Tag Archive for: prevention

Nomentia Cash Management Release Info Event

| 15-06-2021 | treasuryXL | Nomentia |

Welcome to the Nomentia 2021 first release information event this year to hear and see the top new features and updates of the Cash Management solution.

The webinar is on June 22nd 15:00 CET / 16:00 EET with a duration of 45 minuten. As we are updating the solution frequently, we will invite you to our biannual release information events so that you can stay up to date with the latest releases. In this session, we will introduce the best picks of the new features from all Nomentia Cash Management modules.

In the webinar, we will cover the following areas:

At the end of the webinar, you will have the opportunity to ask questions.

The webinar will also be recorded and we will send it to you shortly after the webinar has ended.

REGISTER NOW

 

Meet the speakers

Jaakko Kilpinen

VP of Product and Solutions, Nomentia

Jaakko has over 20 years of experience in corporate cash management and has deep expertise in cash forecasting, netting, and In-House banking. Jaakko has previously held e.g. a position as Group Treasurer in a publicly listed Finnish company.

Pamela Quiroga Badani

Solution Manager

Pamela is a finance and accounting professional. Previously, Pamela worked as a Finance Analyst and for the past four years, she has been working with implementations in consultant and project management roles.

About Nomentia

Nomentia is a Nordic powerhouse for global cash management. We believe in a world in which businesses can make the right decisions no matter how unpredictable the times are. Our SaaS-based platform offers solutions for cash forecasting and visibility, global payments with bank connectivity, reconciliation, in-house banking, guarantees, and FX dealing. We serve 2,300+ clients in over 100 countries processing more than 200 billion euros annually. Cash is king!

 

 

 

 

 

 

Payment Fraud | A 750 000 euro Financial Scam that could happen even to you

| 02-06-2021 | treasuryXL | Nomentia |

Have you read the recent news on how Bol.com deposited almost 750 000 euros into a fraudulent bank account over a year ago? Simply, they thought they were making a payment to Brabantia, a household goods manufacturer. If you are not familiar with the story, here is it in a nutshell:

At the same time, Brabantia did not receive the payment, so obviously, they took a lawsuit to the court. And that was the point when the court discovered that Bol fell for a financial scam.

It all started with a legit-looking email like usually

In November 2019, Bol received an email in poorly written Dutch. Nevertheless, the email looked legit like it has been sent from Brabantia including the company’s logo. They were asking Bol.com to transfer the outstanding payment to an account in Spain.

The Bol employees fell for the trick. No surprises there, as these emails can be very well-crafted and if you have never seen one before, you could become a victim too.

The court thought the scam email was obvious and easy to recognize 

Bol tried to get out of paying Brabantia claiming that the company’s employee fell for a business email compromise, and they were accused that they did not use two-factor authentication in the Microsoft 0365 environment. The story doesn’t tell if the email was really sent from Barbantia using a stolen username and password but hopefully, it still makes you want to protect your accounts with multi-factor authentication (MFA).

Despite this, the court ruled in the favor of Brabantia and ordered Bol to pay the outstanding payment. The reasons for it were the following:

  •  The court believed the email was clearly a phishing email due to grammar errors. Previously, all communication between the two companies happened in Dutch, while the scam email was written in mixed Dutch and English.
  • The court thought that Bol should have been suspicious about the odd request to transfer money to a Spanish bank.

How to avoid something like this happening to you? 

There are a few tips that you should always remember.

  1. Always be suspicious: Always be suspicious, especially, when you are handling large payments. If you have the slightest doubt about the legitimacy of the request, something is probably wrong.
  2. Never accept a payment alone: In this case, always ask for help! Never send out payment before at least you had a second pair of eyes looking at it. In most companies, that’s an everyday process.
  3. If you are in doubt, ask for help: Still, if there is even one person that is a tiny bit unsure, don’t process the payment. Ask for more help within your treasury or financial department, procurement, or even from your cybersecurity department. Your cybersecurity team will be able to tell with high likelihood whether the email is real or not.
  4. Use a payment hub: Payment hubs come with features that enhance the security of processing payments. Consider using the following: Workflows to manage authorization of different payment flows | Approval limits for different payment types | Templates to limit and control releasing of manual payments
  5. Strict processes to update supplier master data: Supplier master data should be correct in the ERP system. It should only be managed by procurement who has strict processes in place to validate the possible changes before updating master data. Always execute payments according to registered beneficiary bank account details.
  6. Don’t skip the CyberSecurity and phishing training: While you may think it’s easy to spot phishing emails, it’s not. Especially when we are talking about financial scams. Spear phishing is a growing business and it’s expected to grow to 1,4 billion US dollars by 2022. Scammers can work even two weeks on crafting an exceptional financial scam to lure in financial professionals to make a large payment. Good phishing training should be targeted for your expertise and prepare you through challenging exercises to spot potential scams. It’s always better to report an email to your security team and ask for their opinion than make a payment and regret it later.
  7. Care about security: Security is a bigger part of treasury operations than you would think. Make sure that you care about security. Things like using a strong password, updating the password frequently, using multi-factor authentication, or not sharing user rights matter and can do a lot.

When you care about security, you also show a good example to the rest of the team.

Trust your instinct and the learnings of this story and the security training

Always rather take longer to process the payment than pay a scammer! Creating good and strict payment processes and workflows can help with this. Also, trust your own and co-workers’ instinct if you feel like something is off.

Stay curious about financial scam news to know what the latest trends are and how hackers will try to trick you. Work closely with your security department! It’s in everyone’s best interest to avoid falling victim to a scam.

It’s not a question of whether you will receive financial scams and phishing emails, but when you will get them. Be prepared that you will be targeted and face the situation with confidence to avoid making a payment.

About Nomentia

Nomentia is a Nordic powerhouse for global cash management. We believe in a world in which businesses can make the right decisions no matter how unpredictable the times are. Our SaaS-based platform offers solutions for cash forecasting and visibility, global payments with bank connectivity, reconciliation, in-house banking, guarantees, and FX dealing. We serve 2,300+ clients in over 100 countries processing more than 200 billion euros annually. Cash is king!

 

 

Barbara Babati

Barbara is working in the marketing department at Nomentia. Previously, she worked in cybersecurity and data integration industries.

 

 

 

 

 

5 concrete tips for preventing Payment Fraud

| 16-03-2021 | treasuryXL | Nomentia |

Payment fraud has become a real and permanent threat for companies of all sizes. No company can afford to close their eyes on the risks – fraudsters target all industries, and large and small businesses alike. It is the eleventh hour to start focusing on the safety of your payment process if you want to avoid financial damage.

The good news is that the fraudsters prefer easy targets, so even raising awareness on the topic in your organization is a step in the right direction. With this blog, I want to share 5 concrete tips for preventing payment fraud and improving the safety of your organization’s payment process.

Get rid of risky task combinations

Do you know who has access to your payments at each stage of the process? Risky task combinations may have formed overtime without anyone noticing that a single person can, for instance, create a new payment in the system and approve it to be paid. Overly broad user rights leave unnecessary room for both malpractice and costly mistakes. Applying strong user rights management – the four-eye principle, for example – is a quick way to reduce the risks. You should require double approval also on the changes made in the vendor master data, as well as user rights.

Build your payment process on best practices

Design a secure payment process with best practices approach. Establishing a “no PO, no pay” principle where invoices are approved for payment only if they have a purchase order number or if they are paid to registered suppliers supports preventing payment fraud. You can improve the safety of manual payments when you utilize the ready-made templates of a payment system and demand multi-factor identification from the person who makes the spontaneous request for payment. Many CFO attacks could have been prevented if the origin of an email payment request had been confirmed via another channel.

Automate and focus on end-to-end safety

You would be surprised if you knew how many companies have gaps in their payment process, creating payment fraud risk. For example, if the payment file batches are waiting to be uploaded to bank in a folder or file share, it leaves the data open for tampering even if the process up to that point had been secure. Eliminating manual phases through automation is one of the best ways to increase safety as it reduces not only the risk of fraud but also the risk of mistakes.

Improve transparency

Standardized and harmonized practices build up transparency, which makes spotting and preventing payment fraud easier. Create a uniform, company-wide process for handling payments and make sure that there are no routes round it. By centralizing all your bank connections to a single system, you will take transparency to another level, and, in addition, you are able to better control the risk related to data transfer and system management.

Keep an eye on deviations

It is not rare that payment fraud is discovered only by accident. As a part of good risk management, you need to focus also on the measures that help you spot the fraudulent payments that manage to go through your defenses. Keep an eye on payments that are going to unknown bank accounts or that are made outside normal payment schedule. Your payment system should support you in risk management and filter out deviations from your payment flows before they are paid. Machine learning and artificial intelligence will soon create new possibilities for recognizing and managing deviations in accounts payable in a more real-time and automated fashion.

Preventing payment fraud in an ever-changing threat landscape requires that you take a comprehensive and proactive approach. I recommend that you download and read our e-book, where we take a look at this topic in detail, and provide you with all the different perspectives a corporate payment process should be examined from. In the e-book, you will find best practices and concrete advice you need to keep your organization from falling victim to payment fraud.

About Nomentia

Nomentia is a Nordic powerhouse for global cash management. We believe in a world in which businesses can make the right decisions no matter how unpredictable the times are. Our SaaS-based platform offers solutions for cash forecasting and visibility, global payments with bank connectivity, reconciliation, in-house banking, guarantees, and FX dealing. We serve 2,300+ clients in over 100 countries processing more than 200 billion euros annually. Cash is king!

Meet Jukka Sallinen