Treasury 
Risk Management 
Payments 
Connectivity 
Working Capital 
Accelerate ERP Migrations 
Cash Forecasting 
FX Risk Management 
FX Exposure Management 
Enterprise Security 
Fraud Prevention 
Supplier Financing 
Real-time Payments 
Office of the CFO 
Treasury 
Information Technology 
Retail 
Financial Services 
Higher Education 
Healthcare 
Manufacturing 
Enterprise ($1 billion+) 
Mid Sized Companies 
Banks 
Public Sector 
Blog 
eBooks 
Webinars 
Videos 
Podcasts 
News 
Success Stories 
FAQs 
Value Engineering 
KYRIBA FOR KYRIBA 
KYRIBA FOR COMMUNITY 
About Us 
Culture & Values 
Recognition 
Leadership 
Careers 
Contact Us 
Best Practices for Treasury Business Continuity Planning
Much of the world is still dealing with the business and financial complications of COVID-19. This outbreak, and the uncertainty that has followed, serves as a reminder of the importance of having a business continuity plan.
Treasury Business Continuity
The cloud offers a very different way of thinking about business continuity planning (BCP). The best feature of the cloud is that it takes the entire software solution (and data) off your premises. Data centers used by a cloud treasury provider such as Kyriba reside in different global locations than the company offices, so your treasury management system still operates without interruption even if the company offices are disabled or inaccessible.
Further, cloud treasury providers maintain their own business continuity plans to ensure the treasury software-as-a-service is always running. They build in redundancy of operations, replicating the entire environment so that all the data, the user interfaces, the bank connections, and the security protocols are all available in the “backup location.” If done well, a treasury team should not be able to tell if they are in the primary environment or in the backup.
It is especially important that the security is identical in business continuity mode because if that were not the case, then fraudsters would simply focus their hacking efforts on putting platforms into a backup state where systems could be more easily exploited.
The other characteristic of cloud-based treasury systems is that those systems are globally accessible via the cloud. Because of this, the same workflows can be run anywhere in the world by authorized users. If set up correctly, the treasury system will feature standardized templates, processes, and visual workflow maps so that temporary and new employees can be onboarded quickly.
This ensures that treasury is run the same way no matter who is performing the tasks. This is especially important for business continuity because part of an effective BCP program is ensuring smooth operations even when treasury personnel in the main office are not available. Whether their location loses power or internet access – or the treasury team’s number came up in Powerball lottery – the reality is that the need for treasury exists whether that team is available or not. The right treasury technology deployment will have standardized workflows that can be managed by anyone that is authorized from anywhere the company operates.
Treasury Software Must Be Versatile
Treasury management systems need to be mobile. This is more than just being available in the cloud, however. Treasury systems need to work whether the user is at home (possibly on a really old desktop with an old internet browser), via a tablet or smartphone, and with low-speed web connections (e.g. having to use your iPhone as a hotspot for your laptop to get online). If a treasury system cannot support multiple scenarios, it isn’t going to be a reliable component in your treasury’s business continuity plans. And, unfortunately, there are still treasury systems that are not device-independent. Make sure that your business requirements also include testing just how mobile your treasury system actually is.
Data Security Is Really Important
While we briefly discussed the importance of a vendor maintaining security protocols in both production and BCP mode, the treasury team must have the same consistency in their application security. Presuming treasury’s choice of technology aligned with the organization’s information security policies, there will be certain authentication protocols used to log into the treasury system. They may include multi-factor authentication using hard or soft tokens, IP Filtering, virtual keyboards, and/or single sign-on (SSO).
Invoking business continuity plans cannot mean that these security policies are abandoned, even for a short period of time. Such exceptions to policy seriously expose treasury to risk of internal fraud or cybercrime. Login procedures to treasury systems must be part of business continuity planning because “it was a disaster” is not an excuse to resort to only using a user ID and password to access your treasury system.
Maintaining effective financial and treasury information security means that the right login controls are always in place – in normal mode and during a business continuity plan. Data must remain encrypted at all times. And treasury workflows – including setting limits, separation of duties and real-time transaction screening – must be exactly the same, no matter the scenario. Any deviation from these requirements means that your organization’s financial data and assets are at risk. Because, as we know, effective fraud attempts are well researched with many puzzle pieces put together over months or years. And if your treasury system has a weakness that can be triggered simply by making the company’s power go out or internet go offline, we would be kidding ourselves if we think that exposure wouldn’t be uncovered by the wrong people.
Business continuity is about maintaining business operations – but it is also about maintaining a consistent level of security and protection from fraud and cybercrime. The right treasury technology can make your treasury team and organization safer.
Related Resources
-
How Benchmarking Enables Treasury Project Funding & SuccessBenchmarking can be a critical tool in helping treasury secure a budget, providing the CFO and other key stakeholders with a clearer understanding of current state vs. future state gaps and potential return on...Read more -
Working Capital Offers an Advantage in Times of VolatilityWhat seems to be an endless news cycle of uncertain economic headwinds has resulted in continuous corporate strategy refinement and the need for real-time insights into working capital impact. This economic pressure has resulted...Read more -
The Four Reasons SVB is a Wake-Up Call to Automate TreasuryCFOs’ worst fears for cash and financing tied directly to Silicon Valley Bank appear to have been alleviated by the U.S. Government’s takeover of the bank. But anyone thinking the crisis is over missed...Read more
Related Resources
-
Bank Connectivity in the CloudTreasurers today have an increasing demand for cash visibility, improved controls, and straight through processing. Cloud solutions provide a cost-effective and easily deployed answer to these treasury needs, delivering connectivity to all your organization’s banks for...View Recording -
AFP TIP Guide: Business Continuity Planning – Why Treasury Needs a Plan BTreasury is a critical operation within any organization. With Business Continuity Planning, Treasury has yet another opportunity to demonstrate their leadership by ensuring BCP is a core component of treasury’s risk management plan.Download the eBook -
Episode 14: How CFOs Drive Strategy and Manage Uncertainty*Accepting cookies will allow the podcast player to be displayed. How CFOs Drive Strategy and Manage Uncertainty This episode features an interview with Laurie Krebs, CFO at Red Hat talking to The Invisible Vault...Listen to the Podcast