Looking Ahead to Key Issues at Sibos 2010

Since SIBOS 2009, there have been a few interesting initiatives that have helped with standardisation efforts in the ‘corporate transaction banking’ world, referring to all activities that a large company undertakes to facilitate paying, receiving and managing liquidity by ensuring that their transactions are safe, efficient and easy.

The initiatives that corporates are undertaking in this space include accounts payable (A/P) and accounts receivable (A/R) centralisation exercises. Centralising parts of A/P and A/R activities, such as payment initiation in shared service centres (SSCs), is commonly considered to be best practice. Additionally, these activities help to optimise cash and treasury management processes, as they are often combined with cash centralisation techniques such as cash pooling. At the same time, corporates are often rationalising their bank relationships and bank account structures.

Many corporates are working to facilitate these strategic exercises by investing in technology platforms that are meant to standardise A/P, A/R and cash management processes. These include enterprise resource planning (ERP) systems, treasury and cash management systems, and payment factories. The business case supporting these investments is based on optimisation of working capital, more efficient collection processes, visibility of payments and outgoing cash flows, and standardisation of connectivity to banks.

Bank connectivity can be standardised using solutions such as ‘SWIFT for Corporates’, an official SWIFT offering, or by adopting local multibank e-banking standards, such as EBICS in France and Germany. Having standard ‘pipes’ into banks is an important facilitator and in some cases even a driver of business cases, as the interfaces from the above mentioned systems are simplified and much cheaper than maintaining many different bank proprietary solutions. However, in spite of the advanced technical interfaces that are now available for bank connectivity, there continues to be challenges for corporates related to implementing standardised solutions across the multiple banks with which they do business. For this reason, I would like to expand on two issues: security and message formats.

When it comes to corporate transaction banking, there are a couple of recent developments for corporates to consider when they are looking to improve the security of payments transactions. One option that comes to mind in this space is the personal digital identity (PDI) initiative that SWIFT is launching. The initiative has resulted in a commercial product offering from SWIFT called 3SKey (SWIFT Secure Signature Key). In fact, there is a dedicated session on this topic at this year’s Sibos Corporate Forum.

The PDI initiative is about introducing an identity scheme that can be deployed across many banks. A typical requirement is that payments and payment files must be approved and signed by the mandated person within the corporate organisation. Banks have built e-banking solutions to accommodate this need by requiring mandated corporate representatives to sign the payment files with a personal digital signature. This allows the bank to verify the signature that is sent along with the payment file. It also allows the bank to validate the identity of the signer against the bank’s database of mandated persons for that particular corporate. This additional service offered by the bank is relevant as it protects the corporate and places an additional security layer in the payments chain.

The problem is that every bank has implemented different ways to put these digital signatures on payment files. Most banks are using public key infrastructure (PKI) but the way they have implemented this is different. The result is that the treasurer or controller of a corporation that is banking with multiple banks has a variety of security tokens to deal with and has to remember all the passwords to get to the certificates on these tokens.

The PDI initiative is meant to solve this problem. If adopted by banks, the result would be that by means of a single token the treasurer or other mandated representative can identify himself with multiple banks. He can use the same token to sign payment files and send the signature along with the payments to all banks that are supporting the PDI scheme. Without going into the scheme details, it offers great value, as it can help standardise the process of approving and signing transactions across banks. Additionally, the token is not limited for use within a SWIFT context – it can also be used as an internal authentication mechanism within the corporate payment factory or in the context of other applications and networks.

The second initiative that will impact progress in the corporate transaction banking space is the common global implementation (CGI) initiative. CGI consists of a group of banks, corporates and vendors and the goal of the initiative is to define implementation guidelines for various payment types using the ISO 20022 XML payment initiation messages (PAIN.001 for credit transfers, PAIN.002 for status reports and PAIN.008 for direct debits). These messages are standardised, but because these messages have the intent to cover all credit transfers and direct debit instruments, they cannot exist without implementation guidelines.

These guidelines define the rules that need to be adhered to in order to model out a specific payment instrument. Typically, the implementation guidelines are either payment instrument-specific (e.g. the single euro payments area (SEPA) Credit Transfer (SCT) implementation guidelines from the European Payments Council (EPC)), country-specific (e.g. the Febelfin implementation guidelines for the PAIN.001 message in Belgium) or, as in most cases, bank-specific (e.g. the UK automated clearing house (ACH) implementation guidelines for bank XYZ).

The CGI is intended to simplify the process for multinational corporates having to initiate multiple payment instruments in different countries (e.g. ACH in US, UK and SEPA area) and dealing with different cash management banks – so called ‘mixed payables’ implementations. Having implementation guidelines for various payment instruments that are adopted by multiple cash management banks is significant as the implementation will then be the same across these banks. It will require an investment to become compliant with the CGI guidelines, but once adopted it should become more of a ‘plug and play’ approach to send payment instructions to banks supporting CGI – compared to country-specific and in most cases bank-specific implementations.

The two above mentioned initiatives – PDI and CGI – will no doubt facilitate global implementations of payment factories. Therefore, you should ask your existing or prospective payment factory vendor what their plans are in these two areas. These initiatives are two examples of standardisation that are not so much drivers, but rather facilitators of the real business case, which is reducing costs by centralising the payments process across various entities and business units in SSCs. In turn, this leads to enhanced visibility of cashflow, improved cash forecasting and optimised liquidity management.

To learn more about SunGard, please visit their gtnews microsite.


Related reading