In 2004, AFP released the AFP Manual of Treasury Policies: Guidelines for Developing Effective Control, in response to requests from members for sample policies they could adopt for their organizations. In its research, AFP ultimately found that many organizations lacked formal written policies, or had not updated their policies in years.
Since that time, as the corporate treasury function has risen in prominence within most organizations, formal policies have become much more prevalent, and are updated more frequently. Indeed, with recent advancements in technology, as well as rapidly escalating threats like data breaches and payments fraud, it is imperative that treasury policies need to be kept current. However, treasury departments must also take into consideration that policies need to be broad enough so that updating is limited to only major needs.
“You want to write your policies and guidelines to help protect the company and provide people with the basis of interpretation and how to handle situations—how to handle what to do and what not to do,” said John Nielsen, treasurer for Henniges Automotive. “Given that we're in an environment now where technology is rapidly changing, the perspective that I would take is that when you write a policy, if you go into the nth detail, it can open you up to new risk.”
Jennifer Dale, CTP, assistant treasurer for Sprint, noted that many companies of similar size to hers still don’t have formal policies. But for perspective, having a policy is very helpful. “I don't think it's 100% necessary, but from a control perspective, it's nice to have that document to fall back on,” she said. “If anything, you have no gray area when you have a policy.”
Establishing and Writing Policies
Nielsen cautions against being too specific when creating policies because that can result in people looking for loopholes to work around certain standards. And again, with technology advancing, there could be big changes that are coming—though not necessary in all aspects of treasury. “For example, policies around payment systems are the types of policies that you should be looking at yearly,” he said. “But maybe you don't have to look so much at your cash management policy or an overall treasury policy so often. Still, you should be at least looking through it and making sure that there's nothing in there that needs to be updated.”
When crafting policies, one of the biggest challenges that treasury teams can face is trying to determine how much needs to be ironed out at the start. Many treasury organizations try to capture everything at the outset so that they don’t have to frequently refresh their policies. The problem is that there’s only so much you can predict about the future. “One of the hardest things that people have in writing policies is you think, ‘Well, okay, if I write this policy now, what happens when we get a better handle on Same Day ACH? Should I start to write some stuff in there now? No… I'm just going to wait another two months to do this until I find out a little more,’” Nielsen said.
All too often, however, that day never comes because treasury practitioners either get busy with other tasks or don’t want to acknowledge that policies may need to change over time. “I think that is part of the problem; people get scared of just moving forward and putting a marker in the sand and saying, ‘You know what? I'm okay with having to update and refresh my policies,’” Nielsen said.
Establishing policies also depends largely on support from senior leadership and how the delegation of authority works within the organization. For example, at Henniges, both Nielsen and the corporate controller are responsible for a number of the policies, because they revolve around the controls of the organization. He noted that if both parties agree to a policy change, the CFO is highly likely to sign off on it. “If we get together and we're fine with things, the CFO will perceive it as, ‘Go ahead; get it rewritten and put it out on our intranet. Send a message out to the people that need to know and say that we've got an updated policy, and here's the section that has changed,’” he said.
In contrast, some treasury organizations must go to the board of directors every time they make policy changes. Needing that kind of constant approval can be quite onerous. “And really, your board of directors isn't supposed to be your operational know-it-all,” Nielsen said. “They're supposed to be strategic. Maybe it’s appropriate for certain treasury policies like foreign exchange or risk hedging, because then you're dealing with the strategic direction of the company. But a lot of your other policies shouldn't have to go all the way to the board for approval.”
Communicating your policy to your staff can also be a challenge. Unless you are part of a large, multinational company, treasury is generally a skeleton crew, and it may be difficult to build out time to talk to your team members about your policies. “We’re a $5 billion company, but I just literally have five people doing different things, including capital markets activity,” said Jim Gilligan, CTP, FP&A, assistant treasurer for Evergy Inc. “So it's a challenge to find time to sit down and talk with people.”
However, communicating these policies is a necessity when you bring new people on board, because you need them to understand how treasury does things, and why. “You can't just bring somebody in and expect them to know everything in a relatively short period of time,” Gilligan added. “This is a complicated world that we live in, and understanding treasury’s role is overwhelming for a lot of people, especially if they get turned over in a position quickly.”
For more insights, download the AFP Treasury in Practice Guide, How Strong Policies Support Best Practices in Treasury, underwritten by Kyriba.