From Treasury Masterminds
For years, treasury has treated payments as infrastructure. Stable, predictable, mostly handled by banks and systems in the background.
That era is ending.
What used to be a relatively straightforward process, send a payment, reconcile it, move on, is turning into a complex, fragmented, and risk-heavy domain. Three forces are driving this shift: fraud evolution, multi-rail payments, and increasing regulation.
Individually, each trend is manageable. Together, they are reshaping how treasury operates.
1. Fraud Has Moved Upstream (and Got Smarter Than Your Controls)
Payment fraud is no longer about hacking systems. It’s about manipulating people and processes.
We’ve moved from phishing emails to business email compromise (BEC) to AI-driven impersonation and deepfake fraud
The uncomfortable reality is that many treasury controls were designed for a different type of threat.
Callback procedures, segregation of duties, and approval hierarchies still matter. But they assume that:
- identities can be trusted
- communication channels are reliable
- Humans can detect something “off”
All three assumptions are now questionable.
At the same time, instant payments are removing reaction time entirely. Once a payment is sent, it’s gone. No recall window, no investigation buffer.
So fraud has shifted from technical breaches to process exploitation
What this means for treasury:
Fraud controls must move before the payment is created, not after it is approved. The real control point is no longer the payment file, it’s the data and decisions that feed it.
2. The Rise of Multi-Rail Payments (More Choice, More Problems)
The payments landscape is fragmenting fast.
Where treasury once relied on a limited set of rails, typically bank transfers and maybe cards, we now see:
- SEPA Instant
- traditional SEPA / SWIFT
- wallets and local schemes
- API-driven payments
- emerging alternatives (including stablecoin-based rails)
On paper, this is progress:
- faster payments
- better user experience
- more flexibility
In reality, it introduces a new layer of complexity.
Each rail comes with:
- different cut-offs (or none at all)
- different fraud risks
- different reconciliation logic
- different costs
- different regulatory requirements
And increasingly, geopolitics is influencing infrastructure choices. Europe is actively pushing alternatives to non-European schemes, meaning treasury may need to support parallel ecosystems.
What this means for treasury:
Payments are no longer a single pipeline. They are a portfolio of rails.
The key question is no longer:
“Can we make the payment?”
But:
“Which rail should we use, and what risk does that introduce?”
That requires governance, not just execution.
3. Regulation Is Catching Up (and Adding Pressure)
If fraud is accelerating and payments are fragmenting, regulation is doing what it always does: trying to catch up.
In Europe, this is visible across multiple initiatives:
- PSD3 / PSR, tightening fraud liability, access, and control requirements
- Verification of Payee (VoP), introducing mandatory name checks
- Instant payment regulations, pushing 24/7 availability
- Increased focus on AML, safeguarding, and transparency
The direction is clear:
- more protection for payers
- more accountability for providers
- more standardisation across the EU
But for corporates, this doesn’t simplify operations.
It adds:
- more compliance requirements
- more exceptions (e.g. name mismatches in VoP)
- more dependency on bank and PSP capabilities
What this means for treasury:
Regulation is no longer just a compliance topic.
It directly impacts payment operations, data quality, and process design.
Where These Trends Collide
Individually, fraud, multi-rail payments, and regulation are manageable.
The real challenge is where they intersect.
- Instant payments + fraud → less time to detect and react
- Multi-rail + regulation → inconsistent rules and controls across channels
- Fraud + regulation → shifting liability and higher expectations on controls
This creates a new reality:
Payments are no longer a back-office process.
They are a front-line risk domain.
The Shift Treasury Needs to Make
Treasury doesn’t need to become a fraud department or a payment architect overnight.
But it does need to evolve in three keyways:
1) From execution to control design
Stop focusing only on processing payments.
Start focusing on how payments are initiated, validated, and approved.
2) From single-rail thinking to rail governance
Define:
- when to use which rail
- what controls apply per rail
- how risks differ across rails
3) From reactive to proactive fraud management
Move controls:
- upstream (vendor data, approval logic)
- into processes (not just systems)
- into behavior (training, awareness)
Final Thought
Payments used to be about efficiency. Now they’re about resilience. And treasury, whether it likes it or not, is right in the middle of it.
Also Read
- PSD3 Is Coming, But the Real Impact Starts Earlier Than You Think
- Stablecoins and Central Banks: A New Regulatory Chess Game
- Oil Price Shocks: The Treasury Domino Effect
- Sustaining Financial Clarity as Organisations Grow
- Webinar Recap: Cash Flow Forecasting on Trial
- Should Cyber Risk (and Insurance) Be on the Treasurer’s Agenda?
- What does commodity volatility mean for treasurers?
- ISO 20022 for corporates: the change you can’t ignore (even if you’d like to)
- Treasury Trends for 2026: Building Smarter, Faster and More Resilient Treasury Functions
- Treasury Trends for 2026: Building Smarter, Faster and More Resilient Treasury Functions
Join our Treasury Community
Treasury Mastermind is a community of professionals working in treasury management and those interested in learning more about topics such as cash management, foreign exchange management, and payments.
To register and connect with Treasury professionals, click [HERE]