BCR Publishing
We are the leading provider of news, market intelligence, events and training for the global receivables finance industry.
Working with industry leading organisations, experts, governments and universities, BCR Publications delivers expertise in factoring, receivables and supply chain finance to a global audience.
BCR has long been a beacon of innovation and excellence in the realm of receivables finance, playing an instrumental role in shaping the industry’s international landscape. Through its comprehensive conferences, insightful publications, and thought leadership, BCR has facilitated crucial dialogues and connections among industry professionals, driving forward the development of receivables finance globally.
How Can Treasurers Gain from an Intercompany Netting Strategy?
18-10-2021 | treasuryXL | Gtreasury |
As a treasury tactic proven to deliver significant workflow efficiency and clear cost savings, intercompany netting is implemented far less common than its benefits merit. With a netting process, payables and receivables between multiple entities are no longer handled one at a time, but all at once. Furthermore, with intercompany netting, all the transactions between the subsidiaries are replaced with singular transfers between a Netting Center and each subsidiary, in the home currency of the subsidiary. For what kind of businesses is intercompany netting beneficial, and what are the key pain points that are leading organizations to consider intercompany netting strategies?
Read the full Article
About GTreasury
For more than 30 years, GTreasury has delivered the leading digital Treasury and Risk Management System (TRMS) to corporate treasurers across industries. With its continually innovating Software-as-a-Service platform, GTreasury provides customers with a single source of truth for all their cash, payments, and risk activities. The TRMS solution offers any combination of Cash Management, Payments, Financial Instruments, Risk Management, Accounting, Banking, and Hedge Accounting – seamlessly integrated, on-demand worldwide and fully secured. Headquartered in Chicago with offices serving EMEA (London) and APAC (Sydney and Manila), GTreasury’s global community includes more than 800 customers and 30+ industries reaching 160+ countries worldwide.
#9 Not Searching For Alternatives
14-10-2021 | treasuryXL | Xe
This is the last part of XE’s ‘9 Mistakes Your Business Should Avoid’ journey. We have reflected upon Currency risk mistakes that companies worldwide often make. It is important to learn from these mistakes in order to avoid them. The message of this manual is that paying attention to foreign currency can deliver benefits ranging from increased value to better Risk management. To reap the benefits, it is important to work with a currency provider who understands what you need and who can help you achieve your goals. It is possible that your current currency provider can provide that, but if you don’t look around you won’t know if it might be better.
“Aandacht besteden aan vreemde valuta kan veel voordelen opleveren, variërend van meer waarde tot beter risicobeheer.”
Niet rondkijken naar alternatieve valutaservices is dan ook een enorme fout. Het is mogelijk dat u daardoor betere koersen misloopt, geen gebruik kunt maken van diensten waarvan u het bestaan niet kende en valuta niet strategisch kunt benaderen zoals zou moeten als praktijk en beleid een afspiegeling zouden moeten zijn van uw handelsomgeving. Ga er niet van uit dat de diensten die uw bank verleent, van het niveau en de kwaliteit
zijn die u nodig hebt. Het is gemakkelijk om bij uw bank te blijven en de zekerheid te hebben van een vertrouwde provider. Maar uw bank kan wellicht niet dezelfde verscheidenheid aan valutadiensten bieden als een gespecialiseerde provider die alleen vreemde valuta doet. Dat wil niet zeggen dat u de hype van concurrerende providers moet volgen. Als bijvoorbeeld een koers te goed klinkt om waar te zijn, dan is dat ook vrijwel zeker het geval. Wees ook sceptisch als providers u aanmoedigen om te gaan speculeren op valutamarkten of u ervan proberen te overtuigen dat ze koersschommelingen kunnen voorspellen.
Het klinkt misschien tegenstrijdig, maar de beste hedgepositie is degene die geen voordeel oplevert: een verzekering die u afsluit voor het ergste geval, terwijl u hoopt op het beste, namelijk dat de valutamarkten niet in uw nadeel bewegen. In werkelijkheid biedt zelfs een geslaagde hedge slechts wat meer tijd. Wat u nodig hebt, is een provider die de tijd neemt om erachter te komen wat de specifieke eisen van uw bedrijf zijn in plaats van een standaardservice te bieden. Competitieve koersen spelen natuurlijk een rol bij uw zoektocht, maar moeten zeker niet uw enige overweging zijn. U hebt een provider nodig die een oplossing op maat kan ontwikkelen die aan al uw eisen voldoet en u kan helpen om uw toekomstige risico effectiever te beheren. Neem met minder geen genoegen.
Klik hier voor meer Info en Download WhitePaper
A 360 Degree View On Security
| 13-10-2021 | treasuryXL | Nomentia |
One would think data protection and security measures are baked into our identity as digital people, especially in a year where we are working remote more than ever. But is it though? The breaches show that security is too often seen as something to kind of ‘wing it’. And there is an eternal question whether the best way to a secure IT environment is to educate the employees to make the right decisions or to put measures into place.
We personally believe that security and combatting Fraud is a combination of people, processes, and tools. Security literacy is a skill everyone should have and constantly develop, and companies can further support this by making use of tools such as multi-factor authentication to mitigate risks and implementing processes to keep their corporate environments safe. We think security deserves a 360 degrees view in an organization that is implemented throughout their solution landscape.
Login & User access control
This is a simple thing organisations can implement either with Single-Sign-On and/or multi-factor authentication. Multi-factor authentication (MFA) is a method of authentication that requires the use of more than one verification method and adds a critical second layer of security to user logins. A user is only granted access after successfully passing all authentication phases. The different factors are based off of different things as opposed to a simple password which bears some vulnerability. The first authentication phase is based on knowledge. A person needs to know their username and password, and this can also be initiated through single sign on with corporate credentials for a further security increase. The second authentication phase is based on possession. A person must possess and have access to a mobile phone to for example receive a code per text message or a phone call to double authenticate the log-in.
In practice this means, even if a username and password get compromised, cyber criminals will still not be able to login to the account protected with multi-factor authentication. And neither does a stolen mobile phone as both phases are required for a successful login.
One of the potential downsides to multi-factor authentication is that it adds one extra step in the process. And I can admit myself, every time I am going through the process of logging into our internal tools, we are sometimes a bit impatient while waiting for the text message. But it’s a small trade-off for security. Especially since single-sign on also adds convenience.
Single sign on means that people can log into systems with their corporate credentials and just speed up the process on that end. It’s fast and adds an additional security layer which is extremely powerful if paired with MFA.
Integrations
This is a crucial part in terms of security. We believe that monolithic enterprise platforms are dead and best-of-breed solutions that are highly integrated are the future. This best-of breed approach however also ads emphasis on the need to ensure the integrations are safe. Which data is travelling via which channels from where to where? How is the data in transit being secured from theft and man-in-the-middle attacks?
The first step is to map out all needed integrations and systems and create a use case scenario and based on this define the needed setup. For instance, in the context of cash management you might for instance end up protecting payment information with a higher security standards than a simple accounts payable extract that is used to cash forecasting only. The key is to have a companywide and regularly maintained risk analysis process that recognizes risky areas, measures the levels of set controls (preferably audited by external experts) and constantly comes up with better and better controls.
User access control
Understanding and carefully designing which user has access to which data and processes is not bullying your employees but is a crucial step in setting processes in place that further support security. In our case, our customers need to answer questions such as: which user can approve payments, who can add a new account number to the system, who can manipulate user rights, who can make a manual payment, or who can view balance information from banks and the likes.
Infrastructure and Platforms
Making sure that you run your IT infrastructure and solutions on secure platforms is a crucial control point. One would think that in this day and age that shouldn’t be a question anymore, yet we would recommend checking this anyway. How is the user access to databases and servers or other backend artifacts controlled? Are your administrators using multi-factor authentication? Have you segregated the so-called privileged access and user accounts? Do you keep a list of such accounts? Do you collect logs from your systems and store them securely?
Many industry standards come handy here. For us relevant standards are for instance ISO 27001 and ISAE 3402 auditing framework. In our domain particularly relevant is SWIFT Customer Security Program (CSP) which is a security framework developed and derived for financial industry from such international standards such as NIST and PCI DSS. All these standards should not be considered just as acronyms but a toolbox that can help you to build a company culture that takes security seriously in every step and by every employee in every role.
Security comes from within
Above are the steps that each organization can take to ensure that their set-up is secure. Let’s face it, there is no such thing as absolute security. But by establishing a strong security culture in your organization we believe you can make it really hard for criminals to gain access to our systems.
If you want to reach have an assessment of your security measures in terms of people, processes and tools for your cash management, please get in touch with us and we will assess your set-up and provide you options how you can further tighten your security. Cash is king, but hopefully a well-protected king.
CONTACT US