Kyriba Webinar: Modernising Global Corporate Payments to Prevent Fraud

04-11-2020 | treasuryXL | Kyriba |

These last few months have highlighted that Payments Fraud continues to be a major problem, with fraudsters quick to leverage the global pandemic, with the amounts involved considerable.

In this session Kyriba’s Paul Simpson will be joined by Helen Alexander from SWIFT and James Bushby from MasterCard, to explain what institutional payment fraud is, with a specific focus on the technology and processes that treasury and finance teams can employ to minimise risk.

In particular, the agenda will follow:

  • What institutional payment fraud is and the internal processes and technology to consider, with SWIFT
  • How a payment hub mitigates against Fraud for Corporates, with Kyriba
  • Introduction to how MasterCard is helping fight Financial Crime

Register your place by filling in the form to your right and we will be in touch!

Date:

November 12th, 09:30- 10:30 (CET)

Contact:

The impact of PSD2 on payment transactions

| 07-10-2019 | TIS |

This September the new EU directive PSD2 (Payment Services Directive 2) came into force. It is an extension of the Payment Services Directive, which was intended to harmonize the rules for payment products and services. Although this amendment affects every consumer who uses online payment services, and although sufficient notice has been given in advance of the amendment, few people know what the new EU Directive is all about. For this reason, it is not uncommon for bank customers to be confronted with an account blockage after the changeover, when logging into their online bank account, which causes a lot of confusion between banks and customers. As a result, several questions arise:

  • What has changed for the customer as a result of the changeover?
  • Can the new regulation keep the promised security standards?
  • To what extent are companies – especially Treasury- affected?
What is PSD2?

PSD2 is intended to regulate payment services and payment service providers in the European Economic Area (EEA) and throughout the European Union (EU). It aims to make cashless payments more secure, customer data better protected and data transmission over the Internet more reliable. In addition to the changes for customers, who are to experience more security through increased authentication, there are also significant changes for banks. From now on, banks will be obliged to provide third party service providers with access to customers’ account information via a standardised interface (PSD2 API) if the customer gives the consent. For banks, this means that they must surrender a large part of their power of disposal. For customers, this means that they can now make all their payment transactions without having to log into their online bank account. This is convincing for the customers, because specialised fintechs are ahead of banks and offer solutions that allow all your financial transactions – even within different bank accounts – to be carried out with only one application. This is nothing  new in the world of B2B, where corporates use payment solutions with the exact same purpose for years now.

Is PSD2 safe?

A change in the conditions of payment transactions often raises the question of whether it can actually meet the promised security standards. Especially in this case, where customer information is passed on to a third-party service provider. If lacks in security arise, there is a higher risk to become a target for cybercrime, which automatically puts bank customers’ confidential account information at risk. The European Banking Supervision and BaFin are taking it very seriously. In order to make the customers’ choice for the right third-party service provider easier, they provide a directory of reliable, registered and licensed third-party service providers.

Find out what makes TIS particularly safe!
PSD2 for Treasury?

Consumers demand real-time, round-the-clock payment services and this demand is growing. This brings changes in payment transactions that have an impact on the businesses, especially on corporate treasury which looks after cashflow. Most up-to-date account information becomes more crucial for a treasurer. The new PSD2 API interfaces could help, since it enables more direct communication with the bank and access to real-time account information.

About TIS
TIS (Treasury Intelligence Solutions GmbH) is the leading cloud platform for managing corporate payments, liquidity and bank relationships worldwide. The company delivers SMART PAYMENTS to help customers make BETTER DECISIONS.

TIS enables companies to make more efficient, more secure and more cost-effective payment transactions. In addition, TIS enables customers to make better decisions when analysing financial and operational performance based on real-time payment flows. All mission-critical processes related to payment transactions are integrated into a multibank-capable, audit-proof cloud platform. This is a single point of contact for enterprise customers when managing and analysing their payment flows across the organisation. TIS take care of managing various payment formats, communication channels with banks, and ERP-agnostic integration. Offered as Software as a Service (SaaS), the ISO certified TIS solutions are quickly up and running without the complexity and cost of a long IT project.

PSD2 – new opportunities but an issue of trust

| 07-11-2017 | Lionel Pavey |

PSD2PSD2 (Payment Services Directive) is an extension on the existing PSD within the EU. The objective is to increase competition in the payments industry, whilst increasing access from non-bank firms. This should lead to standard payment formats, infrastructure and technical standards – at first glance an improvement for consumers. However, there appears to be a particular threat to privacy and the threat of third parties gaining excessive access to personal data.

What are the objectives of PSD2?

  • Standardising, integrating and improving payment efficiency across EU states
  • Harmonise pricing and improve security of payment processing across the EU
  • Providing better consumer protection
  • Encouraging innovation and reducing costs
  • Create a level playing field and enable new entrant payment service providers
  • Incorporate emerging payment methods such as mobile payments
  • Bring new and emerging payment services under regulatory control

For the fintech industry this is a welcome development – they are focused on providing alternative platforms for standard bank products.

 What changes will take place because of PSD2?

  • Third party Access to Accounts (XS2A) – E-commerce companies can take online or mobile payment directly from a consumer’s bank account without going directly through PCI intermediaries (Payment Card Industry); this process will be known as Trusted Third Party (TTP) Account Access.
  • The ability of API’s to take payment – The ability of an Application Programming Interface (API) enabling payment by directly connecting the merchant and the bank
  • The ability to consolidate account information in a single portal – An API enables a new type of financial services company – an Account Information Service Provider or AISP – which aggregates account information to let consumers with multiple banks view all bank details in one portal

A Dutch television programme that informs on consumer issues (AVRO/TROS RADAR) recently broadcast a report on the potential dangers of PSD2 with regard to issues around personal privacy. By granting access to TTPs they are able to access your bank account and retrieve all the data from the last 90 days. This will enable them to provide consumers with a better overview on products and services. However, it also means that they gain a valuable insight into how much you earn, how you spend your money and which companies you transact with. In theory they could offer you alternatives which are cheaper and more tailored to your individual requirements.

But to be able to do all this, they will also need access to your verification methods – in other words they will need to know your PIN numbers. We have always been told, especially by the banks, that this information is strictly confidential and should never be given out. There is also the possibility that they could offer you a special discount that can only be obtained if you give away your personal access codes.

This opens up the payments market to potential fraud – how do we know our personal data will be protected; how will the companies guarantee that the data is only used for a specific product or service; who can ensure that our data is not sold to data mining companies; how can we be sure that our personal data is erased if we decide to opt out in the future?

Commercial banks are subject to numerous directives to ensure they conform to all legislation regarding banking and data protection. How can we get the same guarantee from a fintech solutions provider who might be tempted to increase its revenue by selling data?

However advanced our technology becomes, finance is an industry that has always relied on trust. Banks can only thrive if customers trust them with their money. We assume that if we deposit money into a bank, the bank acknowledges our position as a debtor and will repay us when we demand it. We expect them to exercise a duty of confidentiality and not disclose information about us. When that trust is broken, confidence in the bank is lost and this can quickly escalate to a run on the bank as mistrust leads to customers wanting their money back.

Do we feel the same level of trust for non-bank parties who gain access to our bank data?

 

Lionel Pavey

Cash Management and Treasury Specialist

 

Treasury and regulations: A changing environment

| 15-2-2017 | Theo Paardekoper |

Companies need to comply to their regulatory framework in their industry. For the treasury department  a regulatory framework is applicable which is basically linked to the financial industry and not linked to the industry of the company. Because regulations in the financial industry are changing it is important for the treasurer to update.

Regulations

Important regulations and rulings for treasurers are EMIR, MIFID and MIFID II/MIFIR.

Other regulations that are applicable for the financial industry, like UCITS and AIFM (regulations for investments funds) and CRD rules (capital requirement directive as a result of BASEL III) do not effect the corporate treasury directly, but the side effect of these rules can have effects on pricing and product offering by financial institutions.

Anti Money Laundring regulations (MOT-melding in The Netherlands) are not only applicable for banks. Also corporates are mandatory to register these transactions at the Finance Intelligence Unit of the Dutch Tax autorities.
The regulations mentioned above are all linked to the European regulatory framework and are valid in addition to local laws, like the WfT (Wet Financieel Toezicht) in the Netherlands.

EMIR (= European Market Infrastructure Regulation)

This regulation is valid since August 2012 and was initiated after the Lehman Brothers bankrupty in 2008. The main goal of EMIR is to improve transpancy of the OTC market to create a clear overview of all the derivative positions. This was one of the main problems that became clear after the Lehman bankrupty. It was totally unclear to get a view on the derivate positions and risk of  a counterparty. Emir also introduced a solid clearing member (named CCP) and Trade Repository members to register your  OTC derivates. To register your positions a LEI  (Legal Entity Identifier) can be obtained at the Chamber of Commerce.
EMIR is not (yet) applicable for small pensionfunds.

MIFID (= Markets In  Financial Instruments Derivatives)

Main objective of MIFID is to increase competition in the investment industry and to protect consumers. The well-known 40/20/2 rule to define a professional or non-professional counterparty is one of the items to protect consumers and force financial institutions into a duty of care. One of the results is a direct view on the Market-to-Market pricing of the companies derivates and monitoring of margin call obligations.
Also the classification based on knowledge is an important item and can be part of discussion during a lawsuit.
Mifid increased the number of trades in the OTC market what caused a more fragmented  view on market pricing. Financial institutions are forced to provide the 5 best quotes in the market to their clients.

MIFID II

In January 2018 this new set of regulations is applicable. Mifid II made Mifid regulations also applicable for commodity and CO2-rights traders. Also market data suppliers must be registered to comply with MIFID II. Structured deposits (return is not interest based but linked to an other ratio link EUR/USD or oilprice) will also fall under the scope of Mifid. Change of classifications on behalf of Mifid II classifies local governmental entities as non-professionals. Health Institutions governmental education and housing associations are not clearly excluded as non-professional.

 

Mifid II will mainly “change the game”  of  manufacturers and distributors of financial services, but this regulations will give corporates more tools in case of a conflict about a trade. The negative side effect of new regulations is that pricing in the market will increase because of reduced competition as a result of higher entry barriers in the market.
Any action required for a corporate treasurer?

It is up to your bank to comply to MIFID II. So I would say “no”. The bank will inform you with new legal documentation and product information in the near future.

Theo Paardekoper 

Independent treasury specialist

 

 

 

 

 

More articles of this author:

Treasury education and training: what’s next?