preferably audited by external experts) and constantly comes up with better and better controls.

User access control

Understanding and carefully designing which user has access to which data and processes is not bullying your employees but is a crucial step in setting processes in place that further support security. In our case, our customers need to answer questions such as: which user can approve payments, who can add a new account number to the system, who can manipulate user rights, who can make a manual payment, or who can view balance information from banks and the likes.

Infrastructure and Platforms

Making sure that you run your IT infrastructure and solutions on secure platforms is a crucial control point. One would think that in this day and age that shouldn’t be a question anymore, yet we would recommend checking this anyway. How is the user access to databases and servers or other backend artifacts controlled? Are your administrators using multi-factor authentication? Have you segregated the so-called privileged access and user accounts? Do you keep a list of such accounts? Do you collect logs from your systems and store them securely?

Many industry standards come handy here. For us relevant standards are for instance ISO 27001 and ISAE 3402 auditing framework. In our domain particularly relevant is SWIFT Customer Security Program (CSP) which is a security framework developed and derived for financial industry from such international standards such as NIST and PCI DSS. All these standards should not be considered just as acronyms but a toolbox that can help you to build a company culture that takes security seriously in every step and by every employee in every role.

Security comes from within

Above are the steps that each organization can take to ensure that their set-up is secure. Let’s face it, there is no such thing as absolute security. But by establishing a strong security culture in your organization we believe you can make it really hard for criminals to gain access to our systems.

If you want to reach have an assessment of your security measures in terms of people, processes and tools for your cash management, please get in touch with us and we will assess your set-up and provide you options how you can further tighten your security. Cash is king, but hopefully a well-protected king.






WEBINAR ALERT | How to achieve cash forecasting excellence – challenges and strategies

treasuryXL | Nomentia |


Date & time: October 20, 2021 at 3.00 pm CET | Duration 45 minutes

Cash forecasting remains one of the most challenging topics in treasury management. With the knowledge and years of experience of our experts within TreasuryXL and Nomentia, we will discuss cash forecasting in more depth. We’ll tackle the challenges that are paired with cash forecasting, and strategies to overcome challenges to achieve cash forecasting excellence.

Join the webinar to learn more about: 

  • Brief introduction to TreasuryXL and Nomentia
  • Short introduction to cash forecasting
  • Why many companies have sub-optimal cash forecasting
  • The challenges with cash forecasting
  • Managing the cash forecasting process
  • Steps to create cash forecast excellence

Click on the banner for registration.

Meet the speakers

Francois de Witte (1)

François de Witte

Seasoned Treasury Expert

Huub Wevers

Huub Wevers

Senior Sales Manager

Jouni Kirjola

Jouni Kirjola

Head of Solutions and Presales



Why You Should Say Goodbye To Spreadsheets

| 29-09-2021 | treasuryXL | Nomentia |

A recent Cash management survey that we did showed that 43 percent of respondents continue to experience issues with their Cash flow forecasting. Unsurprisingly, more than half of the market still use spreadsheets to execute this business-critical function. The million-dollar question is, why?

According to the European Spreadsheet Risks Interest Group, the reliability of a spreadsheet is essentially the accuracy of the data that it produces and is compromised by the errors found in approximately 94% of spreadsheets.

If accurate cash flow forecasting remains one of the key priorities for treasury and finance professionals alike and the market has easy access to affordable, cutting edge forecasting applications, why do we continue to rely on outdated, ineffective forecasting tools?

Common myths prevail that spreadsheets save money, are easy to use & flexible. In the spreadsheet’s defence, it’s a nifty tool, that ticks many of the aforementioned boxes and can work very well with cash forecasting solutions. But, for a growing business looking to mitigate risk and plan for the future, risks run high if you’re relying on a system that’s almost surely flawed, demands hours of manual input effort, prone to human error, exists largely undocumented and which no one really knows how it works.

“After the clever intern, who developed the nifty macros and formulas is no longer around……nobody knows how the application generates the numbers.”

Penny wise, pound foolish 

Spreadsheeting is, by and large, the manual process of gathering, inputting and administrating data. Typically, spreadsheets have been built up and added to over a period of years, becoming cumbersome to manage and share. In an eye-watering number of cases, the person originally responsible for constructing the spreadsheet has long since left the department. No one knows the algorithm behind the macros and no one assumes responsibility for its maintenance, let alone documenting changes and adaptations. The whispered precedent remains, “if it’s not broken, then leave it alone”……… Ouch!

Alternatives are perceived to be more expensive. Excel, for example, is cheap to acquire whilst Treasury Management Systems are expensive with lots of added features that SME’s in particular, don’t require.

Busting the myths

Cost is no longer a plausible reason to rely on spreadsheets for cash flow forecasting. Cloud-based solutions such as Nomentia Cash Forecasting, offer competitive pricing. Modular, on-demand, SaaS solutions have revolutionised application choice. Simply choose the modules you need, pay by the month and no IT involvement required. Free up more departmental time by reducing the number of resource hours required to maintain a spreadsheeting process and the cost-saving just got bigger.

Spreadsheet errors and inaccuracy are by far the most compelling reasons to consider a move to a specialist cash forecasting application. Finance and treasury cannot afford to make mistakes. Inaccurate cash flow forecasts can literally lay to ruin to a company’s business reputation and/or result in a financial loss or penalty. No scare tactics needed.

Mini Case-Study: Conviviality a ‘Spreadsheeting Horror Story’

(Source: The Guardian UK, 21 March 2018)

At first, the drinks retailer Conviviality said profits would be 20% lower than the £70m expected by the City, with £5.2m of the £14m hole that had opened up in its forecast, down to a spreadsheet error. The remainder was a reflection of weakening profit margins.

On 21 March 2018, the Guardian (UK) reported “Firm issues third profits warning; says it will meet investors to raise funds via a share placing’’. The company, in a stock exchange announcement, said it was holding meetings with investors to raise £125m via a share placing that would help it pay a £30m tax bill due at the end of the month, fund overdue payments to creditors and repay a £30m loan.

The company blamed the first shock profit warning on a spreadsheet arithmetic error made by a member of its finance team and weakening profit margins, and then admitted it had not budgeted for the £30m tax bill due this month.”

Conviviality has since gone into administration

Whether or not the use of spreadsheets was the sole cause of this bankruptcy is not clear, but it seems to have been a major contributor. Such cases are exceptional, but they do illustrate how relying on spreadsheets is not a sensible course of action for any finance & treasury team anywhere.

Many spreadsheets also contain, quite clever but complex, macros and apart from keeping these up to date, finance & treasury is responsible for ensuring their integrity. This is something that is not always feasible. Even when errors are spotted it is often very difficult to decode them, especially given the sheer size of the spreadsheets many finance and treasury folk utilise.

Embracing future-proof change

Readily available and affordable cash forecasting applications have, for those organisations who have embraced the benefits of technology, reduced risk exposure exponentially, facilitated real-time & accurate cash visibility, minimised human resource demand, and liberated finance leaders to take a more strategic role across the business. No-brainer.

Sometimes taking a leap of faith, moving away from the old and onto the new, can be a daunting decision. Historical hang-ups, ranging from less than favourable experiences with legacy systems, pre-conceived assumptions around cost implications, and work-flow disruption make it all too easy to decide to ‘leave well enough alone’. Before you take the decision to stick with the spreadsheet that’s done what it apparently ‘says on the tin’ for many years – let’s consider the following:

Back to the future

In a world where cyber security is of the utmost concern and data privacy, e.g., GDPR, is a regulatory requirement, can finance and treasury really afford to run their operations on spreadsheets? Spreadsheet security cannot and does not compare to the advantages of specialist systems that have been built with security in mind. Indeed, some spreadsheet applications lack even basic authentication security, can be easily copied and distributed outside the confines of the business without the knowledge or prior agreement of management.

Spreadsheets were built for convenience-only in a pre-internet world where cyber-attacks and data security were unknown and of no consideration. Spreadsheets were not built with security in mind.

Square peg in a round hole

Spreadsheets don’t grow with your treasury and finance needs. Organisations often try to adapt their spreadsheets to a growing business but soon realise that the complexity of doing so is almost impossible. Adding new accounts and deleting old accounts becomes challenging at the best of times, but managing this critical process in a spreadsheet, whilst trying to drive the business forward, is often a step too far, leading to errors and oversights.

Treasury and finance, by its very nature, consists of a number of different individuals performing a variety of activities, sometimes at the same time. This results in the sharing of valuable company information between several people and departments in any one day. Managing this process on spreadsheets can be difficult and nigh on impossible, even if some automation is achieved. Typically, only one person can update a spreadsheet at any one time so the workload that needs to be shared becomes inefficient and confusing. Maintaining full transparency around additions, edits, and alterations are off the table. Once an edit, or error, is made on the spreadsheet, it remains invisible and untraceable until something goes wrong. In addition, identifying the point of error-impact is often a time-consuming, futile, and frustrating exercise for some unfortunate departmental executive, even if they have the necessary investigative skills.

Doomed to repeat the same mistakes

Spreadsheets are not that good at quantifying or qualifying historical data, and treasury & finance needs this data regularly. That is not to say data cannot be stored in earlier spreadsheet versions, but due to the way they work, it is not a simple task to access, view, assess, and report this data as efficiently and effectively as modern cash management applications. Losing valuable historical data for comparison and variance purposes is a high-risk consideration. Accidentally saving over historic files, or indeed losing files altogether, is a terrifying experience we’ve probably all experienced at some stage in our careers. Notifying management of a spreadsheet faux pas is just as bone-chilling, remaining undisclosed and causing further inaccuracy to forecast outputs.

As alluded to in an earlier blog ‘Five expensive myths in Cash Forecasting’, there is a very real chance that the person who created the original spreadsheet has moved on and left the company. How many finance and treasury departments have found themselves in a position where a mega spreadsheet, long lauded as a ‘work of art,’ is no longer sufficiently supported and documented with non-existent instructions on how to maintain or update the worksheet.

Cassette recorders, big hair, leg warmers, the Rubik’s cube, Walkman, and mobile phones the size of small suitcases are all legacies from the 1980’s. Technology and hairstyles have moved on….. so should cash forecasting applications.




Which Options Are There When It Comes To Bank Connectivity?

15-09-2021 | treasuryXL | Nomentia |

In this blog, we want to give an overview of the different options for bank connections from host-to host, direct connections through regional standards and SWIFT. On top of that we’ll also take a look at open banking APIs and what possibilities they might hold for the future.

Bank connections enable corporate customers to exchange messages with their banking partners. Companies need to have a relationship with at least one bank, in practice there are typically several banks involved, for example to exchange account information and sending payments. Bank connections are so to speak the backbone of your treasury department because they ensure the uninterrupted flow of information between your business process tools and banks, allowing you to create accurate cash forecasts, manage liquidity and the likes. Bank connectivity will remain a topic that corporate treasury departments need to decide how to approach. Now, let’s look at the different options for creating bank connections.

Direct host-to-host connections

One of our webinar polls showed there are still 30% of our respondents who maintain host-to-host connections with their banks. This means that typically the IT department sets up bank connections to specific banks. How those work in specific then depends on the bank. With some banks a host-to-host connection is needed for each country where the company is operating. Luckily many banks offer single point of entry connectivity which means that once you’re connected, you can use it to operate cash management messages in all or multiple countries where the bank has branches.

Since the bank is hosting the service, it also means that the bank is dictating all technical requirements and corporate customers need to adapt to changes the banks might make.

And change is imminent, especially when it comes to messaging formats, communication protocols and security requirements. There are for example client certificate renewals that come up usually every two years. Root certificates expire more infrequently but cause more maintenance work.

Another quite timely example is the Transport Layer Security (TLS) protocol version upgrade. TLS certificates not only have to be renewed from time to time, but older TLS protocol versions have known vulnerabilities and the banks are enforcing their clients to use newer versions all the time.

Maintaining direct host-to-host connection requires you and especially your IT department to make a commitment to maintain these connections day in and day out. Which requires special technical expertise from the IT department and a lot of resources, especially when you employ many host-to-host connections in your ecosystem.

Direct connections through regional standard protocols

The EBICS (Electronic Banking Internet Communication Standard) is a standard protocol that is used in Germany, Switzerland, and France. Also, banks in other countries are testing this standard.

The challenge with EBICS has been that different countries have their own versions of the standard. In 2018 EBICS 3.0 was launched with the goal to harmonize the differences and to make it easier to communicate across borders. In practice Germany and Switzerland are still using EBICS 2.5 and it will take until November 2021 until EBICS 3.0 becomes mandatory for banks in Germany.

Some international banks have adopted EBICS into wider use. Which means that corporations familiar with EBICS may use it for message exchange and authorization in other countries as well. Only the future will show if EBICS fulfils its vision of becoming the pan-European standard protocol for bank communication.

Connections through SWIFT

Companies can connect directly to the SWIFT network and with that get connected with over 11 000 financial institutions in more than 200 countries. SWIFT is hosting and maintaining the global network for that. It’s highly secure and reliable. It’s a single gateway that almost sounds like it opens the door to paradise for you, at least in the mind of someone who spends his time building host-to-host bank connections for single banks. You are empowered to change banking partners based on your business needs without having to worry about establishing new connections.

SWIFT has a sort of do-it-yourself approach by providing Alliance Lite2 to companies. And here comes the other side of the coin. A direct connection to SWIFT is costly and requires time and resource-demanding integration. In addition, you need to comply in full scope with the SWIFT Customer Security Programme (CSP) that requires all their members to protect their endpoint, because naturally, they need to protect their network.

Most corporate customers use a SWIFT Alliance Lite2 Business Application (L2BA) provider or a Service Bureau for the connection. In the L2BA model, a service provider takes care of handling all necessary requirements to connect to the Swift network and you buy your bank connections pretty much as a service. Often this is packaged with other products and solutions you might use.

Open banking APIs

Open banking APIs are one of the most interesting developments. We already see banks all across Europe offering premium APIs for corporates that go beyond what is possible today.

Open banking APIs are set to bring a real-time component to the game that hasn’t been there so far. In the past there was no way for external systems to fetch for example real time balances from banks, but this is about to change. While as previously, corporations would execute batch payments, with open banking APIs this will be possible whenever a payment is needed with instant effect. Looking at balances and payments is the beginning of new solutions that will be available to corporate treasury.

Open banking APIs is something that companies and providers such as Nomentia will need to take into account for their roadmap because this is clearly where we will be able to provide innovative solutions for our customers in the future.

What’s the verdict?

It would be great to give an easy answer to this question. But it’s just not that simple. As I outlined above, all connection methods have pros and cons It really depends on your needs and internal structures what you need.




Nomentia Acquires TIPCO: A union of exceptional products and teams

08-09-2021 | treasuryXL | Nomentia |

Nomentia announced yesterday that the company has acquired TIPCO Treasury & Technology. Shortly after the news was released, we had the chance to sit down with Jukka Sallinen, CEO of Nomentia, and talk about the announcement, what does the acquisition promise for finance and treasury professionals globally, and what does the future hold for Nomentia.

The acquisition of TIPCO is the latest milestone in Nomentia’s history. What’s the reason behind the transaction?

There are a couple of reasons. First and foremost, we’ve felt that both companies share a very similar mission. We want to provide unparalleled solutions for and with our customers. TIPCO’s Treasury Information Platform (TIP) is an exceptional treasury management solution that is widely known in the DACH region, and TIPCO has been also famous for its acumen in treasury. Our combined solutions and domain expertise make us one of the strongest players in the cloud treasury and cash management space. I have no doubt that our current and future customers will benefit from our combined product portfolio. Another good reason for joining forces with TIPCO is that we’ve strongly felt that both companies have had surprisingly similar cultures – both have a very healthy obsession for providing the best solutions for our clients and we take pride in what we do.


Tell us more about the merged product portfolio and how treasury teams will benefit from it?

Before the acquisition, Nomentia cash management was consisting of Bank connections, Payments, Cash Forecasting, In-house banking, Bank Account Management, and Reconciliation solutions. Adding TIP to the solution mix, we can now provide robust and sophisticated cash flow forecast and cash visibility solutions, as well as solutions for trade finance, FX risk, treasury reporting and treasury workflows, and more. TIP has been always loved by the users and now all Nomentia customers will have access to TIP.

Today, it’s not feasible for treasury teams and finance teams to choose one provider for all their needs or trust that their ERP system would provide a working solution alone. Treasurers should be able to choose the solutions that can best resolve their challenges and meet their needs. To get the best outcome, finance and treasury teams often need to work with multiple vendors – taking the best solution from each. Of course, that’s not always ideal from IT’s point of view, but that’s where our team comes in to take care of the implementation plan together with the client and integrate with their existing systems and banks. We trust that a lot of our current customers will find new solutions from our updated offering that can help them to overcome their current challenges.

New customers will find that Nomentia can offer the widest cash and treasury management solution portfolio on the market to help them build better treasury processes.


How does the acquisition affect Nomentia’s future?

During the past year, Nomentia has taken big steps toward becoming the global powerhouse for treasury and cash management. After last year’s merger of OpusCapita and Analyste, we’ve successfully got our footprint in many new markets, and we’ve been especially growing in the DACH and Benelux regions besides continuing to be the number one choice of treasurers in the Nordics. Acquiring TIPCO and merging the two product portfolios will help us to strengthen our position in Europe even more.

Our team has been also growing significantly – it’s always great to work with people that are experts in their field and can truly help our customers to develop their operations. Together, we will exceed our customers’ expectations with our strong product portfolio and even stronger team. Personally, I am thrilled about the news and can’t wait to roll up our sleeves and get to work together with our new colleagues!


Read the press release to learn more



What to Consider When You choose your Bank Connectivity Strategy? 7 Important Criteria

| 01-09-2021 | treasuryXL | Nomentia |

Most organizations would benefit from some form of Bank Connectivity as a service. But just deciding on outsourcing bank connectivity won’t magically make all those connections appear. In this blog, we’ll cover 7 important criteria you should think of when evaluating different options.

1. In which banks do the majority of your payments flow?

Make a list of all banks that your organization is connected with and include all banking relationships from all your subsidiaries. We have noticed in interactions with our customers that this first step can be eye-opening at times. Often, we have an idea of the different banking relationships but then there are still local bank relations that might not be that visual to your treasury function. It also provides you with a good understanding of how many bank connections you would need and whether you would benefit from simplifying your banking landscape before implementing a bank connectivity solution. If your organization is only working with 5 banks altogether the story is very different from an organization that has relationships with 20+ banks.

After mapping this out, you might want to apply the 80/20 rule: typically, you would first set up connections to the strategic banks that cover 80% of your payment flows. A cloud-based software from a Cash Management specialist will most likely be able to provide you these connections as part of their out-of-the-box functionality.

2. Evaluate your use of local banks

Even if you expand the use of strategic banks to more countries, you might still find a set of local banks that you cannot replace. Typically, a discussion about bank connectivity increases in complexity when the long tail of local banks comes into play. That’s where you need to ask yourself why you are working with local banks. Is it for collecting money, for making payments from a regulatory point of view or because of specific needs within your local business?

Having visibility on Cash is straightforward while covering payment flows is not easily justified from a direct cost savings point of view. At the same time payment fraud plays a role in the local banks. You might want to consider a solution to replace internet banks for manual payments with a centralized solution. Then, the business case cannot be backed up by direct cost savings, but cost-efficient risk mitigation.

3. How consolidated is your banking landscape?

After mapping out all your banks in a first step, you know your strategic banks. Now it’s time to take a look at which countries are covered by these strategic banks. Would it be a good time to reduce your banking relations by using a certain set of strategic banks in more of your countries in order to reduce the number of domestic banks?

4. How many file formats and payment types do you have in use?

It is a different thing to set up credit notes and treasury payments only, as opposed to also including domestic payments, salary payments, and tax payments. We recommend having a solution for all your payment types and file formats: this is the only way to get rid of the internet banks and the tokens.

5. Are you concerned about payment fraud and information security?

You should have a solution to cover all payment types in all countries with all banks. That is the only way to have a full audit trail and control in every country. A centralized payment process enables centralized validation and control. We have covered the topic of payment fraud extensively.

In our case, having bank connectivity as a cloud service lets you benefit from a platform, which invests annually roughly 1bn$ in information security. From an information security perspective, this lets us concentrate on application-level security, which is annually audited by 3rd parties.

6. Are you interested in having transparency in your bank fees?

Modern bank connectivity solutions enable transparency in banking fees: Having bank agreements and the related fees included and matched against the banks’ reports. Even more transparency can be gained with services like SWIFT GPI: SWIFT GPI enables banks to provide bank fee information for the e2e chain. Not all banks support these features yet.

7. Choose wisely

Once you go through the questions and mappings outlined above you are at a good place in making your decision for the right bank connectivity provider. It might seem tedious at times and one might think of bank connections as a mere technical thing, but they are so much more. We feel this is a perfect moment to evaluate all your processes and look at ways to harmonize them.

It’s also a great way to work closely together with your colleagues. We recommend approaching this topic in a project team between treasury, finance and IT: From an IT perspective you want to minimize the IT-footprint, finance will run the daily operations and treasury sets the policies and controls.




How to Start Avoiding Payment Fraud from Happening

| 18-08-2021 | treasuryXL | Nomentia |

It’s 2021 and even with advancing technologies and AI detecting fraudulent behavior, payment fraud remains an ever-present Risk for any company.

The other day we met with someone who has recently been a target of Payment Fraud and is now implementing a payment factory in order to reduce the risk. We wanted to take a look at how we approach the subject with our solution. Having the right software in place is important, sure but it goes beyond technology.

Let’s start with the Software, Nomentia’s Cash Management solution has several mechanisms in place that protect you against fraud.

Here’s a Quick list

  • First of all, our software creates a single point of managing all payments. We talk a lot about centralizing, and this is just that. Our product brings all these payments into a single view. If we think of a typical case, a company might upload some payments to internet banks, some to a service bureau, use host-to-host connections for others and maybe even run some payments via SWIFT. That creates at least 5 times X channels where payments are executed. This means all payments can’t be seen from one view, which already makes it impossible to detect fraudulent or suspicious payments. But in addition, those 5 times X channels also mean 5 times X places where user rights need to be maintained and controlled.
  • This brings us also to the second point; our software comes with a comprehensive user and user rights management. Our software creates a clear structure and visibility as to who has rights to which companies and accounts and what kind of user roles they are having. We create visibility and an easy way to maintain those rights.
  • When payments are transferred from one source system such as ERP, payroll and the likes to our cloud, files cannot be altered. This creates additional security measures that protect companies from attacks.
  • Lastly, we have created capabilities to set up straight forward approval flows that ensure a segregation of duty into the way payments are done, within the users’ approval limit. Approval limits can be set for each user when working in different roles for multiple companies.

Those are the things that come built into our software. But it’s important to highlight one key fact, most fraud attempts have a human factor and that’s why it’s important to look beyond the software and take a critical look at the processes. As a matter of fact, despite all the noise about external risks, fraud and theft are more likely to be committed by an internal actor than an external actor (Source: FBI Internet Crime Complaint Center).

In other words, if you focus on validating data for possible fraud, you probably should take steps to minimize the possibility of fraud in the first place. Otherwise, proverbially speaking, it’s winter (Northern Finland winter for that matter) and you are going out in shorts and with wet hair.

Apart from controlling user access rights, we would like to share some more tips and ideas that can help to mitigate the risk of fraud.

  • Payments that are made from ERP but rejected by the bank cannot be modified by all users. In practice this means when a payment is made from the ERP system but rejected by the bank, it bounces back where users need to review the failed payment, before sending it to the bank. Fixing the payment data on ERP master data instead of manual adjustments. This would highlight and prevent for example internal fraud attempts.
  • Consider working with your system admins to install payment templates that your end users can use. This decreases the risk for fraud and error by limiting the manual work of filling in information.
  • Make use of the full audit trail that we provide. You can see the whole lifecycle of a payment from its creation to its reconciliation, including by whom and which changes were made, who has approved and sent the payment.
  • Create clear rules on manual payment creation. We enforce a 4-eye approval flow before sending it. In manual payments, there might be a reason to have more than 2 persons approval. If you are having SSC’s in use or even multiple SSC globally. Use the standard 4-eye approval flow locally but have additional approval from another SSC to reduce the internal actor.

These are a few ideas from our side. We are always happy to hear more ideas and feedback on how we can together create safe payment processes.