Thursday, June 22, 2023
11:00 AM – 12:00 PM EDT
This is an online event
Baptiste Collot, Trustpair
Craig Jeffery, Strategic Treasurer
The digital age is here and is helping to remake business generally and treasury specifically. While the digital age is bringing us immense increases in data, nearly unlimited scale of computing power, faster expectations for business processes, and growth and power of networks and service-oriented functionalities, payment fraud continues to pose a threat. Although criminals are taking advantage of the digital age to defraud companies, the use of technology is a massive benefit to those who use it effectively. This webinar will discuss treasury’s situation and several imperatives: leveraging the technology for flexibility, insight, visibility, efficiency, and control, as well as the need to scale up defensive technology and tactics to combat fraud.
Trustpair is a payment fraud prevention platform that secures P2P processes via account validation automation.
Well welcome everyone to today’s webinar titled, The Future of Treasury in the Digital Age. This is Brian from Strategic Treasurer. And we’re pleased you can join us as we discuss the impact of digitalization on treasury teams, as well as the need to scale up defensive technology and tactics to combat fraud. But before I introduce today’s speakers, I have just a few quick announcements. Zoom offers several different ways for us to interact today. If you would like to post comments or questions viewable by all attendees, please use the chat icon in the toolbar. If you’d like to ask your question to just the presenters, please use the q&a icon in the toolbar. You can ask your questions at any time during the presentation and we’ll try to get to as many as we can. But if we don’t get to your question, someone from our team will gladly follow up with you. There will also be a few polling questions throughout today’s webinar. Well, you will be able to select your response from a list of multiple choices. You will need to click the submit button on the polling questions to have your response recorded. If you are here for CPE credits, you will need to answer at least three polls today. And last, please ensure that your Zoom display name includes both your first and last name, so we’ll know to whom we should send the credits. Our speakers for today are Baptiste Collot, co founder and CEO of Trustpair, and Craig Jeffery, Founder and Managing Partner of Strategic Treasurer. Welcome Baptiste, and Craig. And I’ll now turn the presentation over to you.
Craig Jeffery 01:59
Thank you, Brian. Welcome, everyone. Glad to glad you could join us for this important topic, Baptiste. It’s good to be on a webinar with you. Thanks for being part of it.
Baptiste Collot 02:09
Hello, everyone. Thanks for having me, Craig.
Craig Jeffery 02:11
We’re looking forward to today’s topic. So yeah, let’s let’s go to the section where we’ll discuss today’s agenda. So as you can see the topic of discussion, we’ve got four primary areas and then a key takeaways the discussion at the end, we’ll begin with the situation of technology, what’s what’s occurring, how there’s been growth. So we’ll look at explosion of data, how that’s had an impact, new new connection types, faster, cheaper connections, but this comes along with new risks, because companies are not the only ones taking advantage of the technology, criminals are doing that as well. Then we’ll move over to digitalization impact on the treasury function. I think we’ve all seen how technology makes changes, creates different challenges for companies. So first of all, look at how expectations have changed, have senior management in the board have different expectations on Treasury, on anybody involved in payments, and truly everyone in the finance function that we’ll look, we’ll also look and cover some of the points about increased spend your peers are spending more on finance on payments, there’s plans to spend more and significantly more, there’s a good reason for that. Then we’ll move over to fraud, which is a core center of what we’re having this discussion on about the impact of digitalization, we’ll look at some of the trends and solutions. So organizations, your organization, almost no matter what size you are, has been targeted by sophisticated and automated criminals. They’re leveraging technology heavily. And this requires a robust defense. And that defense includes tools and technology. And then in the making the transition section, we’ll talk about some of those tools, the technology that’s required. And some of the changes that we have to put in place around to people to will focus on technology. But I think we all realize there’s different elements to defending ourselves to helping our organizations be more efficient as we scale. And at the end, the key takeaway section, that’s where Batista and I will talk about some of the general thoughts and themes about fraud, the impact of new technology, the risks, the opportunities, and what needs to be done to use technology to protect the organization. So with that lengthy intro are the covering the Table of Contents, if you will, I’ll begin with digitalization and then bring in Batista as we continue to move through the deck today. So what’s the situation situation with digitalization? You’ve probably heard something like this, the amount of data that’s created every two years, it’s doubled the amount of data we have doubles every two years. So there’s a 40 45% increase in data across all manner of devices. This is, this is a key element of the explosion of data, the power of compute, and the cost of compute continues to decline. We’re familiar that with systems like Azure, Amazon Web Services, Google Cloud, the ability to use and scale, and so that technology is has had many, many benefits. But it makes me make no mistake, the amount of data and the ability to harness that data matters. Connections and API’s move faster. They’re better integrations, they move data and money at a more rapid pace. That that also creates some opportunities. And we look at artificial intelligence and machine learning who hasn’t played with Chad GPT and asked questions and found out that, oh, this can this can do better work than the interns we have. And they do it in about 100 to 1000s of the time. But it’s not just Treasury professionals, finance professionals, and payment professionals who are using and leveraging artificial intelligence, generative AI, criminals are using that as well, that’s making things like spoofing emails far superior to what they were, if we think back 15 years ago, the emails were horrible. And as someone was typing them, like with their elbows, they was like English, if you’re, if they were being received in English, it was like English as a fifth language. And nobody was fooled by them, and they’ve gotten better and better. And now people using these tools for code for better spoofing. And we could go on about the value of things like the network effect of being able to connect into bigger networks that have capabilities of supporting payments, finding suppliers, all of these are pretty significant situations with how digitalization has changed. Baptiste, I’m gonna move on, if you had something, something you wanted to jump in, feel free to.
Baptiste Collot 07:19
Thank you, Craig, thank you for setting the frame. I think it’s a great introduction. And that will branch off occasion to detail in the coming in the coming slides. So happy to to deep dive into the next minutes.
Craig Jeffery 07:37
Excellent, thank you. Yeah. So as we look at this, what are some of the areas of focus, we talked about some of the technology tools earlier, like artificial intelligence, you can see the graph on the bottom at the top, when we think about some of the faster the lower value payments. In the US, we see significant increase over time of services like ACH and other electronic methods, like virtual cards or Senator so 60% of your peers are planning to increase the use. As
Baptiste Collot 08:11
I think you find my Hey, I think it’s super interesting, because when we think about treasury, while the move from check, specifically to digital means of payment is probably one of the biggest trends we see globally in the treasury world. And when we think about risk, the risk associated associated with checks was quite high. When people were thinking that when you ask them if, if the fraud on checks is a big issue for them, they say yes, but even more worried about the increase of ACH and wire, because while when it comes to digital fraud on ACH and wire, it’s even bigger or bigger threat. So that’s super interesting, because we see that was one of the main points raised by the audience on this survey, and that, while it appears to be one of the biggest risks, biggest opportunity, but as well, biggest risk for treasury teams in the coming years.
Craig Jeffery 09:21
Yeah, that’s that’s, that’s really it. That’s interesting, as well as the fact that fraud on ACH has grown as more companies have moved ACH certainly during COVID That pushed people from checks to more digital means. And there is a focus.
Baptiste Collot 09:39
Yeah, as well for of course, when you move an entire vendor or database to be paid from checks to Ach, all the data you have to undergo at the same time to transition is quite hard and as you said, very clearly, fraud see Kings this moment tombs are seeking the moment when you will need to control all this data and they will find a way to send you fraudulent data to some scams. Some businesses will compromise. So yeah, obviously, big opportunity, but as well a big threat.
Craig Jeffery 10:22
Yeah, and you know, this, this new this new focus, one of the famous American bank robbers, Willie Sutton, was asked the question, why do you rob banks? And his answer was, that’s where the money is. And so you know, as we see transition from checks, paper items to attract people, criminals are gonna go where the money is. Excellent points. We’re going to move to our first poll question. And that’s going to pop up on the screen, there’s some instructions you can see in the chat box, if you can’t find it on your screen. The first, the first poll has a double or a stacked question. The first one is all that apply. Which of the following payment methods does your organization use most, there might be a couple that are top, but go ahead and select one or two. And then the second question is a single choice, what is your expected use of checks in the coming year increase of top one to be any type of increase? I guess more than 10% or stay about the same? So within plus or minus 10%. And then you have the to decrease options. If you don’t know, I would suggest you type about the same if you’re not sure if there’s any plans that will give everybody a moment to select their choices. And hit the submit button. And I see people are jumping the gun already, which is awesome in the chat box. If you would like to see the results of the poll question if everybody will get them. If you get enough responses, we’re gonna go ahead with 125 people if they type the word, Trustpair in the chat box with Trustpair is the way to go. Poll counts as well. But Trustpair is the favorite, favorite word in that box. Well done. I see a lot of people plugging that in. I was gonna ask them to type in Baptiste and spell it correctly, but I think Trustpair might be easier. Right. But he’s when this shows up. Okay. I’d love to hear your comments on this, Baptiste. Any thoughts?
Baptiste Collot 12:34
So we see we get, I’m not sure all the attendees can see the results or yes? Everybody’s got it. Right. Thanks. So checks. 50% of respondents said that checks was the payment method, which is most used. I’m not surprised about this, we can definitely expect that it will be lower on lower for the reasons we mentioned, because companies are looking for efficiency and cost reductions. And of course checks brings a lot of frictions and costs. ACH and wire are super high. And it’s great ACH 86% wire 53%. While it just proved that digitalization is definitely on its way in payment means the question might be are you really? Do you feel safe using ACH and wire? Or if that concern today, and we usually see that when you look for digitalization for optimization and less friction, sometimes you do not feel safe in terms of security. And that’s normal. And that’s what we used to see such will be as well. Great to to to see that in terms of what are the what is your expected use of checks in coming years. Increased more, we have five persons who have the respondents who expect you to use more checks in the coming years, I will be more than happy to give you the reasons for that and stays the same 45% decrease more 10 to 25% and decrease more than 25% represents globally 50%. So we’re 50% of the audience will expect to decrease its use of checks. So it will mean that less checks are probably more ACH and more wire. So while you opportunities, new risk as well to take Thanks all for participating to this poll.
Craig Jeffery 13:31
Very good. I’m just trying to resize it looks like there was a sizing issue. So I’m just going to fix that, one moment. Thanks for that feedback. And we’re gonna go ahead and restart the share. All right, thanks. And thanks for bearing with us through the slight screen change. So hopefully that’s coming through coming through fine now. So yeah, Brian, if you can tell me if you’re seeing it coming through clearly now. So as we move on to what’s the impact of digitalization? How is that grading a change? I’ll start on these and then Baptiste, you can you can jump in.
Baptiste Collot 16:10
Yes. Let you let you comment, Craig, happy to jump in.
Craig Jeffery 16:17
Okay. So the first the first part that we’re talking about is what are the expectations of management, there is an expectation that companies will be far more efficient and scalable, that they’ll provide adequate and appropriate payments security, the expectation on Treasury, as the superintendent of payments and by default, the superintendent of payments securities that they’ll protect the organization’s most liquid assets. And so these elements of efficiency, elements of security and risk management are are at the forefront organizations. We hear that from clients directly, we see that in polls and surveys. I know you live this world, Baptiste, so feel free to jump in.
Baptiste Collot 16:59
Yeah, no. Obviously, when you ask to top management, what they expect from an investment is some better efficiency, better security, better everything. And especially in terms of digitalization, I think what we see here is, is that all the classic topics are on Treasury. So how you plan better how you forecast better is really one probably the key thing that any treasure on a CFO as in mind, and doing all these, and managing the cash on the daily basis safely, is the second one. So we see clearly that, of course, these two points are really on the top of the list, payments, security, liquidity planning and forecasting, and it’s absolutely not surprising. Overall, I guess, when you talk about any finance, people, is the way you think is about risk management. The purpose of any finance departments and Treasury team is to balance the risk between the opportunity and the associated risk. And this is what, what the purpose of how George, in fact, as a finance specialist, so while it’s quite legitimate, the question is, when you want everything you need to as well balance your expectations sometimes, and again, this is saying how would you find the opportunity cost? How do you catch the opportunity of digital digitalization and ensure at the same time that you keep manage your risk at the highest level possible? And this is what we’ll be tackled in in the next slides, I guess.
Craig Jeffery 18:47
Yeah, excellent. Thanks for thanks for that. The taste, you know, as we, as we, you know, continue to the view of what’s the impact is increased expectations, due to the environment, there’s also an increased need for technology spend the use of technology tools and the use of skills to to manage our organizations in light of the new threat in light of the increased expectations, and what we need to deliver for organization. The tissue live most of your life in the financial tech world. Here. I’d love to hear some of your thoughts.
Baptiste Collot 19:26
No, of course, you can’t imagine any scalability, any efficiency without digitalization and without investing and of course, you have to invest in in intact that’s why this is what we see here because financial technology brings everything we discuss. So efficiency is sometimes more security, etc. as well. It allows you to take a new risk and for these is clearly one of the booming risks for any financial finance departments and Treasury team. And so we see clearly that the spend in fraud and security solutions is fairly on top of mind of any CFO. Today, even if the even when you have an economic turn down, you need to keep investing that because if you don’t, while you expose your organization to higher risk in the future, so this is really a clear trend that we see the the expectation in terms of investment in, in, in finance, financial tools and security and fraud solutions are really high. But as well, while the opportunity of digitalization digitalization for any finance team is as what the opportunity to it comes with new requirements in terms of skill sets in terms of human organization. And when you when you invest in tech, you have to think about what how, what does it take for for for the organization globally for the team, and you have change management to have in mind, and probably new people to have in the team or people to be trained to adapt to the new organization. And it’s not like you’re adding new tools, it’s you’re thinking about how the whole organization will will work globally. And this is human is a huge part of the equation to get the best result from any digital project and transformation project.
Craig Jeffery 21:53
Excellent, so yeah, so there’s two areas. You know, the last, the last point on here about innovation requires new skill sets. I think, you know, depending it doesn’t matter which age cohort, you’re part of, whether you’re a Gen Z, or you’re a boomer, all of those. All of those experiences, no matter how long you’ve been in the workforce is this technology is changing what we have to do and how we have to think about things, not only individually, but from a departmental and accompany standpoint, we need the new skill sets to leverage the technology and to combat issues like fraud. So achieving efficiency. ensuring security requires a range of new skill sets. We’ll talk about that a little bit more. But right now we get to go to our second set of poll questions. And hopefully, if everybody can see everything fine. Just looks like most people are seeing it fine. If there’s any, any continuing issue, please send a note in the chat box just to make sure. But this question is fraught experience. Over the past two years or 24 months, we have experienced one instance, instances of fraud experienced more than one instance of fraud, not experienced fraud, I don’t know. And then other. And I think we need about six more trust pairs in the chat box to hit our 25. And Brian will keep us total to the top. So there we go. And we’re past so excellent. No, no more need to type that in the chat box. But as you go ahead and select the response to the poll and hit submit. Brian is also posted something in the chat box posted again about following trust bear on LinkedIn. That’s a great way to follow trust parent LinkedIn, click on the link. Go ahead and accept and follow trust buried and keep current on their activities. But also invite you to follow Strategic Treasurer and CTMfile. CTMfile is Strategic Treasurer’s news and media site on payments on treasury finance and economics that will post that up again. So it’s a great way to stay connected, makes our marketing teams happy. And thank you for thank you for those responses. Baptiste. Yeah, yeah, I do I do. This is, you know, as a as a provider of security functions, the fact that 68% have had one or more in the last two years, I think is it shows the seriousness of the problem here. Any comments?
Baptiste Collot 24:33
Yes, of course. No. Well, we all know that fraud is not a small concern. Fraud is booming. And this poll just proves it is a massive issue. We see that either. It’s interesting because I don’t know prove that maybe maybe not but we don’t know and there is no such thing that if you don’t know how risky least or not, you should know. And you should have the way to to to know that, in fact, and I guess tech allows people to know what they don’t know, stop being blind about this topic. And it’s super important. And it doesn’t mean that you’re not involved enough. If you don’t know, it means that maybe this is something that you should be aware of, because for the isn’t top of mind of any finance leader today. And so this is definitely yeah, I think an interesting point. And and that probably that the organization, how’s your organization works today, to not allow you to have access to this information? And I guess it’s crucial for for to manage the risk. So yeah, I’m not surprised about how many people and companies have been eaten by fraud for the last years, honestly, with the and we will see in the next slide that it’s generally more than run 60% to 80% of companies out there that eat by fraud. So the general, I guess, outcome from this is, every every company is exposed to fraud today. And so the concern should be on top of mine of any finance leader.
Craig Jeffery 26:26
I think that every company is exposed to fraud, there are companies that weren’t exposed to fraud in the past, because it was more manual. They, they maybe weren’t as a big enough fish to go after. Because of the level of automation, those companies can be caught up because there’s no limit to the scale that automation can approach. But but thanks for your comments there. And back to you on offense and defense.
Baptiste Collot 26:54
Yeah, so the context of fraud. Generally, we see two different periods around fraud. Over the last decade, fraud used to be super manual. So it was like it was to scam CFO scam, you receive fake invoice, you receive a phone call from a fake CFO thing, a please, I really trust you, I know you’re super involved in your job, and I trust on you, we have a super important payment to make, we have an acquisition, and you’re, you’re the only one we need to know that etc. And it seems crazy, but it worked. And it’s keep working. But what we have seen over the last years is much more complex fraud schemes. Because cyber attacks used to be involved in the vast majority of frauds today. And so we see that business email compromise is really one of the top fraud attempts reported by companies in general. And it’s super hard to identify this business email compromise, because as you said, Craig a few years ago, before, digitally, before the sterilization not but before AI, etc, you could notice that the English was not correct. So maybe it was it was quite easy to identify that you could identify that domain used to send the the email was not the one of your vendor of your supplier. So you could identify that, but today, we see that thanks to cyber attacks, fraud, can really take the control of your vendor, email and send you an email. So it could be a legitimate email and a real email sent by or through the real email domain of your vendor. So it’s super hard to identify that and the the wordings of spelling is correct. So it’s, it seems legitimate, but it’s not. And so how can you identify that it’s super hard, in fact, and that just proven these single points, I guess, that the offense and the defense are absolutely not equal. They are fighting fraudster, our criminal organization today. It’s like, very well organized, it’s not someone it’s in its garage, you know, doing its own things on Sunday evening. It’s like really, very well organized, organic criminal organizations, and they are using very sophisticated tools. And at the opposite, you see that any financing is still fighting with manual processes to control data that That’s not fair. I mean, in terms of offense and defense, so business email compromise, this is the first one, system compromise is quite similar, but it can happens in your own system or in the system of your vendor as well. The issue, if it comes to your system is you can trust your data, you can trust that the data often in your own systems in your own ERP is, is clean or not. We see a lot of cases from companies coming to us saying, Okay, we are the cyber attack. So we are the bridge. And we just would like to ensure that the data we have in our system is to clean that the bank accounts are really owned by our vendors, and there is no risk of fraud associated to this data. So system compromised are really huge. threat as well. Invoice fraud. Classic one, you receive an invoice it’s fake one, few years ago, it was quite easy to see that it was modified has been modified, and it was quite clear. But today, again, frauds are spell well done. And so it’s hard to do to read them. Overall, what is complex with all these digital ways of fraud is the volume, you have so many vendors to control, you have so many emails that you receive so many data to control at the end of the day that it’s not possible with a human organization to control correctly, all of this data, even if you are super well organized, etc. While you’re fighting with manual means while they are fighting with cyber cyber, cyber means classic on the right. CEO fraud can take over vendor fraud. This is all things I guess you all know, behind each fraud, there is a theft of identity. So the question you have to think about is how can I be sure that the person I’m talking to is the right one? How can I validate the identity of this person? And how can I ensure that the bank details associated with this vendor or this person is correct. And it’s super hard vendor fraud, account takeover or CEO fraud we see deep fake deep voices that are used. And so even if you have a call with someone, the voice could seem that the one of your boss, if one of you have the CFO, but it will not be it will not be him. And it’s almost impossible to identify that or it will require a lot of was on manual processes that you can’t afford because you are limited organizations.
Craig Jeffery 33:05
Baptiste, thanks for that there was a there’s a question that came in about where does data theft and compromised fall in the context of fraud? I’ll take that one. So when we think about fraud, there’s the I convinced you to send money. So the spoofing types of fraud like BEC and CEO fraud to give up credentials or to give up payments. So it’s a convincing them. It’s the gain control of a system or an account. And therefore I can control that money is sent out the other types of fraud so I steal data and sell it, or I take data and lock down data like ransomware. And I use that to amplify the urgency. Those are some of the common playbooks playbook act options that exist with the criminal so it falls in in one of those, those chains. Thanks for the thanks for the question. Yeah, I think, Batista, I think you probably continue on the scary. I guess everybody knows how bad fraud is, but it’s good to go over statistics to see how serious it is across the board.
Baptiste Collot 34:16
Yes, so I think it resonates with the poll that we had a couple of minutes ago. 56% of US companies were targeted, at least by one fraud attempts in 2022. If you are the company’s 12% of companies were targeted at least 10 times. And while you can start to reach quite a high rate of companies that are exposed and have actually read that it’s by fraud attempts last year. So as I said, no company can think that they are out of To target from the fraudster. And I think what we see here that things that 56% of companies seeing that fraud will increase in 2023, there is a good understanding of that trend, in fact that because of the technology, it will be quite a wave. In fact, fraud was historically something that was really precise, so forced us to focus on a company. No, it’s like, they are shooting wide, you know, and that just using tools that allows them to identify some breaches, and also they found a bridge, they focus on it, but they can also target 1000s of company at the same time. And that makes company understand that while they’re exposed to to the foot of risk, the risk of fraud. And also a very interesting point, and that Pro that it is a battle is not fair. 70% of companies use phone calls to check supplier credential changes, or control, generally, vendor details, while again, fighting with manual processes. With all what we detailed over the past slide, saying that folks are using digital tools, and you’re still using a phone, which is probably a digital phone, but still much less sophisticated than the tool used by the footsy, to try to get you. And I guess that proved the trend in terms of fraud. 55% of successful fraud attempts was perpetrated through credential or informational changes. So in the vast majority of fraud, the issue is someone will try to send you an information that you will use for payments, and you will pay a fraudulent bank account while you are convinced that you’re paying the vendor. And so it’s all about data, it’s all about how you are sure that at the end of the day, the data you have in your systems is correct. How you’re sure that the data you have in your systems is never outdated. And that if it is you are you are alloted and you can take the measure to clean it.
Craig Jeffery 37:51
Right. So that brings us to technology and training. These are the two sides to perhaps the same point, one on tech and one on the human component. Why don’t you start us off on the tech side and all those at the human human firewall side?
Baptiste Collot 38:11
Yeah, I so of course, and I’m, as you say, I’m the tech side. But in any organization, tech is never the only solution. And human is never the only solution. It’s how you balance tech and human because business is about humans. So how do you equip human to help them on a daily basis to do their job better and safer way. And this is the role of tech. So in any good risk management project, you have to think about what is the role of the tech layer? What is the role of the human layer? And at the end of the day, how’s the tech enhanced as a human to help him focus on what matter where is the highest value you can get from a human and so tech can drive the human to focus on what matters. So thanks a great competence. Of course you have multiple things that you need to take to have in your mind when you think about preventing fraud of course also classic cyber prevention tools firewall anti anti virus, ensure that the access to your tools are safe by multiple multi factor authentication. When it comes to vendor credentials, don’t Account Validation of your vendors, stop relying on manual process just rely on technology and automate these controls to focus on what can be automated. Always ensure that the data or CD in your vendor database Globally should be on the ERP side is continuously under monitoring. Probably what we see today is vendors are controlled only when they are on boarded. And then all the data is let on in the in the ERP but is not monitored or it is not rechecked over time. And this is a huge pain because data has a quite short lifetime value. And so if you wait just the quality of the data in your ERP will go down and down and down. So you need to check this. This is why you need a continuous vendor database monitoring. And of course, you need to ensure that the different tools you are using are well embedded are talking to each other as it was the first slider of of the presentation was about the use of API, we didn’t comment that much. But of course, today, thanks to the last digitalization opportunities, tools are much more easier to integrate. And it’s a key parts of any fraud prevention project because you need to avoid any breach in your payment chain and ensure that tools are connected and talking to each other is is highly important. Craig, do you want to commend the human part?
Craig Jeffery 41:36
Yeah, surely, yeah, the other side of the coin that the human security components, what some, some of our friends refer to as the human firewall, what what needs to what needs to take place? Well, people need to be skilled in not only using current tools, but on on fraud and security generally, but also on payment security payment processes. And we have quite a bit of statistics on how companies that have people trained, do far better have far lower rates of fraud than those who are not trained. Now, that was a little more apparent a few years back when on the corporate side was less than half of companies had training. Now it’s a you know, well above 80% have fraud and security training, the distinction now falls into those who have payments security training. So we oftentimes saw the differences, it was somewhere around two or two and a half times more fraud to five times more fraud in different areas for those companies that lacked training. And so those are those are pretty, pretty significant. And so it’s training and testing, because let’s face it, we have a lot of things we have to get trained on. And people rushed through through training. And we see that with some training that we have is people take the first test, they figure they can just guess the answers because they’re all logical, and then the majority fail the first course they take and then go okay, I really have to know some of the points of distinction. And so this idea of constantly upgrading the team makes a lot of sense. And so more and more companies, more banks are requiring training more than once a year. And that’s also flowing into the corporate world where they’re updating the human firewall more frequently than once a year just continuing to stay current, as opposed to a single event once a year. And so that flows into segregation of duties, the principle of least privilege, where you lock people out of certain things, you know, all part of your internal control framework, those are essential. So just like if you don’t upgrade, update your firewall in your browser, you’re going to run into more and more problems as that gets updated. The same is true of the humans. And so this is a this is that we have to have layers to protect our organizations. And the layers include technology layers, and human security layers.
Baptiste Collot 44:09
I guess what we see as well is people need to be aware of not only they their piece of the puzzle, but understand what happens before what happened after, especially in the payment chain. Because we see that of course segregation of duties is super important. But sometimes people believe that they are not doing the control but someone else is doing the control. And so if in fact everybody believes that the control is done by someone else, but there is no control at the end of the day. And so this is how you you have a fraud because of course there is someone doing this control. It’s not me but someone else will do that. So providing in the training to global picture of who does what and not just whether this is your responsibility, but be aware of who, who is the person before you in the in the process and who is the person after you in the process is highly important, because that’s a loop of all the individuals to be aware and feel concerned about the overall security and they will overall process and guarantees the safety of the organization at the end of the day, we see that it’s really, really important to ensure people are aware of the of the global process.
Craig Jeffery 45:35
And a comprehensive view is important. I think you put your finger right on. The issue is people think, well, somebody else is doing that. And they may not be doing it. Sometimes there’s there was a problem. And so two or three people are doing this double and triple checking. And so there’s this, there can be this false sense of assurance is, well, other people are checking, I can just pencil whip or push something along because I know someone else will catch it. And what happens is, people get more lacks, there should be accountability, segregation of duties, and limiting that exposure, as Baptiste was, was talking about.
Baptiste Collot 46:16
I guess technology can help on this. This is really important, because technology provides the ability to share the information over the organization, finance teams used to be siloed, between projects, the overall chain, p2p, so procurement, AP treasury, sometimes you have another layer with a vendor management team. So it’s a lot of people involved in a process a lot of you people involved in treating the data or piece of the data. And they do not access to the same tools. So accessing to the to the information is hard. And as you said, yeah, you can believe that control has been done before. If you add a layer of technology that allows you to be sure that the process has been respected, that control has been done while you streamline the process because you know if someone failed to do the control, or if it if the control still need to be done. And this really provided how accessing this information really allowed to streamline Brasil process, but as well secures your process.
Craig Jeffery 47:28
You know, as you were saying that I was thinking of you know, what is technology good at what are people good at if you have a technology system that enforces the behavior that can be far superior to someone saying I have to do all these steps but I’m the control is in my head. And in the discipline of what I do, because I can lose a step if I’m supposed to do it, maybe I don’t run across it very often. And so technology can ensure certain steps are completed. And then it can reduce the amount of things people have to look at. And so when you’re when the system is identified something to be reviewed, it’s much more of an exception, and people exhibit more care as opposed to looking at 5000 items. They’re looking at three or four. do the due diligence there. All right, our last group of poll questions is now on the screen. We currently use the following controls for fraud, check all that apply. There’s automatic bank validation, employee training with testing without testing, continuous vendor database monitoring, I won’t read all of them multi factor authentication out of band validation, all of those, just click all that apply and hit submit. And once you’re done with that, again, I just remind you that there’s the ability to follow trust pair Strategic Treasurer and CTMfile. Clicking into the box we have enough responses really appreciate the enthusiasm. We have we have enough in the chat box so perfectly. So everybody will get the responses to the poll question that summary poll question. So go ahead and answer those. Click Submit. And Brian will post it when we have a enough people who’ve responded. The tastes number one is firewall and antivirus. I’m a little concerned that the numbers 80%. But sometimes people may not know how much of a firewall or antivirus exists in a company. That’s number one, which is probably lower than it is of course multifactor authentication over the past few years that has really risen significantly. That’s about at the same level. As you look at these items you have any any comments that you want it to be?
Baptiste Collot 50:05
I see two, two things, as you said firewall and antivirus are not a concern of treasurer or finance teams more on the side sizes side. So these are teams who are in charge of deploying audits for the whole organization multifactor authentification authentication. So as you say single sign on, is as well usually something deployed about the whole organization, birds, when it comes to choose a tool for specifically the finance teams or the treasury team, of course, it’s thought to be an important point. So I see. So the answer for the global tools you’ll use use the wall around the whole organization and the specific tools used by finance teams. And when I see automated bank account validation used by 50%, this is a choice usually made by the finance teams, and I guess, continuous vendor database monitoring as well is the same kind of tools. And then employee training, we see that it’s quite used by in the more than the majority, and the majority of the cases 55%. You have training, I would have expected more on s3. So I thought 55 plus 26? We are 55% 75%. of all that’s still there is 55%, you should have at least a training each year, I guess. And and yeah, it’s interesting, I will say automate automated bank account validation. My question will be how do you do that, and how, what is covered, we’ll see. And I guess the next slide, but when it comes to find a tool to prevent fraud about the organization, the coverage is one of the main points and automation used to be Oh, that’s great, thank you. Used to be quite good on the locals on the local level, I meant to control some vendors in the US. But when it comes to international, it used to be much more complex. So when if you have to choose for fraud prevention tool, as a finance team, does just think about different points. The three first point I would like to focus on are the geographical coverage, you need to ensure that the tool you’re using can allow you to cover the vast majority of your vendors. And and because usually when it comes to international vendors, it’s much more complex to control because you don’t speak the same language because you don’t share the same timezone. Because there are lots of criteria that will not allow you to do the controls, manual control safely and confidently. So geographical coverage is highly important. So go on a second one is collaborative features. As I said, finance teams are siloed over different teams treasure are a very important piece of the fraud prevention, but you can’t own the topic, I mean, you are at the end of the payment chain, but you are not the one in charge of this control. Basically you are the one in charge of sending the payments to the bank. And so we see that treasurer used to take the lead to find a tool and to engage all the finance team globally AP sometimes procurement around that. And so collaboration is a key part of the tool that you need to find because you need to ensure that everybody you need to access to the data access to the same tool and that it answers to you and it’s not only one tool for Treasury one tool for AP One Two for procurement, you need to have this layer and everybody’s using the same tool or access to the tool to ensure that the data is correct and that the process has been respected. User experience I guess is highly important today, because if the tool you are using to not provide a nice user interface etc I got him will not use it on the long term or they they they will have some issues friction to use it All right. So of course user experiences is very important. First point, I would say systems, you have to be sure that you use the tool you will choose is embedded in your existing tools, you should not replace every audio tools, you shouldn’t find the top things that come on top of your p2p suite. So the ERP, the treasury system, and that can easily integrate this tool. So you really streamline the process and you do not add friction. So is integration, how systems are communicating? It shows us and then of course, security, but I’m sure your security team will will will have a high look deep, deep focus on on these parts, ensure that SSL is available and can match with your organization that you provide them all the requirements in terms of security. Last but not least, as we said, training and testing, ensure that people who should use the tool have the good training that they understand the overall process that at the end of the day is a tool answer they need, and engage them around the why they should use this tool and the global purpose of of using this tool should not be a constraint it should really be like how this will help me on my daily basis. And this is a purpose of digitalization, bring opportunities and not frictions.
Craig Jeffery 56:40
Excellent, thanks, Baptiste. A lot of lot of great points about tools, people I think about people, processes, technology and structures. These are these are some of the key key components. That brings us to the final thoughts section, a bit of a summary I’ll start and have you say a few things per se, the movement towards automation and digitalization is impacting jobs. from an efficiency standpoint, a control and a risk standpoint, expectations are changing. Criminals are certainly leveraging the technology and their use leveraging tools. And so our defense has to include the different layers, including technology tools, and the human element. And so since the attackers are more sophisticated, and continually upgrading, we have to make sure we’re using tools and upgrading the tools and we’re using, we’re upgrading our the human element to upgrading people. There’s not, there’s not a defensible position to say, we’ve reached a certain level of care in our payment controls. And therefore we’re set we don’t have to pay attention for three or four years, we always have to monitor and tools and people are some of the key areas in this era of increased digitalization. I’ll give you the last word, at least.
Baptiste Collot 58:05
I guess. It was a nice conclusion. As we say until this last point, there is no such call. Today, you need to embrace digitalization, there is no movement. So just be curious about what can be done and how can digitalization if you doing your job better how to be more efficient and seize the opportunity of for all these tools, especially in terms of fraud prevention. I mean, the risk is invasive today and is keep increasing. So there are a lot of options outside and just pay is probably a very good one as well to help or treasurer’s to streamline the whole process to focus on what matter to ensure that people really at the end of the day are really taking the best of their position and and focusing on what and value added tasks and not on only manual processes.
Craig Jeffery 59:11
Thank you so much, Baptiste. Thank you everyone for listening to us talk about this really key topic. Really, really enjoyed it. I’ll turn it back over to Brian for some concluding important announcements.
Thank you, Baptiste and Craig and thank you everyone for joining us today. The CTP and FP&A credits, today’s webinar slides, and a recording of today’s webinar will be sent to you within five business days. And for more on the future of treasury in the digital age, be sure to download the new white paper by Trustpair and Strategic Treasurer by clicking the link in the chat box. Thank you and we hope you have a good rest of the day.