Control and Compliance

Kyriba’s Control and Compliance modules strengthen financial controls while offering sophisticated audit reporting and industry-first capabilities for real-time fraud detection and prevention.

Payment Fraud Detection & Prevention

Sanctions List Screening – Kyriba offers watchlist screening against OFAC, EU and UN sanction lists. FircoSoft’s industry leading screening software is embedded within Kyriba so pre-determined third-party payments can be automatically reconciled against sanction lists, with notification of matches directed immediately to the selected user(s). Screening is conducted at the end of the payment workflow so the screened file is identical to that which the bank receives.

Payment Fraud Detection – Kyriba’s Payment Fraud Detection offers scenario-based real-time detection of suspicious payment activity, stopping payments fraud in its tracks. The module is an evolution beyond standard payment controls such as separation of duties and approval limits. Payments Fraud Detection includes customized scoring, centralized alerts, complete prevention workflow and resolution management, as well as data visualization through a drilldown KPI dashboard.

Application Security

To strengthen operational security and align with your organization’s information security policies, Kyriba offers a comprehensive array of advanced security features:

Two-Factor Authentication – Two-factor authentication (2FA) creates a randomly generated one-time password that is delivered to a pre-defined hard token (Yubikey) or soft token (via SMS to user’s smartphone). 2FA can be implemented on its own or in combination with other application security features. 2FA can also be used to validate users during the payment approval process.

IP Filtering – Kyriba’s IP Filtering allows clients to restrict login to pre-determined IP addresses. This is a global feature that applies to all the organization’s users. IP Filtering can also be used in combination with other Kyriba Extended Security features such as two-factor authentication.

Enterprise SSO – Enterprise SSO allows single sign-on with a client’s internal security environment. Enterprise SSO uses SAML 2.0 for LDAP authentication, meaning that each user’s security credentials (for example, their Windows user ID and password) can be used to log in to Kyriba and control user access within the platform. Enterprise SSO can optionally be used alongside other capabilities such as two-factor authentication and IP filtering.

Control Center

Maintaining control of treasury workflows is critical for monitoring of errors, disruptions and suspicious payments. Kyriba Control Center is used to monitor workflows and treasury activity within the Kyriba platform to help detect unauthorized usage and potential fraud. Kyriba Control Center offers the opportunity to monitor and analyze:

  • Bank connectivity failures, including files expected but not received
  • Payment files where final acknowledgement was not received
  • Escalation and summary of pending workflow approvals
  • Real-time status alerts of additions, deletions or modifications of data
  • Stop light status for detection of task error

Digital Signatures

Digital signatures are personal identity tools that allow the user to digitally sign messages and electronic documents. Kyriba supports the SWIFT 3SKey digital signature format to approve payments within Kyriba and authenticate payment files sent to the bank (where supported by the bank).

Control and Compliance Modules:

  • Sanctions List Screening
  • Payment Fraud Detection and Prevention
  • Application Security
  • Control Center
  • Digital Signatures