Corporates taking too much payment risk warns SunGard

Complex payments arrangements put corporates at risk of fraud

Four out of five organisations are leaving themselves open to payment fraud because of a lack of standardised payment workflows, according to a study by financial technology vendor SunGard.

According to the study, B2B Payments and Bank Connectivity, the problems were exacerbated by disparate systems and multiple banking relationships and accounts. These factors create an “overly complex” payments landscape, which causes 25% of companies to operate with more than 10 cash management banks and 23% of them operating with more than one thousand bank accounts.

While 89% of the firms polled operate across multiple countries, 55% of those with more than $1 billion in revenue rely on e-banking to connect to their banks and 15% of them still make more than 20 million payments by cheque per year. Just 29% would implement a payments project to reduce fraud and increase controls.

“Fraud has become increasingly difficult to detect, and many senior executives remain unaware of the internal fraud risks that there own firms are facing,” said Enrico Camerinelli, principal at analyst firm Aite Group. “In addition to fraud, companies with a high degree of complexity experience increased operational and transactional costs. For this reason there is an increased demand for controls such as the introduction of standard processes and technology such as a payment factory.”

The figures did suggest that the industry was gradually moving towards greater security. Some 29% of respondents use Swift, a figure which seems likely to increase with 41% expecting to use Swift in the next 12 to 24 months. Also, only 41% of respondents expected to continue to use e-banking to connect to their banks in the next two years.

However, there are significant opportunities being missed. Companies that use local bank accounts for domestic or decentralised payment processing often maintain marginal fund balances that could be investment more wisely, according to SunGard, while many of these firms lack visibility into their cash balances. Many companies open bank accounts at subsidiary or business unit levels as they grow geographically, managing the accounts locally – a practice the report warns could lead to trapped cash and even high costs for transferring funds within the company as the balances move from bank to bank.

As a solution, SunGard suggests that concentrating banking relationships and consolidating accounts would be a useful first step. The report also notes that a ‘hub and spoke’ approach using a channel such as Swift can provide easier, more efficient and less costly bank connectivity. By using a single connection that sends and receives all confirmations, trades, payment instructions, account statements, costs can be reduced. National payment channels can also be used, such as the Electronic Banking Internet Communication Standard in France and Germany. SunGard itself also offers payment transmission and electronic bank account management as well as bank statement aggregation and bank fee analysis.

The key features highlighted by the report for countering fraud are:

• A single clear standard enterprise-wide policy for payment approval, signing and release
• Multiple reviewers for all changes, including payment templates, counterparty settlement instructions
• Release of payments to banks in compliance with company mandates on amount rages, bank accounts and entities for signing and approval
• A single global application for administration, monitoring, auditing and business continuity of payment processes
• Day limits on approval levels
• Data seals to prevent tampering with payments data
• Secure interfaces to and from ERP systems for the exchange of encrypted and signed files
• Token-based signing verifying users’ personal signatures
• Strong authentication during login and signing processes
• Support for ID schemes such as 3SKey where personal signatures are sent with the payment files for the bank to verify
• Secure and transactional banking channels that prevent tampering with payment files
• Audit trailes on all configurations
• Processing history trails that include all payment processing steps, including time stamps, users and changed attributes

The dangers of continuing to pay via cheque were particularly highlighted, as cheque is one of the most common targets for fraud. Reducing dependence on cheques would decrease exposure to fraud, with measures such as outsourcing cheque-printing and increasing use of virtual cards also recommended.

The study was carried out in October and November 2013 and involved 398 participants, spread across all regions. Financial services represented the largest industry segment of the respondents, but there were also representatives from manufacturing and other sectors.