Archive for January 2013
Is your security blanket intact?

Axway CSO John Thielens recently posted on Computer Business Review. Please take a look and share your thoughts!

The consumerisation of IT in businesses is here to stay. At its latest Symposium,Gartner revealed that by 2016, two-thirds of the workforce will own a smartphone and 40 per cent of the global workforce will be mobile. With this in mind, failing to ensure second to none data security within a business in this day and age can prove as risky as walking a tightrope with no harness.

The Mandate Mandate: The Dawn of SEPA Direct Debits

By Mathias Bonnard, Product and Solution Marketing, Axway

A mandate is a document that a buyer signs to authorize a seller to debit their account — usually on a recurring basis — for the purchase of goods or services.

Today, several different direct debit schemes co-exist in the E.U, with most countries having their own scheme (one or more, in some cases) at the domestic level.

In an effort to harmonize how direct debits are used in Europe, SEPA has introduced the SEPA Core Direct Debit (SDD Core). The SDD Core is based on a creditor-driven (i.e., buyer-driven) mandate flow model, which (1) uses a new standardized XML-based format and (2) requires corporations to store and manage mandates plus all information regarding the mandates’ life cycles. The buyer’s bank does not have to receive nor store copies of the mandates, nor is it required to check the right of a seller to collect a payment from a buyer’s account. However, the buyer can reject any debit on their account up to eight weeks after a direct debit is executed.

As one might imagine, SEPA’s requirement for mandate management significantly impacts the way corporations process payments. They must now revisit their existing process to ensure that they:

  • Obtain the buyer’s signed approval early in every transaction (i.e., at the moment goods or services are sold and while the buyer is present), in a way that makes it easy to digitize the transaction’s information and the buyer’s signature, whether electronic or paper-based.
  • Enrich all payment orders to banks so that they include the corresponding mandate information.
  • Guarantee that they can, upon request, provide all mandate-related information regarding payments they’ve sent to their banks (a completely new practice in France and most of the European Union). This requirement ensures that, in the event of a dispute or litigation, corporations can prove buyer authorization or satisfy an investigation, respectively.

To ease the transition to SDD Core, corporations must abandon their siloed approach to processing payments — an approach that limits control, lacks agility, and incurs higher costs due to multiple platforms performing the same task. Instead, they should adopt a centralized approach and deploy a solution that enables them to transform their existing formats to the new SEPA format, which will empower them to enrich direct debit orders with mandate-related information. This capability will help them stay in compliance and enable them to interface seamlessly with other mandate management solutions, yielding a number of valuable advantages, such as:

  • Centralization of payment-flow processing on the corporate side.
  • Enhanced security control.
  • Lighter maintenance demands over time, since all subsequent versions of SEPA, as well as new regulations impacting payment flows, will be automatically addressed in the solution, even if a corporation has multiple offices generating payments with multiple back-office applications.

By achieving this level of centralization, all payment flows can be viewed in one location, their configurations can be effectively managed (e.g., bank profiles, back-end profiles and characteristics, transaction-types, BIC/IBAN and other repositories), and their processing actions (e.g., routing, transformation) can be adjusted whenever new regulations require it.

To many of us, the concept of SDD Core may seem an unnecessary nuisance that seeks to fix a system that isn’t broken.

But it can be much more than that. By requiring corporations to store and manage mandates, SEPA does not simply protect the confidence of buyers and the integrity of the buyer/seller relationship in the E.U. – although that’s reason enough. It also renders compliant corporations largely inculpable in the event of a payment dispute, empowers them to more effectively utilize personnel who today perform redundant tasks due to lack of centralization, and enables them to re-invest budgets that are no longer required for upgrades and maintenance.

The E.U. is fast approaching the dawn of a new era in its grand history of commerce. Will you take this opportunity to up your game, bolster your security, enhance your control, and save money? Or will you settle for mere compliance?