GTreasury Blog

How to Build an Atmosphere of Fraud Prevention

March 22, 2018 | Eric Newberg
Read More

In order to address payments fraud, companies must build an atmosphere of fraud prevention. It must be a team effort, involving payment and non-payment areas alike. No one can predict which angle, function, or individual will be the vulnerable area breached.

RISK ASSESSMENT

The first step is to conduct a risk assessment of the entire organization. That may seem like a lot of work, but if a risk assessment has never been completed, your company is likely vulnerable to wire, ACH, credit card and other types of payments fraud. This analysis must include assessing operational, technical and organizational risks that are both external and internal. Once identified, these risks must be minimized, if not eliminated. External fraud occurs when a fraud attempt comes from outside the organization; internal fraud involves the attempted act being carried out by an employee or a consultant.

Beyond simply understanding why fraud is committed, it’s up to you to orchestrate the “who, what, where, when and how” of this companywide risk assessment. Both internal and external fraudsters find backdoors to payment areas. Therefore, anyone outside of the operational area responsible for initiating and or approving payments (electronic, paper check, and other formats) should be included.

THE “WHY”

The reason why most people commit fraud can be broken down to three basic reasons.

  1. Opportunity: Ineffective or nonexistent internal and security controls/firewalls provides fraudsters with opportunities.
  2. Pressure/stress: Employee personal financial problems along with unattainable performance goals can quickly lead to unethical and illegal behaviors.
  3. Rationalization: Fraudsters seek personal gains and find justification for their intentional acts (e.g., employees feel unfair compensation accompanied with a company’s profitability and success or simply the need to “teach” a company a lesson for not addressing inadequate or antiquated controls).

THE “WHO”

Look at management and staff—both the number of members and the quality of each member. Put together possible and actual bios and assess their backgrounds; there could be some team members at various levels of the organization with security and/or fraud-related experience that can be drawn upon later. There may be some sinister types, also.

Match the level of experience necessary against what is available, and identify gaps as a risk. Review your bench strength— those individuals in neighboring departments, contractors, and vendors’ staffs that can be called upon in a pinch. This need may only occur during a time of peak staffing levels, or in typical vacation and holiday time periods when the first team is out.

THE “WHAT”

Gather every payment and payment-related risk assessment, audit, and examination that has been completed in recent years. It will give you a history of what is in place versus what needs to be. Organization charts are more revealing than meets the eye—especially staff with “payments,” “electronic,” “business” and the like in their titles. Determine what role they play in the ACH and wire transfer process—and whether they should continue to play that role.

Another vital part is transaction volumes over time—do they fluctuate, is there seasonality, are they steadily increasing in volume or dollar amount? Patterns can be identified easily by algorithms, time-studies, or regression analysis. Build parameters into these, and plan on human reviews of anomalies.

THE “WHERE”

Draw a flowchart of “a day in the life” of an ACH item, a wire transfer, a physical corporate credit cards or even a paper check. Where does its journey begin and end, and who touches it? Here’s where dual approval takes place—one person/system to set it up and another person/system to approve/release it. Each step should be independent of the other, with divided responsibilities. This network diagram may uncover holes or weaknesses that were never dreamed of. Why? Because no one could see the big picture; they only knew their own part of the process.

THE “WHEN”

Measuring success related to preventing payments fraud is tricky. How do you know you’ve stopped an attack if you never saw it occur before, during or after-the-fact? You may only see the legitimate ACH items or wires that come through and discover the failed attack after the fact. Payment monitoring, notifications, and fraud reporting all become important parts of the process. Identify those type of real-time monitors and reports that are vital to decision-making and payment workflow; don’t produce reports for volume’s sake.

THE “HOW”

All of this work is useless unless the payment process is properly documented with tasks, responsibilities, and owners all tracked in order to measure progress. Use whatever tool(s) you are familiar with as the framework.  Microsoft Excel is fine; more sophisticated tools can work if everyone knows how to use them. Work towards the least common denominator. You will find it works best in the long run.

Build a chart with tasks that emanate from the staff assessment. Your data gathering experience will undoubtedly reveal the need for a number of remedial and preventive steps. Build a business process chart for those steps and the individual/personas tasks that will be needed to accomplish them. Assign responsibilities. Include due dates, contact information, and backups. The professional backgrounds that you reviewed and assessed previously will help in placing people in the right tasks.

The Sky’s The Limit For Treasury

September 11, 2017 | Ashley Pater
Read More

Treasury-management systems (TMSs) were, until recently, only really viable for large corporations with big bucks, abundant IT resources and sophisticated treasury functions. Companies with under $1 billion in revenue were, according to the 2016 Association for Financial Professionals (AFP) Treasury Management System Survey, less likely to use a TMS, due to high fees and a daunting implementation burden.

Click here to read the full article.

Read More

Few things in this world are more modern or faster changing than the technologies that underlie automated treasury management. Computers and networks are faster and more powerful than ever. Today’s core system may well be tomorrow’s doorstop.

Let’s say that your company is ripe for an upgrade to its cash management capabilities. You might be automating for the first time – moving away from manual ledgers and Excel spreadsheets. Or you might anticipate sales growth or corporate expansion, and you want to make sure that your systems and processes will be able to handle it.

How can you be sure that your investment in a TMS will give you the best possible return? How can you determine whether a particular vendor or brand is the best fit for you?

That’s an appropriate question: “What’s the best fit?” You don’t need a newly-minted Ph. D. in engineering to guide you. Rather, you can look back about 40 years to the sage advice of John T. Molloy, the first self-declared “wardrobe engineer,” who wrote the best-selling “Dress for Success.”

Why You Buy Clothes for Yourself and Cash Management Systems for Your Company

Mr. Molloy’s guiding philosophy about wardrobe selection could just as well be applied to TMS selection. He wrote, “Your clothes should move you up socially and in business, not hold you back…If you are a Wall Street stockbroker, go to work in a conservative, three-piece pinstripe business suit. If you are an art director for a Madison Avenue ad agency, avoid conservative clothing in favor of more flamboyant, ‘with-it’ gear.”

In like manner, your new Treasury Management System should move your company up the ladder of business success. It should speed up and simplify your company’s operations while enabling you to meet the requirements of your customers and markets. Your customers and markets are your own. Seek the system that enables you to serve them to the best of your company’s capabilities.

So here are some guiding principles that you may keep in mind, whether you’re performing CTR (Clothing and Textiles Research) to go shopping for a BDU (Battle Dress Uniform), or if you’re immersed in TWAIN (Technology Without an Interesting Name) in search of a TMS.

Have a Plan

Before you go out the door, draw up a shopping list. What’s missing from your wardrobe now? Shop strategically. Have a clear idea of what your overall wardrobe should contain.

If you’re in the market for cash management software, you should think about what functions and features you want. Not all offerings do the same things, and some do what they do better than others. Most of them will help you with consolidating, projecting, and banking. Others are better at connectivity, generating reports, and integrating accounting.

Maybe you won’t be wearing all of the garments in your wardrobe anytime soon. But if you’re sure that you’ll need them at some point during the year, better to get them now. The same goes for the features of a TMS.

Seek Compatibility and Interoperability in Clothing and in Cash Management.

Think carefully about each piece of clothing. Can you wear it with at least three more garments in your wardrobe?

When you’re buying garments, make sure that you can combine each piece with other clothes, so that you can wear it in more than one season and get some usage out of it on more than one type of occasion. Go for solid colors rather than the prints and plaids – they mix-and-match better.

The sartorial message here, translated for TMS selection, is to think both in terms of modules and of compatibility with your other systems and processes. Your greatest need right now may be for higher efficiency and cost-savings in your payment processes. You may also be thinking of streamlining your reporting processes after you get the payments flow under control. The reporting that you’ll then focus on will inevitably be better – clearer, more timely, and more complete.

Some of the greatest benefits of cash management systems stem from compatibility with other systems and processes. Be sure that the system you choose is fully compatible with your own ERP system. That will mean more automation, less manual data entry and re-entry, and fewer errors.

Another sine qua non is the capability of connecting with financial institutions, whether domestic or international. Be sure that your cash management vendor has demonstrated expertise in working with all connection options and data formats. That will enable you to securely access, transmit, and display all your required treasury information.

Also, take note of your prospective vendor’s experience and track record with partnerships. If you’re thinking of marketing payments functionality to your own customer base, be sure that your provider has a strong track record in white-labeling and in helping partners customize its product for the partners’ own user bases.

Style Defines You, Both in Your Mode of Dress and in Your Mode of Business

Buy the clothes and styles that will fit the social and business strata where you operate, and where you’ll be traveling. In other words, consider your lifestyle. What clothing do you need that will make you both feel great and look great, so you can do what you usually do well?

This piece of advice bears on two major considerations when you’re in the market for a TMS. One of them is internal, and one of them is external.

Let’s take the internal one first. What’s your company’s style of operating? Do you have a particular, unique approach that leads you to keep things hands-on and in-house? And if so, do you have varsity-caliber technical staff? Or do you call upon outside expertise for your IT operations?

The answer to the above questions will likely lead to whether you’ll be better off with a cloud-based, SaaS Treasury Management System or an installed, in-house one. A cloud-based approach means no upfront capital expenditures, a predictable monthly bill, and automatic upgrades and patches. An in-house approach lets your staff tweak and modify the system to your unique specifications – your “secret sauce” – that you’d prefer to keep under wraps.

As for the external consideration bearing on the above wardrobe question: what industry segment are you in? Your wardrobe should demonstrate that you are a member of the social and business circles in which you operate. Your cash management system should show that you are a member – or at least an affiliated member by virtue of your associations and track record – of the industry segment(s) that you serve.

Concerning those industry segments – your prospective TMS provider should be able to offer you success stories and case studies of their work with companies from the same or a comparable industry or vertical segment. This would show two things: that they have the experience in implementing the software, and they have been able to address issues and problems that similar clients have grappled with.

Don’t Forget Service and Support

Make friends with a good tailor. Nothing raises the quality of clothes more than having them altered to suit your shape. So build a relationship with a tailor or dressmaker who knows your body and your taste. If your workforce wears uniforms, be sure that the uniform company has a true tailoring service and not just some local tailor that they engaged in order to get your contract.

Like a suit or a dress, an ERP system is not likely to fit perfectly when it’s right “off the rack.” As your wardrobe items must be hemmed, taken in, or let out there and there before you head out on the town, your TMS must be expertly installed, tested, and adjusted before launch.

Just like your clothing will need cleaning, pressing, and an occasional mending, your system will need regular maintenance and upgrades. Make sure that your vendor is adept, prompt, and methodical with its implementations – that the “tailors” of its technical staff are up to the task. Also be certain, by checking references, that your vendor’s track record of post-installation account management is outstanding. Your vendor should have the same outlook as that of Vidal Sassoon, another style maven – but of hair, not of clothing: “If you don’t look good, we don’t look good.”

It’s Not What You Buy for Clothes or Invest in for a Cash Management System: It’s How You Use Them.

For a final word, we turn again to John Molloy and his advice to women in the workplace. He wrote his first dress-for-success back when women were just beginning to enter all areas of the business world in serious numbers. Several years later, he wrote, “A woman’s success does not depend entirely or even primarily on how she dresses, but dress is an important factor in most women’s careers. Research shows that when a woman dresses for success, it does not guarantee success, but if she dresses poorly or inappropriately, it almost ensures failure.”

The same observation can be made about your new, automated treasury management system. It can save your company time and money, it can modernise your operations, and it can give you a highly detailed and accurate picture of your company’s liquidity and capital. It’s a powerful asset and a competitive advantage. But, like a good wardrobe, it doesn’t ensure your success. Only you can do that!

Read More

Note to corporate treasury professionals:  You’re no longer a member of the world’s oldest profession. So why are you still using the world’s oldest tool of the trade?

No, I’m not talking about THAT world’s oldest profession.  I’m talking about accounting. And about the go-to tool of all accountants, the spreadsheet.

There were accountants at work with their proto-spreadsheets nine thousand years ago, in ancient Mesopotamia. Back then, merchants recorded transactions on little clay tablets. Just two thousand years or so ago, in Rome, they kept Tabulae Rationum – twin sets of books that denoted purchases and sales.

We’ve all heard the story about how the merchants of Renaissance Italy, particularly in Venice, perfected the art of double-entry bookkeeping – made possible by their written ledgers, or spreadsheets that footed the bill – or else.

In more contemporary times, a spreadsheet known as VisiCalc was the very first “killer app” for the new thing called the personal computer. Dan Bricklin and Bob Frankston launched the program in 1979 and sold more than a million copies for $100 each.

There’s one thing that all of those old-time record-keeping tools had in common: they kept score of games already played and of business that had already been transacted. That’s still largely true of spreadsheets in business today.  They tell you what’s happened, but they don’t help you very much in your planning for the future.

No, make it two things in common. All of those old-time tools relied on human beings – those creatures that tend to make mistakes – to enter the data. It takes time to work with spreadsheets.  A 2013 article in Treasury and Risk cites a survey of 3,000 spreadsheet users by Ventana Research.   It indicates “about half [of those surveyed] acknowledge finding errors in spreadsheet data at least occasionally, while a third cite errors in spreadsheet formulas.”

So, with all those errors we have a go-to technology that should be a “gone-from” technology.  You, the treasurer, need help that you’re not getting from spreadsheets. You’re no longer in the world’s oldest job, the one dating back to Mesopotamia.  You’ve moved beyond being a green-eyeshade accountant and scorekeeper.

You and your department have moved up from operations to strategy. That’s where you’re expected to bring the greatest value – including cash forecasting, risk management, and regulatory compliance – to your company. But to enable you to do that, you need to move away from manual-entry spreadsheets to a TMS.

That TMS will connect directly with your banking partners and will receive information directly from your ERP system.  You’ll do away with time-consuming, error-prone manual processes.  You’ll not only see your financial data, but you’ll also be able to understand the interrelationships of that data because the TMS integrates the information and enables you to perform forecasting and data analysis.

The ability to forecast brings the ability to manage risk. You’ll be able to minimize errors and lessen the chances of fraud while you direct, with confidence in the information at your disposal, the company’s market exposures, credit, and liquidity.  You’ll have the ability to predict cash flow surpluses and shortfalls, and thereby invest smartly or borrow inexpensively.

The reports you’ll be able to develop and generate at a moment’s notice will be much more accurate and timely than the ones you’ve been cobbling together from spreadsheets.  This goes for the reporting you to do with both internal and external constituencies – including government regulators.  Regulatory compliance is onerous enough; why make it more burdensome with reports that might be inaccurate?

So, is there still a place for spreadsheets? Of course, there is. They are great at what they were designed to do; only nowadays, treasurers need more than what spreadsheets can deliver. They need timely, accurate information, all aggregated and visible on a single platform for use in operations, reporting, risk management, and analytics. Spreadsheets are simply too limited.

Spreadsheets do have several things going for them. First, everybody is familiar with them; we’ve all been using them for decades. The spreadsheet is still the lingua franca of the business world.  It’s simple and economical. A move totally away from spreadsheets would be too wrenching for most financial pros.  And if you’re running a small business that is well established and does not need to analyze and manipulate an endless river of data, you can still get by with spreadsheets as your only financial technology.

Imagine that you’ve moved out of that starter house, the one with the postage-stamp front lawn, no driveway, and a 15-foot front walkway.  To keep the place looking neat, all you needed was a snow shovel for wintertime and a push-mower for cutting the grass in the spring.  But now you’re in a big house in the suburbs, with a circular driveway and a half-acre lawn. At a minimum, you need a gas-driven power lawn mower and a 16-inch snow blower.

The big house is your job as treasurer, circa 2017. You had the same job title but lived in the small one until a few years ago.  You’ll keep that push mower and the shovel – your spreadsheets — around for small, interim, one-off projects. But that’s all.

We’ll close by pointing out that, once again, the more things change, the more they stay the same.

Corporate treasurers and the other senior executives with whom they work closely are just like their predecessors back in the heyday of the Venetian Republic.   The eminent mathematician and buddy of Leonardo da Vinci Luca Pacioli described the merchants of his day in “Summa de Arithmetica.” This masterwork on double entry bookkeeping began with a section titled, “Particular of Reckonings and Writings.”

In that part of his treatise, Pacioli wrote that without a reliable system of tracking funds, “…it would be impossible for them to conduct their business, for they would have no rest and their minds would always be troubled.”

Sound familiar? If so, get some rest, ease your mind. Ditch those spreadsheets.

Read More

It wasn’t that long ago – 2010, to be precise – Small Business Saturday entered, stage right, onto the American economic scene.  It was on the day after “Black Friday,” the post-Thanksgiving launch to the Christmas shopping season.

As a promotional idea, Small Business Saturday was brilliant. Did you know that its origin was the 3/50 Project, a brainchild of Cinda Baxter of Minneapolis? Until recently, I didn’t either.

Back in March of 2009, Cinda suggested that if half the employed people in the country would pick out three independently owned businesses, and buy $50 worth of goods at each of them every month, that it would generate $42.6 billion in revenue.

I don’t know if those numbers panned out, but the overall idea took off like the proverbial rocket. By 2010, Small Business Saturday had become a post-Thanksgiving fixture.  According to Forbes, there are 28 million small businesses in America. They account for 54% of all U.S. sales.

So why shouldn’t Small Business Saturday be a big deal? Even if we didn’t have those numbers from Forbes, we all know, intuitively, that it’s you, the individual entrepreneur, the small business owner, who are the heart and soul of American enterprise.  Your sweat and energy produce the goods and services. You – not the government in Washington – create millions of jobs and enable people to make a living.

It’s been that way since America was founded. And with Small Business Saturday, we’ve finally recognized it. Amazing that it took us this long. It was about time.

Since we’re on the topic of “Amazing,” here’s something else that fits: that so many of our small business owners have been weaving their economic magic with a set of outdated tools and technologies in their desks and on their computers. By this I mean, of course, those clunky, last-generation Excel spreadsheets and eye-straining paper ledger books. They might help you keep track of your business’s vital funds, but at what cost in time and in lost opportunities for higher-value work?

Can you imagine how much more you’d accomplish with the very latest financial technology at your fingertips? How about, for starters, 30 extra hours every month?

There’s a rule of thumb in our field that says small business owners spend about 40 hours a month on routine, repetitious financial tasks.  Automating those tasks with a modern treasury management system will bring that time down to something like four or five hours.  We’re being conservative by estimating that you’ll have 30 more hours per month at your disposal.

There’s no longer a compelling reason to stay wedded to the old ways of keeping track of receipts, disbursements, and available cash. With a modular, cloud-based TMS, you have no big, upfront capital expenditures. You only buy what you need, when you need it, for an affordable and predictable sum each month.

It’s not just the time-savings of automation that you deserve as you run your business.  These benefits are real and worth mentioning. They include: streamlining your dealings with your bank; daily, error-free posting of all transactions, which eliminates that frazzling, month-end “crunch time;” centralizing all your disbursements through a single payment hub; and consolidating all of your cash activity into a central reporting tool.

That last item is both an enormous time saver and an indication of something much bigger. It has to do with the information – timely, actionable information on every aspect of your company – that’s available to you, the company’s ultimate decision maker.

A Treasury Management System (TMS) delivers that information to you. It enables you to take quick, decisive action in this hyper-competitive world. You can combine this solid, reliable information with the wisdom you’ve accumulated through years of experience at the helm of your firm.  You already do it all – a TMS will help you to do it better and faster.

I’ve been in this business for a long time. I’ve seen the evolution of the treasurer’s job and the treasury management department’s function. I’ve explained, mainly to our large corporations, how treasury management has evolved from the tactical to the strategic.

Nowadays, the terms “Treasury Management,” “Cash Management,” and “Financial Management” are used almost interchangeably. As functions of the business, they overlap and intersect. You could spend a lot of time parsing their distinctive aspects in the company of friends, and maybe you’d even reach an agreement on them.

But when we’re talking of the small business owner, those fine points would be distinctions without differences. You’re already doing all the things they entail: optimizing your company’s liquidity, receiving and disbursing cash, and shepherding the short- and long-term funding for the ultimate benefit of the organization.

In other words, you’re Superman.

And that brings me back to a pithy quote from Cinda Baxter.  After Small Business Saturday had caught on, someone asked, “Hey, Cinda, what do you do?”

Her reply: “I hand Superman capes to small business owners, then teach them how to fly.”

As far as TMS vendors are concerned, you small business owners are already airborne, and we thank you and salute you for it. But we’d also like to suggest that we can offer you a better, snazzier cape – a new, state-of-the-art Treasury Management System.  There’s no telling how fast, how high, or how far you’d fly.

Read More

If you’re considering a move to an automated treasury management system, or if you might like to upgrade the one you already have, first think of that ancient advice: “Know Thyself.”

Socrates – who had a habit for ticking off his fellow citizens of ancient Athens – said that people make themselves appear ridiculous when they are trying to know obscure things before they know themselves.  Many centuries later, Ben Franklin wrote, “There are three things extremely hard: steel, a diamond, and to know one’s self.”

Both gentlemen knew what they were talking about.  So listen to Socrates before you make the move to a sophisticated and powerful treasury management system.  First you must know who you are, as both a company and as a treasury professional.  Listen to Ben as well. It takes a lot more work to come to that self-knowledge than you might think.

So, how do you attain this self-knowledge? Why, use the Socratic Method, of course.  Ask questions.

Thoughtful answers to the following questions – about your company and yourself – will lead you to a well-considered decision.

Why are we in the market for a Treasury Management System (TMS)? What is not working as well as it should right now? What problems would we solve by automating or upgrading?

If your company still relies on manually-generated spreadsheets throughout its treasury operations, chances are you’re spending several hours each day to just compile your cash position and forecast.  If you automate, you’ll find more time for higher-level, strategically-focused work. But if that’s all you’re trying to accomplish, you might just be putting a Band-Aid on today’s problem and limiting your potential for bigger and better things.

In short, don’t limit your thinking and questioning to one item or pain point. When you review the treasury department’s current systems, work habits, and technology, you should bring in colleagues who are stakeholders on the periphery of your department.  Get their ideas on how an upgrade to your systems might help them too.

For instance, do you also use Excel spreadsheets to manually process paper invoices and to track incoming and outgoing payments? If so, there will be inefficiencies in the relationships between and among your treasury, your bank or banks, and your company’s ERP system.  To resolve those inefficiencies and to enable you to work more closely with those other stakeholders’ departments, you’ll want to find a TMS that will seamlessly integrate your ERP system and your banks.

What markets does my company serve? What types of customers?  For that matter, what types of vendors do we deal with?  And do those customers and vendors have specific needs that a treasury management system will address?

Businesses that belong to different vertical markets behave in different ways.  The problems and issues that they encounter will vary from market segment to market segment. As you start to narrow down the list of potential vendors for your TMS, ask them about their experience in your sector. Be sure to talk with the TMS vendor’s customers that would have similar needs to your own.

Look inward and dissect the ways in which your company’s supply chain functions. How do you deal with your vendors? What types of transactions take place? Do you need to deal with automatic purchase orders and just-in-time deliveries of materials? Then determine whether the TMS that you’re evaluating can accommodate these needs.

Where is this company headed? Are we going to be entering any new market verticals? Is cross-border expansion in our future?

If your company is a multi-national firm, or if it aspires to be one, your treasury management system will need to have capabilities that extend beyond the basics in your home country. There will be many more types of risks that you’ll have to understand and manage – commodities risk, foreign-exchange rate risk, and interest-rate risk, to name a few. Visibility into such risks, and analytic capabilities to complement that visibility, should be available from your TMS.  So ask if your prospective vendor’s system can access foreign banks, SWIFT, etc.

Maybe you won’t need that extra reporting and analytic horsepower right away, but it’s got to be there in your TMS vendor if your growth plans will eventually require it.  Make sure that you’ll be able to add treasury management system modules from your vendor in the future.

How much automation do you really want? Does your company’s culture favor manual tasks? Do you prefer to keep some of the work “hands-on” because you feel it gives your people a more intimate knowledge of the company’s work processes and customers? 

Most of the TMS products available today can automate virtually everything: account management, cash visibility, payment transfers, financial instrument tracking and of course the reporting of all this.  But if you don’t want to go all-in on automation, or if you prefer to do it gradually, then your new TMS should allow you to specify which tasks to automate, and which ones you’d rather leave alone for now.

Is an installed TMS best for you, or would a SaaS (cloud-based) approach be preferable?

The answer to the above question will give you a clue to this one. More and more companies seem to be opting for SaaS these days because they have no upfront investment. With SaaS, they receive automatic upgrades to the latest versions of the software, and they don’t have to worry about maintenance.

But there are quite a few companies that prefer to do the heavy lifting in-house when it comes to information technology.  They have a staff that’s more than capable of installing and maintaining systems purchased from third-party vendors. By doing the work in-house, they gain institutional knowledge over the fine details of the system. They also can introduce their own customized, proprietary tweaks.

If your company has this approach and philosophy, an installed system might be your best bet.  Most importantly, however, you must always be ready to allocate IT talent and resources on short notice. If it’s going to take an intramural political battle to get the help you need when you need it, then that’s all the more reason you may want to move to the cloud.

Finally, where is your own career as a treasury professional headed? Where do you want to go?

We ask this question because a new, powerful, automated treasury management system will bring you to a new level of knowledge and sophistication within the company. The treasurer has always been responsible for finding the funds to operate every day and making other funding solutions available when necessary.

As we noted above, simply automating the routing tasks of treasury will give you several more hours per day to do higher-level work.  What are you going to do with that available time? How are you going to make use of all the information and analytics that a solid TMS will deliver? Information is power. Your role, if you so desire, can move from tactical to strategic.  You can have a seat at the table for such vital functions as risk management, investment management, and M&A planning.

Last Question: So What Are Your Waiting For?

Read More

No organization should leap into major changes without thorough analysis and a clear demonstration that what’s being recommended is going to work.  And when we’re talking about the critically important and highly confidential business of treasury management, such skepticism is especially appropriate.

Financial data is highly sensitive, after all. If we keep all of our systems and records within our own four walls, nobody can see it or steal it, right? And if we have to use manual spreadsheets to keep track of everything, well, that’s just a price we have to pay.

Up until the last few years, that price wasn’t too high. But now, the widespread acceptance of cloud computing in other areas of the corporation – areas such as payroll, sales, human resources, and marketing – means that a treasury function that’s not taking advantage of all that the cloud has to offer will be lagging behind the rest of the company.

Being a laggard, a drag on the organization, is anathema to treasury professionals. They’re not clerks and checkout folks. They’re strategic partners to executive management. Nowadays, they can best perform in that role if they have the power of a cloud-based system at their disposal.  By this, we mean a Software-as-a-Service (SaaS) approach; merely web-enabling a legacy system and having an Application Service Provider (ASP) host it is not what we’re talking about here.

Treasury Automation Solutions from Gtreasury

True, the treasury team receives, disburses, and reports on the funds that flow through the company every day of the year. A good Treasury Management System will enable them to automate those important but mundane tasks. Moving off the reliance on manual spreadsheets can also lead to better, and higher-quality financial reports. Automating the process can make for more speed and less human error.  That can happen with in-house automation, or with an ASP. But the benefits of going to a shared, cloud-based SaaS model go well beyond these worthy initial steps.

Let’s first consider cost.  SaaS systems have a lower up-front cost than installed ones.  There’s no initial capital outlay. The large capital expenses – for physical facility, infrastructure, and security – get spread over many users.

Implementing the installed system and then updating it regularly means that the company’s IT resources must be available. The treasury department can find itself in internal budgetary or political battles when its team would rather be concentrating on their work.  Also, with SaaS you don’t give a second thought to upgrades. You’re always running with the latest versions of the software because when upgrades become available, they’re done automatically.

Closely related to cost is scalability. As the company and/or the treasury function grow, it’s a simple matter to add more capacity with a SaaS solution. The monthly operating expense will rise, but it’s predictable, and it’s only for what’s needed – pay as you grow.

As we noted above, the “show me” tendency among treasury pros is a cultural thing. Treasurers are conservative by nature. They do like to have full control of their environments, and that’s why they’re latecomers to the cloud. Keeping the system in-house and relying on the company’s own IT staff can allow for more customization than they’d get in the cloud, but the tradeoffs in cost and time are probably no longer worth it.

While we’re on the topic of conservatism, let’s consider security. We cringe at the all-too-familiar stories of data breaches and thefts of information. However, most data breaches take place within private companies rather than in hosted, shared environments.

Cloud Based Saas Treasury Solutions

Multi-tenant data centers that serve SaaS clients have made security a top priority. They have to – or no one will take them seriously. They have to meet industry standards like SSAE, SOC and ISO. They have invested heavily in their physical premises, in their IT infrastructures, and in their backup and disaster-recovery capabilities.  In sum, they’re capable of doing security better than most individual companies.

Finally let’s consider the additional tools – an arsenal of improved weapons, really – that going to cloud will make available to the treasury organization. Nowadays, everything is global and everything is mobile. Cloud-based treasury systems let the organization reap the full benefits of ubiquity and mobility; they ensure that the treasury function keeps pace with the rest of the company and contributes on a strategic level.

Consider, for instance, the demands on the treasurer of any company with a significant presence in one or more foreign countries.  You may be dealing with customers who use different currencies; your foreign offices or subsidiaries have to deal with different government regulations from those in the home country. The interest-rate environments offshore might affect your liquidity differently in each of those foreign lands.  Your foreign banks may have their own unique ways of doing things.

It all adds up to a lot more risk that has to be managed. Effective risk management in treasury means, first, having the visibility into the entire company’s liquidity. When you can protect and optimize your cash, you’ll be able to move that cash in and out of various countries and among different banks as needed.  Only a cloud-based SaaS system in the treasury will allow for this sort of flexibility and agility. It enables the treasurer to play his or her role in ensuring that financial policies, operations, and controls are fully compatible and consistent with the company’s strategic vision and values.

Cybersecurity: A View from Where I Sit

November 30, 2016 | Matt Stockham
Read More

Network security in cyberspace is never far from the headlines. When it does reach the headlines, it’s never good news.

Here are just a few famous – or infamous – security breaches of the not-too-distant past, even though they might seem like ancient history by now: Target, Adobe, TJX, Home Depot, Sony PlayStation, Heartland, Epsilon.

More recently, we heard of breaches and fraudulent funds transfers involving large banks. The Bangladesh Bank lost $81 million; had there not been a typo in one of the transfer messages, the loss could have exceeded $1 billion.

Soon followed news of similar breaches in the Philippines, Vietnam, Ecuador, and about a dozen others. Those transfers either took place or were attempted over the SWIFT network.  That was a new wrinkle.  It wasn’t just credit card data or personal information. It was an assault on the world’s financial messaging system.

Corporate treasurers – our customers – took notice. We work with SWIFT. We fielded many questions. What happens with SWIFT payments, and what happened here? Are my payments safe? What can you, GTreasury, do to help?

The customers were right to ask.  I don’t blame them for being uneasy.  Hackers and cyber-thieves are, unfortunately, good at what they do and getting more sophisticated all the time. They take advantage of gaps and weak spots in information technology systems. But those gaps and weak spots are there, almost exclusively, because some human being wasn’t doing his or her job properly.

We can always improve our hardware and software, and I’ll discuss a few ways we’re doing that. But it doesn’t matter how powerful or expensive your system is if you don’t know how to use it.

cyber-security1What Happened: Outdated Technology, but Human Error Too

The malware altered payment orders, increasing transaction amounts and changing payment destinations. It also changed the SWIFT payment confirmation messages back to the original amounts or deleted them entirely.SWIFT is a messaging system used by banks and financial companies. SWIFT messages include, but are not limited to, payment orders.   The SWIFT network itself was not hacked. But the hackers, operating from Egypt, penetrated the banks’ systems and installed malware. The malware modified the bank’s Alliance Access software, which reads and writes the SWIFT messages and records transactions.

A police investigation showed that the Bangladesh bank had no firewalls and was using second-hand, ten-dollar switches on its network. The Philippine bank was using a $25 router and default passwords.  It’s little wonder that the crooks were able to get into the network.  Anyone who takes security seriously knows that security demands investment. You can’t expect good results by picking cheap components off the shelf, plugging them in, and hoping they’ll work. The components need to be part of a coherent plan.

But I could buy a million-dollar security device for my network and it still wouldn’t make a difference if I’m not managing it correctly.  The SWIFT breach gave my company an impetus to review everything we were doing in the way of security, both in components and in the management of them, and we did find ways to tighten things up even further.  I have no doubt that many companies within the financial services ecosystem did likewise.  Below, we’ll discuss some specific steps that should be considered.

How the Enemy Works: Tools Hackers Use

 

Spam. Spear phishing. Social engineering.  Confederates inside the target institutions. Black-hat toolkits that are more advanced than the tools that developers work with when building applications. They’re all part of the arsenal that hackers use.

Nowadays we don’t hear much from the deposed African prince who wants to split a hundred million bucks with us.  Cybercrime has gone way beyond such stickups of unwary individuals.

The cybercriminals are working full time and studying your business.  They scan for the open port, look for SSL vulnerabilities, do automated testing. They seek out the one vulnerable machine on the network or the one gullible or inattentive person who clicks on a link and lets malware in.

They also learn who does your payroll, whether you use FedEx, who’s your ISP. They’ll send you an invoice that says your account is overdue and you’ll be terminated if you don’t reply. People click on the invoice link, which can look like a pdf file but which masks an executable one, without thinking. Even high-credentialed employees like executives, CFOs, and treasurers get duped. They’re in a hurry, and they click on links without thinking.

All the hackers need for a response rate is for one percent of their attempts to succeed, but the percentage of the population that falls for it is much higher than that.

In my experience, something more than 80% of malware that reaches its target gets distributed by phishing, or by somebody’s clicking a link on a compromised website.  This campaign highlights the fact that organizations are only as strong as their weakest link, and in this case, it’s their employees. IBM’s 2015 Cyber Security Intelligence Index indicated 95 percent of all attacks involve some type of human error.

Attackers rely on that factor, counting on someone to open a fraudulent attachment or link.  Wordpress sites are a particular problem. Many people who use WordPress do it as a hobby, not in their full-time jobs. They don’t keep security patches up-to-date. So if some hacker compromises a WordPress site and adds their own code, and then you click on one of the site’s links – behind the scenes there’s a software download to your machine.

Defending Your Castle

Think of your business as a castle.  Build the walls and dig the moat. Most attackers are looking for the soft spots and easy pickings – they prefer to probe for open doors to your system, and to simply walk in.  You can turn these intrusion attempts aside by having those walls and moat – appropriate policies and components – in place.

The drawbridge and the great wooden door are the entryways to the castle. Sometimes that door must be opened, or the castle can’t function in the world outside.  The door should open only when needed.  No other entryways, such as windows or emergency doors, should be left unlocked.

When the door is opened,  be sure you have vigilant, armed, well-trained sentries on duty. They’ll protect you from almost every other external threat – the attackers who go beyond casual probing to methodical intrusion attempts.

With the above measures in place, you’ll be guarding against about 99% of all forays against your system.

Finally, station hundreds of vigilant guards atop the castle walls and around the base of the walls. They’ll spot and dispatch the final one percent of attackers, those lone daredevils who try to scale the walls or tunnel beneath them.

To summarize – the walls and the moat are administrator rights to your system. More precisely, they’re the curtailments, the strict limitations, of administrator rights.  Smart, aggressive control of administrator rights can neutralize around 85% of malware attacks.

The drawbridge and sentries are password controls. Eliminate stolen passwords and you’ll turn back almost all of the remaining intrusion attempts. About 14 percent of them.

But if somehow, an attacker climbs the wall or digs underneath it, the vigilant guards that will nab him are the two-factor authentication brigade. That’s the final one percent of protection.

We’ll discuss them all in more detail. But before we do, let’s carry the castle analogy just a bit further. It will be much harder to defend the castle if you don’t keep the walls mortared and if you don’t keep the food and ammunition supplies fresh and plentiful. That’s your hardware and software.  Keep it current, and keep it patched.

Finally, if your soldiers and sentries are untrained or lazy, it doesn’t matter how strong your walls are. The human factor has always posed the biggest risk in cybersecurity. All of your employees have a part to play. So keep them trained and informed. Whether they realize it or not, they’re on duty all day, every day in the fight against cyber-thieves.

 

What They’re Capable Of: An Attack-in-Depth

The “Dyre Wolf” campaign against banks shows just how sophisticated the hackers have become. Discovered and named by IBM researchers, it’s an invasion-in-depth, a mirror image of a defense-in-depth.  Dyre Wolf has pulled off several million-dollar heists from banks and corporations.

Run by criminals in Eastern Europe, Dyre Wolf uses spear phishing or spam emails to get a foothold in the system.  Then its minions post phony dialogue boxes about system errors, prompting a phone call to a fake service center. They lure employees of the target company into revealing their passwords and authentication codes over the phone. They also post spoofed websites, where gullible employees think they’re logging in.

Within seconds, millions of dollars get whisked away through a maze of foreign banks. The attackers frequently launch a Distributed Denial of Service (DDoS) attack on the target bank to prevent it from seeing what just happened.

This is all very scary. But the first, essential break in the target bank’s defenses came when an employee or some other insider such as a vendor allowed a download of malware. The enemy made it through the castle walls and plucked the keys to the castle keep from another employee.

IBM’s 2015 Cyber Security Intelligence Index, which describes Dyre Wolf in detail, stated that 55 percent of all attacks recorded in 2014 were carried out by those who had inside access to the target company’s systems. Some of those insiders were malicious; others were unwitting dupes.

Elsewhere in that report, IBM states that 95% of actual breaches were caused by human error.

So, by now it must be obvious. You’re only as strong as your weakest link, and that link is almost always an employee. So what to do?

Building a Defense-in-Depth

Let’s return to the castle and its walls, moat, and sentries.  Let’s also narrow our discussion to the breaches that keep bankers and corporate treasurers tossing and turning: those that result in unauthorized transfers of money.

In broad strokes, if you start from a secure base, a system in which nobody has rights to anything, and then you open it up to people or processes as necessary, then your solution will be secure and will enable people to do things that must be done.

On the other hand, if you start with a system that is wide open and proceed to lock things down, you will inevitably will miss locking or closing certain doors. Moreover, as things change, as people come and go or acquire new privileges and responsibilities, you’ve got to be especially vigilant in monitoring everyone and in shutting down additional doors.  It’s far easier to grant as necessatyr rather than trying to deny access once some change occurs.

Let’s assume that an attacker has fooled someone into downloading malware onto his or her computer. How much damage can that do? Some, of course, but you can limit it substantially if the infected computer does not have access to administrator rights.

If the user of the said computer is a “standard” or “least privilege” user, then the worst-case damage will be limited to what that user can do.  It can’t change files, install software, change processes, and so on. In other words, it would not allow the types of changes to the SWIFT messages that hit the Bangladesh Bank.

The “2014 Microsoft Vulnerabilities Report” by Avecto, a UK software firm, states that “97% of critical Microsoft vulnerabilities could be mitigated by removing admin rights across an enterprise.”

One of the report’s key findings almost reiterated the point: “97% of Critical Remote Code Execution vulnerabilities could be mitigated by removing admin rights.”

The report explains “mitigation” in stating “a standard user account either nullifies the vulnerability itself or nullifies the impact of the vulnerability by preventing the exploit from gaining elevated privilege throughout the user.”

The Avecto report dealt with Microsoft vulnerabilities.  But applications like Flash and Java can be exploited as well. Granting admins right to them, or to any other application with known vulnerabilities, is to be courting disaster.

Privilege management is not a panacea. If you’ve got sturdy castle walls but the drawbridge is open, the barbarians will storm through the gate.  At that point, you’re relying on your guards. But who is verifying the guard’s activities – the familiar question “Who’s guarding the guards?”

Some guards need access to sensitive areas of the castle. Who is verifying that they’re doing everything they must be doing, but only what they must be doing? This is where auditing comes in. Remember the percentage of attacks that stem from human error. Some errors are inadvertent; others are deliberate. Does an independent party review your logs, daily, of who accesses production servers? Do you have somebody who is independent of the guards’ function reviewing these accesses? It is similar to the “dual control” of cash practiced by banks, or the requirement for “four eyes” needed to complete an action.

Limitations on Applications

Think about what kinds of applications your employees need in order to do their jobs. Do they need Flash installed? Or Java? Perhaps you should consider having application whitelist, to specify what can be installed on company machines, and what will be blocked by default.

Most applications installed by users have little to do with their jobs. They may go onto Facebook. They may have a Google dropbox. They will install things to do at lunchtime. If a company does not know what applications its employees have installed, or how they are using them, then the company will have no control over the information that is flowing through users’ machines on the network.

Policies and Passwords

In the case of the Philippine Bank breach mentioned above, the bank was using a $25, second-hand router. It also had no firewalls and used default passwords.  Human error, anyone?

By now, it should be obvious to any user of IT that their passwords should be in a format that is hard to guess or to discover through algorithms. Passwords should also be changed frequently.  Company policies should mandate such approaches. It is a very easy thing to enforce password complexity. Companies should also routinely test passwords to see if they can be broken easily.

The whole issue is so familiar that we needn’t go through it here. Still, there’s a distressing proportion of computer users whose password is “password” or “123456.”

Single Sign-On

Single Sign-On (SSO) is another effective countermeasure.  With SSO, a session and user authentication service permits a user to use one set of login credentials (e.g., name and password) to access multiple applications. It is easy to set up and manage. There are many third-party products, including Microsoft Active Directory Federated Service (ADFS) that work well. They balance out the tradeoff between ease of access for the end user and tight, documented security for the auditors and internal security team.

With SSO, mandated password changes are easy. You only have to change the password in one place to update if for every application that supports SSO.   You don’t have to go into every system and individual application.  Managing multiple passwords, and having to remember them for every system, causes a great deal of user frustration and password-related errors.

Because SSO is authentication by a trusted server within the company network, third-party applications like GTreasury do not have to make their own determination that a given user’s credential is valid. The third parties cause the same trusted source that the company is using for its users’ identification and validation.

Multi-Factor Authentication (MFA)

Multi-factor Authentication (MFA) combines “something you know” – a password – with “something you have.”  The “something you have” portion might be a physical token with a distinct, encrypted security code. It might also be a message sent to a mobile phone or a laptop computer. Even if some hacker penetrates your network and steals your password, he can’t make off with the goods unless he also gets hold of the other authenticating factor.

MFA does not just need to be on login. It could also come into play at any functional point of using an application – such as approving a payment.

The Dyre Wolf guys scored despite MFA because they succeeded in getting both pieces of the puzzle. With faked phone calls and spoofed websites, they tricked the victims into revealing or entering essential information like security codes or passwords. Again, this shows that no technology is foolproof if humans mishandle it. It also shows the need to layer security, rather than to rely on any one method or solution component.

Mobility and the Cloud: More Cautionary Talescyber-security2

If you do a good job of restricting administrator rights, of managing identities and passwords, and of implementing two-factor authentication, you’re showing that you’re serious about cyber-security.  Your auditors will approve; so too should your lawyers and law-enforcement authorities.

Data breaches are a real threat nowadays, even for companies that are diligent about security. If your company’s systems are breached, your legal liability may be much less if you have followed a strategy of defense-in-depth than if you were oblivious to best security practices. In the event of the latter, there could be additional or punitive damages assessed.

But you didn’t think that was the end of it, did you? The war is never over.  Before we conclude, I’d like to offer some further items for your consideration.

If you’re a corporate treasurer, be very careful about using your home computer or your mobile device. If you’re in an airport, for instance, you might inadvertently login onto a Wi-Fi that looks legitimate – named something like “Lagardia” or “Heatrow” – and send critical data to a hacker for a man-in-the-middle attack.

Again, going back to the human element, remember that terminated employees aren’t fully terminated until they no longer have access to any of your systems. When you dismiss someone, you shut off access to the internal network.  But do you use one or more cloud-based services? If so, someone has to go out and delete the departed individual from everyone.  It takes some extra work and doesn’t happen automatically unless your cloud provider’s web services offer to disable terminated users’ accounts.

My company, GTreasury, has recognized this need.   We’ve built up an arsenal of weapons to help treasurers secure their environments. It may be MFA, SSO, IP whitelisting, audit trails, internal change control, file integrity monitoring, web application firewalls (a device that monitors all traffic flowing through the web server, looking for potential malicious code and traffic, intrusion detection systems, log files, auditing, access monitoring, code scanning, server vulnerability scans, penetration testing.

Once more to our castle analogy, we find that cloud computing might just allow potential invaders to glide right over the castle walls and drop in from the sky.  You still need vigilant sentries to spot them. You’ll need to give the sentries some accurate, long-range crossbows to nail them even before they land.

So Get into the Game!

Maybe we’ve had enough comparisons with the Middle Ages. Let’s move into modern times and sum it up by thinking of cyber-security as we think of that great American game, football.

They say that offense wins games but defense wins championships. And what do you need to build a champion defense?

  • A well-thought-out game plan – your security policies and procedures.
  • A defense-in-depth consisting of big strong linemen, heady and agile linebackers, and fleet defensive backs all playing with the latest gear – your tightly controlled admin rights, robust passwords and identity management, and two-factor authentication, all put into action in a robust and up-to-date hardware and software platform.
  • And most importantly, your players – talented, well prepared, and thoroughly drilled. The entire squad, from the highest-paid starters to the least-used substitutes. Your employees.  They’re the ones who do the work; they’re the ones on whom you rely.

Boost Your Growing Business with Cloud Finance

September 9, 2016 | Ashley Pater
Read More

Congratulations! You are part of a growing business. There’s nothing like being so busy. You know how valuable you are. You’ve got customers. They like your product or service. They’re paying you good money for it. That means business is booming and money is coming in. Are you concerned about it? You should be – overly rapid growth can be deadly to businesses.

Overly rapid growth brings problems including cash flow crunches, operational inefficiencies, thinning profit margins, customer service issues, personnel shortages and management challenges caused by less attention to detail.

While you’re obviously doing well on the revenue side, it’s now, more than ever, that you need to pay attention to the other side of the coin of success: saving. You need to save time to address all of the above issues. You need to save money; revenue growth does not automatically mean profit growth. The old saw about “time is money” is especially true for companies in this situation.

It’s not just a matter of delegating work. Automating some essential tasks while outsourcing others has to become part of your strategy.

One of those essential tasks is financial management. You’re probably now using spreadsheets and/or some standard accounting package to get it done.

It’s not too early to consider a move to a cloud-based system to manage your finances. A move to the cloud is both a step in the direction of outsourcing and a move toward more automation. The savings, in both time and money, may well be worth it.

What is “the cloud,” anyway? 

In a way, the advent of cloud-based computing is like a return to the good old days of time-shared, mainframe computing. All the horsepower and storage capacity resided in a big box somewhere. Users rented time and capacity as needed.

That big box is now the internet. There’s much more power out there and much more expertise for you to tap into. Let’s take a high-level view of the major benefits of going to a cloud-based, Software-as-a-Service (SaaS) approach to support your growing treasury needs. 

Cost savings and planning

  • No surprises. You know what you’re going to pay each month. It’s fixed.
  • Payroll and personnel. You need fewer people on staff to do the blocking and tackling of order entry, cash flow projections, managing liquidity and paying vendors.
  • Budgets and visibility. Nobody, except for finance geeks, loves to work out, line-by-line, the fine points of cash-in and cash-out. But it must be done, and your cloud-based system will allow you to do it in less time and in greater detail, than you could manage with a manual desktop method.
  • Analytical capabilities. Any good SaaS solution will let you make cash flow projections and perform what-if analyses on variables such as pricing, margins and accounts-receivable turn. You could use spreadsheets for these tasks, of course. However, it would take much longer, and you’re more likely to make mistakes by mislabeling a cell, forgetting to link formulas, or inadvertently deleting one. 

 Security, efficiency and convenience

  • Responsibilities. It’s your vendor’s responsibility to keep your software up to date and fully patched with the latest functional features and security enhancements. That full-time job is best left to the experts. They’ll also back up your online accounts and make their technical support team available whenever you need it.
  • Work from anywhere. You don’t need to be at your desk or in your office to pay your vendors or check your liquidity. That means you can spend more time on the strategic side, figuring out proper banking relationships and managing currencies.
  • Agility. Sometimes you need to make a payment right away, whether or not you have the cash. A cloud-based solution lets you act quickly, drawing cash if needed or sending it if you must, at any time and from anywhere. It’s all in real time.
  • Working capital optimization. Closely related to the above point on agility, you’ll be able to determine and attain the right mix of working capital: the ratio of current assets to current liabilities. On the asset side, that’s cash on hand, accounts receivable and inventory. On the liability side, it’s accounts payable along with bank interest and principal payable. Usually, a ratio of 1:1 up to 1.5:1 means you’re in good shape. If you’re higher than 1.5:1, you have investment opportunities for the extra funds. If you’re below 1.0, it might mean your operations need some adjustment – or more. In either case, your cloud solution gives you early warning. 

Your own sanity and peace of mind 

How much time can you save? How much money does that represent? Sorry, there are no fixed answers to this one. But you know where your time is going; and if it’s on mundane and repetitive tasks, it’s not well spent. With a SaaS based treasury system, you’ll have more downtime to recharge – and don’t underestimate the value of that time!

At the treasury center of a successful and growing business, you have enough to do. Let the power of a cloud-based treasury system make life a little easier.

Reflections on 30 Years in Treasury Management

July 21, 2016 | Orazio Pater
Read More

“It’s been thirty years since my wife Peg and I founded our treasury management software company. It’s almost fifty years – 47 to be precise – since I entered a new field of finance that became treasury management.  I’ve had a great ride, and it’s not over yet. Someone asked me recently if there was any single reason for our longevity in a business – information technology –.  Most small companies don’t last longer than 20 years. I can’t say that there has been any secret sauce or magic bullet for us.  But several of the attributes of long-tenured companies, factors that were pointed out in a Harvard Business Review piece back in 1997, have all been a part of our history.”

Read the rest of the article

Read More

When deciding upon the appropriate treasury workstation vendor, you should heavily factor into that decision the ongoing relationship post selection. Like all relationships, they take work, and working with your treasury vendor’s services team is no different. If you think about it, selecting a vendor is like being on an episode of the Bachelorette. You get to go on several dates (demos), spend time one on one with each other, and after each of these encounters you decide if there is a spark and who deserves that special rose. In the end you select the vendor of your dreams, the one that fits your functionality and personality. Sure, you have to break a few hearts along the way, but it doesn’t matter because you have found the one! The vendor of your dreams!

Read the full article here.

Bank Account Reconciliation Best Practices

September 8, 2014 | Ashley Pater
Read More

Advances in bank account reconciliation, along with expansion of the types of information banks can provide their customers, have made it much easier for companies to match their cash accounts to bank records. By automating the reconciliation process, treasury can identify discrepancies quickly, free up time to focus on more strategic issues, and better manage liquidity. And, by reconciling accounts daily, the monthly “hard” reconciliation becomes a much easier and less time-consuming process.

Read the rest of the article

SEPA: Are You Ready?

September 4, 2013 | Ashley Pater
Read More

The industry has become familiar with payment types such as ACH, FedWire, and CHIPS. Recently a new payment method has been brought to the forefront, SEPA. The Single Euro Payments Area (SEPA) is an initiative to provide end-to-end processing between 27 EU member states plus Iceland, Liechtenstein, Norway, Switzerland, Monaco, and Croatia expected to join as of July 1st 2013.

Read the rest of the article

Read More

The state of Alaska is the least populous within the US, but also one of the most cash-rich and prosperous states. With significant daily cash flow volumes handled by the treasury department thanks to its abundant resources, particularly oil, an update of the state’s cash management operation was due. This case study describes the project from selection through to implementation and the resulting benefits.

Read the rest of the article

Wall Street Systems Acquisition of IT2

April 11, 2013 | Ashley Pater
Read More

Reading tea leaves to assess the impact of the change to the competitive structure of an industry is always an interesting exercise. This is certainly the case with the surprising news on January 11th that Wall Street Systems (WSS) is acquiring IT2. Though the company has purchased other TMS competitors in the past, (Trema, Richmond, City Financials, and Treasura), this is the first move since WSS itself was acquired by Ion Trading. We have previously noted that the TMS industry was in the midst of tumultuous changes and there will undoubtedly be more fallout throughout 2013—but the purpose of this update is to offer some immediate practical advice to corporate treasurers on how to respond to this news in the short term.

Read the full article here.

Selecting and Implementing Treasury Technology

April 11, 2013 | Ashley Pater
Read More

The case for treasury technology has never been stronger. The financial crisis and recession have changed our global economy. The outlook for corporate treasury has evolved as a resutl. Now, it is even more imperative that treasury respond quickly and strategically to both internal and external stakeholders. However, successfully selecting and implementing a treasury technology system remains a challenge for many corporates.

Read the full article here.

Read More

By: Karen Kroll
Global Finance, October 2012

New regulations and global uncertainty are reviving corporate focus on payment factories
and in-house banks. As companies look further outside their borders for new growth and
increased regulation makes tracking cash flows even more crucial, interest in centralizing and
standardizing payment flows is growing.

Download the PDF to read more

Treasury Technology Trends and Best Practices

March 25, 2013 | Ashley Pater
Read More

By: Ann Marie Kelley and Craig Jeffery
Treasury Technology Webinar Series, August 2011

As treasury departments transition from a primarily supportive role and into the role of strategic advisor and risk manager, having the right technology in place is essential to their success. While an increasing number of companies have implemented technology, the door is now open for further adoption. There has been a shift in available tools to optimize liquidity, streamline processes and improve controls. Treasury technology has become more focused; new platforms have brought a depth of functionality to the mid-tier market though the use of the latest technologies, IT independent products and the internet. This session will provide a look at the recent developments and future of technology options that transform treasury groups from a reactive to a proactive financial hub, crucial to all organizations.

Download the report to learn more.

Achieving the Full Benefits of a New TMS

March 25, 2013 | Ashley Pater
Read More

gtnews, November 2010

GTreasury’s Edward Mulcrone talks about the different stages and steps to a successful implementation of a Treasury Management System (TMS). The article covers topics such as resource allocation, pre-implementation and project planning, integration, testing and execution, key success factors, and current trends in the industry. Implementing a treasury management system (TMS) can be time-consuming, but strong communication, commitment to the project and thorough testing will improve treasury processes throughout the organisation.

Read the rest of the article here.

Read More

AFP Exchange, May 2010

GTreasury client Love’s Travel Stops and Country Stores, a national chain of gas stations and convenience stores based in Oklahoma City, Okla., grew exponentially while treasury headcount increased by only one person—all while providing improved cash management and financial reporting. The article details how they used treasury automation through GTreasury to increase productivity.

Read the full article here.

Taming Commodity Risk

March 25, 2013 | Ashley Pater
Read More

By Daniel M. Perkins, CTP
AFP RISK! newsletter April 2010

Companies hedging commodity risk traditionally relied on procurement strategies such as fixed price contracts, escalation clauses and inventory stockpiling to minimize the risk of price escalation. But with today’s volatile commodity pricing, procurement measures alone often are not enough. Meanwhile, greater risk is forcing companies to step into the commodities markets for the first time, using derivatives instruments to further offset rising prices.

Read the full article here.

Hundreds of businesses use GTreasury to empower operational efficiency and strategic decision making. Join them today

Request a Demo