Empower Payment Security with a Multi-bank TMS

Fortifying Payment Security with a TMS

Treasurers have a lot on their plate: managing risks, controlling cash, processing payments, reporting to various stakeholders and much more. That on its own would be enough. But over the last few years, internet attacks and payment fraud have increased the need for payment security in treasury. As the treasurer, you are called upon to step in and steer the company clear of these threats. No doubt there are times when you are tempted to give up in the face of the multitude of complex tasks that confront you as a treasurer. And maybe you’re looking at system support as your lifeline.

My tip gleaned from more than eight years of experience advising international companies: if you are looking for support, look no further than a TMS which can also be used as a multi-bank payment solution. This gives you control of all data required for treasury activities and all payments but also provides visibility of all cash flows and enables secure processes to be established within your company and in dealings with payees. In short, you achieve security across the board.

In this post, I shine a light on payment security in treasury departments of typical companies and compare the situations. As you will see, system support simplifies tasks and steers all of your processes on a safe, secure path. A multi-bank TMS also reliably protects your money during the payment process. It is time to start thinking about the role of payment security in treasury.

The example we examine is a typical international company that has several subsidiaries with treasury departments that have only a few staff. This company faces the major challenge of capturing complex data and at the same time meeting extensive payment security requirements.

Chaos vs. visibility

Companies without system support

• Treasury usually receives important information late and from various sources via complex processes.
• Subsidiaries often need to be chased several times to provide outstanding reports on the previous period and complex tables with planning figures for the future. Collecting subsidiary account statements is a painstaking process.
• There is no overall view of financial transactions for the whole group and no summary of the current financial situation in the form of a group-wide financial status overview.
   

Companies with a multi-bank TMS

• Data is captured on a single platform and is available to all entities. A web-based, multi-bank TMS encourages group-wide collaboration: data can be entered anywhere in the world and is accessible from anywhere in the world, in real time and with the highest data quality.
• Account statements are automatically collected and imported. All processes – whether in relation to the planning data of individual subsidiaries or cumulative payments by head office – are transparent and controllable.
• Treasury sees where money is needed in the company and controls where payments go.
   

Payment Security Vulnerability: Various banking tools vs. centralized payment platform

Companies without system support

• Each subsidiary has its own historical structure which has evolved over time and various payment solutions.
• The many banking connections and a large number of people involved in payments present countless opportunities for fraud and manipulation.
• Using the various tools is complicated, can lead to errors and can cause users to ignore security instructions.
• In addition to the multitude of banking solutions and tools, there is also a multitude of systems in which the master data is managed. This is not only tedious, but also carries a great deal of risk: fraud involving falsified master data is among the most common types of payment attack. Manipulating the data of invoice recipients, for example, is simple.
• Predominantly manual processes lead to errors in data entry and transmission and represent a security vulnerability that opens the door to internal fraud.
• Whether errors or fraud, both cases can only be detected at a late stage, exacerbating the damage.
   

Companies with a multi-bank TMS

• All entities of the company use a single payment platform as the only banking tool for group-wide payments. This provides security on the user side, as there is only one interface for all payments and for all banks.
• Master data is managed in a single system. Only a few administrators have access rights and new entries or changes to master data are subject to a multi-level approval process.
• There is a single point of entry to the sensitive payment area, enabling efficient protection. With Coupa Treasury, access can be secured via two-factor authentication using a state-of-the-art mobile app which is user-friendly and meets the latest encryption standards.
• Many payment processes are automated, eliminating errors and fraudulent interventions.
• Treasury has an overview of all processes at all times and can act in a timely fashion.
   

Payment security vulnerability vs. security through integrated permissions model and automation

Companies without system support

• Single payments are among the most fraud-prone payment types as they are set up manually on an ad hoc basis.
• Companies without a TMS do not have secure process flows, meaning individual employees can deliberately or unintentionally initiate falsified single payments.
• A call from the alleged CEO with instructions to urgently transfer millions can dupe even the most loyal employees into doing the fraudsters’ dirty work.
• Opportunity underpins fraud: a lack of practicable security precautions, such as separation of duties or a dual approval process, has already led to embezzlement at well-known companies.
   

Companies with a multi-bank TMS

• With a multi-bank TMS, payment processes are clearly defined and managed in the system: the roles and rights of each individual user are regulated, from creating master data and setting up payments to authorizing and processing payments.
• Basic security principles such as dual approval and separation of duties are built into the system. Limits can also be added for single payments and linked to specific organizational levels.
• “Fake CEO” scams are thwarted by the system’s built-in permissions and roles model.
• A multi-bank TMS enables users to work with automated processes and predefined templates, for example for internal payments and for payments in foreign currency deals. Closed circuits of this kind prevent manipulation and increase the efficiency of payments.

This brief insight into how different treasuries operate makes one thing abundantly clear: there is a gulf between the treasury departments in companies without system support and those in companies with a multi-bank TMS. What is your current treasury situation and where would you ideally like to be? Want to move your treasury operations forward and safeguard your payments efficiently? Time to discover Coupa's range of treasury services.
 

Payment Security in Treasury – At a glance:

Companies without a TMS

• Various treasury department structures across subsidiaries
• Various payment solutions
• Master data needs to be managed across various systems
• A large number of banks and accounts
• Various banking tools and security systems
• Error- and fraud-prone, manual data entry
• Late identification of errors and fraud
   

Companies with a multi-bank TMS

• Standardized group-wide treasury structure
• A single platform for all payments
• A standardized banking tool
• A single system for managing master data
• Secure and compliance-friendly permissions model using built-in centrally managed users and roles
• Secure and efficient templates for internal payments and payments in foreign currency deals

Want to learn more about our powerful treasury solutions? Time to discover Coupa Treasury.