Cybercrime is big business. It is costing consumers $110bn a year and affects almost 1.5m people a day, Symantec, the online security group, reported last year. Bank accounts are being compromised; credit card details leaked and mobiles hacked. Gangs are now operating internationally. Hackers are targeting banks and financial institutions. It cannot be long before they focus on the corporate treasury department too, are because on any day, treasury might handle transactions equal to the net profits or even net asset value of the company.
Brian Welch, Director at The UserCare Treasury Consultancy, in his talk at the ACT Cash Management Conference on 13 February 2013 stressed the need for treasury security and controls. He believes that fraud treasury is rarely caused by persons unconnected with the company.
Brian explained how treasury security and controls policies and procedures need to be set by the board, and then management implements. Vital features of these controls include:
- making sure that all processes are transparent and compliant with SOX, etc.
- segregating duties, e.g. between front office and back office
- having strict rules to prevent systems updates without checking with the IT Department
- ensuring that there are controls about exchanging documents except from trusted sources, which should be on an approved list
- not permitting management over-rule AND have a procedure which records any such practice.
Sound advice. Cybercrime and internal fraud are going to become a major problem for corporate treasury departments world-wide. The global economic downturn can only make it worse.