29
The current EB structure consisted of numerous
CitiDirect instances, each with their own
security managers responsible for user profiles
and entitlements. Whilst this previously served
Honeywell well, this decentralized approach had
become more challenging due to:
• Lack of visibility over how instances and user
entitlements are controlled and managed
• No uniform process for user management and
maintenance
• Poor oversight by some entities resulting
in shared used of tokens and lack of timely
updates following staff departures
• In some cases, security managers themselves
not being the original appointees
These issues posed an unacceptable security
and control risk and potentially operational risks
necessitating an overdue and urgent overhaul.
The Solution
Honeywell treasury’s EB rationalization project
coincided with a broader finance centralization
project focused on migrating processes to
Honeywell’s SSCs requiring close coordination
and support, impacting over 1,000 existing EB
users across Asia.
The key areas of focus were:
• Application for new tokens
• Role transfer/Resignation
• User maintenance
• Security manager maintenance
For each process, comprehensive flow charts
were prepared highlighting functional roles and
responsibilities together with RASIC chart
(“Responsible”, “Approving”, “Supporting”,
“Informed” and “Consulted”) so that optimal
processes could be agreed upon as a basis for
future proofing core processes.
Existing group bank accounts were reviewed
and mapped to one of the only three instances
deemed optimal, depending on users’
requirements:
• ‘View Only’ across all bank accounts, primarily
managed by the treasury
• ‘Transaction Initiation’ to manage AP (i.e. non-
payroll, trade-related payments handled by
SSCs, managed by AP)
• ‘Payroll’, managed by HR given the
confidentiality of payroll information
As part of this process and in collaboration with
Citi, existing instances and active functions were
checked including Ordering Party Name, Import
Profile, Pre-format Templates and then copied
into the new instance, while treasury created
other specific functions for their use.
All group bank accounts are now being migrated
to one of these three instances based on user
requirements. Security managers for the first
two instances were appointed from treasury,
with HR security managers managing the third
instance. User profiles and entitlements have
been cleansed with replacement tokens, issued
under the new instance to which they have been
assigned. Once migration is complete, and
rigorous performance testing ensures
everything runs smoothly, all legacy instances
will be deactivated.
The Result
Of the initiatives outlined, newly designed
process flows have been implemented, the
rationalization of instances is well-advanced,
thus providing immediate benefits to Honeywell
by enhancing process controls and significantly
reducing the risk of unauthorized access and
fraudulent transactions. The benefits of the
enhanced operational processes are:
• Controlled access to EB
• Maintaining a current list of users and
security managers
• Enhanced security managers’ understanding
of their ongoing responsibilities
• Simplified EB architecture
Furthermore, as part of the revamped process,
an annual review of all EB users will be
conducted by each security manager.
With no external consultants used, the
collaboration between Honeywell and Citi has
been exemplary, with direction helping to drive
change across the complexity of existing
processes to deliver operating efficiencies and
best-in-class outcomes.
As part of this
process and in
collaboration
with Citi, existing
instances and
active functions
were checked
and then copied
into the new
instance, while
treasury created
other specific
functions for
their use.
Asia Pacific Sector Insights
| Honeywell
