Enhancing business control with multi-user authorisation

Strengthening payment security while improving oversight and control with customisable multi-user authorisation rules for businesses.

–

Robust controls are essential in all areas of a business, especially when managing finances. With multi-user authorisation, businesses can minimise their exposure to losses caused by processing errors or malicious intent while also streamlining financial processes.

But what exactly is multi-user authorisation?

It’s a system that allows multiple individuals within a business to have varying levels of access and control over payments and accounts. For example, one person may set up a payment to a beneficiary, but it would require approval from their manager or financial controller before being processed. Businesses can configure these controls based on their risk thresholds, determining the payment values that require authorisation, the number of approvals needed, and the seniority of those who can authorise payments.

In this blog post, we explore how Fire’s multi-user authorisation feature enhances control for businesses – making payment processes more secure and efficient – and how businesses can utilise it to realise these benefits.

Benefits of multi-user authorisation

Implementing multi-user authorisation provides businesses with greater control, security, and efficiency in managing payments. Below, we explore the key benefits of multi-user authorisation and how Fire helps businesses define clear approval workflows and assign responsibilities across teams, reducing risks while improving operational efficiency.

Enhanced security and granular control

The key benefit of multi-user authorisation is the increased level of control it provides to a business. By segregating duties across staff and teams and setting payment value thresholds for when multiple approvals are required, a business can significantly reduce the risk of fraud, misdirected payments, or even mistyped payments.

Improved efficiency

Multi-user authorisation can also improve the efficiency of a business’s workflows. It enables the delegation of tasks in a workflow, allowing for a smoother and faster payment flow. The delegation of tasks, combined with the segregation of duties, allows for this increase in efficiency without sacrificing control.

Increased accountability

Multi-user authorisation allows for increased accountability across an organisation. It creates a clear audit trail, making it easier to track who initiated and approved each payment, building transparency and accountability throughout the payment process.

Fire’s multi-user authorisation feature

Our multi-user authorisation feature is multifaceted, allowing businesses to manage access through a combination of user roles and authorisation rules. By integrating these controls, we provide businesses with the flexibility to tailor their security settings to their risk appetite, ensuring their payments and accounts remain secure at all times.

Defining user roles for secure and efficient account management

With a Fire business account, businesses can assign one of six user roles based on the appropriate level of access for each individual. The available roles are the following.

Administrator

An Administrator has full access to the account, including financial transactions and user management. They can add new users, modify roles, oversee all payment activities, and create API credentials or add an API application. Typically, this role is ideal for those responsible for setting financial policies and overseeing the organisation’s payments and accounts and security settings, such as business owners, CFOs, financial controllers, and senior finance managers.

Full User

A Full User has complete access to the business account, but cannot add or manage users and does not have access to API applications. Typically, this role is ideal for finance professionals who oversee transactions, generate reports, and ensure smooth financial operations without managing user permissions, such as finance managers, senior accountants, and operations managers.

Payment Only User

A Payment Only User can process payments to existing payees but cannot create new payees. They can also generate payment requests using Fire’s open banking payments service. This role ensures that payments are made efficiently and only to trusted beneficiaries while maintaining security by restricting the ability to add new ones. It is particularly useful for accounts payable specialists, payroll managers, and finance assistants.

Payee Management User

A Payee Management User can review account data and create new payees but cannot make payments. This role is suitable for employees responsible for procurement, onboarding suppliers, managing vendor details, or ensuring the accuracy of payment information. It allows them to set up payment recipients but not to authorise payments.

Card Only User

A Card Only User is limited to using their assigned debit card for transactions and can review only the transactions associated with their card. This role is ideal for employees who need debit cards for expenses, such as sales representatives, travel managers, or office administrators, but should not have broader access to the company’s financial accounts.

Read Only User

A Read Only User has access to review account data but cannot make payments or modify settings. This role is useful for individuals who need visibility into transactions, balances, and reports without the ability to make changes or initiate payments. For example, this could include auditors, compliance officers, and business analysts.

–

–

By utilising the different user roles and their unique permission sets, a business can ensure the segregation of duties across its finance teams or individuals. For example, in accounts payable, a Payee Management User can be assigned the responsibility of verifying payee details, while a separate Payment Only User handles payment processing. This separation of roles effectively mitigates risks such as internal invoice redirect fraud and mistyped payee details.

Read more about how this service helps businesses like Tirlán enhance control over payment disbursements to distributors.

Customisable authorisation rules to enhance user roles

Building on enhanced controls provided by the roles described above, businesses can further enhance control through customisable authorisation rules. The available authorisation rules include:

• Authorisation management – Defines the minimum number of administrators required to approve the creation or modification of an authorisation rule.
• Bank transfer authorisation – This introduces granular payment thresholds, requiring additional approvals from designated user roles for payments exceeding specified limits.
• Payee creation authorisation – This specifies the minimum number of users across designated roles who must approve the creation of a payee before any payments can be sent to them.

By strategically combining user roles and authorisation rules, finance managers can effectively delegate payment processes across their teams while maintaining strict control and oversight of an organisation’s payments and accounts.

For example, a team may include multiple Full Users who can create payees and initiate payments to creditors and suppliers within a payment run. However, if the business requires that all payments receive Admin authorisation, no payments will be sent until the Admin reviews and approves the payment run. This ensures that even with delegated responsibilities, the manager retains final authority and control over all financial transactions.

Multi-user authorisation is a service that benefits businesses of any size and industry. It is especially important in regulated sectors such as finance, insurance, and acquiring, as well as in large organisations with extensive financial teams, where auditing and oversight are not just business decisions but essential to operations. Our approach to multi-user authorisation is designed to meet these requirements while ensuring a simple, seamless payment journey for businesses.

Technical background

For security purposes, only Admin users can create and modify multi-user authorisation rules. The criteria and configuration options for these rules may vary slightly depending on the specific rule.

Fire’s way of segregating permissions provides businesses with granular control over payment approvals through configurable thresholds, multi-tiered approvals, and role-based restrictions. By setting monetary thresholds, organisations can streamline low-value transactions while requiring additional review for high-risk payments. Enforcing multiple approvals and restricting authorisation rights to designated roles, such as Admins and Full Users, enhances security and ensures proper oversight. This flexible approach enables businesses to align payment processes with their risk management and operational requirements, helping to mitigate fraud, reduce errors, and enforce internal policies effectively.

Actionable advice for maximising multi-user authorisation

When it comes to payment workflows, control and efficiency must work in tandem. To achieve this, we’ve gathered four key areas of practical advice that you can apply to better leverage Fire’s multi-user authorisation feature.

Be strategic with role assignments.

• To implement effective segregation of duties, businesses can leverage the various user roles available within Fire’s multi-user authorisation system. By assigning specific responsibilities to these roles, companies can create a clear division of tasks that helps mitigate the risk of fraud and errors.
  For instance, businesses can assign the responsibility of payee creation to Payee Management Users and the initiation of payments to Payment Only Users, ensuring that each step in the payment process is handled by different individuals, further strengthening security and accuracy in financial transactions.
• To tailor roles to your business’s specific needs, it is essential to carefully assess the access levels required for each employee and assign roles accordingly. This approach ensures that individuals have the appropriate permissions to carry out their responsibilities without being granted excessive control over areas outside their scope. By aligning roles with specific tasks and requirements, businesses can maintain tighter security while enabling employees to work efficiently within their designated areas of responsibility.

Leverage customisable authorisation rules.

• To implement Bank Transfer Authorisation Thresholds, set appropriate monetary limits that require secondary approvals for high-value transactions while streamlining low-value payments. This approach helps balance security and efficiency, ensuring that larger payments are reviewed carefully without slowing down the processing of smaller, routine transactions.
• Utilise Payee Creation Authorisation by requiring multiple approvals for the creation of new payees. This provides a layer of security by ensuring that only trusted payees are added before payments are made to new beneficiaries.
• Implement Authorisation Management rules to protect the integrity of your authorisation system by requiring admin approval for any changes to the rules. This adds an extra layer of security, ensuring that modifications are made with proper oversight.
• Combine roles and rules by designing workflows that integrate both user roles and authorisation rules for optimal control. For instance, allow Payment Only Users to initiate payments, but set the Bank Transfer rule so Admin approval is required for transactions above a certain threshold, ensuring security while maintaining efficiency.

Enhance your security and accountability.

• Maintain clear audit trails by leveraging the audit trail feature in your Fire account to track all payment-related activities. This ensures transparency over your payments and accounts, accountability, and easy access to historical data for review or compliance purposes.
• Reduce fraud risk by implementing multi-user authorisation. This approach helps businesses significantly lower the chances of internal fraud, misdirected payments, and data entry errors, ensuring greater security and accuracy in payment processes.

Streamline your payment workflows.

• Delegate tasks effectively by assigning payment-related responsibilities to the appropriate users. This improves efficiency and reduces bottlenecks, ensuring smoother and more streamlined payment processes.
• Ensure smooth payment flow by designing workflows that minimise delays while maintaining the necessary controls. This balance enhances efficiency without compromising security.

Ongoing improvements to Fire’s multi-user authorisation feature

We are continuously working on our product to ensure we provide a best-in-class solution for our customers. We are exploring ways to enhance our multi-user authorisation feature to reduce unnecessary friction in the payment processing journey, such as by incorporating trusted payees or setting varied payment thresholds on an individual payee basis. Additionally, we will roll out new rules covering services like new user creation and API creation.

Strengthening security and efficiency

Multi-user authorisation is a vital tool for businesses aiming to enhance financial security, improve operational efficiency, and ensure strong accountability. By strategically leveraging user roles and customisable authorisation rules, organisations can effectively mitigate fraud, streamline payment workflows, and maintain rigorous oversight. Fire’s multi-user authorisation feature provides granular control and flexible configuration, allowing businesses of all sizes to tailor payment processes to their specific risk profile and operational needs. By following best practices, such as implementing segregation of duties, setting appropriate authorisation thresholds, and maintaining detailed audit trails, businesses can fully unlock the benefits of multi-user authorisation. Adopting these measures not only safeguards financial assets but also fosters a culture of transparency and trust, contributing to long-term stability and efficiency.

To learn more about how we can collaborate and help streamline your payment processes while enhancing control for your business with our suite of payment services and multi-user authorisation, reach out to our sales team at sales@fire.com.

For our existing customers, our support team is also available at support@fire.com to assist with any questions.