This is the second of a three-part article series
Treasurers, thought of as the superintendents of payment security, have to stay focused on cybersecurity and fraud prevention in 2023 just as they did in 2022, keeping in mind the alarming rise in cybercrime.
If the events of the past one year – which include geopolitical conflict, a high-inflation environment, soaring inflation, and snarled supply chains – are anything to go by, treasury, as the steward for financial risk management, is also expected to maintain a laser focus on financial risk and transformation of supply chain management over the next 12 months.
In the second part of this three-part article series, we sum up three key priorities from 2022 that are likely to continue into 2023 as focus areas for finance and treasury executives. Just as we did in the first part of this article series, we have included the most relevant article links for each of the three focus areas that were published on CTMfile in 2022 below the summary of the pertinent focal area. We hope finance and treasury professionals can benefit from these article links and our summarised commentary to brace themselves for the challenges of 2023.
Global losses from payment fraud tripled from US$9.84 billion in 2011 to $32.39 billion in 2020, and losses are projected to reach $40.62 billion in 2027 – 25% higher than in 2020 – according to Merchant Savvy Global Payment Fraud Statistics, Trends & Forecasts (2020).
According to the 2022 Treasury Fraud & Controls (TF&C) Survey Report produced by Strategic Treasurer and underwritten by Bottomline Technologies, 78% of respondents had experienced fraud or suspected fraud during the preceding 12 months. Eighty-four percent of respondents indicated their perception that the threat level from fraud had increased from the previous year. ⃰
Concerns about fraud and cybersecurity are growing, even as a variety of cyberthreat concerns and increasingly sophisticated techniques are being adopted by cyber criminals.
“Malware”, “account takeover”, “ransomware”, “phishing” and “reputation attacks via social media” are five of the leading cyber threats for organizations across multiple countries and industries, according to the CyberEdge Group’s 2022 Cyberthreat Defense Report.
According to estimates from Cybersecurity Ventures, ransomware is the fastest growing type of cybercrime and is expected to attack a business, consumer or device every two seconds by 2031, up from every 11 seconds in 2021. In the US, the Cybersecurity and Infrastructure Security Agency (CISA) announced in May 2022 the formation of a task force to tackle the growing menace of ransomware gangs.
Russia’s war in Ukraine also raised cyber risks worldwide, as did the shift to remote work, which caused a major rise in cybercrime in 2022.
With the increase in the number of devices and employees working remotely, security teams faced an uphill battle, so much so that 79% of organizations surveyed in the Verizon Mobile Security Index (MSI) 2022 report agreed that remote working had adversely affected their cybersecurity and increased the burden on security teams.
Treasurers also confronted another threat – the failure of organizations to prioritize security and invest enough in training their staff. In fact, Verizon’s MSI 2022 report highlighted a startling finding: many companies set high expectations on their employees but don’t give them adequate security training to meet those standards.
While 44% of companies surveyed in the Verizon report do not offer employees security training on a regular basis, 51% do not provide employees security training when their working arrangements change (for example, when the employees start working from home).
According to ENISA, the European Union Agency for Cybersecurity, “Cyberattacks are becoming more sophisticated, targeted, widespread and undetected.” This means that in 2023, organizations around the world will have to stay on high alert and reinforce their defence capabilities. This will involve prioritising cybersecurity enterprise-wide, encouraging a security mindset in their employees, emphasising regular and adequate security training (securetreasury.com) and approaching payment security as a vital and ongoing process.
According to the Association of Certified Fraud Examiners (ACFE), a typical organization loses 5% of its revenue annually due to fraud. ACFE states, “As criminals continue to perpetrate fraud, it is no longer a question of if fraud will occur, but rather when it will occur at an organization.”
Given the increased fraud risk and corporations coming around to remote and hybrid work in 2022, more organizations are expected to shift to cloud-based security, as well as transition from virtual private networks (VPNs) to zero trust network access (ZTNA) in 2023.
Gartner identifies ZTNA as the fastest-growing segment in network security, forecast to grow 31% in 2023. Cyber criminals understand that ZTNA and cloud security are here to stay and will continue to drive corporate security investment in 2023. Scammers will try and stay one step ahead of corporate treasury, thinking of innovative methods to infiltrate organizations and compromise computer networks and information technology infrastructure and systems, particularly corporate payment systems. These attacks may open the doors to more fraud in 2023.
To carry out their role as the superintendents of payment security, treasury professionals must be equipped not only with current information, but also with stable, enduring principles for security.
Strategic Treasurer’s eBook Payment Security & Fraud Prevention brings you twelve payment security principles referred to by the mnemonic “SECURE CLAMPS”, distilled from a portion of Strategic Treasurer’s SecureTreasury™ course.
The cores of these twelve foundational principles for securing your payment processes remain consistent amidst constantly evolving threats and leading practices. This eBook will equip treasury, finance and security professionals with the necessary payment security intelligence to combat the expected surge in cybercrimes in 2023.
CTMfile article links (cybersecurity):
- Neglecting to prioritize cybersecurity and sufficiently train staff likely behind cybersecurity workforce crisis
- Cloud security to drive growth in security spending over the next two years
- Cybercrime insurance claims rise as ransomware proliferates
Risk management, always core to the treasurer’s role, has climbed further up the agenda, particularly in the light of the variety of risks corporate treasury had to face in 2022 – currency, interest rate, liquidity, credit, enterprise, counterparty, geopolitical, commodity and markets.
With the world heading into a global recession, more risks and demands may come to the fore in 2023, including exposure to climate risks and the growing threat of a global food crisis. In addition, while China has started to relax COVID-related measures, a complete easing of the pandemic curbs will still take time and “Won’t likely happen until the second quarter of 2023”, according to S&P Global Commodity Insights.
Fitch forecasts growth in mainland China to recover partially to 4.1% in 2023, from 2.8% in 2022, both well below pre-pandemic trends. However, economic uncertainty clouds China as it will continue to be under the pressure of the real estate market downturn and hampered or weaker exports because of slower global growth. “These combined factors will weigh on consumption, business confidence, and constrain the trajectory of mainland China’s economic recovery”, states Fitch Ratings Greater China Outlook 2023 report.
As central banks around the world remain focused on tightening monetary policy to combat inflation, the lacklustre recovery in mainland China, coupled with a likely recession, will present significant risks for global growth. Furthermore, winter 2023 is where a European energy crisis is expected to kick in, which may put additional pressure on global energy markets already straining under current demand.
In the light of the challenges that may come their way in 2023, corporate treasurers may have to spend more time on risk management in the next 12 months and raise their game to fulfil their organizations’ strategic objectives as well as protect cash flow, value, reputation, branding and future amid the ongoing volatility and uncertainty.
CTMfile article links (risk management):
- Together, sensitivity and scenario analysis can help treasurers face the challenges of 2022
- Seven tips to help CFOs and treasurers fight inflation
- The world may be heading into a recession
Supply chain management
In 2022, the fragility of global supply chains was further exposed by increasing frequency of disruptions, including rising interest rates, China’s strict COVID-19 lockdowns, and trade wars.
Given the cracks in our economic interdependency and the vulnerabilities in global supply chains, resilience became the new buzzword. Auto manufacturers, instead of relying on just-in-time manufacturing to keep the production process flowing, started stockpiling key parts or materials.
Other industries followed suit and started building up costly inventory as a backup plan so that they would not be left in the lurch should the supply chain crisis worsen again.
Russia’s invasion of Ukraine also exacerbated commodities supply and demand imbalances. From oil to copper and wheat to nickel, reduced supplies of commodities resulted in a spike in oil, gas, wheat, mineral and metal prices and further disrupted the already stretched supply chains.
The Russian-Ukraine conflict, Chinese factory and port shutdowns due to the pandemic, and the semiconductor chip crisis that started in 2021 and spilled over to 2022 all drove CEOs, finance leaders and corporate treasurers to rethink supply chains.
Against this backdrop, nearly half (45%) of the surveyed respondents of the 2022 Global Finance Trends Survey Report by Protiviti revealed that “Their organizations are moving away from efficiency-based supply chain models (e.g., low-cost, just-in-time) to revenue assurance models that emphasize flexibility and resilience.”
The survey found that organizations in health care, oil and gas, and retail industries are more likely to look beyond efficient traditional cost calculations by evaluating and monitoring supply chain reliability and responsiveness.
In 2022, treasury and finance professionals also diversified supply chains to multiple sources and regions, while also improving communication either with select suppliers or across the value chain. This was done to secure back-up sourcing plans and mitigate risks from existing supply chain security.
Besides the China-U.S. trade war, climate-related disruptions were the other important factor spurring Western companies to consider reducing their dependency on China – as a market and as a supplier.
In the pursuit of “self-sufficiency” in 2022, some corporations in the automotive industry commenced working with chip makers to shrink their supply chains to either within their borders or their surrounding regions. After decades of globalization, reshoring (bringing manufacturing back home) and nearshoring (bringing production closer to home) of critical goods, such as semiconductors and medical equipment, are being advocated for by some corporations to reduce reliance on foreign supply chains and minimize exposure to fluctuating exchange rates and unstable currencies.
The other terminology is friendshoring or allyshoring (shifting manufacturing and sourcing toward allies or friendly countries) that US Treasury Secretary Janet Yellen pushed for at the Brussels Economic Forum in May 2022. In her speech at the forum, she commented, “I believe that we need to consider how to incentivize the friendshoring of supply chains to a greater number of trusted countries for a variety of products, so we can continue to securely extend market access, with lower risks to our economy, as well as to those of our trade partners.”
The trend to shift toward closer supply chains, with more corporations reshoring, nearshoring or friendshoring their supply chains, is likely to continue in 2023, as is the importance of managing supply chain risks with the aim of avoiding disruptions or threats to business operations even if there is some cost to bear. This is expected to remain a priority for corporate treasurers.
The focus on risk intelligence is also expected to increase in 2023, resulting in extended supply chain visibility becoming an area of investment and priority for corporate treasurers. More organizations than before may lean toward sophisticated tools and technology that can provide end-to-end visibility among their thousands of interconnected suppliers worldwide.
Corporate treasury may also witness increased collaboration with COOs and other supply chain leaders, as well as legal, compliance, sourcing, customer management and credit management, among other groups, to recognize supply risk triggers throughout the organization.
CTMfile article links (supply chain management):
- Automakers revamp supply chains amid rising car prices and global chip shortage
- CFOs rethinking outdated and inefficient supply chain models that excluded the 3Rs
- Deglobalization or evolving globalization? Corporations’ conundrum
To conclude, managing cybersecurity and supply chain vulnerabilities is at the heart of corporate treasurers’ risk management priorities. Looking back at 2022 through review of this article series will help you prepare for the potential vulnerabilities, threats and losses that can adversely affect your corporation’s capital, earnings, reputation, value and branding.
The only thing certain in business is uncertainty. We hope that reading content published on CTMfile throughout 2023 will help corporate treasurers strengthen the risk management function and do so effectively under uncertainty.
⃰ Disclosure: Strategic Treasurer owns CTMfile.
Read more from this series:
Part 1: Top 10 corporate treasury focus areas from 2022 that are expected to linger into 2023
Part 3: Top 10 corporate treasury focus areas from 2022 that are expected to linger into 2023
Like this item? Get our Weekly Update newsletter. Subscribe today