1. Leveraging Treasury Technology to improve Fraud Prevention Bob Stark - Kyriba Melissa Cameron - Deloitte & Touche LLP

2. 2014 Kyriba Corporation. All rights reserved. | PROPRIETARY & CONFIDENTIAL 2 Todays speakers Melissa Cameron Principal, Deloitte & Touche LLP Melissa founded Deloittes U.S. Treasury practice, which she started in 2004. Deloittes U.S. treasury practice is now a team nearing 100. During her years in the U.S., Melissa has led a broad range of projects including fraud, M&A, global treasury transformation, treasury system (strategy, selection and implementations), global liquidity structuring including repatriation, in-house banking, cash pooling and cash forecasting, and foreign exchange and debt / capital markets matters. Bob Stark VP Strategy, Kyriba Corporation Mr. Stark is responsible for global product strategy and market development at Kyriba. He is a 16-year veteran in the treasury technology industry, having served in multiple roles at Wall Street Systems, Thomson Reuters, and Selkirk Financial Technologies including product management and strategy. He is a regular guest speaker at treasury conferences and an active member of the Association for Financial Professionals. 3. 2014 Kyriba Corporation. All rights reserved. PROPORIETARY & CONFIDENTIAL 3 Fraud is a driving concern 60% of organizations have experienced attempted or actual payments fraud1 20% of corporates report fraud committed by employees2 Check fraud makes up 82% of corporate payments fraud3 Corporate financial fraud cases increased 72% from 2005-20124 Companies hit by financial fraud lose average of 22% of enterprise value5 Sources: (1, 2, 3) AFP, 2014; (4) FBI, 2012; (5) GMU Ratings, 2013 4. 2014 Deloitte Development LLP. All rights reserved. | PROPRIETARY & CONFIDENTIAL 4 Primary Treasury Fraud Types Except for the very largest Treasury organizations, MNC treasury generally lacks formal front, middle and back offices, heightening the risk of collusion or coercion. Trader initiates a trade to non standard account settlement, confirms, may set up wire Tear up of a trade exploits a manual process and settlement Trader accepts a sub-optimal rate for kick- back Setting up fictitious vendors, purchase orders and then making payments Cash kiting of cash in transit within the company before illegal diversion of funds Infrequent reconciliation allows time for fraud to be extended Process Examples May Involve Cash Management Treasury Operations Accounting Debt Investments Back office Accounts Payable Cash Management Accounting Cash Management Directs proceeds to a non-authorized account Frequently small bank charges hitting company accounts are not reconciled due to size. Directs investment or borrowing proceeds to a non-authorized account FX Cash Management Accounting Accounts Payable Investments / Borrowings Cash Management FX 5. 2014 Deloitte Development LLP. All rights reserved. | PROPRIETARY & CONFIDENTIAL 5 Root Causes for Treasury Fraud Process Concerns Front and middle office having access to funds transfer processing Lack of awareness of heightened risks around items such as: - Tear up of trades (manual overrides) - Not using standard settlement instructions - Infrequent reconciliations - Need for segregation of duties as well as dual control - Questionable custodial practices by some providers - Unexplained transfers only over a certain amount are investigated - Inaccurate record of bank accounts Organization and systems constraints Business siloes prevent a holistic view of funds transfer risks, allowing fraudsters to operate in the hand-offs between units Fragmented systems landscape which may be undefined internally Lack of understanding of system entitlements Over-entitlements to systems landscape, breaking desired controls (especially when processes cross multiple systems) 6. 2014 Deloitte Development LLP. All rights reserved. | PROPRIETARY & CONFIDENTIAL 6 How would you react if you got this call? Case Study Client was tipped off that a large sum may fraudulently leave the company within 2-14 days The tip off indicated collusion and a possible region where the fraud would occur Deloitte provided a SWAT team of treasury, forensic analytics and security professionals to undertake the following: Report findings and remediation plan Walk-throughs of treasury processes to assess completeness and prioritization of fraud risks Identify systems landscape and vulnerabilities Ran fraud scenarios Recommendations to strengthen the control environment during investigation Situational analysis Identify system landscape Fraud Analytics Strengthen controls Report and remediate 7. 2014 Deloitte Development LLP. All rights reserved. | PROPRIETARY & CONFIDENTIAL 7 Key Findings System and Infrastructure System users were over-entitled Unable to identify capabilities of user entitlements Systems entitlements were granted at the systems level not understanding the ramifications of providing access across front, middle and back office systems or functions Systems administrators often users of the same systems No detective analytics to identify changes to system rights 3rd party FX systems allowed for an executor of a trade to confirm his own trade due to a system deficiency Server security was weak Payment files were altered once they had left the ERP, before these transactions entered the banking system Business and Process Firm relied heavily on dual control with insufficient segregation of duties heightening risks of collusion Some staff were able to reconcile their own actions Incomplete record of company and custodial bank accounts Custodial relationships varied globally, as did the infrastructure these 3rd parties had to monitor and report client balances Fraud risk was heightened by the use of fax, email and phone instruction combined with weak reporting Accounting and reconciliation performed monthly or quarterly, creating time windows for fraud to remain undetected 8. 2014 Deloitte Development LLP. All rights reserved. | PROPRIETARY & CONFIDENTIAL 8 Funds Transfer within an Enterprise Fraud Program Procedures Playbooks Policies Enterprise strategy that defines corporate standards including the anti-fraud function role, anti-fraud program objectives and establishes going-forward strategic roadmap. Anti-Fraud operations and oversight structure with well defined roles and responsibilities to manage risks pertinent to the anti-fraud lifecycle. Assessments are continuously performed including the use fraud analytics, surveillance and process assessments. Metrics and reports that provide a comprehensive view of enterprise fraud risk to the relevant stakeholders across the organization. Tools and technology that drive commonalities in the anti-fraud management process, and support data accuracy, availability and timeliness. Coordinated communication channels and programs to educate stakeholders of responsibilities at all stages of the anti-fraud lifecycle. Policies, procedures and playbooks define activities across the lifecycle and integration points between functions to drive for consistency and quality in program activities. Playbooks for high risk areas are developed to accelerate response and limit losses. 9. 2014 Deloitte Development LLP. All rights reserved. | PROPRIETARY & CONFIDENTIAL 9 Assessments build momentum for holistic programs Performing an assessment of funds transfer risks provides a path for addressing key risks and strengthening the control environment and reducing losses: Having assessed risks, establish fraud risk profiles, along with mitigating controls. Socialize with business leaders and align on greatest threats Considers business sponsorship, process, technology, organizational and budgeting requirements Analyze the current state of the funds transfer control environment Assist in responding to potential occurrences of fraud within the business. Use findings to fine-tune prevention and detection controls Establish continuous monitoring activities and ongoing review activities to alert management of potential fraud; incorporate findings into on-going fraud risk assessment processes Execute remediation plan including the new preventative and detective controls that will be implemented 10. 2014 Kyriba Corporation. All rights reserved. | PROPRIETARY & CONFIDENTIAL 10 Technology Tips and Tricks to Prevent Fraud Treasury technology can help prevent fraud 1) Improved application security 2) Better data controls 3) Improved treasury controls 11. 2014 Kyriba Corporation. All rights reserved. | PROPRIETARY & CONFIDENTIAL 11 Fraud Prevention Opportunities Technology can improve Application Security (password controls) Data Security (move away from internal hosting) Bank account control Daily Bank Monitoring Payments Payment approvals Digital Signatures Trading 12. 2014 Kyriba Corporation. All rights reserved. | PROPRIETARY & CONFIDENTIAL 12 Fraud Prevention Opportunities Application Security Weak passwords are the easiest entry point to hack a software solution and access data Kyriba offers strong password controls, such as: Password timeouts, resets, history, alphanumeric requirements Virtual Keypad Two-factor authentication (SMS or Yubikey) These controls may eliminate fraud and are stronger than other solutions: ASP or installed 13. 2014 Kyriba Corporation. All rights reserved. | PROPRIETARY & CONFIDENTIAL 13 Fraud Prevention Opportunities Data Security Treasury data may be safer when hosted with Kyriba than within a companys internal servers (according to IT) 80% of treasury professionals have violated internal procedures by being in the server room where internal treasury data is hosted 90% of data fraud is internal or socially engineered Between external hosting & strong password controls, treasury data may be safer 14. 2014 Kyriba Corporation. All rights reserved. | PROPRIETARY & CONFIDENTIAL 14 Fraud Prevention Opportunities Data Security Treasury systems offer numerous safeguards: Encryption of all data in transit between systems, especially externally Hosting within SOC1 certified data centers that feature 24/7 security, biometric access Separation of duties & other policy driven protections to restrict access to hosting infrastructure and client data Numerous firewalls to protect externally and between tiers Scheduled penetration testing by industry leading providers 15. 2014 Kyriba Corporation. All rights reserved. | PROPRIETARY & CONFIDENTIAL 15 Fraud Prevention Opportunities Identifying Fraudulent Transactions Daily monitoring of balances and transactions will find suspicious/fraudulent transactions: Daily bank reporting will proactively find blips on the radar; especially via use of dashboards and automated reporting Daily cash positioning forces variances of bank transactions Monthly accounting reconciliation offers same ability, but another checkpoint (and perhaps more centralized check) 16. 2014 Kyriba Corporation. All rights reserved. | PROPRIETARY & CONFIDENTIAL 16 Fraud Prevention Opportunities Control of Bank Accounts As organizations expand/decentralize, easy to lose control of accounts, signatoriesand management of $$$$$ Treasury technology can offer process control: Visibility into global accounts (centralized repository, single system of record) Systematic tracking of authorized signers in a central database (documentation of all account-employee relationships) Structured workflows that require all bank account activity to be tracked and approved in a single system (will be even easier with eBAM) 17. 2014 Kyriba Corporation. All rights reserved. | PROPRIETARY & CONFIDENTIAL 17 Fraud Prevention Opportunities Payments Approvals Separation of duties and application of limits are key Implement multiple levels of controls and ensure approvals align with dollar limits Most effective when entire workflow (i.e. paper trail) is within treasurys control (benefit over using bank portals to send payments) Apply digital signatures (e.g. SWIFT 3SKey) to authenticate exported payment files 18. 2014 Kyriba Corporation. All rights reserved. | PROPRIETARY & CONFIDENTIAL 18 Fraud Prevention Opportunities Trading More of an enforcement, than prevention Trade has already happened by the time it hits treasury system Use of approvals and limits will help enforce the right behavior Even if you shouldnt have done it, you still have to approve it after Also tracking multiple bids per trade is helpful to ensure right bid was selected Also necessary for Dodd-Frank (for the exact same reason) 19. 2014 Kyriba Corporation. All rights reserved. | PROPRIETARY & CONFIDENTIAL 19 Fraud Prevention Opportunities In summary, technology can improve Application Security (password controls) Data Security (move away from internal hosting) Bank account control Daily Bank Monitoring Payments Payment approvals Digital Signatures Trading 20. 2014 Deloitte Development LLP. All rights reserved. | PROPRIETARY & CONFIDENTIAL 20 The Deloitte Value Proposition National U.S. treasury practice of 100 dedicated professionals primarily recruited from global financial services, large multinational and leading treasury system vendors Access to other specialist areas to complement the targeted scope Ability to structure the engagement to focus on the highest areas of fraud Fraud skills across all elements of need to identify and remediate treasury fraud, leveraging the broader domestic and global member firms Practical and timely observations and recommendations during our work Fast paced team that acts with urgency Able to both assess and assist in managements remediation efforts Funds Transfer fraud comes in multiple dimensions, as does our emphasis and teaming approach: 21. 2014 Kyriba Corporation. All rights reserved. PROPORIETARY & CONFIDENTIAL 21 Additional Resources NEW! White Paper: Leveraging Treasury Technology in the War against Fraud Download our white paper at this LINK>> 22. 2014 Kyriba Corporation. All rights reserved. | PROPRIETARY & CONFIDENTIAL 22 Additional Resources Webinar recording is available on our website under http://kyri.ba/1jKLlms CTP/CCM AFP accreditation information will be sent out to the attendees of the full session no later than April 15th, 2014. 23. 2014 Kyriba Corporation. All rights reserved. PROPORIETARY & CONFIDENTIAL 23 Thank You For Participating Kyriba: treasury@kyriba.com twitter.com/kyribacorp kyriba.com linkedin.com/company/kyriba-corporation kyriba.com/blog Deloitte: Melissa Cameron Principal Deloitte & Touche LLP San Francisco, CA mcameron@deloitte.com 24. Thank You for Viewing Our Webinar!