Treasury Today Country Profiles in association with Citi

Hanse Orga Group

Cloudbusting: the quest for clarity

Ingo Czok, CTO Cloud Payments at Hanse Orga Group

Cloud technology can offer treasurers speed, efficiency, security and, above all, clarity. Ingo Czok, CTO Cloud Payments at Hanse Orga Group, considers the facts not the fiction.

Ingo Czok

CTO Cloud Payments

In cloud technology, myths abound. Sifting through the hype and trying to uncover the real benefits can be a chore, especially as most treasurers already have enough work to keep them permanently occupied. But attitudes are changing.

Stepping up to the plate to explain what this means is Ingo Czok, CTO Cloud Payments at Hanse Orga Group. “Our first cloud customers were all large corporates,” he recalls. These firms wanted to be faster and more agile but wanted to be up and running in the shortest possible time. “They found that setting up a complex payments or treasury operation is much quicker in the cloud. But now we have many medium-size companies working in our cloud environment too,” he notes.

Despite the uncovering of key benefits, of which more in a moment, there is still resistance to cloud in some organisations. One of the main concerns is that of placing data beyond the ‘safe’ walls of the business. Where it is encountered, the main fear is that data can more easily be accessed by unauthorised persons. However, Czok cites a recent KPMG study that revealed on-premise installations suffer more breaches than their cloud-based counterparts.

The reason, argues Czok, may be this. With constantly evolving cyberthreats, it is extremely difficult for one business to keep on top of the changes. A specialist provider will have the resources and experience to hand. Furthermore, an on-premise system can be a known target for criminals whereas, arguably, the relative anonymity of a data centre provides cover. It is food for thought.

Data protection

Mistrust aside, there can also be regulatory prohibition of moving data into the cloud. The tightening of controls under the EU’s General Data Protection Regulation (GDPR), which comes into force on 25th May this year, is only serving to heighten the belief, in some jurisdictions, that cloud is outlawed altogether for businesses.

Of course, this is not the case, states Czok. In fact, it is quite the opposite. GDPR is data protection for the digital age, regulating how data on EU citizens is stored and used in the cloud. However, the controls that stem from GDPR mean contracts with service providers must be scrutinised for compliance, he warns. “Making sure your cloud provider is GDPR-compliant is essential.”

Companies will need to establish strict data access rules governing their own and the service provider’s personnel. This may sound onerous for the client, but checking is quite easy. Whilst there is no GDPR certification yet, there are international assurances such as ISO 27001 and, in the US, SSAE 16, that can be seen. These are well-established information security management system frameworks that cover policies and procedures for work with client data (governing all the legal, physical and technical risk management controls that are used).

Of course, working with a certified European provider, such as Hanse Orga Group, means GDPR compliance has already been taken care of. “Our customers can take advantage of the work we have already done, instead of doing it all themselves,” says Czok.

Different models

The different deployment models of cloud range from private to public. Public may cause some companies to question whether their data is held as separately from other businesses as they would like. Indeed, some may even feel that sharing a server with another business increases the risk of unauthorised access to data.

“We offer different deployment options according to need,” says Czok. With customers ranging from a major German savings bank co-operative (with around 450 domestic banks offering a portal to their own clients), to private and public companies, these needs are varied.

The banking set-up is held within one database but using data protection mechanisms to ensure that none of the banks can see each other’s data, and none of the end clients can ever see another client’s data. Banks are ultra-sensitive to data breaches and, on a regular basis, undertake penetration tests to try to compromise the system.

“It is fairly safe to say that having all the data in one place can be achieved in a very secure manner,” says Czok. “But we have customers with policies that state that their data should never be in the same database, or on the same system, with data from other companies.”

In this case, the customer can be provided with its own dedicated server, using the same software and platform. The cloud is perfectly suited to infinite scalability, so this is entirely achievable for any number of clients. But for Czok, other than adherence to policy, a private instance is an unnecessary extra expense.

Cloud benefits

Handling the objections only serves to put cloud on the same level as on-premises solutions. But there are some quite distinct advantages to cloud, suggests Czok. The main driver for cloud adoption – the speed of implementation – remains unchallenged. But, in terms of functional benefits, the centralisation of data and processes means accessibility is enhanced way beyond that of any installed version. Firstly, data can be viewed immediately from almost anywhere in the world by all personnel with the right URL (web address) and access rights. If the corporate then wishes to consider integrating specific on-premises systems with its cloud applications and managed services, the practical value of both increases exponentially.

With e-banking stations scattered throughout an enterprise, often in different regions and countries, payments are often managed separately by individuals (and away from the scrutiny of the treasurer). Cloud offers a centralised payments factory which enables greater visibility. It also makes it easy and quick to incorporate and activate the payments function of new entities following a merger, for example (certainly far easier and quicker than rolling out yet another instance of the ERP).

Cash visibility is further improved by cloud centralisation, says Czok. The manner in which the ‘single source of truth’, delivered in real-time, benefits working capital management, for example, is well understood.

The benefits of having data in one place for fraud detection and prevention, on a global scale, are clear too; being able to monitor and analyse data movements across a siloed infrastructure is almost impossible, especially where mobile devices are in use. The single source means data access controls, auditability and visibility are vastly more manageable, even if companies must still be alert to the human element of fraud.

Practical advantage

The sheer practical ease with which cash can be made visible is a positive that all treasurers will understand. Previously, to gain cash visibility, technical adaptations were required for each bank and possibly each account, across all jurisdictions, acknowledging every respective format and connection.

In a cloud environment, cash information is downloaded from each bank, but each bank’s formatting and connectivity requirements are managed by the provider, data being gathered using a simple Representational State Transfer (REST) API.

These APIs take advantage of existing protocols so there is no need to install new libraries or additional software. With a single interface now in place, formatted bank data can be moved to the client’s ERP system easily and quickly, explains Czok.

With cloud solutions largely ERP-agnostic, Hanse Orga Group’s strong route into SAP in no way restricts it to this product. “We are bringing all the technologies and features that we have in our SAP products to the cloud,” explains Czok.

The vendor is already offering hybrid solutions, allowing them to combine on-premises instances of its SAP-integrated FS² applications with cloud applications and managed services to enable centralised cash management, rolling liquidity planning and automated actual data assignment. “Customers can do all their payment runs in SAP. When the time comes, with the push of a button, they can move these payments files to the cloud.”

Once in the cloud, files can be mixed with other payments (that might stem from non-SAP users in the organisation or from special requests). Each can be checked for fraud and compliance, be authorised, formatted for each beneficiary, and sent to the relevant bank.

“The aspect of end-to-end security is particularly interesting,” says Czok. When payment instructions come into SAP, each can be encrypted so it is almost impossible to modify it before it leaves the system. With Hanse Orga Group’s acquisition last year of US-firm Dolphin, the electronic processing of legitimate invoices right through to payment in the ERP is, he believes, “a major advance in end-to-end security”.

There is still a due diligence requirement, and possibly some exceptions to manage, as would be the case with every system. But the benefits of such a unified connection with immediate cash visibility go beyond treasury and finance, into areas such as sales, production and supply chain.

Getting connected

To be able to enjoy the benefits of cloud, all that is required for an installed system is a single connection between the ERP or TMS, and the cloud system provider, using web services APIs. “There is no requirement to move on-premises systems to the cloud,” explains Czok.

In Hanse Orga Group’s hybrid offering, it provides its own open software connectors. These allow any permitted independent software provider to interface with its solutions, creating a singular architecture. Its team of consultants are positioned to help clients assess their needs and select the most appropriate pathway before implementation.

“With our managed services, customers can decide how much they wish to outsource,” adds Czok. “This may be just the software and basic hosting, the operating of the software, or possibly outsourcing the whole process including all the bank connectivity.” The flexibility inherent in cloud ensures customers of all sizes can adapt to it progressively, he believes.

Once the benefits of getting connected are revealed in practice, the myths and legends of ‘cloud’ that have built up over the years become just that: unsubstantiated tales. Any treasurer who wishes to focus more on being a treasurer and adding value to their organisation will soon find the reality so much more appealing.