Global finance professionals are challenged by time consuming and error prone manual data entry, and implementing financial controls with enhanced security against fraud and cybercrime. With increasing danger of loss from fraud and difficulty of tracking data across multiple tools and spreadsheets, leadership is asking treasury for a solution to better manage and protect their organization. The problem is that many organizations are using spreadsheets as their primary treasury management tool in spite of their lack of security, controls, and auditability.
Additional reading: T&R report: Making Strides with the Help of Technology
Transitioning from spreadsheets to a solution with proper controls is not the challenge today that it may have been five years ago. Technology innovation and implementation best practices have reduced the implementation process down from years to months, and the cost of a treasury management system is far less expensive because of the cloud. The value of implementing technology is different for each organization, and for those who are exploring the possibility of bringing on a treasury system for the first time, we have outlined several key points to protect the organization and limit the risk of fraud.
Treasury Information Security
UserID and Password aren’t enough to protect your systems, especially when payments are being initiated and approved. Multi-factor authentication, IP Filtering, virtual keyboards, and single-sign-on (SSO) help ensure that only authorized users are accessing treasury systems and information. The right cloud solutions will also offer safeguards that spreadsheets or on-premises solutions simply cannot do at scale, such as full data encryption and application level encryption. Decisions on what safeguards to employ should be made in alignment with the CIO/CTO/CISO to ensure that treasury is aligned with the organization’s information security policies.
Treasury will also be asked to align with organizational policies around business continuity planning (BCP), whether treasury systems have been evaluated for penetration testing, what sort of SLAs exist to support treasury’s 24×7 operation. Treasury will also be asked to supply a SOC2 Type II audit report for each treasury system vendor, so IT can assess the security behind each vendor’s controls.
These are the standards of security a best in class technology vendor can provide at an economical cost, and one reason why the cloud is admired among information security experts.
Reduce Payments Risk
Reducing payment risk is a primary goal for treasury teams, including unauthorized payments and enabling uninterrupted payment workflows. Technology enables visibility, control, and validation of change management so that treasurers can securely manage corporate payments.
The key to substantially reducing the risk of unauthorized payments is to develop and maintain standardization of payment policies throughout the organization. Payment policies govern how payments are initiated, approved, and transmitted to the bank – and should also document how technology is used and where encryption of information should occur. These payment policies must align with the workflows implemented in treasury technology to ensure that policies are not simply written on paper but actually executed on a daily basis. With cloud technology, payment workflows can be enforced in all global regions, across all banks, and for all payment scenarios. To be effective in combatting payment fraud, there can be no exceptions as these carve outs from standard process are the very risk exposures that internal fraudsters and cybercriminals prey upon to be steal money.
Payments and Watchlist Prescreening
Another way to improve the efficiency of business operations is to have an integrated watchlist screening solution integrated into your payments system, for notification of potential compliance issues before payments are sent to the bank. The old way of managing this issue was simply to send payments early, as treasurers knew that response times from banks measured in days if notification was received at all. While sending payments early may ensure that there is sufficient time for problem payments to be researched and cleared by the necessary date, this ‘workaround’ has a negative effect on working capital by shortening days payable outstanding (DPO). The more efficient method is to integrate payment screening against industry watchlists into your treasury and payments technology, enabling pre-notification of potential issues.
Additional reading: Reduce payments disruption and meet regulatory mandates
Improve Bank Account Controls and Reduce Fees
Bank account management is increasingly important for any organization who manages multiple accounts across several banks. As banking relationships become more decentralized and locally managed, the demand for a centralized bank account management solution increases dramatically. Without the requisite audit and controls, spreadsheets are limited to provide a proper single system of record and reliable source of electronic banking information for internal reporting and external compliance.
With a strong treasury management solution, managing signatories is not only simplified, but visibility is increased to better manage exceptions and change requests. Corporate signatories, approval levels, and bank account access all require policy controls and auditable oversight. This is important for all organizations, especially those with high turnover or those with a sudden increase in new hires due to expansion. In the absence of an eBAM solution, an organization is open to risk. Additional support from treasury technology includes automated bank fee analysis, which can enable treasury to reduce its fees with a better understanding of their monthly fee variances and enable a review of bank fee structures across banks.
The opportunity for global treasurers to streamline their manual tasks and reduce risk of payments fraud while securing bank accounts is more achievable today with advancements in technology than it has ever been. Finance leaders should empower their teams with the right tools to improve financial controls and with the added time their teams save in automating treasury operations, they can be more strategic about compliance.
This article first appeared in Treasury Management International: Improving Financial Controls with Treasury Technology
This article was edited: we see related challenges for all treasurers who are adopting a TMS which are similar to those in the APAC region