Canada

Corporate buyers need to be able to pay their vendors quickly and easily, especially during a pandemic that has caused many employees to work from home, making paper checks and manual processes especially inconvenient.

Accounts payable (AP) teams are now taking a fresh look at the potential of tools such as virtual cards to ease their transaction frictions. The digital methods suit remote purchasing environments and offer security features that can make it difficult for fraudsters to use stolen card details.

This is far from the only significant change to how AP departments operate, and many companies are also exploring digital tools for onboarding new vendors more smoothly. Businesses that wish to start purchasing from new suppliers must first collect and verify details that will help them evaluate the prospective partners’ capabilities and confirm that they are not criminally involved. Gathering and analyzing all this information can be difficult, prompting some companies to adopt digital supports like vendor portals to ease the work.

The September CFO Guide To Digitizing B2B Payments explores how corporate buyers are streamlining their B2B transactions with digital payments and supplier onboarding tools.

Around The B2B Payments World

Companies may seek to avoid having to proactively ask for and record vendor details, which reportedly can entail weeks- or months-long data gathering processes. They may instead choose to adopt supplier portals into which interested potential business partners can enter their details, with the information then stored in cloud-based platforms where buyers’ employees can view it. This can reduce workloads and accelerate processes for the buyers.

Pharmaceutical companies also have to rethink how they approach vendor onboarding, with many finding that it is no longer safe or possible to visit potential manufacturing partners in person for on-site tours and inspections. The sector instead is exploring the potential of livestream video tours, although questions remain about best practices for storing the recordings and handling any sensitive information that might accidentally be captured in them.

Vetting suppliers carefully is essential to catching fraudsters, and even major companies can fall victim. Amazon reportedly lost $19 million to a scheme that allegedly saw vendors deliver and bill the company for items well in excess of what the eCommerce giant had ordered. The purported fraudsters would send Amazon 10,000 items when the company had requested no more than 100, for example.

To read more about these and the rest of the latest headlines, download the Report.

Building Better Subcontractor Relationships With Digital Payments, Onboarding

Construction companies rely on a variety of subcontractors and suppliers, but paying these partners can quickly become complicated for companies that use paper-based, manual methods to accept and manage all the documents that must be collected before issuing funds.

In this month’s Feature Story, Anna Bickford, audit team member for commercial building contractor DPR Construction, explains how cloud-based tools help streamline document acceptance during subcontractor onboarding and enable more efficient invoice and payments tracking.

Find the full story in the Report.

Deep Dive: How Vendor Portals Ease Onboarding

Corporate buyers must gather a variety of details from new suppliers before doing business with them. That includes collecting information about vendors’ performance histories to ensure they can meet buyers’ needs as well as vetting the companies according to anti-crime regulations. Buyers that are confident that they have identified good business partners then need to smoothly gather payments details so they can issue digital payments to these vendors.

This month’s Deep Dive examines buyers’ data collection needs and how supplier onboarding portals can ease this work.

Read the Deep Dive in the Report.

About The Report

The CFO Guide To Digitizing B2B Payments, a collaboration between PYMNTS and Comdata, examines how companies are upgrading to digital vendor onboarding and payments.

In the great digital shift, the mobile device is the point of sale — especially in Asia’s fast-growing markets.

In a Masterclass interview with PYMNTS, Tom Donlea, vice president and general manager, APAC at global identity verification provider Ekata, said Asia offers greenfield opportunities — and some areas of risk — for merchants looking to offer digital wallets.

The conversation came against a backdrop where online transaction volumes and mobile wallet adoption are increasing. But as merchants and issuers look to enter new markets, including the Asia Pacific region (APAC), they must be mindful of the challenges posed by fraudsters.

Donlea noted that mobile wallets are designed for consumer and brand loyalty. And in Asia especially, amid the battle of the super-apps, the goal is to drive as much activity through those apps and mobile wallets as possible, through QR payments in shops, lending, ride-hailing and food delivery (to name just a few use cases).

For the firms that get it right, the opportunity within APAC is significant. China and India alone account for roughly half of the globe’s smartphone-using population. And as Donlea noted to PYMNTS, seven of 10 adults in southeast Asia are unbanked or underbanked, and mobile wallets can broaden financial inclusion.

In Malaysia, for example, the government has set aside the equivalent of $108 million USD to spur small businesses and retailers to accept digital payments — and gave millions of individuals one-off incentives to spend via digital wallets. Singapore, Donlea added, has a forward-thinking government in place that is friendly toward commercially oriented technology and is eager to attract global investments (and has narrowed down finalists for five digital banking licenses).

At a high level, beyond market-specific data points, said Donlea, there are a few notable trends tied to digital commerce that have been shaped by the pandemic. Consumer behavior itself has changed, he noted, with a years-long digital transformation compressed into the span of just a few months.

The percentage of total sales that occurred online in the U.S. alone shifted from 15 percent to 25 percent in a matter of weeks. At the same time, online businesses actually invested less in fraud prevention tools as their general budgets tightened due to external pressures.

“Every recession leads to an increase in fraud,” he said. “People are desperate. And they also know that companies have fewer resources to defend themselves against fraud.”

The current environment has led to some unusual challenges, as financial institutions (FIs) and merchants across all verticals are seeing unusual buying patterns amid a surge of new account creation, as people move to online channels to buy even the most basic goods. Ekata, he said, saw some online retailers tally months’ worth of daily volume at the equivalent of Black Friday volume.

But speed bumps loom, too. “The folks who fight crime tend to use historical patterns to detect fraud and train their models," said Donlea. "Machine learning models are training on historical data as well. There are no historical patterns to model the behavior during these times. So it takes a long time to get the outcomes as to what’s fraud and what isn't."

The Challenges 

As always, making sure that users are legitimate (and that they are who they say they are) is key in building any payments ecosystem. Donlea noted that some of the initial processes of equipping consumers in Asia with mobile wallets will seem familiar.

As Donlea told PYMNTS, onboarding for eWallets will resemble what is in place for other payment methods that are used for digital transactions.

“If you’re signing up for a credit card with an issuer or choosing a buy now, pay later point of sale lender, the consumer needs to provide enough proof of their identity so that the wallet can admit them into their ecosystem," he explained. Companies also need to satisfy the requisite anti-money laundering (AML) and know your customer (KYC) compliance checks, which can vary from market to market.

Traditional wallets in the APAC region market have relied on two-factor authentication or one-time passwords. Those lines of defense can indeed be effective, said Donlea, “as long as details in that consumer's account have not already been changed through an account takeover.”

There’s no single magic bullet to stop the increasingly sophisticated (and relentless) attacks by criminals on digital commerce.

The strategy for protecting mobile wallets is the same for eCommerce merchants, online travel marketplaces and other web-based businesses, contended Donlea: When it comes to fraud prevention, layering different types of data and utilizing a combination of fraud rules and machine learning models — complemented by a feedback loop from manual review agents — can offer the most robust lines of defense.

For example, many mobile wallet issuers are implementing selfie checks at the point of onboarding to ensure that an actual human being — and not just a bot — is creating an account.

“The smartest and most effective companies find ways to leverage internal resources and external vendors for cost-effective solutions that result in the appropriate fraud levels for their business risk tolerance," Donlea told PYMNTS. "As the old saying goes, 'you don’t bring a knife to a gunfight.'" Yet, he noted that many of the up-and-coming wallet providers and merchants do not yet use best-in-class methods and products in the service of identity verification.

“When merchants are accepting new forms of payment, they are often dealing with less information about that particular consumer and the potential risk associated with them,” he noted. Merchants feel the downstream effects of poorly designed customer onboarding verification by the wallets.

Robust, layered verification approaches are especially critical amid a fragmented regulatory landscape, said Donlea, where so much data on individuals in Asia is “mobile-centric” in nature and where the mobile device itself may be the key indicator of legitimate identity.

“Ultimately, digitally-savvy businesses strike a balance between friction and freedom at the moment of transacting or setting up a new account,” Donlea said, adding that “most consumers prefer zero friction, but they also ultimately want to be safe, and they know that eWallets are playing safely with their identity details, their bank account information and other payment credentials.”

In these early days, the wallet providers targeting APAC will almost exclusively focus on consumer adoption. This means heavy advertising promotions and less emphasis on additional identity verification beyond KYC or AML compliance checks.

But as fraud looms or false positives accumulate — indicating that good customers have been rejected — firms will look for help from verification solution providers. Examining a range of identity elements — such as name, IP address, physical address and email — can help provide insight into new customers entering an eWallet ecosystem.

As Donlea told PYMNTS, “The wallets are expanding globally, and they present a unique challenge for businesses accepting payments with this form. They’re going to want to make this experience frictionless for consumers, while at the same time covering their own fraud and risk concerns. Using dynamic identity verification will make the expansion much safer and more scalable.”

A cyberattack directed at two dozen Canadian government platforms forced the shutdown of most of its online portals over the weekend.

CNN reported Canadian officials detected as many as 300,000 attempted attacks to access accounts.

“Early on Saturday morning a CRA (Canadian Revenue Agency) portal was directly targeted with a large amount of traffic using a botnet to attempt to attack the services through credential stuffing,” Marc Brouillard, a Canadian government spokesman told the network referring to an attack where stolen usernames and passwords are gathered to fraudulently access personal accounts. “Out of an abundance of caution the CRA portal was shut down to contain the attack and implement measures to protect CRA services.”

The CRA plays multiple roles. It collects taxes, administers tax law and policy and oversees charities.

As a result of the breach, the CRA said more than 11,000 of 12 million personal accounts were compromised, including online portals accessing tax payer data and COVID-19 relief programs.

Online services are expected to be fixed by Wednesday (Aug.19), officials told CNN.

“The credentials used in the attack came from previous, non-government of Canada data breaches,” said Scott Jones, head of Canada’s Centre for Cyber Security, the agency that leads the government’s response to cybersecurity attacks. “They were effective because Canadians reused old passwords on government of Canada systems, the accounts that used unique, strong passwords remain secure.”

Last month, a national survey found more than 80 percent of U.S. medical practices have been the victims of cyberattacks.

More than half of the hospital and medical facilities reported patient safety concerns from the data breaches, and 20 percent said that their business had been interrupted for more than five hours, the survey said, according to USA Today.

“That can be the difference between life and death,” Wendi Whitmore, vice president of IBM X-Force, a New York-based commercial security research team, told the newspaper.

In March, a cyberattack was leveled at the U.S. Department of Health and Human Services (HHS) amid the agency’s role in the COVID-19 mitigation.

The attack didn’t have any dire effects like a data breach, officials said. Few  details were provided on what happened, but the attack was noticed because of a “significant increase” in activity on the server, according to a spokeswoman.

As its stores shuttered to prevent the spread of COVID-19 earlier this year, the Canadian Tire Corp. Ltd. posted worse than expected second-quarter (Q2) losses on Thursday (Aug. 6). 

Revenues for the Toronto-based company fell 14.2 percent to $3.16 billion, well above the $2.95 billion estimates from Bay Street, the Canadian equivalent of Wall Street.

Canadian Tire operates automotive, hardware, sports, leisure and houseware stores including Canadian Tire, Mark's, FGL Sports, PartSource and Party City. The auto, home and sporting goods retailer closed its 203 stores in Ontario.

Excluding one-time items, the company reported a loss of 25 Canadian cents per share, while analysts on average expected a loss of 10 Canadian cents.

The company said its operations and diluted earnings per share (EPS) were $(0.33) and normalized diluted EPS were $(0.25), compared to normalized diluted EPS of $2.97 for the same period last year.

The decline in credit card sales resulted in lower transaction fee revenue as it hit the company's financial services segment, which saw its income nearly halved. 

Performance in Q2 was impacted by a $300 million decrease in revenue compared to last year, primarily at Sport Chek, Mark's and Helly Hansen banners due to store closures. 

Consolidated earnings were hurt, the company said, by $41.7 million following COVID-19-related costs, including $41.2 million for a support payment for frontline employees and enhanced safety protocols for employees and customers. 

But eCommerce was a bright spot for the 98-year-old retailer during the quarter. Online sales were up 400 percent, helping to offset some losses at its retail segment as more consumers shopped online, the company said. Still, the segment posted a 15.2 percent decline in revenue.

Greg Hicks, president and CEO of Canadian Tire Corp., put the best face on the results. “We continue to fulfill our deep-rooted purpose of being there for life in Canada, no matter what life may look like,” he said in a statement. “I am incredibly proud of the contributions of our dedicated frontline store, distribution center and contact center employees, as well as our associate dealers, who place the customer at the heart of everything we do.”