Mitigating Risk and Improving Efficiency with Third Party Vendors – When is enough… enough? Paul Aries, RVP, Nelnet Business Solutions Ann Holland, Associate.

Slides:



Advertisements
Similar presentations
PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.
Advertisements

Copyright © 2005 EFT Network, Inc. All Rights Reserved. Automated Recurring Payments Flexible Payment Solution.
1 Nelnet Payment Plans Your campus commerce and payment plan experts.
Copyright © 2005 EFT Network, Inc. All Rights Reserved. Centralized Returns Significantly Reduce or even Eliminate Returned Check Fees.
1 Introduction General Accounting is responsible for managing the University’s general ledger accounting system. The General Accounting office’s main goal.
Bursar’s Roundtable Session 1 125% Rule 125% Rule Bank Lockbox Bank Lockbox Departmental Deposits Departmental Deposits Decentralized Invoicing Decentralized.
GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Advantages of having integrated ePayments and eCommerce By Fauwaz Hussain Nodus Technologies.
Copyright  2005 by Thomson Learning, Inc. Chapter 19 Treasury Information Management Order Order Sale Payment Sent Cash Placed Received Received Accounts.
Centralizing Commerce for the Campus Community. Goals & Objectives Overview of contracted services Benefits for your member institutions Action Plan for.
Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.
Credit / Debit Card Electronic Payments Industry Update on Convenience Fees, Utility Program and More! Presented by: Presented by: Michael Hodge, Regional.
Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations
PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.
We make it easier for businesses of all sizes to safely accept checks transmodus offers clients automation utilizing our online processing platform for.
Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.
1 Consolidated Billing Project UCSB / UCLA Financial Systems Conversion Project Web Management, Hosting and Consulting Service February 8, 2011 CITI.
1098-T Reporting: Reaping the Benefits Derrick Shy, Senior Account Executive Campus Payment Solutions, Sallie Mae Randy Schenewerk, Associate Controller.
UC San Diego EH&S Staff Meeting Project 2010 Jan00 meeting notes.doc May 5, 2004 Update on the New Business Architecture EH&S Staff Meeting.
Around the World, Around the Corner WorldPay for Small Business.
© 2012 Financial Operations Networks LLC Pay Card Practices: A Powerful Alternative for AP Operations.
“Electronic Payment System”
Security & PCI Compliance The Future of Electronic Payments Security & PCI Compliance Greg Grant Vice President – Managed Security Services.
Ecommerce Applications 2009/10 Session 31 E-Commerce Applications E-payment.
Division of Depositor and Consumer Protection Banker Teleconference Series Third-Party Compliance Risk Management Tuesday, June 5, 2012.
Web Advisory Committee June 17,  Implementing E-commerce at UW  Current Status and Future Plans  PCI Data Security Standard  Questions.
Online and Mobile Banking. Online banking Online Banking  Online banking is a fairly established practice in our internet-saturated world.  Many people.
MasterCard Site Data Protection Program Program Alignment.
Compliance System Validation - An Audit Based Approach December 2012 Uday Gulvadi, CPA, CIA, CISA, CAMS Director - Internal Audit, Risk and Compliance.
Private, Secure, Guaranteed ACH Credits – The Next Generation of Online Payments Samantha Carrier, Director, eCommerce, NACHA.
An Introduction to PCI Compliance. Data Breach Trends About PCI-SSC 12 Requirements of PCI-DSS Establishing Your Validation Level PCI Basics Benefits.
Information Systems Today, 2/C/e ©2008 Pearson Education Canada Lecture Outline eCommerce Highlights of Electronic Business 2-1.
DATE: 3/28/2014 GETTING STARTED WITH THE INTEGRITY EASY PCI PROGRAM Presenter : Integrity Payment Systems Title: Easy PCI Program.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
1 Common Payment Service 101 A Gateway Solution Supporting Participants of Both the EFT and Merchant Card Services Contracts August 2008.
FTC RED FLAG RULE As many as nine million Americans have their identities stolen each year. Identity thieves may drain their accounts, damage their credit,
Direct Deposit Experience with an Outside Vendor.
Traditional and Electronic Payment Methods Chapter 3.
PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.
© 2008 IBM Corporation Challenges for Infrastructure Outsourcing July 29, 2011 Atul Gupta Vice President, Strategic Outsourcing, IBM.
2013 UNC Financial Systems Conference Tackling our Financial Challenges March , 2013.
© 2009 EPCOR. All Rights Reserved The Risks and Rewards of Remote Deposit Services 2009 Treasury Management Conference September 10, 2009 Omaha, Nebraska.
Fraud and Risk in the Electronic Payment Space Michelle Marshall-Thompson VP, Fraud/Risk Officer FirstMerit Merchant Bankcard.
Telephone Checks Innovative, Flexible, and Convenient Payment Solution.
Premium Payment Policy John Hiber, Chief Financial Officer | September 19, 2013 Board Meeting.
PAYPAL PRESENTED TO:SIR ADNAN PRESENTED BY:SAIMA ASGHAR
2 Why Nelnet? 3 Nelnet Business Solutions Overview 770 institutions; 27 years of processing payments Security / compliance Comprehensive suite of services.
@NodusTec h m om Fauwaz Hussain Channel Sales Manager at Nodus Technologies Inc. (909)
Ghost Credit Cards in eProcurement Jeremy Williams NC State University Technology Support Analyst Purchasing Department.
1 Credit Card Services. 2 Challenge Because of Barclay’s need for quick, but intelligent growth, they looked to SES to build out a remote center for Barclays.
Talent Acquisition, Staffing, Recruitment, Executive Search.
New Hire Packet Automation Factors for Decision Making.
Great Teachers  Great Leaders  Great Schools  Benefits By Role 1.
PCI COMPLIANCE & A/R AUTOMATION 101 Nodus Technologies, Inc.
Performing Risk Analysis and Testing: Outsource or In-house
Common Payment Service 101
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Best Practices in Utility Billing and Payments
Entrepreneurship Secure Ordering Presented By Mrs. Bowden.
Internet Payment.
Session 11 Other Assurance Services
What Does a Payment Provider Provide?
Switchover from Teledeposit to VIRTUAL TERMINAL Moneris Solutions
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Best Practices in Utility Billing and Payments
RICOH ePresentment and Payment May 2018
Electronic Services from a School's Perspective PESC Annual Conference on Standards in Higher Education Judith Nemerovski Flink Director of Student Financial.
Refunds: Today’s Challenges
Ski Clubs and E-Commerce
Presentation transcript:

Mitigating Risk and Improving Efficiency with Third Party Vendors – When is enough… enough? Paul Aries, RVP, Nelnet Business Solutions Ann Holland, Associate Dean Business Affairs Hopkinsville Community College

Agenda » Introductions » Background » Issues » Solutions » Questions

Kentucky Community & Technical College System (KCTCS) State system for 16 community and technical colleges – 67 Campus locations 100,000+ students 600 credit degree certificate programs Hopkinsville Community College –3755 Students –2 Campus locations offering courses at 6 sites

About Nelnet Business Solutions Focused on Higher Education –Built for education by education Over 800 college and universities 30 years combined experience in education Leading provider of payment plans and campus commerce On the PCI Standards Council PCI Level 1 compliant service provider NACHA compliant service provider Red Flag compliant service provider Serving KCTCS since 2002

Higher Education Challenges Higher education is unique Higher education makes up about 15% of the published internet space* Higher education networks –Are LARGE and COMPLEX –Traditionally “open” for collaboration –Application security is not a critical part of doing business * Source: Indiana University Session ID 0926

Higher Education Challenges Many groups, organizations and departments want to offer credit card and check payments to their customers, but they all have –Different needs –Resource limitations –Lack of payment processing knowledge Commerce is complex, risky, and involves many different groups –Who is in charge? –Is there a defined process? Reduction in Budgets Session ID 0926

Invoicing Process Paper is Expensive –Printed, folded, sealed, postage –Paper/folder jams –Cut/paste international student invoices for s –Address issues –Returned mail is open source network Costly to develop ERP Functionality? Session ID 0926

Issues with Payment Processing Payment Card Industry Data Security Standards (PCI- DSS) came into effect –Compliance was a major concern –Collecting card information on ERP –No centralized control over credit card processing –Merchant fees –Do not know what departments were doing –Universities are not in the payment processing business –We are in the business of education, not payments Session ID 0926

Refunds Timing (compliance) Cost for paper checks Staffing and manhours –Printed, folded, sealed, postage –Address issues –Returned mail

Challenges in Managing Payment Plans Labor intensive –Managing enrollment process –High call volume – questions –Follow-up on missed payments Technology/Resources The costs associated with credit card processing Compliance with regulations (PCI, NACHA and Red Flag)

Challenges in Managing Payment Plans Low Collections/high receivables –Payment decisions for students Poor student services –Long lines & waiting Lack of Functionality in ERP system Changes, Changes, Changes! Reconciliation Colleges and Universities are not in the payment processing business

What are your options? Reduce services – not offer services

What are your options? Do nothing-suffer along– accept risk Poor student services Frustrated staff Hope there are no problems

What are your options? Throw money at it!!! Increase staffing Develop technology internally

Solution = Outsource

Advantages of Outsourcing Save Money –Programs not available without third party (Convenience fee) Generate income –Outsource the work and still generate income Increasing affordability & payment flexibility Reduce workload on staff Provide better customer service Utilize Proven Technology Integration with ERP Reputation

Advantages of Outsourcing What can they do now… what can they do later? –Keeping up with the industry –Keeping up with compliance Transfer Compliance Risk –Present – compliant systems –Future – vendor will keep up on future regulations Red Flag PCI

Create a Partnership Establish a strategic partnership where there is: A shared risk / reward An alignment of goals and vision A defined resolution process Highly engaged project management and customer support

Outsourcing Business Processes Look for: Functionality Technology Ability to deliver Vision Service / Support Cost References Accountability

Strategies for Compliance Accept the risk Transfer the risk Avoid the risk Mitigate the risk Session ID 0926

Avoiding Risk Do you really need the data? Eliminate non-compliant systems Evaluate co-sourcing partnerships Session ID 0926 Avoid the risk

PCI-Compliant Service Provider.EDU Commerce Server & Payment Apps User sent to PCI-compliant service provider Card data managed by service provider Consolidated payment processing Consolidated reporting Centralized management Transfer of user Business App Business App Transferring the Risk Session ID 0926 Transfer the risk

Are you Vulnerable? Is sensitive data stored securely? –credit card, banking and personal information Is sensitive data stored in your ERP? Do you change vendor supplied passwords? Do you have defined procedures for accepting credit card payments? Do you manage your own direct deposit of refunds? Do you complete a Self Assessment Questionnaire annually? –Who is responsible & do they know what they are looking for? Session ID 0926

Why Should I Care? Cost of non-compliance is more expensive than compliance! –$100,000 minimum fine from each card association –Cost to notify the victims –Cost to replace the cards ($10/card) –Cost for any fraudulent transactions –Forensics from a QSA –Level 1 certification Session ID 0926

Benefits of Using NBS Seamless integration to a schools ERP Fully hosted solution (ASP) Ability to deliver additional services beyond hosted payment screens – eBilling – Payment Plans – Authorized third party access – Student Refunds – Potential to reduce and avoid interchange rates – Cashiering Reduction of PCI scope for your institution

Regulatory Compliance has become more critical, more time consuming, more expensive Leverage NACHA compliant ACH processing Eliminate paper checks – convert to ACH/Check 21 at point of sale Utilize role-based access and security Extensive audit trail Improve staff efficiency & reduce workload Improved Customer Service Summary

27 Summary Higher education IS unique PCI compliance is NOT optional You are always one change control away from being out of compliance Reduce scope by removing credit card and banking from your systems Non-compliance is more expensive than compliance Compliance is a journey not a destination Outsourcing to the right partner can be the way to go! Session ID 0926

Thank You! Paul Aries, Regional Vice President Nelnet Business Solutions Ann Holland Associate Dean, Business Affairs Hopkinsville Community College (270)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.