Tag Archive for: cyber security

How to stay ahead of emerging threats

| 03-10-2019 | treasuryXL | BELLIN

Cyber Fraud and Treasury
Company-wide strategies to understand and mitigate cyber fraud risk

Cyber fraud represents a rapidly-evolving threat. It is essential for treasury departments to be aware of the new types of fraud that are emerging because of online technologies. The global nature of cyber crime means every business must make sure that security systems are watertight. Gangs can now conspire to defraud corporations from different countries and jurisdictions across the globe.

Royston Da Costa of Ferguson Group assisted in drafting this immersive white paper titled “Cyber Fraud and Treasury: How to Stay Ahead of Emerging Threats,” which highlights how to prevent cyber fraud and the strategies on combating it. The white paper covers:

  • Cyber fraud consequences
  • Most common types of cyber fraud
  • How to prevent cyber fraud
  • How to respond to cyber fraud

DOWNLOAD WHITEPAPER

Universwiftnet Paris – March 2018

| 30-04-2018 | François de Witte |

On 13/3/2018, I attended the 15th Universwiftnet Paris event, a one-day conference day to discover the recent tendencies in payments, banking connectivity and the relationship between corporates and banks. There were over 1.000 participants, and this was a good opportunity to have an immersion in the latest tendencies in treasury. Down below, you will find some hot topics and takeaways,

KYC (Know Your Customer)

KYC remains high on the attention of banks. There is a new initiative of the KYC – SWIFT registry, which aims to provide an efficient, shared platform for managing and exchanging standardized Know Your Customer (KYC) data. SWIFT has worked with the world’s largest correspondent banks to define a set of data and documentation that addresses KYC requirements across multiple jurisdictions.

SWIFT takes on the task of validating the information and keeping it up to date. That means banks are relieved of this task, while remaining sure that their data is reliable and up to date. The KYC registry also offers a useful set of tools to simplify and enhance risk management procedures. This includes a KYC Advanced Notifications feature that can trigger alerts, if the profile of one of their counterparties changes.

Institutions can upload completely free documentation to the Registry and share it with the institutions you select. SWIFT validates the data rigorously, informs the counterparty if it is incomplete or needs updating, and alerts your correspondents whenever your data changes. The KYC Registry is currently only open for banks, but it this would be opened to corporates to corporates this year, enabling them to deposit documents there. This is welcomed development.

eBAM – management of the bank mandates

eBAM is the SWIFT initiative aiming at rationalizing the bank mandates. This provides standardized messages, which can be used between corporates and banks. BNP Paribas is already using this extensively, but other banks, like Sociét Générale, Citibank and Natixis are also joining the initiative. The further extension of eBAM to other banks would enable to rationalize an area, which remains a pain point for many corporates. One of the projects is to enable to sign digitally bank agreements.

Fraud & cybersecurity

Fraud & cybersecurity also remain high on the agenda. According to a study of Euler Hermes, 80 %, of the corporates have at least experience & fraud attempts, and 25 % over 10 fraud attempts. According to a study of the EU, 80 % of the European corporates have been victim of cyberattacks.

Corporates need to invest in the risk assessment, the browser & app protection, onboarding and password management. The challenge is to payments as frictionless as possible, in a context of increasing authentication cost.

It is important to embed this in processes, which should include whenever possible measures enabling to prevent:

  • Internal fraud: through the secure import of the files and other internal fraud prevention measures (black and white list of beneficiaries, limits on the amounts, banks and countries, check on abnormal transactions, verification of the account of the beneficiaries, etc.)
  • External fraud: through a secure digital signature (multifactor authentication using One time passwords, certificates, etc.) and a secure transfer of the payment files to the banks

PSD2, instant payments and open banking

We are moving to a paradigm whereby we need to combine:

  • The real time of the transaction
  • The request for user-friendly and frictionless payment initiation
  • The controlled opening of the payments landscape to third parties through PSD2
  • The protection of the PSU (Payment Service User) through PSD2 and GDPR

This will also create opportunities, both for the new players and the incumbent banks, who are prepared to develop an active open banking strategy. The retailers look at reducing the collecting costs of the card schemes and are looking at alternative more cost efficient collection methods. The SEPA Instant Payment Scheme could become in the future an interesting alternative.

New multibank solutions will come up. They will provide a more cost efficient technology using APIs. In a first stage, I expect that they will mainly extend to smaller corporates. Larger corporates might stick to the proven SWIFTNET or Host-to-Host solutions, due to the bank independency, the proven track record and the high integration with the existing processes.

There has been an interesting testimony of EDF, who is currently daily retrieving its bank statements through APIs. These are easier to implement, and have enabled a more efficient and quicker process. This new way of working also has a lower impact on the IT environment, identified as a bottleneck in the organization.

In fact, we are currently moving to a real time and digital treasury. This will require new profiles, such as IT developers and AI specialists for the operational tasks and the dash boarding.

François de Witte – Founder & Senior Consultant at FDW Consult and Senior Expert – Product, Business development and sales manager at Isabel Group

 

[button url=”https://www.treasuryxl.com/community/experts/francois-de-witte/” text=”View expert profile” size=”small” type=”primary” icon=”” external=”1″]

[separator type=”” size=”” icon=””]

 

 

TIS – the single source of truth

| 29-03-2018 | treasuryXL | TIS Treasury Intelligence Solutions |

On Tuesday 27th March 2018, treasuryXL attended a seminar in Amsterdam organised by TIS. TIS stands for Treasury Intelligence Solutions and, during this seminar, Christian Werling from TIS  gave a very informative presentation about their services which focus on cloud solutions for managing the administration of bank accounts. These solutions offer real-time reporting on all bank accounts – worldwide – and the ability to use just one system to validate and release all payments. In a world where a treasury department might hold more than 100 bank accounts, dispersed over more than 10 banks spread out across different time zones  and having to maintain the possession and custody of numerous bank tokens and log in protocols, a one stop solution is very enticing.

Why?

In today’s world, companies can find themselves with a physical presence in a multitude of countries and locations. In the current environment, a corporate treasury would need to log on to the website of every unique bank where they hold accounts and extract the bank statements for the previous day. Using separate bank tokens and log in protocols, this process can quite easily take up to 1 hour. Furthermore, all the separate data needs to be collated and then uploaded into 1 system, Various subsets of the information need to be given to different internal departments so that they can perform their daily tasks – reconciliation, data input and verification.

The reality

In the modern age, you could find yourself as a Treasurer, within a large complex organisation, consisting of a head office, subsidiaries, legal entities and shared service centres. The underlying platforms can consist of book keeping systems, ERP, HR and different databases. Additional data flows come from e-banking systems, TMS and stand alone projects. The output from all these systems are then used to connect to the banks. Furthermore, all these layers of connectivity can be subject to fraud or attack from outside sources.

TIS provides a single point of contact via a SaaS (Software as a Service) platform that connects to all these systems, thereby offering a simple and effective control over the data flows in real time.

Advantages

  • Real time information
  • Control from a single point
  • Centralised bank account management
  • Centralised bank account mandates
  • Transparency
  • Cost efficiencies

After this we were informed about how the system works in the real world. Bas Coolen is the global head of treasury at Archroma – a colour and speciality chemicals company based in Switzerland. They have a physical presence in over 35 countries and 3,000 employees. Formed 5 years ago, they wanted a minimal  IT solution to their legacy banking operations. These operations stretch from Asia, via Europe to the Americas and involved many different banks.  They concluded that no single bank could provide the service they required within every country and that they needed a solution. By adopting the platform offered by TIS, they have been able to implement a global system that encompasses all their bank accounts – this provides them with a single source of truth. Importantly, the security aspects can now be maintained from one source – all the relevant authorisation matrices are now contained in one platform, along with the capability to perform all global e-banking operations from one location.

TIS were joined at this seminar by Cashforce, who presented their Smart Cash Forecasting and Treasury system – that will be the topic of our next blog.

treasuryXL would like to thank TIS for allowing us to participate in this seminar. If you have any questions, please feel free to contact us.