Digital Finance Lab: Managing (new) risks, a major challenge for CFOs
October 9, 2020
The Digital Finance Lab is an idea laboratory, a confidential and restricted space for sharing experiences, visions and convictions between peers. During the Digital Finance Lab, discussions focused on the management of new risks for CFOs. They constitute the greatest challenges.
Covid-19 exacerbates risks
The Covid-19 crisis has raised new risks by putting a sudden and unexpected halt to the activity of many companies.
The first one obviously affects cash. This is why, in response to cash flow problems, the government has set up the PGE (state-guaranteed loan). Out of necessity, anticipation or precaution, more than 560,000 companies have made use of it. Some have been unsuccessful despite their good financial health. Several banks have in fact excluded companies under LBO or at least those accompanied by investment funds from the scheme.
In any case, the takeover does not mean that the risks have been absorbed. Uncertainty remains about the level and strength of activity. While some companies have been pleasantly surprised by the strength of the recovery, the rebound is often not sufficient to make up for the months of inactivity.
Going forward, at least until at least mid-2021 while waiting to see what happens – companies will probably have to live with higher gross debt and a higher level of cash flow as a precautionary measure. The question is how companies will anticipate the exit from the EMP. A number of issues are in fact postponed until next year, when the time comes to repay or renegotiate these loans. Are companies equipped to bounce back and provide themselves with the necessary visibility on cash flow forecasts? A question on everyone’s lips as the Covid-19 crisis accelerates analysis and decision cycles.
Helping managers to steer in a fog that continues to thicken over the months and years is, however, the daily business of financial departments. Business is less and less predictable, which makes cash management, reforcasting of landings and, more generally, any forecasting exercise more complex. Now, more than ever, the role of finance departments is proving to be preponderant in providing visibility both internally and externally. Digitalisation is one of the keys available to the Finance function to fulfil this mission with agility and efficiency.
Covid-19 fuels fraud
At the last Digital Finance Lab, some CFOs noted an increase in fraud attempts since the confinement. Especially during the summer period, which is traditionally a good time for fraud. The dematerialisation of supplier invoices is often only partial in companies, and fraudsters take advantage of this to graft themselves onto the manual validation processes in order to trick their contacts. Accounting and finance teams have thus been faced with an increase in the number of fraudulent emails sent by suppliers who have had their letterboxes hacked. The most common deception consists of requesting a change of bank details.
However, the novelty lies elsewhere. Fraud attempts are increasingly involving small amounts, but with increasing frequency. This means that fraudsters are less vigilant in hoping to slip through the net. It is true that the risk is greater on small invoices where the implementation of verification procedures is more expensive than the invoice itself. And then, as is well known, small streams make big rivers. It must be acknowledged that the spectacular frauds on the president, amounting to several hundred thousand or even millions of euros, are now outdated and better known by the teams.
Nevertheless, fraud techniques tend to become more sophisticated, making their detection more complex. For example, it can happen that the fraudster interposes himself at a given moment between the customer and his supplier and substitutes himself for them. Little by little, a relationship of trust develops between the fraudster and the customer who believes he is dealing with his supplier, on the one hand, and between the fraudster and the supplier who feels he is communicating with his customer, on the other. For an administrative and financial department, detecting this type of fraud is extremely complicated.
In order to hit the bull’s eye, fraudsters prepare their moves more and more meticulously. For example, by posing as an auditor, they can get their hands on valuable data. All they have to do is call the accountant and, armed with an excerpt from the ledger, give him the invoice number, due date and amounts before and after tax to put him at ease and then remind him at the end of the conversation that the company’s RIB has changed. That’s all there is to it.
For the Digital Finance Lab, companies must remain vigilant and take specific measures to thwart attempts at fraud, for example by setting up procedures to call back and check bank details. Synthetic memos that, at a glance, make it possible to identify a potentially risky situation and apply the right procedure can also prove very useful. Training and regular reminders are necessary to maintain a high level of control over time. Internal fraud should not be neglected either. It is good practice not to leave the responsibility for changing the RIB to the accountants.
In any event, vigilance is time-consuming and the time spent on monitoring and auditing has been increasing over the years. For some years now, these missions have been an integral part of the accounting function.
The challenge of day-to-day compliance
Compliance is a millefeuille to which an additional layer is added every year by the authorities but also, depending on the sector, by the associations.
Regulations are piling up and making the processes and daily life of the accounting and finance teams more cumbersome. The accounting and finance teams get up and running with each new law or regulation to ensure timely compliance. But the challenge is to make this compliance a reality over time. Are the obligations arising from the Sapin 2 law and the RGPD, to take just these two examples, fully respected by companies today? Not so sure, the main risk is the wear and tear of everyday life. As these obligations are no longer in the spotlight, or at the top of the pile, procedures would tend to be, more or less knowingly, forgotten.
This regulatory pressure is more or less strong depending on the sector of activity. Banking and insurance in particular are constrained by specific and very cumbersome legislation that requires precise, regular and above all automated internal audits and controls to simplify the task and to promote a reliable audit trail. Moreover, compliance with regulations is one of the driving forces behind digital transformation. Heavily regulated sectors are often ahead in terms of tools and automation.
Finally, some CFOs find themselves confronted with the growing demand from large corporate clients for transparency, confidentiality and security in contractual and administrative processes. With regard to dematerialisation processes in general and the signing of contracts in particular. With some groups, the tools that are already in place are no longer sufficient and secure channels are being requested. This is a relatively recent trend.
Risk management is a central issue. Unfortunately, the reflex to include this issue in all reflections and projects has not yet been completely acquired.