MOTO (Mail Order, Telephone Order) payments are vital tools for distance-trading businesses and done well, they offer an essential part of a positive customer experience. However, MOTO payments can carry a substantial element of risk for the organisation collecting them - associated with the people, systems and processes through which the organisation operates.
The Contact Centre – a prime example
Contact Centres are typical environments where staff access customer records through one system (usually their CRM) but then process telephone payments separately through a different system.
In fact, this is the way that the majority of SME’s and Mid-Market companies work. And although the process is thought to be time consuming, it’s generally believed to be a harmless way of operating.
- Unfortunately, the truth is, that businesses operating a MOTO payment system independently from their CRM solution, are open to one of the greatest risks in payments.
… But why? Where’s the risk?
The risk lies in the entry of key data to the separate systems – for instance, a customers’ authorisation code is manually entered from one system to the other. This sensitive data can be at risk in the following ways;
- Human error
Simple mistyping errors, or accidentally entering the data from one payment in the wrong customer record can result in myriad operational and financial issues
- Process breakdown
Data entered at the wrong stage of the sales cycle, or without the correct authorisation, can be difficult to identify, as two independent systems make audit trails difficult to follow.
- System failure
The data from one system is not automatically populated in the other, so if either fails, this results in problems with reconciliation & reporting.
- Malicious data breaches and fraud
When sensitive personal data is manually moved between two independent systems, sometimes even being written down in the process, the risk from these actions grows exponentially.
What’s the damage?
The risks might not appear that serious, but according to the Ponemon Institute’s 2013 report, accidental employee negligence is the primary source of data and security breach incidents, and half of all incidents occurred when staff were working with customer records in programs. And the damage? The cost per ‘compromised record’ in each breach costs hundreds of pounds to rectify – and takes a daunting 49 days to discover on average.
When other risks such as human (seasonal staff, limited training and familiarity with the system) and wider system (the IT structure underpinning the environment) are taken into account, it is fairly clear that even a relatively simple task such as collecting a payment and reporting it correctly, carries both short-term and long-term risks – the latter especially when the possibility of incorrect financial reporting is taken into account.
So how do you reduce your risk?
The fusion of Payments and CRM software, addresses the majority of risks. Staff can enter payment data directly into the customer record – saving time, and greatly improving reconciliation and reporting processes.
Although some risks remain unavoidable, it dramatically reduces the element of human error risk. By creating a clear audit trail which feeds into the CRM system, it also addresses key reporting concerns and creates accountability for users and reviewers alike.
Sage Pay has integrated to Sage CRM – and offers the option to take a payment over the phone, directly within a customer record, or even send the customer a link to a secure web portal – so the customer can enter the payment themselves.
If you’d like to learn more about the Sage Pay/Sage integration and avoiding the risks of telephone payments, we’re hosting a FREE webinar on December 5th, in partnership with ENBU.
Sign me up!