How does it work?

01
What can I do with it ?

ENPAY is a secure hosted payments and bank account management platform typically requiring no additional on-premise software or hardware installation by users.

Users access the platform either through secure web browser connections or by linking existing IT and operational systems (accounting/billing, ERP/Treasury Management) with the ENPAY APIs available on Finologee’s secure API portal.

All users log in via a highly secure yet easy-to-use process using either specific ENPAY credentials and second-factor authentication through Finologee’s Authenticator (a mobile App for Android and iOS), their existing Luxtrust certificate, or their corporate user authentication framework that is connected to ENPAY (OAuth2 protocol).

Once connected, users can create

  • counterparties, i.e. the beneficiaries of outgoing payments or payers from whom they get payments, and also
  • outgoing payments, i.e. credit transfers to other bank accounts, on the ENPAY platform.

Payments and counterparties can also be uploaded using batch files – standard Excel templates are provided directly on the platform. These transactions and counterparties are then approved by authorised signatories who also connect to the ENPAY interfaces, typically upon receiving email or SMS notifications. The ENPAY platform caters for complex approval processes, with signatory rights depending on accounts, amount, specific signatory group membership and other factors.

Once fully authorised,

  • counterparties can receive payments, i.e. ENPAY users can start creating transactions with these counterparties as beneficiaries,
  • transactions can be transferred to the bank holding the account chosen to make the payment from.

Alternatively, outgoing transactions can also be submitted through the ENPAY APIs without the need for human interaction or authorisation (unless such an authorisation process is part of the setup). This capacity allows for end-to-end process automation designs, interconnecting the ENPAY clients’ systems with the clients’ bank accounts.

Transactions are transformed into SWIFT messages by the ENPAY platform and routed to the account holding bank via Finologee’s own SWIFT connector/BIC over the SWIFT network. The banks operating the users’ connected accounts need to pre-authorise this type of message receiving capacity based on their internal standard process (Power-of-Attorney to establish the SWIFT RMA with Finologee).

Users are able to monitor the progress of a transaction and its current status at any time, from creation to execution by the bank, with the intermediary processing and authorisation steps, and retrieve comprehensive audit reports detailing every single action and step. The platform also provides detailed and aggregated views of all transactions on all accounts, with the ability to download statements and visualise balances based on the data stemming directly from the banks’ systems.

The number of accounts and banks that can be connected to ENPAY is virtually unlimited: ENPAY clients may choose to process all their payments and bank accounts using ENPAY as their single centralised payments gateway.

Almost all banks are connected to the SWIFT network and thus able to provide the right type of interconnection to make their accounts accessible via ENPAY.

02
Payment authorisation flows

One of the most powerful features of the ENPAY platform is the advanced workflow and transaction approval/signature component with a versatile notification and monitoring framework.

This is an example of a typical payment approval process including several roles and responsibilities in an organisation:

Example of a typical corporate payment authorisation process

With ENPAY, existing processes for authorisation, approval and signatory rights can be fully digitised. All signatures/approvals are fully logged and can be audited. The ENPAY platform also provides secure signature-only interfaces that are compatible with mobile phones, making it easier to quickly obtain manager approval to execute transactions.

This feature accordingly removes the complexity of signatory rights management for each individual bank and account, as well as the need to use individual connection credentials and tokens for each bank with which a company maintains an account.

‘Hybrid’ setups can also be easily deployed: payments are initiated through an API call by ENPAY clients’ systems and then approved/signed through the ENPAY web interfaces based on the predefined signatory rights and conditions using the platform’s notification system.

The ENPAY platform provides a high level of flexibility for authentication and electronic signing of transactions (and approving counterparties): clients can choose to rely on

  • Finologee’s own authentication/e-signature framework, which includes a state-of-the-art Authenticator App that is compatible with iPhone and Android smartphones, can be easily and quickly installed with users and signatories and provides a very high level of security. The underlying certificates and their validation service are handled by INCERT, a public agency of the Luxembourg Government; or
  • Luxtrust certificates, which also provide the comfort of ‘qualified e-signatures’ as Luxtrust is a licenced ‘Qualified Trust Service Provider’, or
  • own corporate authentication frameworks (e.g. Office365 or on-premise two or multi-factor setups) that are linked to the ENPAY platform using the OAuth2 authorisation framework.
03
User roles

The ENPAY platform encompasses a versatile role-based access control (RBAC) setup allowing a granular definition of access rights and roles for ENPAY features and processes.

An example of a typical setup of roles and access rights in the context of corporate finance that can serve as a starting point for the ENPAY platform configurations and that can subsequently be adapted to the specific roles and rights of each ENPAY client:

Example of a typical role-based access rights setup with ENPAY

This feature serves serves 3 purposes:

  • Preventing some users from accessing data they should not have access to, e.g. let users who use the tool to enter data and create transactions but do not make decisions or have generic access to balances and cash balances can focus on their task.
  • Optimising the interface, data and feature display according to the role, e.g. providing a dashboard with relevant data and charts for a CFO who needs a general overview and wants to monitor daily activity, priorities and errors.
  • ‘De-cluttering’ the interfaces for some users, e.g. managers who only use the tool to approve transactions or new counterparties, so that they do not have to deal with the variety of other functions and data on the platform.

Do you want to know what we could build together or get a product demo?

Get in touch and we will evaluate how we may help you.