Or, in this case, what comes first?

Companies are slow to warm to doing more B2B transactions over the Net, mainly due to security concerns. But it’s nearly impossible to resolve security concerns and put business minds at ease unless there’s enough transaction traffic driving the effort and establishing a reliable track record.

Raising the stakes and complicating this dilemma:

The whole situation plays out against the background of the Internet, where the legit businesses and enterprising hackers constantly jockey for the superior position.

It’s enough to make you long for the good old days, when cash was king and credit was paid off regularly.

Well, maybe not long for those days. But it certainly is much more complicated today, as the advantages of doing business over the Internet are balanced by new perils.

Basically, there are three types of losses a business faces when it begins transactions online:

• property loss or damage
• business interruption, and
• extra costs.

As cybercrime becomes increasingly lucrative, a worldwide black market for information has developed.

The attacks are growing more sophisticated as well, as cyberthugs try to sneak in your back door through your vendors and other businesses with access to your system.

It used to be that staying up to date on your browser’s security parameters and employing a commercial security service was enough to keep you protected.

It’s still important to stay on top of your browser’s security updates, but as the attacks have become more sophisticated, the defenses must keep pace.

Some of the recent counterattack suggestions include:

• Segmenting your company’s data into clearly defined zones, so certain breaches can be isolated and limited
• Training your people who are involved in areas where data theft is a distinct possibility. Less than 15% of breaches are detected by “insiders.”
• Acquiring “memory snapshots” to use in forensic investigations of cybercrime, and
• Limit how much information — and influence — can be accessed through “smartphones” or other devices that can easily end up in the wrong hands.

Just when you think the big picture is covered, cyberhoods start poking around the cracks to see if they can pry anything open.

Fortunately, the good guys keep coming up with good ideas to keep you — and your transactions — out of reach for ne’er do-wells.

This time around, there’s a wrinkle: A system that can encrypt cardholder data to protect it between the transaction terminal and the merchant host.

This is just the kind of innovation that businesses accepting magnetic-stripe cards have been hoping for, offering an additional security layer.

The company promoting the innovation bills it as an open standard for merchants and acquirers. It’s not necessary to purchase a proprietary decryption package in order to adopt it, or risk integrating new, unproven encryption technology.

For information, you can contact the company offering the product: Ingenico, at www.ingenico-us.com

But just because electronic transactions are becoming more commonplace, you still can’t afford to let down your guard for even one moment when it comes to protecting a customer’s confidential information.

To help determine if you’re on the right page in keeping data safe, there are five key questions you can ask yourself about transactions that occur with your customers.

These questions are both a diagnostic assessment and a wake-up call. They apply whether you’re simply considering upgrading your transaction capacity, or even if you’ve already made the commitment and you could use a guide to setting it up.

Five questions:

1. How likely is it that one of the parties involved in the transaction would try to use a false identity?
2. What would be the fallout if the transaction data got into the wrong hands?
3. How much pain would a security breach inflict?
4. What type of information could be accessed by unauthorized parties?
5. What would be the impact if information being sent to you by a customer or a vendor was intercepted?

Good news: Security experts recommend four basic guidelines for helping to prevent these security breaches.

• Pay close attention to updates and patches for your computer’s security system, and implement as soon as they become available.
• Ask your own IT expert(s) to check your system security, when it comes to your Web browser and e-mail software.
• Passwords are critical. Choose longer passwords that have nothing to do with your name, your company’s name, etc. And be sure to change passwords often.
• Audit monthly statement — from banks and credit card providers — more closely than ever. This is often the first indication for many Purchasing & Procurement pros that something is amiss.

The best way you can stay in the driver’s seat is to make sure you have an organized plan of attack for working with suppliers, one that lays out your expectations and  emphasizes quality.

There are three areas to focus on that’ll help upgrade your relationships with suppliers:

1. Most companies treat poor supplier quality as collateral damage, part of the price of doing business. Here’s a painful stat: The cost of poor supplier quality (COPQ) take take a 10% bite out of an organization’s revenue.

It’s more than just faulty materials or goods. There’s a ripple effect — rework, slowed production, extra freight costs, warranty expenses when customers complain, and recall expenses when you have to ship it back from those customers.

So the first step — which many businesses don’t do now — is to track supplier quality, by logging to the bad (and the good), and what it ends up costing your company.

2. Once you’ve done your homework, you can approach suppliers about recovering the cost of poor quality supplies. In this case, many companies charge back the goods to the supplier. When enough product starts flowing backward, suppliers will take notice.

Experts point out that the bulk of costs stemming from suppliers providing poor goods is NOT the materials. It’s that collateral damage that really rings up the dollars. Finding a way to quantifying these costs will show suppliers just how deep — and costly — the problem is.

3. Finally, the best way to formalize your approach to solving these problems is to design your own supplier scorecard. Not only will you create a running evaluation of each supplier, it’ll also provide a solid framework of your expectations for these suppliers.

It strengthens your hand considerably when you sit down at the table with a supplier if you have a written list of problems and the costs incurred, along with a clear explanation of your expectations.

One of the biggest costs in transactions with suppliers and customers is the physical act of getting paid.

Most businesses still rely on the tried-and-true method of paper checks (and taking advantage of features like mail float time — or being frustrated by the same).

But there’s hard proof that moving away from paper and handling more transactions electronically is more efficient, easier to do, and even safer than using checks.

First, there’s the inherent complexity of the payment process itself. In a 2008 Aberdeen Group study, 76% of businesses described A/P operations as either complex or somewhat complex.

(A complex transaction, in this case, involves two or more banks and more than three payment types.)

Across the board — including Best in Class operations down to industry laggards, electronic payment processing costs were noticeably lower than handling paper-based checks.

• Best in Class companies spent an average of $10.84 on each paper-based check transaction, compared with an average electronic payment processing cost of $6.71 — a savings of 38%.
• Below average operations spent an average of $11.33 on each paper-based check transaction, compared with an average electronic payment processing cost of $8.42 — a savings of 26%.

OK, many of the Purchasing & Procurement folks already know there’s money to be saved by pitching paper. These are some stats to back it up.

But the biggest fear — one that hampers efforts to turn transactions into electronic time-savers — is that security can be compromised, creating chaos for all parties involved.

Here’s some ammo to help shoot down that argument.

When businesses experiencing payment fraud were polled as to the source of that fraud, here’s what they said:

• paper-based checks — 42%
• commercial cards — 33%
• ACH — 6%
• wire transfers — 4%

(Admittedly, there are more paper-based frauds reported because there are more paper-based transactions. But you get the idea.)

In this case, a customer was asked in a follow-up call to rate his interaction with a company caller, as often is the case in customer service oriented transactions.

The customer gave the caller low marks.

Obviously, word made it back to the caller.

The next time the customer visited that business, he was denied access to his account — for “security reasons.”

Further investigation revealed that the disgruntled company caller had changed the man’s identity, to that of a Ugandan divorcee.

Further fiddling with the customer’s account rung up an additional $100 in phony charges.

Of course, the company straightened out his account. But the caller still had his revenge.

We’re left hanging on this one. The investigation into the caller’s shenanigans didn’t reveal if it ended in termination or other disciplinary action.

Hmm.

Might want to include a question about “extreme” customer relations as part of your hiring interview process.

Have any customer calling horror stories of your own? Share them with us — and your peers — in the comments section below.

But there’s also potential for a backlash hiding in your reserve of inactive vendors: Duplication of orders, and even fraud.

Good news: Reducing the risk of these isn’t as complicated as you might think. After all, it’s the fear of complexity that’s keeping many Purchasing & Procurement pros from purging their vendor rolls.

The final decision to keep or cut loose an inactive vendor of course lies within your own company, based on your unique standards.

But there are some general guidelines that can help you pave your own path.

For example, one benchmark for jettisoning inactive vendors generally occurs at 15 months; the most common standard is two years.

Here’s a guide to help your decision-making process:

• Gather the facts. Run an audit of your records. Identify vendors you haven’t used for a decided-upon period — say 14 or 15 months.
• Update the records. Sort your inactive vendors into more easily identifiable categories. Based on industry or individual needs, these categories can include: archiving the vendor’s records; removing the vendor’s name from your live master file; creating a designation for inactive vendors in your file, so they’re easily identified.
• Get everyone on board. Share your findings with the other key players in Purchasing & Procurement, and ask for their input. There might be reasons — not always obvious — why specific vendors need to remain in play, despite recent inactivity.

You’ve surely also heard people complain they don’t trust banks or other institutions for keeping their money.

In this case, the person should’ve shown a little more faith.

Here’s why: An 80-year-old Japanese businessman stashed cash for over four decades — a total of $4 million.

He kept a container buried in his garden, which he’d periodically dig up, make a deposit, and re-bury.

Then, one morning last October, he noticed there had been a disturbance in his yard, like someone had been digging around. Upon investigation, he realized the cash had been swiped.

The businessman died two months later, making it difficult for authorities to piece the picture together until recently.

In addition to the low interest rates, a police official said they learned the man also feared house fires and earthquakes.

Under the mattress, in the garden — it just goes to show you that the best place to keep your money is in the bank.

Sure, you already work together in many ways. You’re certainly not working against each other.

But there are three ways you can reinforce the bonds that keep this team performing at a high level.

The final result is a win-win-win: Procurement, A/P and your entire company all benefit.

• Get on the same page. One of the biggest problems in getting payments in or out of your business can be invoice keying errors. Even the best number-punchers and crunchers will occasionally tap the wrong key — sometimes that’s all you need to create a large headache. Try this: Ask suppliers to repeat purchase order numbers back to buyers when placing phone orders. At the same time, include a clause in your contract that requires suppliers to match up invoice line numbers to line item numbers.
• Finding the best terms. Given today’s business conditions, you might want to re-open the door on negotiating standard payment terms with suppliers. Team up with your A/P folks to identify optimal payment terms. Are there early payment discounts you should be taking advantage of? Are there ones you might want to stop?
• Notify the proper authorities. It seems every business has its share of renegade (non PO) transactions, which inevitably fall to A/P for resolution. Catalog these strays and make sure each group is getting the proper review necessary before approval. This increased visibility has been proven to reduce renegade buying and save businesses money.

Sure, a good thing — unless those same incensed investors were out between $12 million and $13 million.

In an odd twist of events, the estranged wife of the investment banker who headed up the scheme discovered the coin cache in the basement of their home. (Not the kind of change you’d find between the couch cushions, obviously.)

It raised the hopes of investors who’d sunk a bundle into what they were told would earn huge profits. One investor was told she’d earned more than $11,000 on coins she’d bought from the banker.

Remember the old axiom, “If it sounds too good to be true, it probably is?” This is the kind of situation that gave rise to that phrase.

The feds have stepped in and they’re sorting through the coins in the basement. The ones that can be ID’d are being returned to their owners. But the bulk of the not-so-petty cash will go on the block, with profits to be divvied up among the empty-handed investors.

The odds of recovering their stake looks pretty bleak for the investors.

The investment banker’s former employer is taking it on the chin, too, as several of the disgruntled clients have filed suit against it.

One of the reasons the scheme collapsed upon itself?

Apparently, the investment banker didn’t show much business sense. He was selling some of the coins — at wholesale prices, after he shelled out retail bucks for those same items.