Uptick in treasurers mulling bank APIs in wake of Ukraine conflict: FinLync

FinLync last week fielded a surge of calls from corporate treasurers and other financial executives exploring the use of its bank application programming interface (API) offering as a means of avoiding future disruptions to their operations in war-torn countries like Ukraine.

“Where normally our sales people are primarily focused on outbound communications ... they've really been attempting to manage the inbound side of things,” Mitchell Thomas, head of FinLync’s solution engineering-North America, said in an interview Friday. He said the war in Ukraine appears to have raised financial executives' awareness around the potential uses of the technology to mitigate their risks in volatile markets.

FinLync’s bank API system allows corporate users to communicate with banks globally and check their balances in real time rather than periodically throughout the day or using end of day balances. That capability enables companies to more carefully limit the level of funds they keep in an account, reducing exposure to a volatile country like Russia or Ukraine, while also maintaining operations, he said.

Companies are "really trying to minimize the funds they have at risk,” Thomas said. “So they want to know what inflows they have coming in and what outflows they have going out. Up until the point where things totally shut down the companies still have to operate in the country, so it’s really a matter of knowing, 'What level of liquidity can I be certain of still being able to operate at without leaving too much on the table if everything shuts down and I can no longer get money out?'”

Swift scramble

An additional benefit is that the API system has a direct connection to the banks that does not depend on the embattled Swift system, he said. Controlled by an international consortium of banks, Swift allows financial institutions to alert each other to cross-border money transfers, though it isn’t itself the conduit for sending money. This weekend a coalition of some of the world’s richest nations joined together to impose their first Swift sanctions against Russia over its invasion of Ukraine.

“If you’re relying on Swift and a bank is removed from Swift, that’s where these corporations are really scrambling,” Thomas said. By contrast, companies using the API system could check bank balances and send money domestically so long as the Internet is still operating, he said.

Beyond their value at a time of geopolitical risk, bank APIs have grown popular in recent years. They're useful for a company’s treasury function because they give CFOs and their treasury teams access to the most up-to-date, accurate version of their financial data, fully integrated into one solution. That enables the team to focus on strategy rather than execution, but they do come with risks and vulnerabilities. For example, API keys that control access to private information can give broad, unrestricted access to read/write information.

Right now it's especially important for executives to take precautions when considering new API systems, as the threat of cyber attacks has risen to an “all hands on deck type of security situation,” according to Rob Sobers, chief marketing officer for the data security company Varonis. Companies should make sure that any new API vendor can provide security and compliance reports as proof of the controls they have, he said. Given the scope of the crisis unfolding globally, Sobers expects more companies may begin considering new technology in the coming weeks to address concerns that are emerging. “I could see some companies saying, 'Lets use anything at our disposal to make sure we have access to our funds,’” Sobers said.