10 July 2015, Global Connections

Managing and mitigating risks in treasury

Corporate treasurers have a key role to play in mitigating risk and supporting corporate governance within their organisations. This is especially so because treasury departments themselves are usually regarded as a high-risk environment, writes Chris van Dijl, Managing Director, Cugavadi

Contact us

Request a callback

Every customer enquiry is important to us. By providing details about your business interests we can direct your enquiry to our most relevant team member.

Please don’t enter confidential information such as your bank account details here.
All fields are mandatory unless otherwise indicated as optional.

  • 01
  • 02

Reason for contacting us

Enter a topic
Enter a topic

Contact details

Please enter your name
Please enter your telephone number

When may we call you?

Preferred time of day

We will call you within the next 3 business days

Back

Request a call-back - Your business interests (optional)

Every customer enquiry is important to us. By providing details about your business interests we can direct your enquiry to our most relevant team member.

Please don’t enter confidential information such as your bank account details here.
All fields are mandatory unless otherwise indicated as optional.

  • 01
  • 02

Business size (optional)

Your business turnover

Your industry sector (optional)

Your market interest (optional)

Which international markets interest you?

Add your business interests

Please don’t enter confidential information such as your bank account details here.
All fields are mandatory unless otherwise indicated as optional.

Business size

Your business turnover

Your industry sector

Your market interest

Which international markets interest you?

Request a callback

  • Sorry

We’ve encountered a problem

We couldn’t send your message. Please try again, return later or call us on

Request a callback

  • Thank you

We’ll be in touch

A Relationship Manager from HSBC Oman will give you a call within three business days.

Your interests

  • Business name:
  • Turnover:
  • Sector:
  • Location:
  • International markets:

Add your business interests

We won’t sell your data or misuse it. Read how we handle your details in our cookie policy.

The high risk environment in which treasuries operate can be linked to three reasons. First of all treasuries are normally operating in a different market than that of the rest of the organisation, namely the financial markets. Secondly, risks are very visible in treasury departments due to the large amount of funds involved: losses on foreign currency exposures or from poor funding decisions are very high profile and quantifiable. Finally, treasury functions are usually in control of bank accounts, and bank accounts are the window through which funds leave the company after a fraudulent event.

Therefore managing and mitigating the risks in a treasury environment draws special attention from the board and other stakeholders. However, the existing control procedures already in place in the organisation might not be fully appropriate to the treasury environment.

A policy that is not fully applicable to the environment could in itself be seen as a risk as adherence to that policy tends to slip over time. It is therefore crucial that an appropriate Internal Controls Framework is established, supported by robust and tested processes and a system to enforce the framework.

Establishing an Internal Controls Framework

The first step towards the management and mitigation of risks in a treasury environment is an Internal Controls Framework approved by the organisation's board and management. A typical Internal Control Framework consists of at least the following 8 key internal controls:

Prevention of fraud

The treasury department is often seen as the last barrier against fraudulent transactions as it is treasury who usually controls access to bank accounts. Therefore, control on the access to funds as well as to transfer initiation and authorisation is critical.

A key method to limit payment risk is the implementation of electronic banking. Transfer letters and faxed instructions can be falsified with limited efforts, whereas access to an electronic banking system or the falsification of cheques takes significantly more effort and financial resources. Therefore transfer letters and faxed instructions should be limited to business continuity situations whenever necessary.

Accurate management information

Management takes key decisions based on the information provided. If the provided information is inaccurate, then this can have a significant detrimental effect. This is more so the case in a treasury department where the amounts are usually much higher.

Prevention of unauthorised position taking

One of the major publicised scandals are when treasury staff enter into transactions that fall outside their assigned dealing limit. Adequate detection procedures need to be established to prevent unauthorised trades from taking place. These procedures should include timely bank account reconciliation (preferably daily), segregation of duties and the 4-eyes principle approach where each entry into the system needs to be reviews by, at least, one other person.

Segregation of Duties

Segregation of duties is established to prevent fraud and to detect errors. In a best practice treasury environment the segregation of duties should be split for each transaction into Dealing, Recording, Confirmation, and Settlement. However, in smaller treasury teams this is not always possible due to the limited number of treasury staff. In these instances the Control Framework should take note and accept this risk as an inherent risk.

Use of authorised counterparties

Restricting the number of counterparties is important for various reasons. First of all due to counterparty risk, each counterparty will have to comply with the set parameters as per the counterparty risk policy document. Secondly, the use of a different counterparty could actually be a breach of a covenant in loan documentation. It is therefore vital that all counterparties are approved and that adequate procedures are in place to prevent staff from using unauthorised counterparties.

Implementation of approved strategies

Policies can be approved by the Board, however the framework also need to ensure that approved procedures are implemented and cascaded down into the treasury department and business operations. It is unfortunately common in some organisations for policies to be approved by the Board and subsequently ignored by the operations.

Error prevention and deletion

The numbers and amounts involved in a treasury environment are usually quite large and a small error could have significant consequences. Therefore, processes and procedures need to be in order to identify errors and ensure that incorrect data is deleted from the system.

Treasury audit

Treasury deserves special attention from the Audit function and both internal and external audit exercises need to take place on a regular basis.

Implementation of an Internal Controls Framework

An Internal Controls Framework will need to be properly implemented before it can be effective. The two main and most critical ways to implement the controls framework is by looking at the company's treasury processes and have the internal controls enforced by a Treasury Management System.

Establishment of robust and tested processes

A thorough review of the organisation's processes is a key support action to enhance the internal controls framework. These should not only be restricted to the Treasury Processes but be expanded to the Order-to-Cash and Purchase-to-Pay workflows and processes.

Reviewing the Purchase-to-Pay processes is a critical step to mitigate risks in the payments area. If the correct (system-based) controls are in place for the approval of a Purchase Order and the underlying payment terms, then the resulting financial settlement in the form of a payment should no longer be considered as the main focus of the risk.

The same applies for the Order-to-Cash processes, especially if the organisation is handling a significant number of letters of credit and guarantees. Redesigned processes can reduce risks, while improving control,

Implementation of a Treasury Management system

Technology plays an important role in managing and mitigating treasury operational risk. The benefits of a dedicated treasury management system are three-fold: First, each type of risk requires a different mitigation technique, but whatever the risk, gaining visibility and control over the company's exposures is a crucial first step. A Treasury Management System could provide a centralised group-wide view of all outstanding positions, due dates, and risks. Providing management with the right information at the right time in order to make the appropriate decisions.

Secondly, many corporate treasuries continue to rely on spreadsheets, even though that most users agree that using spreadsheets brings a significant risk of errors occurring in the company's financial data. While spreadsheets offer a cheap and flexible way of managing information, they are also notoriously error prone. From broken formulae to inaccurate input of data, the use of this type of technology in treasury can, and does, lead to errors. A Treasury Management System reduces the risks of errors and incorrect data.

And finally, and as mentioned before, a treasury management system is a very powerful and important tool in the enforcement of the agreed risk mitigation processes. It can also enforce the 4-eyes principle approach as mentioned before. The dedicated Treasury Management System should be configured in such a way to support the agreed Treasury, Order-to-Cash and Purchase-to-Pay processes as discussed above.

The treasury function in an organisation is one of the areas most exposed to risk. The adoption and implementation of a Board-approved Internal Controls Framework is the initial crucial important step to mitigate the risks involved. However it is crucial that the Internal Control Framework is supported by robust and tested processes and a dedicated Treasury Management System.

Disclaimer: This article is not intended to constitute any advice or an offer. Any forecasts or projections are indicative only. HSBC or any of its affiliates accepts no liability, whether express or implied, arising out of or incidental to contents forming part of the article.

You are leaving the HSBC Commercial Banking website.

Please be aware that the external site policies will differ from our website terms and conditions and privacy policy. The next site will open in a new browser window or tab.

You are leaving the HSBC CMB website.

Please be aware that the external site policies will differ from our website terms and conditions and privacy policy. The next site will open in a new browser window or tab.