Payments

Cross-Border Workforce Payments Finally Have a Security Blanket

From strict regulations to fraud and cyberattacks, cross-border payments involve risk. Papaya Global, the only fintech designed for workforce payments, is your safest option.

Table of contents

Key Takeaways

  1. A recent global survey of 2,720 enterprises reveals that security is the most important factor when choosing an international payment service provider.
  2. The cross-border payments space is highly regulated and vulnerable to fraud and cyberattacks, leading companies to invest in technologies that can mitigate these risks.
  3. Papaya Global, the world’s leading payments and payroll platform, relies on partnerships with tier-1 banks and a risk-averse approach to safeguard clients' transactions.

The end of 2023 was not a great time for two of Canada’s biggest banks. On December 5, Canada’s financial intelligence agency levied a $7.4 million penalty against the Royal Bank of Canada (RCB) for non-compliance with anti-money laundering and terrorist financing measures. Two days later, the Canadian Imperial Bank of Commerce (CIBC) was fined $1.3 million for the same reason.

According to Canada’s financial intelligence agency, which tries to pinpoint money linked to illicit activities, the CIBC was fined, among other things, over failure to report information related to large money transfers from outside the country. CIBC’s case illustrates the risks involved in cross-border payments, a highly regulated space subject to the Financial Action Task Force’s (FATF) requirements.

FATF’s requirements are highlighted in Citi’s latest Future of Cross-Border Payments report. The report refers to them as regulatory risks, focusing on the data – such as information on the originator and the beneficiary – that must be included in global transactions. This data, note the authors, is “critical to helping prevent, detect, and investigate money laundering and terrorist financing.“

Don’t become a cautionary tale

The second threat highlighted by Citi is cyber risk. “Cross-border payment processing is vulnerable to fraud and cyberattacks,” states the report. “Maintaining high levels of security is therefore one of the main considerations in cross-border payments.“ To underline the severity of the risk, the authors invoke the Bangladesh Bank cyber heist – one of the biggest financial crimes in history – as a cautionary tale.

In 2016, a group of security hackers tried to steal $951 million from a Federal Reserve Bank of New York account held by Bangladesh Bank. The hackers breached Bangladesh Bank’s systems and stole its credentials for payment transfers. Then, they issued 35 fraudulent fund transfer requests via the Swift network. Four payment orders, totalling $81 million, went through. The rest, fortunately, were held up by a spelling mistake.

Today, an attack of such magnitude would have broader repercussions. Commercial insurance market Lloyd’s of London warned recently that a major cyberattack on an international payments system could lead to global losses of $3.5 trillion. “The global interconnectedness of cyber means it is too substantial a risk for one sector to face alone,“ said Lloyd’s chairman, Bruce Carnegie-Brown.

Financial institutions are not the only ones concerned about cyberattacks and fraud. A global survey of 2,720 SMEs conducted by Swift reveals that security is the most important factor when choosing an international payment service provider. Citi’s report agrees with that sentiment and urges companies “to invest in the most sophisticated technology to detect fraud and cyberattacks before they happen.”

Trust the process

In the cross-border payments space, no one is more committed to security and compliance than Papaya Global. The only fintech designed for workforce payments, Papaya holds money transfer licenses across the globe. Money transfer licenses are issued by local governments, which means Papaya’s handling of client funds is subject to strict regulation, ensuring the highest level of trust.

Banks are typically more associated with trust than alternative payment providers. With good reason, too: US banks are insured by the Federal Deposit Insurance Corporation (FDIC), and other countries have similar protections. It should come as no surprise, then, that 87% of the SMEs surveyed in Swift’s research explore their bank’s offering first when looking to make cross-border payments.

Papaya enjoys similar trust thanks to partnerships with tier-1 banks such as J.P. Morgan Chase and Citi, where we hold funds securely in segregated client money accounts (CMAs). Partnerships with banks are hard to form and easy to lose; building those relationships can take years of thorough due diligence, but they can unravel in no time if the bank believes the partner’s risk threshold to be too high.

From Papaya’s earliest days, being risk-averse has always been our top priority. We perform Know Your Customer (KYC) and Anti Money Laundering (AML) processes for each new client and worker being paid via our platform – and run rigorous screenings for every payment, every cycle, to keep clients’ funds safe.

In addition, Papaya’s platform provides the highest level of data security. It supports SSO, complies with GDPR, holds SOC 1 Type II and SOC2 Type II audit reports, and is certified by CSA. It also offers fully customizable roles and tailor-made approval chains so that only the right people can access sensitive information, covering all the bases of secure cross-border payments.