Cyber security in corporate treasury

As digitalization advances, cybersecurity has grown in importance in all areas of corporate management, including corporate treasury. Given its central role in financial management and the processing of sensitive financial transactions, cyber criminals are particularly focused on the treasury department. This article explores the potential cyberthreats faced by corporate treasury, especially in payment transactions and data security, and looks into the requirements for treasury management systems (TMS) to improve cyber security. It will also examine how artificial intelligence (AI) can help to strengthen the security architecture in corporate treasury.

We were prompted to write this article by the fact that the threat of cyberattacks in the financial sector and other sectors of the economy has continued to increase significantly in recent years, both with regard to quantity and quality. It is estimated that the annual damage caused by cybercrime to the German economy amounts to around 206 billion euros. Remarkably, a growing proportion of these attacks are being carried out by organized crime, with 61% of affected companies attributing the attacks to such criminals.¹ They use a wide range of techniques, including phishing, password attacks and ransomware, with the use of artificial intelligence further increasing the efficiency and accuracy of these attacks. At the same time, companies' risk assessment has increased. Yet despite awareness of the dangers and the increasing number of attacks, many companies do not feel adequately prepared. And the situation is becoming even more explosive given that considerable investments are being made in IT security. In its status report in 2022, for example, the German Federal Office for Information Security stated that around EUR 7.8 billion was invested in cybersecurity.²

In the following, we look at typical corporate treasury areas that are at risk from cybercrime. These are just a few examples, of which there are many more.

1. Payment transactions:
   When it comes to payment transactions, there are many risks facing companies, among them phishing attacks, AI-supported identity theft and malware infections. Each of these risks has the potential to directly threaten payment processes.
   Yet another often underestimated risk arises when a company is subject to a cyberattack, and it doesn't even have to be the treasury department that is directly attacked. This could force the IT department to preemptively shut down systems and interfaces to contain the attack, with unintended consequences for the treasury department. And without access to critical systems, it becomes difficult to transmit payment orders to banks. Also, keeping track of which payments are due quickly becomes a major challenge without an IT infrastructure.
   Alongside protecting against immediate attacks through common security measures such as encryption and two-factor authentication, it would therefore make sense to have contingency plans in place. They should ensure that the IT department can support the company's solvency in the event of an emergency. While it may be logical, it is sometimes easy to overlook the extent of the chaos and IT workload in the event of a serious attack.
2. Data security:
   When it comes to cybersecurity in corporate treasury, another important topic is data security. Within corporate treasury, companies manage a large amount of sensitive data, such as bank and financial data, customer information and business secrets. This data must be protected from unauthorized access so as to ensure the integrity and confidentiality of the data. Among the biggest threats to data security are hacker attacks, where fraudsters attempt to penetrate the company's network and steal confidential data. Securing sensitive financial data is another key challenge. Data leaks may be caused by external attacks, but also by internal vulnerabilities such as inadequate access controls or human error. The ramifications are not only financial, but also involve the loss of business secrets and trust of customers and suppliers. Some examples include bank data, internal financial information and transaction information.
3. Fraud Management: 
   Yet another important topic within the area of cybersecurity in corporate treasury is fraud management. In recent years, fraud attempts have increased as sophisticated techniques are being used. Criminals often try to defraud companies through corporate treasury by submitting fake invoices or payment orders. There have also been reported cases where criminals have infiltrated companies. When it comes to protecting against these threats, it is critical that corporate treasuries secure their processes and systems.
   One way of doing this is to implement control mechanisms to ensure that payments are only made to authorized recipients. Also, checking invoices and payment instructions for any irregularities can help to prevent fraud. In many cases, attempts are made to circumvent controls by making recurring payments in small amounts and to operate under the control radar. In doing so, fraudsters exploit not only technical but also social vulnerabilities. A good example of this is CEO fraud, in which employees are tricked into making transfers using fake instructions from supposedly higher-ranking individuals. 

The treasurer plays a key role in ensuring cybersecurity within the organization. Steps include developing and implementing security policies and procedures, investing in advanced technologies and training employees. 

It is essential that companies promote a culture of security in corporate treasury. Part of this includes, for example, raising employee awareness of the importance of cybersecurity and establishing policies and procedures to secure data and systems.

In choosing treasury management systems (TMS), treasurers should ensure that these systems have advanced security features. A state-of-the-art TMS should also be able to integrate seamlessly with other security systems to create a comprehensive security network. Key requirements to consider when selecting a TMS include the following:

1. Multi-layered security architectures: These include firewalls, encryption techniques, two-factor authentication and regular security updates.
2. Real-time monitoring and analysis: Being able to monitor and analyze transactions in real time is critical to detecting suspicious activity early.
3. User management and access control: Maintaining strong access controls and managing user permissions helps minimize the risk of internal threats.
4. Compliance and reporting: A TMS must facilitate compliance with relevant standards and regulations and have effective reporting capabilities.

Apart from the above-mentioned TMS functions, AI models can make a valuable contribution to strengthening cyber security in corporate treasury.

By integrating artificial intelligence (AI) into the corporate treasury's cybersecurity strategy, it is possible to develop innovative ways to protect against a wide range of cyberthreats. Below is a detailed look at how AI can help strengthen cybersecurity:

1. Detecting anomalies: AI systems are capable of continuously analyzing large amounts of transaction data to detect patterns and identify anomalies that indicate potential fraud or cyberattacks. Through learning from historical data, AI models are able to distinguish normal from suspicious activity, even if it appears inconspicuous on the surface. As a result, it is possible to react quickly to potential threats, often before damage has occurred.
2. Predictive analytics: By leveraging predictive analytics, AI systems can anticipate future risks based on trends and patterns in the data collected. These include predicting fraud attempts, cyberattacks and other security breaches. Such predictions will allow treasury teams to take preventative action to minimize risks before they materialize.
3. Automating security checks: AI can be deployed to automate routine security reviews, increasing efficiency and reducing human error. Typical examples include automatically checking for software updates and security patches, monitoring network traffic for unusual patterns and performing vulnerability assessments. Automating such tasks frees up the IT security team so they can focus on more complex security challenges.
4. Improved response times: AI-supported systems can automatically initiate predefined defensive measures in the event of a detected security incident with a view to limiting the damage. These measures include isolating affected systems, blocking suspicious IP addresses and creating backup copies of important data. Being able to respond immediately greatly reduces the impact of cyberattacks and can, in some cases, outright neutralize the attack before it can spread.
5. Adaptability and learning: One of the standout features of AI systems is their ability to learn and adapt. Given that cyberthreats are constantly evolving, having a security system capable of learning from new attack methods and adapting its defenses accordingly is critical. AI models undergo continuous retraining with new data, which improves their effectiveness over time.

Incorporating AI into corporate treasury's cybersecurity measures will not only enable it to effectively combat current threats, but also proactively prepare for future risks. Pairing human expertise with the power of AI allows companies to build a robust security network that can cope with the ever-changing landscape of cyberthreats.

Driven by digitalization and the increasing professionalization of cybercriminals, the importance of cybersecurity in corporate treasury is steadily increasing. As a result, treasury departments are facing major challenges that require comprehensive risk management, data security and effective fraud management. As such, the treasurer plays a central role in devising and implementing security strategies, including the choice of treasury management systems with advanced security features and the promotion of employee education.

Embracing AI technologies such as anomaly detection, predictive analytics and automated security checks promises to significantly strengthen cybersecurity measures. Such tools make it possible to proactively identify and combat current and future threats.

Effective protection against cyberthreats requires dynamic and adaptable defense strategies, continuous employee training and awareness, and close collaboration between treasury, IT security and external partners.

The future of cybersecurity in corporate treasury hinges on the ability to adapt quickly to new threats, implement innovative security technologies and establish a strong security culture within the company.

Source: KPMG Corporate Treasury News, Edition 141, March 2024
Authors:
Börries Többens, Partner, Finance and Treasury Management, Corporate Treasury Advisory, KPMG AG
Nils Bentzien, Manager, Finance and Treasury Management, Corporate Treasury Advisory, KPMG AG
___________________________________________________________________________________________________________

¹ www.forschung-und-wissen.de/nachrichten/oekonomie/gezielte-cyberattacken-auf-deutsche-wirtschaft-13378487
² www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2023.pdf?__blob=publicationFile&v=8