First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Implementing electronic payments with an eye towards risk management

As we edge closer and closer to 2013, we’re seeing more people with mobile devices in their pockets. How many people do you know with an iPhone or Android device? The influx of additional devices such as tablets and ultra-thin laptop computers means that more people are online in more places, and more often than ever before. This vastly changes the way businesses can choose to sell their products. Enter the implementation of electronic payments.

Take Starbucks, for example, who allows customers to pay for purchases with a barcode connected to their Starbucks account on their mobile phone. This is only one of many ways in which electronic payments are quickly taking over. Its the convenient side of electronic payments such as these that entice consumers. Quicker access to their money means quicker access to the world around them. This convenience is particularly profitable for businesses. After all, isn’t it easier to spend money if you don’t really have to think about it?

Unfortunately, this new wave of electronic payments presents a multitude of not-so-convenient risks. Any data being sent and received from different devices, banks, and computers, runs the risk of being intercepted by criminals.

This can pose risks at the consumer level and at the member financial institution level. An example of consumer level risk could be debit card fraud. This would impact the end consumer and the financial institution working with the company running the debit card system. Member financial risk could include damaging the financial and/or reputational character of a company.

With more people making transactions online every day, what can we do to manage the financial risk without reducing profitability for businesses and ease of use for consumers?

It’s important to first understand the type of risks associated with this emerging financial platform. Risks vary according to companies and the type of security measures these companies have put in place. Quality of security systems range from weak to very strong. There is no single solution.

But those who take on greater risk by using weaker security systems are quickly learning that they are responsible for the negative effects of their choices. For example, many banks are placing pressure on payment processors to take responsibility in the event of merchant breaches.

The reality of electronic payments is that the payment network is almost completely interconnected. There are multiple points where a hacker could choose to infiltrate a system, whether it’s through a security breach in the system or by interacting directly with something like a bank machine. The system relies on itself, and any weak point can take the whole thing down.

While it may initially seem easier to have governing bodies such as banks put forward specified requirements for risk management, this would actually be counter-productive. Technology moves very fast and a specified list of risk management requirements would likely fall out of date every year.

This is why it’s important that all organizations take advanced steps to mitigate the risks of electronic payment systems by creating their own benchmarks for security. These benchmarks should be reexamined in keeping with the rapid growth of technology in order to remain effective. Organizations must work to protect the integrity of the system as a whole, not only their portion of it.

In order to effectively plan for and simultaneously reduce risk, organizations should examine the risk of electronic payment operations in the following three ways:

  • The frequency of loss (How frequently does the company experience security breaches? Why?)
  • The severity of a loss (How much money could realistically be lost by the company? What about the consumer? How bad could this get?)
  • The way a loss would be received. (What would the stakeholders say or do? Shareholders? Customer base?)

Focusing on consumer protection and risk management, either internally or through the aid of a credible third party company, is a significant way to reduce preventable losses and maintain the safety of theirs and their customers’ bank accounts. Electronic payments are the way of the future. Thinking about how it can and will affect your business now will keep you ahead of the curve.

About The Author: Albertine Watson is an online author and blogger from Winnipeg, Canada who specializing in online and social media marketing. She often offers her views on marketing and the business world as it related to current trends. Learn more about electronic payment solutions and systems at

Occasional Contributors

In addition to our regular guest bloggers, Inside Internal Controls blog published by First Reference, provides occasional guest post opportunities from various subject matter experts on the topics of risk management and best practices in finance and accounting, information technology, environmental issues, corporate governance, sales/marketing and operations, not-for-profits and business related issues in Canada. If you are a subject matter expert and would like to become an occasional blogger, please contact Yosie Saint-Cyr at If you liked this post and would like to subscribe to Inside Internal Controls blog click here.

, , , , , , , , , , , , , , , , , , , , , , , ,

Comments are currently closed.