by Tim Rowe, Microsoft Practice Lead at  Delaware UK

Complex and unwieldy finance and taxation processes are common sources of frustration for many organisations, especially ones set on a rapid growth path. They absorb time and resource and can even put the brakes on business activity.  Outdated legacy systems and outmoded manual processes still hold sway in many businesses and this can lead to long, protracted sign-off procedures and bottlenecks in accounts payable.

In line with this, a recent global survey carried out by the Institute of Financial Operations and Leadership (IFOL) found that more than two-thirds (68%) of respondents polled still manually key in invoices into their ERP or accounting software today. In addition, well over half (56%) claimed to spend more than ten hours per week processing supplier payments and invoices manually. Nearly a quarter (22%) stated that one of their biggest invoice processing challenges was time spent processing invoice exceptions and the consequent delays caused.

This can be a particularly significant challenge in a fast-growing business, where the numbers of invoices needing processing can rapidly escalate in a short space of time. Problems can accelerate when a business starts selling their goods or services internationally and they have to start navigating complex taxation rules in different countries.

You might be a UK business for example, working with an agency in Middle East that is selling tickets for an event in a different region. The sales tax treatment in such cases is not always straightforward. The time spent unravelling it and ensuring compliance with all the necessary rules and regulations could seriously hamper the business operation.

Bureaucratic financial processes like these can put a real block on growth. There are a raft of reasons why companies that persist with them should think about moving to a smarter, technology driven, automated approach: from reducing errors to saving money and becoming more sustainable.

Finding a positive way forward

The good news today is that automated solutions are increasingly available that enable businesses to break free from slow, error-prone manual processes and instead drive ongoing business growth.

Thanks to the advent of zero-touch vendor invoice processing, and global tax services, delivered by providers like Microsoft, a raft of functionality can be rapidly delivered, streamlining approvals and accelerating business expansion.

With this kind of capability in place, the purchase ledger, or accounts payable department of the business can spark into action as soon as they receive a supplier invoice. Those invoices can automatically converted into a digital version and passed to Dynamics 365 Finance with the original invoice as an attachment. Dynamics 365 would then automatically apply business rules to confirm compliance with delivery receipts / invoice tolerances and present itself ready for payment without any human intervention – zero touch.

In terms of disparate tax rules in different territories, an automated global tax service can be put in place that addresses the nuances of any tax regime in real-time. So as the business is raising a purchase order or a sales order, for instance, the automated service is dynamically working out what the real tax treatment should be for that particular scenario.

Reaping the rewards

 By opting for the latest automated tools for financial processes like invoice management, or tax services,  businesses can potentially access a wide range of benefits. A more automated approach will, for example, enable them  to win back time by reducing the time needed for data entry, exception management and the resolution of billing discrepancies and approvals. That will, in turn, allow businesses to give their accounts payable  team more time to work on added-value projects, or tasks.

Critically too, such an approach allows organisation to save money, cutting the cost of invoice processed or tax document analysed to collect faster and boost cash flow. Coupled with that, the ability to attain a real-time, accurate view of the business’s cash position supports smart payment and investment decisions. Audits become much easier with built-in data verification and quality assurance, and suppliers are happier, thanks to the ability to deliver faster and more accurate payments.

Perhaps most, important of all, however, a smart automated approach to financial transactions has the potential to streamline and drive efficiencies across previously bureaucratic processes, enabling organisations of all types to more easily scale and drive successful business growth.

By Toby Butler, Financial Crime Solutions Manager at Ripjar

Ransomware attacks are on the increase in the United Kingdom. Most of the British Government’s COBRA meetings have been convened in response to ransomware attacks, showing how cybersecurity breaches are as pressing as national emergencies and crises. The National Cyber Security Centre’s (NCSC) annual review found this year that the country was hit by 17 ransomware incidents that were so impactful they “require a nationally coordinated response”. That extends to the financial services sector, which saw an increase of ransomware attacks with 55% of organisations hit in 2021.

Where does this leave the sector and how can artificial intelligence and machine learning be instrumental in understanding the risks companies face against future ransomware attacks?

Toby Butler

Company information is being stolen and sold to different threat groups, who prey on the individuals in that organisation who are more likely to pay them. The UK is one of the most cyber-attacked countries in the world and the Government has been criticised for being “ill-equipped” to deal with this exponential rise of fraud cases.

Ransomware-as-a-Service

Ransomware is one of the most common forms of cybercrime. Fighting it has become one of the biggest problems that organisations today face during their everyday operations. For instance, Malware (malicious software) encrypts the files of a single computer, then works its way through an entire network to reach the server and inflict maximum damage. Company information is being stolen and sold to different threat groups, who prey on the individuals in that organisation who are more likely to pay them.

When these attacks occur the victims, more often businesses, are left with minimal options. If they have substantial backup solutions already in place, they can attempt to restore the encrypted data to their servers. But if that data isn’t already secured elsewhere, they may need to pay a ransom to the criminals behind the attack. Thereby allowing the business to function once again and restoring their reputation. The cost of paying the ransom will feel considerably smaller compared to starting a business again from scratch. Sophos’ State of Ransomware in Financial Services 2022 report found that 52% of financial services organisations paid the ransom to restore their data, the average remediation cost in financial services was US$1.59M.

Cybersecurity Ventures estimates that ransomware is set to cost global businesses more than $256 billion by the end of 2031. By that token, organisations need to be extremely mindful of the potential threats they may face. Businesses need to understand the methodologies these hackers use, to address the weaknesses within their domain and take measures to isolate and prevent further ransomware attacks from happening again.

The rise of WAMs

According to a recent report by security firm CyberSixgill, 19% of the 3,612 cyberattacks that took place in 2021 were traced back to Wholesale Access Markets – or WAMs for short. WAMs are, in essence, underground internet flea markets. These markets are where aspiring attackers come to purchase network access from threat actors – the individual or entity involved in carrying out the cyber-attack. Types of threat actors include insiders, cybercriminals, rival organisations, or even nation states stealing data.

WAMs sell access to multiple compromised endpoints (or pathways) for around 10-20 dollars. Researchers found that WAMs listed access to approximately 4.3 million compromised endpoints in 2021, which include access to both provider and enterprise software (for example, an organisation’s Slack channel) up to 180 days before the attack itself took place. This shows how long these compromised endpoints remain undetected without proper internal analysis.

How can Financial Services stay ahead of the curve?

The use of Artificial Intelligence (AI) and machine learning is undisputed across modern businesses and sectors, and continues to revolutionise processes across the board. AI is a significant player in the financial services industry, building the ‘cyber-wall’ against nefarious users. It gives organisations optimal insights into reducing the likelihood of a ransomware attack in the future.

Namely, AI and machine learning collects and analyses vast amounts of messy (structured and unstructured) data from disparate sources. The challenge for the sector is to understand the volume and variety of the raw data collected from any source to build better protection in the future.

Structured information could be best understood as the clear data we see in a table. For example, the following attendees made a business meeting: first name – Joan, surname – Smith, age – 46. But unstructured information is information presented in a complex manner. For example, ‘there were five people who attended the business meeting, one of whom was forty-six and called Joan Smith’. Naturally, due to the complex nature of the prose, it would be more difficult for a machine to process that data into a digestible format for further risk analysis. This is where AI continues to prove invaluable.

AI uses natural language processing to understand the information provided on the web. As the software continues to evolve, natural language processing reads the information in a way a human would to extract the key information from the text. By incorporating AI and machine learning within an organisation’s IT infrastructure, companies operating within financial services can be better equipped to handle cybercrime.

These tools are flexible and adaptable, they can be configured to analyse different types of data from different sources to curate key insights. This collated information provides a better analysis of the organisation’s exposure, allowing them the opportunity to get upstream in preventing future attacks. This kind of approach is essential to processing listings on WAMs.

The power to analyse data to identify weakness is vital in the battle against cybercrime. It gives organisations a better understanding into what they could expect to see in the future. Hosting the correct data, and with the analytical skills, financial organisations can gain a better understanding of the methodologies and weaknesses in-house that attackers use and exploit to hold them to ransom. Organisations can then use this as a reference to pinpoint compromised endpoints, giving them a chance to reduce access before this route can be exploited and ruin their business.

With cybercrime and ransomware continuing to remain prevalent, it’s vital that financial services companies understand how they can get ahead of the curve and build a robust security platform within their IT infrastructure that can withstand an attack. In 2022, a ransomware attack occurred every 40 seconds. The mindset for the sector needs to be one of when, not if.

Organisations need to be thinking about an attack now – before it’s happened. Pre-planning and preparing for the worst possible outcome from future threats and adversaries. The introduction of AI and machine learning in the fight against cybercrime is a must, and the sooner the industry gets behind in implementing AI, the safer it will be through the next decade.