performances veille - Performances Group

PERFORMANCES VEILLE
Nouvelles Technologies de l’Information et
de la Communication – N T I C
Numéro 342 – Semaine du 22 au 28 août 2014
TABLE DES MATIÈRES

HEARTBLEED CONSTITUE TOUJOURS UNE MENACE ............................................................................................................. 1

LA FRANCE SE DOTE D’UNE POLITIQUE GLOBALE DE SECURITE ............................................................................................... 1

MOBILITE : CROISSANCE FULGURANTE DES APPLICATIONS METIERS ........................................................................................ 3

ICT MINISTRY NEEDS SH930B FOR ITS INVESTMENT PLAN .................................................................................................... 3

MEDIA IN LIFE : LES CHIFFRES CLES DE LA TABLETTE ............................................................................................................ 4

AUX USA, PLUS DE LA MOITIE DU TEMPS MEDIA DIGITAL EST REALISE SUR LES APPLICATIONS MOBILES ............................................ 6

L'EXPLOSION DES OBJETS CONNECTES ET DES APPLIS SANTE .................................................................................................. 7

LARGER IPAD HERALDS BLURRING AMONG APPLE DEVICES ................................................................................................. 9

MULTICHOICE LAUNCHES SINGLE VIEW DSTV HD DECODER .............................................................................................. 10

GOOGLE BUG IN SEARCHES SPURS TALK OF HACKING ...................................................................................................... 11

KENYA TO BENEFIT FROM SH44B SAP INVESTMENT IN AFRICA........................................................................................... 12

SAP UNFOLDS PLAN TO INVEST $500M IN NIGERIA, OTHERS ............................................................................................. 14
 HEARTBLEED
CONSTITUE TOUJOURS UNE MENACE
TIC, 26 AOUT 2014
Près de cinq mois après la révélation de la vulnérabilité Heartbleed, IBM dresse un
premier bilan, avec le rapport trimestriel de sa division X-Force, en s’appuyant sur les
informations retirées des infrastructures des clients de ses services de sécurité
managés. Et celui-ci s’avère contrasté.
La bonne nouvelle, c’est que l’intérêt malveillant pour la vulnérabilité semble s’être
sensiblement tassé : si IBM a enregistré jusqu’à plus de 300 000 attaques par jour
exploitant Heartbleed le 15 avril dernier, le chiffre est rapidement retombé, à quelques
centaines d’incidents par jour fin avril. L’effet de grandes entreprises qui ont été
capables de mettre rapidement en œuvre des contre-mesures. De quoi pousser les
attaquants à déplacer leurs efforts sur d’autres vulnérabilités. Pour autant, l’activité
malveillante liée à Heartbleed se maintient, explique IBM, estimant qu’environ « 50 %
des serveurs potentiellement vulnérables ont été laissés sans correctif ». De quoi faire,
pour le groupe, de la vulnérabilité « une menace continue et critique ».
Mais pour IBM, le plus important est peut-être à chercher du côté de la gestion de la
réaction : « disposer d’un plan de réaction aux incidents – et d’une base de données à
jour des actifs – s’est avéré absolument critique pour réduire l’exposition au risque. » En
outre, selon le groupe, si les pare-feux ont pu rapidement offrir une protection pour les
systèmes concernés, les dispositifs de détection et de prévention des intrusions ont pu «
fournir une protection encore plus importante en bloquant les attaques au niveau des
paquets ». D’autant plus que les attaquants semblent avoir privilégié la carte de
l’exploitation distribuée de la vulnérabilité Heartbleed, rendant plus difficile la protection
par des pare-feux.
Source : Technologies de l’Information et de la Communication
 LA FRANCE
SE DOTE D ’UNE POLITIQUE GLOBALE DE SECURITE
TIC, 26 AOUT 2014
C’est par une circulaire datée du 17 juillet et signée du Premier Ministre que la France a
été officiellement dotée de sa première politique globale de sécurité des systèmes
d’information (PSSIE). Elaborée par l’Agence nationale de la sécurité des systèmes
d’information (Anssi), cette politique concerne tous les systèmes informatiques de l’Etat
et « chaque ministère est désormais responsable de [son] application ».
Le témoignage d’une situation préoccupante ?
Comme rappelé en préambule, la PSSIE doit contribuer à « assurer la continuité des
activités régaliennes [de l’Etat], prévenir la fuite d’informations sensibles, renforcer la
confiance des citoyens et des entreprises dans les téléprocédures. » Elle définit pour cela
1
un large éventail de mesures de sécurité en partant de dix principes dits « stratégiques
». La pertinence de certains d’entre eux n’est pas forcément évidente de prime abord –
« lorsque la maîtrise de ses systèmes d’information l’exige, l’administration fait appel à
des opérateurs et des prestataires de confiance » - quand d’autres conduisent à
s’interroger sur la posture de sécurité actuelle des systèmes d’information de l’Etat – «
tout système d’information de l’Etat doit faire l’objet d’une analyse de risques
permettant une prise en compte préventive de sa sécurité, adaptée aux enjeux du
système considéré » ou encore « les opérations de gestion et d’administration des
systèmes d’information de l’Etat doivent être tracés et contrôlées. »
La PSSIE prévoit l’adoption de systèmes d’authentification forte des agents, ainsi que
leur formation et sensibilisation à la cybersécurité. Et « les mesures techniques mises en
place par l’Etat dans ce domaine doivent être connues de tous. » Et l’on comptera sur
les administrateurs de systèmes pour « appliquer, après formation, les règles
élémentaires d’hygiène informatique. »
Sans surprise, les deux derniers principes fondateurs de la PSSIE disposent que les «
produits et services acquis par les administrations et destinés à assurer la sécurité des
systèmes d’information de l’Etat » doivent être labellisés par l’Anssi, et que les
informations considérées comme « sensibles […] sont hébergées sur le territoire
national. »
Quelle mise en pratique ?
La PSSIE donne trois ans aux administrations de l’Etat pour se mettre « en conformité
totale » avec ses dispositions. Et toutes les entités concernées – « ministères,
établissements publics sous tutelle d’un ministère, services déconcentrés de l’Etat, et
autorités administratives indépendantes » - devront « au premier janvier 2015 avoir mis
en conformité leur politique de sécurité des systèmes d’information et défini un plan
d’action », lequel devra indiquer « les mesures à prendre dans l’immédiat puis à court et
à long terme. » De quoi laisser une latitude significative aux « entités » concernées,
quitte à limiter au passage la portée réelle du texte.
Dommage car le point apparaît d’autant plus crucial que, selon le texte, la PSSIE «
s’adresse à l’ensemble des agents de l’Etat » et « énonce des mesures techniques
générales, qui constituent un socle minimal. » Dès lors, sa mise œuvre semble
largement dépendre d’efforts de sensibilisation et de formation qui devront
indubitablement être planifiés. Mais là, pas plus de précision quant au calendrier
attendu.
Et si, très logiquement, la PSSIE est conçue comme vivante et appelée à évoluer dans le
temps, elle pêche encore par l’absence d’échéancier fixant des rendez-vous réguliers
pour travailler à son évolution.
Source : Technologies de l’Information et de la Communication
2
 MOBILITE :
CROISSANCE FULGURANTE DES APPLICATIONS METIERS
TIC, 26 AOUT 2014
L’index de la mobilité de Good Technology pour le second trimestre montre une
progression fulgurante de l’utilisation d’applications métiers sur les terminaux mobiles.
Ainsi, si l’édition de document reste l’application la plus fréquente des terminaux
mobiles, les activations d’applications développées sur-mesure ont progressé de 25 %
en volume par rapport au premier trimestre 2014, chez les clients de l’éditeur. Et sur la
même période, les activations d’application de décisionnel ont enregistré une croissance
de plus de 200 %. Good Technology y voit le témoignage « des workflows interapplicatifs les plus avancés que déploient les entreprises pour mobiliser leurs processus
métiers ». Quant aux activations d’applications de CRM, elles auraient progressé d’un
facteur 7 d’un trimestre à l’autre. L’éditeur attribue cette évolution au lancement de sa
solution Good for Salesforce à la fin du second trimestre.
L’index de la mobilité de Good Technology montre par ailleurs une progression de
l’adoption d’Android dans les entreprises. Les terminaux fonctionnant avec le système
d’exploitation mobile de Google ont ainsi représenté 32 % des activations au cours du
second trimestre, soit 5 points de mieux qu’au trimestre précédent. Mais les terminaux
iOS ont toutefois représenté 67 % des activations. Reste que la base installée du
système d’exploitation Apple reste conséquente : les activations d’applications
d’entreprises ont concerné iOS à 88 %, au second trimestre.
Source : Technologies de l’Information et de la Communication
 ICT
MINISTRY NEEDS SH 930B FOR ITS INVESTMENT PLAN
TIC, 27 AOUT 2014
THE Information and Communications Technology ministry requires sh930b to build
enough capacity which will enable Uganda move at the same pace with the rest of the
world in the ICT sector. The ministry is drafting a five year strategic and investment plan
for the sector. This was revealed on Tuesday by the ICT minister John Nasasira while
appearing with his ministry team and state minister for investment Aston Kajara. “If we
want to move at the same pace with the rest of the world in the ICT industry, we need
to allocate sufficient funds to it. The thinking that the private sector will develop our ICT
is a farce,” Nasasira told the MPs. The minister explained that whereas Uganda invests
only 7.5m dollars in the sector, Kenya invests $123m every year in its ICT sector and
Rwanda gives it $40m. Nasasira said their ICT investment plan will require government
to allocate a minimum of sh186b every financial year to the sector. The minister also
protested proposals by the finance ministry to reduce the 2% ICT ministry share of
taxes levied on telecom companies to 1%. “I think we need to give priority to the ICT
ministry. The sector is on the drip and if you remove the drip, it can just collapse. Even
others agencies retain a share of revenue collected in their area,” Nasasira argued. The
3
minister also dismissed reports that his ministry had a surplus of sh80b on its fixed
deposit which MPs were using as a justification for reducing its share to 1%.
Budadiri West MP wondered why the completion of the national backbone optic fibre
project had delayed yet parliament had appropriated $106m for the project. In
response, the minister explained that the third phase of the project failed to commence
as it had been delayed because the Exim bank of China had not yet released the money.
MPs Franca Akello, James Kakooza, Joseph Ssewungu and Amos Lugolobi demanded for
explanation on why the ministry had failed to rein in on the telecom companies which
charging Ugandans illegal charges in form of dropped calls, and unsolicited messages.
Nasasira said they are working on more stringent Bills and guidelines which will enable
them to stop the companies from exploiting their customers. Explaining why they
wanted the percentage share of the ICT ministry to be reduced, the investment minister,
Aston Kajara, said, “It is our duty to raise revenue and distribute it to the various
sectors depending on government priorities at a time.” The committee chairman Robert
Kasule said, “The demand for sh186b by the ICT ministry will be debated. But from what
I know, government always have priorities in every given period of time and major
priority now is on infrastructure and energy sectors after which other pertinent sectors
like ICT will be given the priority they deserve.” Anthony Okello and Amos Lugolobi
argued that putting the money in the consolidated fund controlled by the finance
ministry would promote transparency and accountability. But Nasasira said the
argument was immaterial since the auditor general audits the ICT ministry departments
on how the revenue funds and other funds are utilized.
Source : Technologies de l’Information et de la Communication
 MEDIA
IN
LIFE :
LES CHIFFRES CLES DE LA TABLETTE
TIC, 27 AOUT 2014
Les Français allument plutôt leur tablette en fin de journée,
à partir de 17 heures. Le surf sur Internet reste le principal
usage de la tablette avec l'utilisation des moteurs de
recherche et la consultation des emails.
Médiamétrie détaille les usages de la tablette en France à partir des derniers résultats de
ses études : Media in Life, Home Devices et Web Observatoire. Près d'un foyer français
sur 3 est équipé d'une tablette et 10,3% des individus de 13 ans et plus ont au moins un
contact quotidien avec la tablette, un chiffre qui grimpe à 14,1% chez les CSP+ et
15,6% chez les 25-34 ans.
4
La tablette est un écran de la maison : 86,5% des contacts avec ce support se font à
domicile. Les Français allument plutôt leur tablette en fin de journée, à partir de 17
heures. Le pic d'audience du device auprès des CSP+ âgés de 25-49 ans est atteint
entre 21h30 et 22 heures avec 5% d'individus connectés, contre moins de 2% pour
l'ensemble de la population. Entre 21h15 et 21h30, 610 000 personnes sont à la fois en
contact avec le téléviseur et la tablette.
5
Le surf sur Internet (78%) reste le principal usage de la tablette avec l'utilisation des
moteurs de recherche (70%) et la consultation des emails (58%). La consultation de
recettes de cuisine est pratiquée par 43% des tablonautes.
La tablette a été intégrée cette année dans l'étude Media in Life de Médiamétrie. Dans
cette étude, un contact avec une activité média ou multimédia est associé à un 1/4h,
sachant qu'il peut y avoir plusieurs activités (simultanées ou non) associées à un même
1/4h. La période d'étude est le bimestre janvier-février 2014, sur la base de 4 666
panélistes, âgés de 13 ans et plus, qui ont renseigné un journal d'activité sur une
journée, en version papier ou digitale.
Source : Technologies de l’Information et de la Communication
 AUX USA,
PLUS DE LA MOITIE DU TEMPS MEDIA DIGITAL EST REALISE
SUR LES APPLICATIONS MOBILES
TIC, 27 AOUT 2014
60% de la consommation média digitale a été passée sur le
mobile aux Etats-Unis en juin dernier, selon Comscore. 52%
sur des applications, 8% sur Internet mobile.
Aux Etats-Unis, "the app majority" est atteinte cette année selon
"The U.S. Mobile App Report" de comScore, c'est-à-dire que la
majorité du temps passé sur les médias digitaux a lieu sur les applications mobiles.
En juin 2014, l'institut de mesure d'audience relève que la consommation mobile a
atteint 60% de la consommation média digitale, dont 52% via les applications et 8% via
les sites web. La part de l'ordinateur a chuté de 13 points en 15 mois, passant de 53%
en mars 2013 à 40% en juin 2014.
Les utilisateurs d'applis sur smartphones consacrent 42% du temps concerné sur leur
application favorie et 69% sur les 3 applis qu'ils utilisent le plus.
Les utilisateurs d'applis sur smartphone Android sont plus nombreux que ceux sur
iPhone (76,1 millions vs 62,6 millions) mais ils y consacrent moins de temps : 55
heures/mois vs 64 heures/mois. Leur profil est plus âgé.
Les usages les plus importants en termes de temps passé sont le social networking
(25%), les jeux (16%) et l'écoute de la radio (8%). Le top 5 des applications les plus
fréquentées est composé de Facebook, avec 115 millions de VU en juin dernier, devant
YouTube (83 millions), Google Play, Google Search et Pandora Radio.
6
Source : Technologies de l’Information et de la Communication
 L'EXPLOSION
DES OBJETS CONNECTES ET DES APPLIS SANTE
TIC, 27 AOUT 2014
Le marché de l'e-santé, ou santé mobile, qui inclut aussi les applications santé,
en croissance exponentielle, pourrait dépasser 20 milliards d'euros en 2017.
7
Balances intelligentes dans les salles de bains, bracelets «trackers» d'activité et montres
intelligentes au poignet, systèmes de sommeil pour veiller sur nos nuits… De plus en
plus d'objets connectés collectent des informations sur la forme et le bien-être des
individus. Certains jouent en direct sur les comportements. Les ceintures Lumo Back
vibrent pour signaler un dos mou tandis que les Américains portent des serre-têtes
connectés pour augmenter leur concentration. «Melon t'aide à scruter ton état mental,
ton comportement, tes émotions et te permet de t'améliorer», signale l'entreprise qui
distribue ces bandeaux.
D'autres objets visent directement la santé: glucomètres pour les diabétiques, brassards
tensiomètres ou pacemakers. Si l'on y ajoute les colliers mesurant le rythme cardiaque
et la consommation de calories des chiens ou encore le pilulier électronique permettant
de suivre la consommation de médicaments du patient, quelques dizaines d'objets
connectés s'installent dans l'univers du bien-être et de la santé.
Le marché de l'e-santé, ou santé mobile, qui inclut aussi les applications santé, en
croissance exponentielle, pourrait dépasser 20 milliards d'euros en 2017. Galaxy S5, le
dernier-né de Samsung, comporte ainsi un cardiofréquencemètre pour prendre son
pouls, la société Jawbone propose des applications pour bien s'alimenter, analyser son
sommeil ou pratiquer de l'exercice tandis que Google et Novartis développent ensemble
des lentilles de vue connectées pour les diabétiques… Autres cibles, les femmes qui
souhaitent tomber enceintes ou celles qui vont accoucher.
De 20.000 en 2012, les applications santé et bien-être sont passées à 100.000, dont
40.000 médicales, en 2013. «Ce marché évolue très rapidement», explique le Dr
Guillaume Marchand, président de DMD Santé, un site qui fait évaluer les applications
par des médecins et des patients. Beaucoup sont de qualité médiocre, estime DMD
Santé, qui n'a sélectionné que 504 applis sur 8000 passées au crible. Et les trois quarts
des applications ont beau être gratuites en France, les utilisateurs sont encore rares.
Une étude indiquait en mars que la moitié des applications sont désinstallées après une
utilisation.
Source : Technologies de l’Information et de la Communication
8
 LARGER IPAD HERALDS BLURRING AMONG APPLE DEVICES
TIC, 27 AOUT 2014
The lines are blurring among Apple AAPL +0.12% product categories.
Apple is preparing to release an iPad with a 12.9-inch screen in the first quarter of 2015,
according to Bloomberg. The Journal had reported earlier this year that Apple was
working on a larger-screen iPad with a screen slightly smaller than 13-inches, measured
diagonally.
Apple’s current iPads are 7.9 inches and 9.7 inches diagonally.
Apple declined to comment.
A larger iPad could push the tablet onto the turf of Apple’s Mac notebook computers,
with screen sizes from 11 to 15 inches. At the same time, Apple is expected to release
two new iPhones next month with larger screens, one of which is expected to come with
a 5.5-inch display, encroaching on the iPad Mini’s terrain.
In the past, Apple carved out clear functional differences among its products by screen
size. Apple positioned iPhones as devices for listening to music, making phone calls, and
sending emails. The Mac was a more powerful productivity tool for creating documents
and editing videos. The iPad rested between the two as a device well-suited for Web
browsing, flipping through photos and watching videos.
The blurring of those lines among its forthcoming products suggests that the company is
shifting to offer more choice among screen sizes within product categories.
9
Apple has said it expects the performance differences between mobile devices and
personal computers to disappear over time, leaving consumers to choose products based
on form factor and lifestyle.
Apple is also working on creating a more seamless experience among its products. For
example, it is building a feature called Continuity into its next mobile and PC operating
systems that allows users to start typing an email on the iPhone and resume on a Mac.
Source : Technologies de l’Information et de la Communication
 MULTICHOICE
LAUNCHES SINGLE VIEW
DSTV HD D ECODER
TIC, 26 AOUT 2014
MultiChoice has revealed its first HD single
view decoder, the DStv HD Decoder. The
decoder is set to replace the existing standard
definition single view decoder.
According to MultiChoice, the DStv HD
Decoder’s user interface is very similar to the
DStv Explora. The company also stated that
most functions can be performed from DStv
Central, accessed through the blue DStv
button on the remote control.
Mark Rayner, COO for MultiChoice South Africa said: “We recently made HD channels
available to all DStv customers with the necessary HD equipment. This decoder now
makes those HD channels more accessible. High definition creates a far superior
television viewing experience in terms of picture quality and the Dolby Digital 5.1
surround sound adds a new dimension to the audio experience. The DStv HD Decoder
will open up a new world for many DStv customers.”
The decoder is XtraView capable and can be paired with selected XtraView compatible
decoders (excluding the SD PVR). MultiChoice has also revealed that the DStv HD
Decoder will be available at R499 without installation or R799 with installation.
Source : Technologies de l’Information et de la Communication
10
 GOOGLE B UG
IN
SEARCHES SPURS TALK
OF
HACKING
TIC, 26 AOUT 2014
A software bug disrupted some Google Inc. GOOGL -0.46% searches for roughly eight
hours early Tuesday, displaying multiple images of what appeared to be a car crash in
Russia and sparking speculation that Google had been hacked.
The image displayed in response to many searches showed a badly mangled car near a
sign that says "stop" in Russian. It wasn't clear if the image had been altered. It didn't
appear on every search.
The episode sparked speculation that the world's most popular search engine might have
been infiltrated by hackers trying to spread propaganda related to the fighting in Ukraine
between government forces and pro-Russian rebels.
Google later apologized for the problem and said it had been fixed. A person familiar
with the matter said the problem was caused by a software bug inside Google.
The problem may have been caused by an update to one of Google's search algorithms,
which control how queries are answered and results presented, according to Gabriel
Weinberg, CEO and founder of search engine DuckDuckGo.
Mr. Weinberg doesn't know how Google's search engine works. However, he said that
test queries for updates to search algorithms can sometimes remain inside the software
code when the update takes effect. In that case, different search queries can produce
the same result repeatedly, Mr. Weinberg explained.
This happened once during a DuckDuckGo update in the past and it took a few hours to
fix, Mr. Weinberg said.
The image of the car crash appeared in several areas of Google search results on
Tuesday morning. When searching Google for "Emmys," for example, the image was
included in the cluster of news stories. If a user switched the filter to "images," the crash
image appeared to endlessly repeat after a few legitimate results.
People speculated on various social media forums about the cause of the problem, and
whether anyone else was seeing it. The Google dashboard that monitors outages and
disruptions to its apps and services showed no signs of a disruption related to the
image.
"Everybody is confused about how this could happen on such a large scale," said A.J.
Ghergich, founder of Ghergich & Co., a search-engine marketing agency. "How does the
largest search engine in the world roll out an update and not notice that 90% of image
search results show a car crash in Russia?"
Mr. Ghergich tested the problem on Tuesday by searching for "puppy" images on Google
and got mostly the car crash photo. He said the fact that the glitch disrupted searches in
11
many countries at the same time made it less likely the result of a hack, because Google
search queries are handled by data centers in different regions of the world.
Source : Technologies de l’Information et de la Communication
 KENYA
TO BENEFIT FROM
SH44B SAP
INVESTMENT IN
AFRICA
TIC, 21 AOUT 2014
Global business software firm SAP has announced a seven-year $500 million plan to upskill local African talent and drive sustainable innovation and growth in Africa. Kenya will
be among the key beneficiaries of the investment along with four other core countries;
South Africa, Nigeria, Angola and Morocco.
The announcement comes on the back of an impressive double-digit growth rate
momentum for SAP Africa where the company serves 1,300 customers across 51
countries.
The investment will focus on accelerating industry growth in energy and natural
resources, utilities, public sector, financial service and telecos in the core countries.
Speaking at the launch of the growth plan, Robert Enslin, member of the Executive
Board of SAP SE and president of Global Customer Operations said the Board strongly
believes that it is the right time for SAP to increase engagement and commitment in
Africa.
12
“SAP’s additional investment in the continent reflects our vision to help the world run
better by delivering leading-edge innovation. In Africa, we plan to engage and invest in
even more markets while helping build the appropriate talent base for the IT industry
and support our customers and partners by actively contributing toward crucial
technology and business skills-sets and new employment opportunities in Africa,” said
Enslin.
A significant amount of human resource investment will go to SAP’s Skills for Africa
Programme. Kenya hosted the pilot programme which saw 67 IT graduates earn SAP
certification and all secured employment with partners and SAP.
Pfungwa Serima, CEO SAP Africa said the Skills for Africa Programme will be extended to
other parts of Africa.
“The launch of additional Skills for Africa Scholarship Programme sessions in South
Africa, Kenya, Nigeria and Angola by year end will foster an open business ecosystem of
SAP-qualified consultants to execute on various projects. This follows on the heels of the
announcement last year of SAP Africa’s skills development agreement with the World
Bank,” added Serima.
Kenya will also benefit from the company’s Emerging Entrepreneur Initiative which has
been on-going in South Africa. SAP selected Kenya as the next market for the initiative
due to the strength and potential of the Kenyan market to grow and support a thriving
entrepreneur ecosystem.
East Africa SAP MD, Andrew Waititu, expressed confidence that Kenya, and the region
will continue to grow by providing innovative solutions for public service, utilities and
SMEs.
“Innovative technologies such as mobility and the cloud are among the fastest growing
IT segments and are already having a significant impact on businesses’ ability to grow
and innovate,” said Mark Walker, director: Insights and Vertical Industries, IDC Middle
East, Africa and Turkey, IDC.
Source : Technologies de l’Information et de la Communication
13
 SAP
UNFOLDS PLAN TO INVEST
$500M
IN
NIGERIA,
OTHERS
TIC, 19 AOUT 2014
Electronic commerce, initially a consumer
market phenomenon, is becoming firmly
entrenched in the corporate space. The
emergence of cloud-based treasury solutions
and the digitisation of trade flows represent
step changes in treasury and trade finance.
Combined, digitisation and cloud technology
have the potential to transform the way
market participants communicate and transact
with each other.
Business is happening between corporates in
an increasingly digital way, says André Casterman, Head of Corporates and Supply
Chain, SWIFT. “The digitisation of corporate trade flows has come a very long way and
now even the most difficult to digitise processes are being transformed.”
Cloud-based treasury solutions are transforming corporate treasuries. The amount of
treasury time and effort required to manage a cloud-based solution is lower and
implementation timelines are shorter. Corporates that previously could not afford
standalone solutions from the main treasury systems vendors now find new capabilities
have opened up to them. The subscription based pricing of cloud solutions also offers
significant cash flow advantages for these corporates when compared with the large upfront capital cost of a software licence for a standalone system. As a result, a new
segment of corporates can afford to improve their treasury processes by using purposebuilt treasury management solutions.
At the same time, ecommerce and electronic invoice hubs, which enable businesses to
communicate with each other digitally, have proliferated. Such platforms connect buyers
and suppliers around the world, enabling manufacturers, wholesalers and exporters to
discover trade opportunities. At present the market is diverse, ranging from very large
business-to-business hubs through to hundreds of smaller, country-specific or niche
industry hubs. Many of these hubs are also based on cloud applications and services.
The digital supply chain
The combination of cloud technology and hubs has set the scene for a new, digital era of
the supply chain. The supply chain finance (SCF) market – the term used by banks to
refer to approved payables financing or early payment services – has grown significantly
during the past five years. The now widely available SCF solutions offered by banks and
non-bank technology providers have been built on the fact that buyers and sellers wish
to work collaboratively, where both parties gain advantage, as large buyers aim to
support their suppliers’ working capital needs.
14
“Accelerating the lifecycle of trade transactions enhances the attractiveness of both the
buyer and seller as it mitigates risk in international trade while also enabling
improvements in payment terms. Banks also stand to benefit from lower costs and
reduced operational risks associated with the manual processing of LCs,” André
Casterman adds.
“We have seen a trend lately that banks and corporates are beginning to adopt trade
finance messages to communicate with each other and further automate their trade
finance activities,” notes Yves Smeyers, Principal Consultant, SWIFT.
Typically buyers facilitate early payments to their suppliers via one of their banking
partners. Buyers therefore approve invoices as early as possible in the process in order
to maximise the financing opportunity for suppliers in need of working capital.
SCF services also validate the fact that banks are ready to extend financing to their
clients using electronic and automated transaction flows as they have done in payments
and cash management services for more than 20 years.
The digitisation of the supply chain is well illustrated by the transformation of one of the
most manual processes in world trade – the bill of lading. The document, issued by a
carrier, contains details of a shipment of merchandise and gives title of that shipment to
a specified party. Bills of lading are important documents used in international trade to
help guarantee that exporters receive payment and importers receive merchandise.
Organisations such as essDOCS and Dubai Trade have been involved in the digitisation
of bills of lading, working with the freight forwarders that issue them. Because electronic
bills of lading are legally and functionally the same as paper bills of lading, they are
ideally suited for automated handling by bank systems.
The automated handling is made possible via another new digital trade instrument, the
Bank Payment Obligation (BPO). An alternative means of settlement in international
trade, the BPO provides the benefits of a letter of credit (LC) in an automated
environment. Importantly for banks, it offers the possibility of intermediation earlier in
the supply chain by offering risk mitigation and financing services.
A BPO is an irrevocable undertaking given by one bank to another bank that payment
will be made on a specified date after a specified event (such as delivery of goods) has
taken place. The specified event is evidenced by a match report that is generated by
transaction matching applications (such as SWIFT’s Trade Services Utility). BPOs can be
incorporated into matching applications through a buyer’s bank or a third party bank.
The BPO is due when data is accurately matched or when all financial institutions
involved in the transaction have accepted any mismatches or discrepancies.
This process results in a fully electronic alternative to the letter of credit (LC), which will
enable efficiency gains, working capital reduction and cost saving. This electronic
alternative can be processed in a much shorter time than traditional, paper-based LCs –
15
estimates are as low as 10-15 days. Reduced processing times result in significant cost
savings: Brazilian mining company Vale estimates that a combination of electronic bills
of lading and BPOs is saving it $37 million per year on its exports of iron ore to China
alone.
Accelerated cash flow through the faster collections made possible by the BPO can
reduce days sales outstanding (DSO) by 50-65%. Furthermore, operational costs can be
reduced from 10-30% as fewer full time staff are involved in the preparation of paper
documents. Finally, liquidity can be more rapidly released from the financial supply chain
to boost working capital and banking fees can be reduced by up to a half as handling
fees are reduced.
Risk management benefits of automation
The cost savings that result from combining electronic bills of lading with the BPO are
attractive, but Casterman adds there is an even greater benefit: “Accelerating the
lifecycle of trade transactions enhances the attractiveness of both the buyer and seller
as it mitigates risk in international trade while also enabling improvements in payment
terms. Banks also stand to benefit from lower costs and reduced operational risks
associated with the manual processing of LCs,” he says.
The adoption rate of BPOs is steadily increasing, but it is likely use will be predominantly
for ongoing and recurring trade flows where some level of trust has been already
established between the counterparties. Industries such as commodities, electronics and
retail, which have established trade flows between suppliers and buyers, will represent
the greatest opportunity for growth. Cloud solutions and digitised trade flows require
economies of scale to really flourish – the more banks that issue BPOs, the more
correspondent trade relationships will become electronic and therefore the more trade
transactions can become electronic.
“The automation of the supply chain is not solely about technology; it is an area that
also requires collaboration between all of the parties involved in trade,” says Casterman.
“The development of the BPO has proved that the industry can come together to solve a
problem and that as a result, everyone stands to gain.”
Standards have played an important role in this collaboration as they facilitate
competition between commercial offerings while enabling those offerings to interoperate.
In supply chain finance, banks have developed new legal and technology standards to
address interoperability challenges and to grow the size of this emerging market.
Another automation trend, based on standards, is emerging in the corporate-to-bank
space, says Yves Smeyers. Increasingly, corporates and banks are adopting the trade
finance messages to communicate with each other. “Most of the message flows between
corporates and banks are payments and cash management series,” he says. “However,
we have seen a trend lately that banks and corporates are beginning to adopt trade
16
finance messages as well to communicate with each other and further automate their
trade finance activities.”
Source : Technologies de l’Information et de la Communication
17