Cyber Security in the Corporate Treasury

In the age of digitalisation, cyber security has taken on a central role in all areas of corporate management, including corporate treasury. Due to its central role in financial management and the processing of sensitive financial transactions, the treasury area is a particular focus of cyber criminals. This article examines the specific cyber threat potential in corporate treasury, particularly in payment transactions and data security, and discusses the requirements for treasury management systems (TMS) to increase cyber security. It also examines how artificial intelligence (AI) can help to strengthen the security architecture in corporate treasury.

The reason for this article is that the threat of cyber attacks in the financial sector and other sectors of the economy has continued to increase significantly in recent years, both in terms of quantity and quality. The annual damage caused to the German economy by cybercrime is estimated at around 206 billion euros. The increasing proportion of organised crime in these attacks is remarkable, with 61% of the companies affected attributing the attacks to such criminals.¹ Cybercriminals are using a wide range of techniques, including phishing, password attacks and ransomware, with the use of artificial intelligence further increasing the efficiency and accuracy of these attacks. The risk assessment of companies has increased in parallel. Despite being aware of the dangers and the increasing number of attacks, many companies do not feel sufficiently prepared. The situation becomes even more explosive when you consider that considerable investments are being made in IT security. For example, according to the Federal Office for Information Security in its management report, around €7.8 billion was invested in cyber security in 2022².

In the following, we look at typical areas in corporate treasury that pose a risk to corporate treasury as a result of cybercrime. These are to be understood as examples, of which there are many more.

1. Payment transactions:
   In payments, organisations face a variety of threats, including phishing attacks, AI-powered identity theft and malware infections. These risks can directly threaten payment transaction processes. Another often underestimated risk arises when a company is subject to a cyberattack, and it doesn't even have to be the treasury department that is directly attacked. In such cases, the IT department may be forced to preemptively shut down systems and interfaces to contain the attack, with unintended consequences for the treasury department. Without access to critical systems, it becomes difficult to transmit payment orders to banks. Gathering information about which payments are due in the first place also quickly becomes a major challenge without an IT infrastructure. In addition to protecting against immediate attacks through common security measures such as encryption and two-factor authentication, it therefore makes sense to have contingency plans in place. These plans should ensure that the IT department can support the company's solvency even in an emergency. Even if it is logical, it is sometimes simply overlooked how great the chaos and the capacity utilisation of IT is in a serious attack.
2. Data security:
   Another important topic in the area of cyber security in corporate treasury is data security. Companies in corporate treasury manage a large amount of sensitive data, such as bank and financial data, customer information and business secrets. This data must be protected from unauthorised access in order to ensure the integrity and confidentiality of the data. One of the biggest threats to data security is hacker attacks, where fraudsters attempt to infiltrate the organisation's network and steal confidential data. The security of sensitive financial data is another key challenge. Data leaks can be caused by external attacks, but also by internal vulnerabilities such as inadequate access controls or human error. The consequences are not only of a financial nature, but also concern the loss of business secrets and trust in customers and suppliers. Examples include bank data, internal financial information and transaction information.
3. Fraud Management:
   Another important topic in the area of cyber security in corporate treasury is fraud management. Fraud attempts have increased in recent years through the use of sophisticated techniques. Fraudsters often try to defraud companies in corporate treasury by submitting fake invoices or payment orders. Cases of corporate infiltration by criminals have also been reported. To protect themselves against these threats, it is important that companies in corporate treasury secure their processes and systems.
   This includes, for example, implementing control mechanisms to ensure that payments are only made to authorised recipients. Checking invoices and payment instructions for irregularities can also help to prevent fraud. Attempts are often made to circumvent controls by making recurring payments in small amounts and to operate under the control radar. Fraudsters exploit not only technical but also social vulnerabilities. One example of this is CEO fraud, in which employees are tricked into making transfers using fake instructions from supposedly higher-ranking individuals.

The treasurer plays a key role in ensuring cyber security within the organisation. Measures include developing and implementing security policies and procedures, investing in advanced technologies and training employees.

It is important that companies promote a culture of security in corporate treasury. This includes, for example, sensitising employees to the importance of cyber security and setting up guidelines and procedures to secure data and systems.

When selecting treasury management systems (TMS), treasurers should ensure that these systems have advanced security features. A modern TMS should also be able to integrate seamlessly with other security systems to create a comprehensive security network. The following requirements are of particular importance when selecting a TMS:

1. Multi-layered security architectures:
   This includes firewalls, encryption techniques, two-factor authentication and regular security updates.
2. Real-time monitoring and analysis:
   The ability to monitor and analyse transactions in real time is critical to detecting suspicious activity early.
3. User management and access control:
   Strong access controls and user permission management help to minimise the risk of internal threats.
4. Compliance and reporting:
   A TMS must support compliance with relevant standards and regulations and have effective reporting functions.

In addition to the TMS functions mentioned above, AI models can make a valuable contribution to strengthening cyber security in corporate treasury.

The integration of artificial intelligence (AI) into corporate treasury's cybersecurity strategy offers innovative ways to defend against a wide range of cyber threats. The following points examine in detail how AI can help strengthen cyber security:

1. Anomaly detection:
   AI systems can continuously analyse large volumes of transaction data to detect patterns and identify anomalies that indicate potential fraud or cyberattacks. By learning from historical data, AI models are able to distinguish normal from suspicious activities, even if they appear inconspicuous at first glance. This enables a rapid response to potential threats, often before damage can occur.
2. Predictive analytics:
   By utilising predictive analytics, AI systems can predict future risks based on trends and patterns in the data collected. This includes predicting fraud attempts, cyber-attacks and other security breaches. Such predictions enable treasury teams to take preventative action to minimise risks before they materialise.
3. Automation of security checks:
   AI can be used to automate routine security checks, increasing efficiency and reducing human error. This includes automatically checking for software updates and security patches, monitoring network traffic for unusual patterns and performing vulnerability analyses. Automating such tasks frees up the IT security team to focus on more complex security challenges.
4. Improved response times:
   In the event of a detected security incident, AI-supported systems can automatically initiate predefined defence measures to limit the damage. This includes isolating affected systems, blocking suspicious IP addresses and creating backup copies of important data. The ability to respond immediately significantly reduces the impact of cyber attacks and in some cases can completely neutralise the attack before it can spread.
5. Adaptability and learning:
   An outstanding feature of AI systems is their ability to learn and adapt. As cyber threats are constantly evolving, the ability of a security system to learn from new attack methods and adapt its defences accordingly is critical. AI models are continuously trained with new data, which improves their effectiveness over time.

The integration of AI into corporate treasury cyber security measures therefore not only enables companies to effectively combat current threats, but also to proactively prepare for future risks. By combining human expertise with the power of AI, companies can build a robust security network that can cope with the ever-changing landscape of cyber threats.

The importance of cyber security in corporate treasury is constantly increasing, driven by digitalisation and the increasing professionalisation of cyber criminals. This development presents treasury departments with major challenges that require comprehensive risk management, data security and effective fraud management. The treasurer plays a central role in the development and implementation of security strategies, including the selection of treasury management systems with advanced security features and the promotion of employee education.

The integration of AI technologies such as anomaly detection, predictive analytics and automated security checks promises to significantly strengthen cyber security measures. These tools make it possible to proactively identify and combat current and future threats.

Effective protection against cyber threats requires dynamic and adaptable defence strategies, continuous training and awareness-raising for employees and close cooperation between the treasury, IT security and external partners.

The future of cyber security in corporate treasury depends largely on the ability to adapt quickly to new threats, implement innovative security technologies and establish a strong security culture within the organisation.

Those: KPMG Corporate Treasury News, Ausgabe 141, März 2024
Authors:
Börries Többens, Partner, Finance and Treasury Management, Corporate Treasury Advisory, KPMG AG
Nils Bentzien, Manager, Finance and Treasury Management, Corporate Treasury Advisory, KPMG AG

___________________________________________________________________________________________________________

¹ www.forschung-und-wissen.de/nachrichten/oekonomie/gezielte-cyberattacken-auf-deutsche-wirtschaft-13378487
² www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2023.pdf?__blob=publicationFile&v=8