Mobile Technology: Recognizing the Risks

As if finance executives didn’t have enough internal control issues to keep them awake at night, Visa’s recent investment in mobile credit card merchant Square could bring more headaches.

Mobile Security Definition and Solutions

Slideshow: Mobile Security: How Gadgets Evolved

Square’s concept is simple, yet brilliant. It turns an iOS device into a mobile credit card processing center by adding Square’s dongle to the device. Similar to the mobile card readers that Apple Store salespeople carry, Square provides a mobile and flexible method for companies to accept credit and debit card payments.

I’m a big fan of any technology that helps businesses run more productively and flexibly. And web-based and mobile technology is a big part of my toolkit. For my coaching practice, I run a customer relationship management system on the web-based Batchbook platform, and one of my clients uses the Xero accounting system. Both these systems take key business processes and put them within reach on a smartphone, laptop, or iPad. By using Square with my iPad, I can take a credit or debit card payment immediately, instead of sending an invoice with terms.

In fact, I consider mobile technology, like Square, a potential game-changer. These tools can instantly improve your working capital position. Not only does the mobile technology reduce overall tech costs and release the previous tethers of computing, but the tools also can improve cash flow. Instead of paying hundreds or thousands of dollars for an expensive software program, I pay $10 a month for Batchbook.

But before fully implementing mobile technology, a finance team must carefully examine the internal control risks surrounding mobile technology, especially mobile payments. Already, VeriFone, which has a business model that is threatened by Square, has expressed concern about Square’s technology. Its questions are only the first of many that should be asked, though.

Changing selling practices from traditional invoice and pay, to instantly processing payments instead, creates a number of such risks. One example is the standard invoice approval process: If a company with a pre-existing, approval-based billing process changes to mobile payments, the possibility exists for a salesperson to reduce the price below accepted levels and process the payment right away.

Prudent risk management requires finance executives, audit departments, and sales departments to review — and perhaps significantly modify — approval processes, along with other control activities, to ensure that organizations are selling at proper prices. Mobile payments will require additional reviews of gross margins and revenue per product to ensure proper pricing. Sales incentive programs must emphasize more than gross revenue figures or units sold. Companies must review processes related to password protection and open-source software to ensure their employees are using approved applications.

Mobile technology is a tool for businesses to use. Still, tools can be used to create better businesses — or to destroy years of hard work. Companies recognizing the risks of mobile technology before implementation will be able to develop the right controls for creating more-productive and profitable businesses.