Tag Archive for: payment

WEBINAR ALERT | Bringing Cash Management Solutions to the Benelux

24-01-2022 | treasuryXL | Nomentia |

Date & time: January 27, 2022 at 12:00-12:45 PM CET/ 13:00-13:45 EET | Duration 45 minutes

Nomentia has been the market-leading solution provider in the Nordics for global payment and cash flow forecasting solutions. Finally, our solutions are now available for you in the Benelux in French and Dutch besides English.

In this webinar, we will introduce our Payment module for global, centralized management of B2B payments, the anomaly detection add-on for tackling fraud and errors, cash forecasting & visibility, as well as bank connectivity as a service.

Join the webinar to learn more about: 

  • Why do you need a centralized payment tool?
  • Why would you switch from a legacy local multi-EB system to a new SaaS Multi-Bank system?
  • How our customers benefit from using Nomentia Payments?
  • How to tackle fraud and manual errors with automated anomaly detection?
  • Why should you switch from spreadsheets to a liquidity management solution?
  • How does Nomentia cash forecasting work in practice?
  • Nomentia’s hyper modular bank connectivity as a service:
    • How does this work?
    • How can you benefit from it?

At the end of the webinar, we’ll have time for a short Q&A session to answer your questions.

Click on the banner for registration.

Meet the speakers

Huub Wevers

Huub Wevers

Senior Sales Manager
Nomentia

Tapani Oksala

Solutions Manager
Nomentia

 

 

Digital Payments Transformation for 2022

24-01-2022 | treasuryXL | Kyriba | LinkedIn |

By Bob Stark, Global Head of Market Strategy

Instant payments, payments fraud, and pandemic-led digital payments transformation projects have changed the B2B payments journey for CFOs and CIOs. IT teams recognize that new connectivity methods, such as APIs, are required to integrate their ERP platforms with banks, neobanks, and non-bank payment channels while finance departments are seeing the value of new options for instant payment delivery, including Venmo, SEPAInst, and The Clearing House’s Real-Time Payment network.

While the way payments are transmitted from ERP and treasury systems to beneficiaries is clearly modernizing, internal audit and governance teams are instructing finance and IT counterparts that their legacy payment processes are introducing operational risk. Combined with real-time payment settlements, older payment workflows are increasing the possibility of irrevocable mistakes, or worse, fraud. Payments transformation is the answer.

As with any payments project, the first question to be answered is: what is the desired business outcome? What measurable value can be quantified? Generally, for payments transformation initiatives there are three value drivers:

  1. Reduced bank and transaction costs
  2. Improved efficiency
  3. Reduced likelihood of mistakes and fraud

Reduced Bank and Transaction Costs

For many organizations, a digital payments transformation means they can reduce the reliance on expensive payment methods. Checks are a perfect example, where the total cost of ownership is reduced by 50% or more because of the immense internal processing and reconciliation times to send and receive checks.

Same Day ACH – fueled by recent increases in transaction limits – and real-time payments are becoming less expensive alternatives to wire payments, driving down the cost to remit faster payments. Further, payment-on-behalf-of (POBO) models allow for payment in local currencies, reducing currency translation costs, while also introducing the opportunity to net multiple payments to like suppliers and consolidate multiple payment systems into a single payment hub.

Most importantly, bank connectivity can be fully outsourced, which extracts immense cost from IT budgets, where ERPs and other internal systems were connected through hard-coded FTP scripts or reliant on expensive internal SWIFT infrastructures. Whether banks support APIs, FTP, regional networks, or SWIFT, payment connectors from ERPs and treasury to bank are pre-developed with tens of thousands of bank payment formats built into the product to eliminate any custom development to current platforms or when migrating ERPs to the cloud.

Certainly, reducing IT’s role in bank connectivity will save hundreds of thousands to millions of dollars, especially when considering the banking industry’s harmonization of bank formats to XML ISO 20022. This initiative, alongside banks’ movement to APIs, would mean years of redevelopment by IT teams to rebuild protocols and formats from ERP to the bank. Payment hubs make this a non-issue, slashing costs while simultaneously eliminating time to market bottlenecks.

Improved Efficiency

Efficiency takes many forms, but the most obvious is the automation of manual processes. Legacy processes require unnecessary time to initiate, approve, review, validate documentation, confirm the authenticity of payment requests, screen for additional compliance requirements (e.g., OFAC screening), and log in to multiple systems to send, confirm, and reconcile payments. For smaller organizations, this can be dozens of hours per week; for larger organizations, the productivity improvements are valued in the $100,000s.

In addition to manual payment initiation and processing, internal collaboration between payments and treasury teams adds complexity that can be better managed. Too many organizations leave excess cash in bank accounts as they lack real-time visibility into payment amounts. This inefficiency is magnified as payments are remitted faster (or even in real-time), meaning cash managers can no longer fund payments the next day. Payables, receivables, and treasury teams must have complete data unification to minimize the amount of cash allocated for working capital. One client, HCSC, reported reducing working capital from $4.0 billion to $25 million by automating internal and external cash visibility.

Fraud Prevention

With 90% of CFOs reporting in 2021 that fraud was the same or worse than it was in 2020, CIOs are collaborating with CFO counterparts to build increased resilience to payments fraud. The initiative goes by different names – payments compliance, payments governance, fraud prevention – the effect is the same. Organizations need to transform their processes to “catch up” to real-time payments. There are four critical tenets that form the base of every payments governance and compliance program:

  • Standardization – The key to eliminating unauthorized payments – even if accidental in nature – is to ensure a standardized set of controls that prevail without exception. Controls could include payment approval scenarios, extra layers of authentication, procedures if approvers are remote and/or unavailable, and specific actions if modifications to the payment are required. The organization’s payment policy should be digitized and enforced by the payment hub software to ensure these controls are consistently applied.
  • Real-Time Payment Screening – Many organizations require payments to be screened against sanctions lists and bank account validation databases prior to sending those instructions to the bank. A simple exercise to verify that the bank account belongs to the intended payee should be part of every payment journey.
  • Digitized Payment Policy – The organization’s payment policy should be digitized for real-time compliance checks. Examples could include payments being made outside of approved countries, the first payment to a new bank account, irregular payment amounts, etc. Every payment should be screened in real-time so that any non-compliant or suspicious payments can be stopped and quarantined in real-time to be reviewed by authorized approvers. As payments continue to diversify across multiple channels (e.g. wires, ACH, checks, real-time) and become more real-time, organizations cannot rely on treasury staff scanning every payment in real-time; nor can they expect their banks to be the last line of defense.
  • Artificial Intelligence – Machine learning is perfectly suited to provide an additional layer of protection by instantly determining if a payment is an anomaly against historical payment patterns. Machine learning algorithms are easily trained using structured payment data from an existing treasury system, ERP, or payment hub to find irregular payments that should be further reviewed. This can be done individually or within payment batches to minimize the impact on the settlement of payment runs.

Additional reading: 15 Minute Guide to Payment Hubs

While fraud prevention is oftentimes the leading requirement driving payments transformation projects, other benefits including outsourced connectivity, enterprise liquidity visibility, process standardization, and multiple cost reductions should not be overlooked as these features will likely pay for the payments project with a lightning-quick ROI. And fortunately, transforming payments can be a large, collaborative project or select capabilities can be implemented incrementally, increasing the value and risk protection within weeks.

Survey | Anomalous Payments Detection

15-12-2021 | treasuryXL | Nomentia | LinkedIn |

Our partner Nomentia and Netguardians, are conducting a survey for treasury and finance professionals to get a better understanding of the current challenges companies are facing in identifying and preventing anomalous payments. This way, we can provide more relevant solutions and share industry knowledge with the treasury and finance community.

Payments are growing in volume and gaining speed, with “instant payment” gradually becoming the norm. With increasing speed and volume, the risk of processing anomalous or fraudulent payments increases simultaneously. These anomalous payments may be caused by human errors or by fraudulent activities such as fraudsters impersonating CEOs, sending fake invoices, and other scams. This results in both operational and financial losses for the company.

By filling out this survey you will help advance the solutions that are needed to fight anomalous payments. You can fill out the survey completely anonymously. It takes around 5 to 10 minutes to complete the survey depending on the answers you provide throughout the survey.

We thank you for your kind participation!

 

 

Currency Volatility Is A Catalyst for Response by Treasury

15-12-2021 | treasuryXL | Kyriba | LinkedIn |

The Q2 2021 Kyriba Currency Impact Report showed a strong tailwind for many US corporates driven in large part by the strengthening of two main trading currencies for many US corporates, EUR and GBP.

Both currencies strengthened steadily through Q2 2021, but currencies have since retreated through Q3 2021, setting up a return of relatively strong headwinds for the Q3 earnings season.

Euro-US Dollar Rate
British Pound-US Dollar Rate

As we look forward to Q3 and Q4 currency impacts, it is very likely we will see increased levels of negative currency impacts for North American and European corporates as a result of continued business activity expansion combined with the return of a stronger USD and general market uncertainty. The recent impact of the newest COVID variant, Omicron, has also added a new level of uncertainty-driven volatility and questions about how businesses and central banks will respond.

Beyond the general level of market uncertainty there are a few other economic and operational challenges that are adding to the complexity of managing currency risk and liquidity.  With inflationary conditions starting to take hold in the US and other parts of the world, Treasurers and CFOs are having to contend with increasing supply chain costs. In addition, the supply chain disruptions are increasing the uncertainty of business operations. Many treasury teams are far less confident in their long-term cash flow forecasts which has many reconsidering their hedging and liquidity needs.

How are Corporate Risk Managers responding to the currency markets and supply chain disruptions? 

Treasury teams are faced with a complex set of variables in the current market environment. Their long-term cash flow forecasts are less and less reliable due to uncertainty related to supply chain disruptions. The disruptions are impacting both the supply side and the revenue side of the forecasts. There is increased uncertainty around both the value and timing of supply chain cash out flows. On the revenue side, there is also uncertainty around the value and timing of future inflows as manufacturers are having a hard time getting products on the shelves. In addition, the currency markets are adding to the complexity as the USD is strengthening or at least holding strong against a broad basket of currencies.

As a result, many treasury teams are re-focusing on the things they can control. Daily and even intra-day cash position monitoring is the norm now and combining that with an increased focus on FX hedging for working capital positions on the balance sheet are critical best practices to ensure treasury teams have the right amount of cash in the proper currency at the right time to cover vendor and supplier payments and ensure they maintain a strong liquidity position as they ride out the supply chain storm.

Another challenge FX risk managers are having to contend with is the by-product of improper posting of multi-currency transactions within their ERP system(s). When volatile currency markets are creating significant directional moves in various currency pairs, it often uncovers multi-currency accounting posting mistakes as well as missed exposures. This missed exposures and improper accounting postings can results in very surprising results that often create significant FX losses. The most frustrating aspect of these types of FX impacts is that they are entirely self-inflicted.  With proper Exposure Data Integrity Analytics and robust and dynamic exposure capture processes, these self-inflicted currency impacts can be anticipated and avoided.

Ultimately, Treasury teams that can monitor and manage their liquidity and working capital FX exposure in a single integrated platform have a distinct advantage in the current market.

 

How does BRITA GmbH use Nomentia Payments in Germany?

| 01-12-2021 | treasuryXL | Nomentia | LinkedIn |

BRITA GmbH, a German water filter manufacturer with total sales of 617 million euros in the business year 2020 and 2,205 employees worldwide at the end of 2020, is the market leader in drinking water optimization and individualization. The company is represented by 30 national and international subsidiaries and branches as well as shareholdings. Brita has manufacturing facilities in Germany, Italy, China and the United Kingdom.

The challenge

Brita has a complex business. The company’s products are distributed globally in over 70 countries on all 4 continents.

Brita’s treasury department was facing the following challenges:

 

– The used multibank payment tool was discontinued.

– Lack of a system that is independent of banks.

– Lack of centralization of treasury and cash management.

 

Currently, cash management is not centralized in the company. But there are group requirements setting a minimum standard for banking systems. However, rolling out the project in Germany was the first step to evaluate the possible adoption also by the subsidiaries.

To roll out Nomentia worldwide and achieve the goal of having one system for all payment transactions, first, Brita needs to take a few vital strategic moves, such as ensuring that all subsidiaries are using a group bank and the same ERP system, as well as setting up connectivity with all the group banks to be able to handle also those payment types that cannot go through Electronic Banking Internet Communication (EBICS).

The solution

Instead of working with as many as 7 different banks just within Germany to process payments, Brita chose to use Nomentia, as a single tool that is independent of banks.

Currently, Brita is connected to two major global banks and a few local banks through EBICS. They are currently discovering the possibility to add more connections, like a host-to-host connection to a major global bank.

In the beginning, Brita’s treasury and IT departments had to work closely with Nomentia to set up the project that required a lot of communication from both parties.

 

“Once our IT understood that Nomentia can do magic by connecting to our ERP system, retrieve a file from the bank and send it to our ERP in the right format, it was easy to get their buy-in. Our team had a lot of experience with long ERP projects and they were impressed with Nomentia’s capabilities” – said Doreen Lenk, Manager Group Treasury & Risk Management.

 

Nomentia’s Payments solution is currently used by almost all Brita’s German branches and they are currently in the middle of rolling out the solution in Italy. In case that’s a success, they may look at starting to use Nomentia in other countries as well.

The benefits

Rolling out a new product for treasury management can often be a challenge. It requires strategic planning from the department, cooperation with IT, and working closely with the solution provider. In addition, aligning the group in different countries also requires a lot of paperwork as well as training.

Brita has realized three key benefits of working with Nomentia. These benefits can be even further realized after further adoption of the solution.

1. One system for all in Germany for better processes and decreasing the number of errors

 

The biggest benefit has been that German branches can use one tool to communicate with all German banks. Without Nomentia, Brita would be working with several systems from several banks. Now all transactions go through Nomentia which makes the process less error-prone.

2. Automated processes

 

The processes have been automated for the German branches and this saves a lot of time for the accountants. As Nomentia is also integrated with SAP, they can see all the invoices from SAP, too.

3. Avoid fraud

 

With having just one system in place, it’s easier to have the highest level of transparency of the transactions and access rights.

 

 

CONTACT US 

 

 

WEBINAR ALERT | Everything you need to know about payments for future-proof cash and treasury management

treasuryXL | Nomentia |

 

Date & time: December 2, 2021 at 2.00 pm CET | Duration 45 minutes

Finding the optimal payments process can be challenging. Therefore, TreasuryXL and Nomentia experts join forces to discuss payments in more detail.

Join the webinar to learn more about: 

  • Introduction TreasuryXL and Nomentia
  • Payment set-ups for a future-proof multinationals
  • Areas of new developments and challenges
  • Dealing with different bank connections and ERP interfaces
  • The involvement of IT in technical payment set-ups 
  • User management
  • Fraud management
  • Putting it all together

At the end of the webinar, we’ll have time for a short Q&A session to answer your questions.

Click on the banner for registration.

Meet the speakers

Kees-Jan Kindt

Seasoned Treasury Expert
TreasuryXL / Gazprom

Huub Wevers

Huub Wevers

Senior Sales Manager
Nomentia

Tapani Oksala

Solutions Manager
Nomentia


 

 

Cash Flow Forecasting – Why having the right tools can prove a significant advantage

| 10-11-2021 | treasuryXL | Nomentia | LinkedIn

Introduction David Kelin

 

 

David Kelin is the Managing Director of DNA Treasury Limited. He is a cash management specialist with over 30 years of experience working with corporates and financial institutions. Expertise in helping companies analyse their cash management requirements. He has experience in providing advice on treasury management systems selection. Recently he attended a roundtable discussion on cash flow forecasting for Nomentia, and tells us why cash flow forecasting is a crucial activity for every treasury department.

 

 

 

Round table on cashflow forecasting

I recently chaired a roundtable discussion on cashflow forecasting for Nomentia, a market-leading cash management & treasury solutions provider headquartered in Finland. The group included a cross section of treasury professionals representing a wide range of industry sectors and companies of varying sizes but each shared one common objective: how to best improve their cashflow forecasting processes and methods.

Of the many interesting themes to emerge, one challenge remained agnostic to each treasurer: securing ongoing collaboration from their business units and subsidiaries in the provision of reliable, consistent and accurate cashflow data. Given the importance of accurate cashflow forecasting for organisations of all sizes in today’s economic climate, this is one area of the cash forecasting process we’ll return to at a later stage in this article.

According to the Office of National Statistics (ONS) in the UK, 90% of businesses fail due to cash flow issues. Sir Richard Branson summed it up very well when he said, “Never take your eyes of the cash flow because it’s the life blood of the business.”


Focus on cash flow

Cash flow management is crucial for business survival and well-informed decision making around cash flow maximisation can ensure companies are adequately equipped to navigate times of uncertainty and plan for the long-term. Focussing on cash flow, rather than profit, is what successful businesses do. Let’s think of this in simple terms: a profit-making business that does not manage its cash flows effectively can struggle to pay suppliers and suffer from subsequent delays in meeting customer demand. The end result is unhappy suppliers, lost customers and a negative impact on profits.

The burning question therefore remains, if we unanimously agree that cash flow management is vital to business success, then why does it continue to prove an ongoing headache for many organisations. A sentiment I regularly encounter when meeting with treasurers across my network and hotly resonated during the course of the roundtable in question.

Data is key

When we explored this matter in more detail there was a broad consensus that cash flow forecasting is only as good as the data it comprises. The old adage of Garbage In, Garbage Out (GIGO) is true for cash flow forecasting. Inaccurate data leads to inaccurate forecasting, rendering the process inadequate and almost unfit for purpose.

The key outcome? Data is absolutely key. But data can come from many different sources for example the P&L, ERP systems, payroll etc. These data sources tend to be reliable in so much as they reflect known activities, however as a panel member correctly pointed out, relying on data that is derived from the P&L alone, to produce the forecast, does not lead to accuracy. You must also get the business units to provide and update cash flow forecast data in order to complete the picture.

Securing business unit ‘buy-in’ to the benefits of the forecasting process and, just as importantly, being able to depend on their full collaboration around accurate data provision can sometimes prove a hard challenge – here’s some guidelines to increase your likelihood of success:

  1.  Get senior management buy-in: the panel agreed it’s not enough for Treasury to simply tell the businesses to provide accurate, timely and reliable data. The process should be endorsed and championed by senior management through regular communication to the business units
  1.  Communication, Communication, Communication!: business units must also buy-in to the process. Companies that are the most successful at cashflow forecasting agree that when business units understand the importance of good forecasting, they tend to do a better job of providing quality data. A good example of this was offered by one of our panel members –

We meet with our business units on a regular basis to explain why we ask them for cash flow forecast information. We always say that poor cash forecasting affects our bottom line. If you get your forecasting wrong, then your exposures are wrong, your hedging is wrong and this can ultimately lead to a potential FX loss which in turn, affects the P&L.”

Another treasurer further explained:

The best business units are those who have bought into the forecasting process and understand its importance to the whole organisation. They take pride in providing accurate data in a timely manner. This behaviour doesn’t happen overnight but as a result of a change in the company culture which they have bought into. Cash flow forecasting is now part of our Key Performance Indicators (KPI’s).”

  1.  The right tools for the job: getting buy-in from business units takes more than just great communication. Panel members were clear that you need to make the data provision process as easy as possible, given most business units are busy running day-to-day operations and have limited bandwidth.

Providing the right tools for the job demonstrates treasury’s commitment to supporting business units with their part of the process. Spreadsheets can be a quick, no-cost tool of choice but are prone to human error and require consolidation at treasury level. Spreadsheets are also time-consuming, not user-friendly and limit data manipulation capabilities around forecast comparisons, variance analysis, what-if scenarios etc. Modern and affordable specialist cloud cash forecasting systems are fast replacing spreadsheets as the forecasting tool of choice, allowing business units input or update data from anywhere, quickly, efficiently and accurately.

In summary, cash flow forecasting is a crucial activity for treasury departments everywhere but to do it well you need to ensure that the entities supplying the information have bought into the process and are provided with the best tools for doing it.

 

CONTACT US 

 

 

 

 

Kyriba Fact Sheet – Payment Errors & Compliance Violations

27-10-2021 | treasuryXL | Kyriba |

Payment errors and compliance violations cause significant losses for businesses of all sizes. Fraud alone cost companies more than $42 billion last year, according to PwC’s Global Economic Crime and Fraud Survey.

The repercussions are wide-ranging, from arduous public disclosures and legal fees to reputational damage. Some are the result of attacks by elite cybercriminals, while others are simple mistakes made by careless or inexperienced employees. Kyriba’s Payments Fraud Solution delivers confidence that payment fraud attempts, errors and policy violations are captured, identified, and eliminated, saving your organization time, effort, and money.

Have a read of Kyriba’s Fact Sheet to learn more about payment errors and how Kyriba can help you.

Kyriba Unlocks Access to $15 Trillion Payment Network with Launch of Open API Platform

25-10-2021 | treasuryXL | Kyriba |

Kyriba, a global leader in cloud-based finance and IT solutions, today announced the launch of its Open API Platform to enable composable technology solutions for CFOs, CIOs and Treasurers, and accelerate the next generation of finance innovation. Kyriba’s Open API Platform streamlines the creation and connectivity of new applications for the company’s trusted network, which connects 1,000 banks, manages over a million bank accounts, and processes over 200 million payments worth 15 trillion USD annually.

The Open API Platform is accessible through Kyriba’s newly launched Developer Portal, which connects fintech developers to Kyriba’s 2,000+ global corporate clients who have integrated Kyriba into their treasury processes, enterprise payments systems, and ERP platforms.

 

“Kyriba Open API Platform will radically unlock fintech innovation for enterprise CFOs and their CIO counterparts,” said Boris Lipiainen, CTO of Kyriba. “Beyond simplifying and accelerating bank and ERP connectivity, fintech developers will bring new apps to the Kyriba network and empower the next generation of financial technology.”

 

APIs are transforming the way Finance and IT consume and integrate data and are the gateway to delivering real-time services, artificial intelligence, and composable digital finance solutions for CFOs and CIOs. According to Gartner® research, “Gartner predicts through 2024, 50% of financial application leaders will incorporate a composable financial management system approach to their solution selection. Gartner defines a composable architecture as one where highly modular applications can be composed and recomposed to deliver capabilities and outcomes that keep up with the rapid pace of business change1.”

 

“Kyriba’s Open API Platform eliminates the need for internal IT teams to deliver a patchwork of custom interfaces and RPA bots to satisfy the growing need for hyperautomation,” said Félix Grévy, VP of Open API and Connectivity at Kyriba. “Our Platform enables Kyriba clients and our network of development partners to accelerate product innovation and deliver composable technology solutions to eliminate fraud, mitigate risk and optimize enterprise liquidity.”

 

For more information about Kyriba’s Open API Platform, visit Kyriba.com or the Kyriba Developer Portal and listen to their webinar APIs:The Catalyst for Real-Time Treasury.

A 360 Degree View On Security

| 13-10-2021 | treasuryXL | Nomentia |

One would think data protection and security measures are baked into our identity as digital people, especially in a year where we are working remote more than ever. But is it though? The breaches show that security is too often seen as something to kind of ‘wing it’. And there is an eternal question whether the best way to a secure IT environment is to educate the employees to make the right decisions or to put measures into place.

We personally believe that security and combatting Fraud is a combination of people, processes, and tools. Security literacy is a skill everyone should have and constantly develop, and companies can further support this by making use of tools such as multi-factor authentication to mitigate risks and implementing processes to keep their corporate environments safe. We think security deserves a 360 degrees view in an organization that is implemented throughout their solution landscape.

Login & User access control

This is a simple thing organisations can implement either with Single-Sign-On and/or multi-factor authentication. Multi-factor authentication (MFA) is a method of authentication that requires the use of more than one verification method and adds a critical second layer of security to user logins. A user is only granted access after successfully passing all authentication phases. The different factors are based off of different things as opposed to a simple password which bears some vulnerability. The first authentication phase is based on knowledge. A person needs to know their username and password, and this can also be initiated through single sign on with corporate credentials for a further security increase. The second authentication phase is based on possession. A person must possess and have access to a mobile phone to for example receive a code per text message or a phone call to double authenticate the log-in.

In practice this means, even if a username and password get compromised, cyber criminals will still not be able to login to the account protected with multi-factor authentication. And neither does a stolen mobile phone as both phases are required for a successful login.

One of the potential downsides to multi-factor authentication is that it adds one extra step in the process. And I can admit myself, every time I am going through the process of logging into our internal tools, we are sometimes a bit impatient while waiting for the text message. But it’s a small trade-off for security. Especially since single-sign on also adds convenience.

Single sign on means that people can log into systems with their corporate credentials and just speed up the process on that end. It’s fast and adds an additional security layer which is extremely powerful if paired with MFA.

Integrations

This is a crucial part in terms of security. We believe that monolithic enterprise platforms are dead and best-of-breed solutions that are highly integrated are the future. This best-of breed approach however also ads emphasis on the need to ensure the integrations are safe. Which data is travelling via which channels from where to where? How is the data in transit being secured from theft and man-in-the-middle attacks?

The first step is to map out all needed integrations and systems and create a use case scenario and based on this define the needed setup. For instance, in the context of cash management you might for instance end up protecting payment information with a higher security standards than a simple accounts payable extract that is used to cash forecasting only. The key is to have a companywide and regularly maintained risk analysis process that recognizes risky areas, measures the levels of set controls (preferably audited by external experts) and constantly comes up with better and better controls.

User access control

Understanding and carefully designing which user has access to which data and processes is not bullying your employees but is a crucial step in setting processes in place that further support security. In our case, our customers need to answer questions such as: which user can approve payments, who can add a new account number to the system, who can manipulate user rights, who can make a manual payment, or who can view balance information from banks and the likes.

Infrastructure and Platforms

Making sure that you run your IT infrastructure and solutions on secure platforms is a crucial control point. One would think that in this day and age that shouldn’t be a question anymore, yet we would recommend checking this anyway. How is the user access to databases and servers or other backend artifacts controlled? Are your administrators using multi-factor authentication? Have you segregated the so-called privileged access and user accounts? Do you keep a list of such accounts? Do you collect logs from your systems and store them securely?

Many industry standards come handy here. For us relevant standards are for instance ISO 27001 and ISAE 3402 auditing framework. In our domain particularly relevant is SWIFT Customer Security Program (CSP) which is a security framework developed and derived for financial industry from such international standards such as NIST and PCI DSS. All these standards should not be considered just as acronyms but a toolbox that can help you to build a company culture that takes security seriously in every step and by every employee in every role.

Security comes from within

Above are the steps that each organization can take to ensure that their set-up is secure. Let’s face it, there is no such thing as absolute security. But by establishing a strong security culture in your organization we believe you can make it really hard for criminals to gain access to our systems.

If you want to reach have an assessment of your security measures in terms of people, processes and tools for your cash management, please get in touch with us and we will assess your set-up and provide you options how you can further tighten your security. Cash is king, but hopefully a well-protected king.

CONTACT US