As children, many of us were afraid of the dark; fearful of monsters, ghosts and ‘things that go bump in the night’. Once we reach a certain age, however, most of us grow out of it. Yet for treasurers is this complacency misplaced: if they lack visibility over their cash and risk, what might lurk in the darkness?
Treasury has been through several dramatic years. The 2008-09 global financial crisis was a catalyst for many treasurers to take on greater responsibilities and raise their profile. At the same time, continuing globalisation is extending treasurers’ liquidity and risk horizons more widely than ever. As the evolution of each company has differed, so too has the role of the treasury function. In many cases, this redefinition of treasury processes has been an organic process, making the line between treasurers’ and business units’ responsibilities unclear.
While this would appear to be less immediate an issue for companies with an entirely centralised treasury organization, there is no room for complacency – particularly if, as is often the case, some payment and collection activities take place locally. If treasury defines bank account management policies, for example, who is at fault if the signatories on a local payment, collection or tax account are found to be out-of-date or fraudulent?
Similarly, how is treasury enforcing common standards in payment and collection workflows and security requirements? Treasury might have an oversight role rather than operational responsibility for some activities, such as payment factories, but this involves a degree of accountability. Treasurers may not be able to meet the challenge with confidence, unless they have a detailed view and the ability to enforce secure and robust workflows, data transformation, exception management and reporting.
Without a clear operating model and defined responsibilities, tasks and obligations can fall through the gap between central or regional treasury and local business units, with errors, fraud and unidentified exposures missed. This is not a theoretical risk. According to KPMG’s 2011 report ‘Who is the typical fraudster?’, the answer is an individual who is male, aged between 36 and 45, works in a finance-related role, has been with the company for over 10 years and commits fraud against his own employer. In other words, exactly the sort of person who is typically relied upon to prevent fraud in the first place.
Given that financial and operational integrity is crucial to their reputation, both internally and externally, losses or embarrassments can severely damage the trust that many treasurers have developed among their internal and external stakeholders. “We didn’t know” or “it’s outside our remit” are unlikely to be credible excuses when the board, investors and (often) the media ask what happened.
Muddying the waters
It is not only activities beyond treasury’s direct control that can be murky. Even among treasuries with a high degree of cash and treasury centralisation – and therefore a high proportion of accounts controlled by treasury – it is often difficult for treasurers to collect and collate timely, accurate information from banks in a consistent fashion. In certain cases, although becoming more infrequent, banks cannot produce statements electronically. More often, companies that work with a large number of banks (or sometimes branches of the same bank) need to access multiple proprietary electronic banking systems, each of which has its own security protocols, authentication devices and file formats.
Information then needs to be mapped into the treasury management system (TMS) to provide treasurers with a view of global cash. For users of TMSs installed on-site or managed internally, this can create significant resource overheads, particularly as interfaces need to be maintained as each system is upgraded. While using SWIFT to communicate with multiple banks through a single channel can help, not every bank or bank branch is connected to SWIFT, and the cost benefit may be insufficient for some companies.
Even in companies with a highly centralised treasury function, there are often accounts managed at a business unit level, such as for local payments, collections and for regulatory reasons (for example for tax, customs and other government payments) over which treasury has no visibility or control. Among less centralised treasury functions, treasurers still need to maintain the same degree of visibility over cash and risk as their more centralised peers, get accurate global reporting or monitor risk limits, even if they do not control this cash. In these cases, the difficulty is that treasury is one step removed from the process of gathering this information. Electronic banking systems are typically maintained locally, so treasury is reliant on finance teams to send information to treasury.
Where in the world?
The value of cash held in these accounts can be substantial, leading to significant currency and credit risks, but treasurers tend to be more concerned about countries where cash is ‘trapped’ as a result of capital or currency controls, and more relaxed about accounts in ‘established’ economies.
In reality, some of the most volatile tradable currency pairs are G7 currencies, such as sterling-US dollar (GBP-USD), euro-yen (EUR-JPY) and GBP-JPY. The Russian ruble (RUB) lost 40% of its value against USD in 2014, while the Ukrainian hryvnia (UAH), Belorussian ruble (BYR) and Brazilian real (BRL) lost more than 20% over the first three quarters of 2015.
The EUR has seen a steady decline, while Sweden’s, Norway’s and the UK‘s currencies that rely on oil production as a large part of their economy are down by nearly 10% in 2015 alone. The potential for significant erosion of value therefore means treasurers cannot afford to be complacent about monitoring balances, and taking remedial action where possible, wherever in the world these balances are located, and in whatever currency.
While currency risk is one issue, there are further considerations. Cash outside treasurers’ line of sight cannot be used for group liquidity purposes, potentially raising borrowing costs. This may not seem a major issue during a period of strong liquidity, but for businesses operating with tight margins, it can have significant competitive implications and raise questions amongst shareholders, debt holders and rating agencies. Furthermore, this cash may be either left in current accounts or invested in instruments or counterparties that fall outside treasury investment policies, leading to unidentified counterparty risks, and the potential for loss of capital as well as sub-optimal returns on cash.
Light and shadows
Treasury centralisation, with the use of common technology across both treasury centres and participating business units for the management of all accounts and financial transactions is a logical response to these challenges. The benefits of this approach are increased further if the technology is cloud-based, therefore transferring responsibility for maintaining bank communications and interfaces with other internal systems to the vendor. Liquidity management structures such as cash pooling, most commonly physical cash pooling (such as zero balancing) but also notional pooling also play an important role in reducing the amount of cash under the corporate sofa.
These solutions are not a panacea, however, for two key reasons: firstly, the process of centralisation is rarely a one-off event. For example, business restructuring, mergers and acquisitions (M&As) create new entities that need to be integrated quickly and efficiently into group treasury from both an operational/oversight and liquidity management perspective, with the period before full migration often presenting the greatest risk.
Secondly, treasury’s mandate for centralisation can differ between enterprises. In some organisations, treasury has a mandate from senior management to enforce centralised control over cash, treasury and risk management activities. In others, business units have the ability but not the obligation to hand over cash and responsibility to treasury. Treasury therefore has to fight far harder for corporate cash, and convince local finance teams of the operational, liquidity and risk benefits that centralising cash and risk in treasury offers. At Fintech’s recent Cash and Liquidity Optimisation conference in London, one panellist noted that more than 30% of their time was spent on this internal sales process, and that every new centralisation process led to surprises – many unwelcome – about the cash balances, processes and risks that had been held locally.
Keeping out of the spotlight
Treasury is tasked to manage liquidity and risk, including market, credit or operational risks, but fulfilling this obligation is impossible without clear visibility over cash and exposures on one hand, and operational processes on the other. A clear organisational model and mandate is an important first step in achieving this visibility, but bank and account models, liquidity structures, treasury management technology and corporate culture all play a vital role.
Risks that are currently invisible to treasury will be exposed at some stage, and the moral of the Volkswagen emissions story is that it will happen far too late. Could treasury be involved in a scandal of comparable proportions? Environmentally and reputationally among consumers, probably not. In terms of the impact on the company’s share price, and damage to trust amongst shareholders, debtholders, credit rating agencies and the board, absolutely.
Europe’s introduction of the General Data Protection Regulation (GDPR) next May will have implications for businesses around the world and US corporates should start getting ready if they haven’t already done so.
The recent NotPetya cyberattack underlined the need for organisations to address their exposure and how to mitigate the risk.
As anticipated, US organisations exited prime money market funds en masse following last year’s SEC reforms. AFP’s latest Liquidity Survey indicates what it will take to encourage them back.
Accidental data breaches are causing almost as much concern as the steady rise in ransomware attacks, reports insurer Beazley.