4 STRATEGIES FOR TREASURY TO PROTECT AGAINST PAYMENT FRAUD
Jason Dobbs, Senior Manager, Treasury & Capital Markets
To minimize the increased threat of fraud, it is imperative for treasury controls to match internal compliance, follow risk guidelines, and implement necessary fraud prevention policies.
1. Data Security
Host information on an external cloud to ensure treasury data is accessed safely. To determine which cloud to utilize, ask the following questions:
2. System Security
Be sure the system remains secure from the start by taking application security into account. Cyber attackers prey on weak login and authentication procedures. Create a strong and "difficult to deduce" identification and password. Establish a combination of password controls as follows:
3. Payment Controls
Upgrading payment workflows are an opportunity to increase the controls found in payment policies. A consistent security protocol as well as one single set of limits should be utilized. Once outside the safety-net of the application's security, be sure a streamline and secure process is followed with these key elements: the encryption of data being transferred, arrangement of an automated confirmation of receipt, and a single source of record for the data. Finally, visibility of the payment policies must exist within the workflow and real time visibility of auditable events (such as approvals). It is critical that these controls be standardized across all payments, in all geographies.
4. Screen Payments
Screening payments not only ensures regulatory requirements are met, but helps to prevent payments do not fall into unintended hands, but ensures regulator. Review screening within payment systems against the OFAC, EU, and UN sanction/security lists and custom scenarios to determine what the bank will discover. To greatly reduce the chance of fraud, align payment policies with screening rules. These security controls even helped uncover the penetration at the bank of Bangladesh.
If you would like assistance in developing a framework for fraud prevention, you can reach out to me at email@example.com. I will also be attending the NYCE Conference Jay 30- June 1. Let’s connect. For more information visit http://www.actualizeconsulting.com/treasury.html
Latest release news and tips for your Kyriba implementation.