< Previous20East Midlands Business Link www.eastmidlandsbusinesslink.co.ukINVOICE AND FINANCE SOLUTIONSOn the surface of it, businessoperations present a seemingly simpleflow chart of events. A company is hiredby a customer, client or individual todeliver a product or service. Thebusiness then fulfils the agreed uponservice and invoices for the amountboth parties settled on. Yet, this crucialinvoicing stage is where thestraightforward system breaks down,with companies across our regionsuffering from late invoice payments. Late payments are one of the keyreasons why so many businessesstruggle with cash flow, with erraticpayments wreaking havoc with financesand records. Research from NucleusCommercial Finance found that invoicesdated in November 2017, are not likelyto be paid until early February, in theNew Year – over 40 days longer thanthe typical 30 day payment terms. The research explored 96 sectors fora thorough dissection of this mostcommon of financial bugbears. Onlyone sector – specifically employmentagencies – was found to pay theirinvoices within 30 days on average.Further, just 12 sectors, includingeducation and construction, were foundto pay invoices in less than 45 days. Therest, however, took on average 74 days. After analysing 129,000 invoices, theresearch concluded that the worstperforming sector is, surprisingly,membership organisations – includingtrade bodies and other subscription-based organisations. On average,businesses in this industry, orthose selling it goods orservices, are expected towait, on average,more than 137days – or overfour months.Delays of this kindcan affect quarterlyfinancial results, leadingto uncertain andunreliable forecasts andprojections. Though this issueplagues businesses across theboard, it’s small businesses that areworse affected. The latest statistics puts the UK’s totalSMEs at 5.4 million – or 99 per cent ofall businesses – meaning that almost allof the nation’s businesses are sufferingin one way or another from latepayments. It’s perhaps symptomatic ofthe current business climate, theeconomy’s uncertainty, and pooroutlooks overall for businesses.Doubtless, businesses that are failing topay invoices during the agreed uponperiods are themselves dealing with latepayments, and so the vicious economiccircle perpetuates itself. To contend with this issue, smallbusinesses often find themselvesPast due Late invoice payments are hamstringing growth plans and casting a fog of uncertainly across the economy. East Midlands Business Link investigates the effect this is having on businesses across our region. 22 Áwww.eastmidlandsbusinesslink.co.ukEast Midlands Business Link 21INVOICE AND FINANCE SOLUTIONS© Shutterstock / 9dream studio 22East Midlands Business Link www.eastmidlandsbusinesslink.co.ukINVOICE AND FINANCE SOLUTIONSchasing invoices daily, much to chagrin of thoseon the receiving end of calls or emails. This canput tremendous strain on business relationships,and endanger any future dealings. For theoffending party, they won’t appreciate having latepayments chased every day, while the affectedcompany might forgo doing businesses with aclient or customer that will likely result in latepayments again. Growth plans can also be put in seriousjeopardy by a mounting tide of late payments. Inorder to execute growth plans, a companyrequires a healthy cash flow. Often these planswill be months or years in the making, butdelayed invoices can mean they remainconceptual. Sporadic and unpredictable paymentscan leave a business using its cash flow just tocover overheads and operating costs. In the political quagmire of 2016, one of thehottest buzzwords was ‘Just About Managing’ or‘JAMs’. This described families who were,financially speaking, just about managing to feedthemselves and pay their rent, tax and utilities.This same categorisation can absolutely beapplied to the business world, with many smallcompanies just about managing to coveroverhead costs and keep the machine moving foranother month. This is hardly a conduciveenvironment for growth, as far as a company isconcerned, but also for the overall wellbeing ofthe British economy. SMEs are often claimed tobe the backbone of Britain, but they’re more likethe entire skeletal system and if this supportsystem is weakened, then we as a nation areworse off. The economy is symbiotic, what happens toone area will inevitably affect another. Latepayments are a chronic issue which persistacross the business landscape, as big an issuehere in our region as the UK at large. With thedisastrous affect this can have on cash flow, smallbusinesses are left abandoning growth plans tocover the overhead costs, leaving the entireeconomy in danger of stagnating. Fortunately,there are equity experts, solicitors and lendersacross our regions to offer advice and help easethe strain. www.eastmidlandsbusinesslink.co.ukEast Midlands Business Link 23INVOICE AND FINANCE SOLUTIONSDealing withlate paymentHere are the top 5 tips to help you dealwith late payment:1. Know your customer2. Agree payment terms in advance 3. Invoice correctly and promptly4. Chase payment immediately when itbecomes overdue5. If you deal with vendor portals,understand how they work© Shutterstock / Linda Bestwick 24East Midlands Business Link www.eastmidlandsbusinesslink.co.ukCYBERSECURITYDespite increasing annual IT security budgets, wecontinue to see news reports on data breachesnearly every day. Just last week, Uber revealed ithad suffered a hack in 2016 that affected 57 millioncustomers and drivers, after which the company paid over£75,000 to criminals to delete the stolen data and keepquiet about the breach. Uber is not the first business to runafoul of a security breach, and it certainly won’t be the last. Although hacks at larger organisations tend to grab moreheadlines, the truth is that organisations of all sizes are atrisk. Like legitimate businesses, cybercriminals seek tomaximise their gains for minimum outlay, so if an attack ona smaller business provides the desired return oninvestment, they become a target. In particular, SMEs,which often lack the dedicatedresources to fully address IT securityconcerns, can make for highlylucrative targets — especially forransomware attacks.Ransomware made massive wavesthis year, with strains like WannaCrybringing the NHS to a standstill….butwhat exactly is ransomware, andhow can you protect your business?Ransomware is a class of malware that locks the data ona victim’s computer, typically via encryption, and thendemands a ransom payment to decrypt the data and returnaccess to the victim. The ransomware business model is tried and tested. Therisk for cybercriminals is very small, and given the poorsecurity awareness of the average user, ransomware is acash cow that keeps paying out. Because attackers look forthe easiest route to infiltrate, they often launch ransomwarecampaigns through simple phishing emails or by exploitingpoor password habits, though some attacks may usecomplex malware to achieve their goal.When it comes to ransomware, it is critical that affectedorganisations avoid paying the ransom. The success of theattack relies on targets paying up. It’s certainlyunderstandable that people want to get their files back andmight be willing to pay for the privilege, but there is noguarantee the cybercriminals will ever return the files, evenafter multiple ransom payments. To mitigate the risks of ransomware, businesses need acombination of technology, processes, user awareness, andforward planning.First, you must secure valuable data with regular (andregularly tested) backups and disaster recovery plans. Thisprocess will help you better understand the time it will taketo restore systems to a useable state after a breach, andwhat data might be lost due to backup schedules. Backedup data must be protected from intentional tamperingduring attacks. Second, you need adequate defences. It’s so simple thatit shouldn’t bear repeating, but you’d be surprised howmany organisations are still use outdated or inadequateendpoint protection, if they deploy any at all. Installing ananti-malware solution is essential, while other technicalcontrols such as secure web browsing and anti-phishingsolutions can add further layers of protection. Keep in mindthat solutions should account forbring your own device (BYOD), andshould be able to protect users bothon and off the corporate network.Third, attackers use known bugs insoftware to exploit weaknesses andtake control of targeted systems. Forthis reason, you must regularly patchall of your software and update anyIoT devices.Finally, end users must be educated on the dangers ofransomware, and should understand the methodscybercriminals may use to target them. They need to knowwhich emails and attachments they can open and whichlinks are safe to click on. They also need to know who tocontact in the event of a breach.Worst case: any organisation that becomes infected withransomware should keep a copy of their encrypted files.The decryption tools for many of the ransomware variantsseen in recent years are now available, thanks to reverseengineering and ‘leaking’ of decryption keys.In cases of a successful breach, take extra time tocomplete a forensic root cause analysis and implement newmitigation strategies to help prevent similar incidents in thefuture. Use the breach as an opportunity to determine howyou can decrease down-time after future attacks.In summary, planning ahead makes a huge difference tothe resilience of an organisation against these types ofattacks. It doesn’t require a massive investment, andincremental process improvements go a long way toensuring that an organisation continues to function in theface of today’s advanced attacks.CybersecurityKeeping your business secureby Matt Aldridge - Senior Solutions Architect at global cybersecurity firm Webroot End users must beeducated on the dangers ofransomware, and shouldunderstand the methodscybercriminals may use totarget themMatt Aldridge, Webroot Services, Derby26East Midlands Business Link www.eastmidlandsbusinesslink.co.ukHEALTH & SAFETY IN CONSTRUCTIONMind thatstep…Construction in the East Midlandshas taken off recently, but that’s noexcuse to let standards fall, and therecent HSE figures continue toshow the industry as one of themost dangerous in the country. www.eastmidlandsbusinesslink.co.ukEast Midlands Business Link 27HEALTH & SAFETY IN CONSTRUCTIONAs we come to the end of 2017, it’stempting to look back and considerwhat has changed in the year before.The construction industry has seensome revitalisation, which for many willbe welcomed with open arms and anoptimistic view for 2018. And while theeconomy as a whole may not have seentoo much improvement, investors arerealising that is a trend here to stay andhave started to invest in newcommercial and residential propertyregardless. Similarly, the shortage ofhousing mixed with the Government’splans to increase homebuilding canonly mean good things.What is less pleasant, however, is thefact that health and safety incidents inthe construction sector have remainedfar too high. As they do each year, theHSE has released its report on “Fatalinjuries arising from accidents at workin Great Britain 2017”, and the contentsmake for grim reading. Yet again, themajority of injuries have occurred inconstruction, agriculture andmanufacturing – with construction beingthe highest. The majority (97%) ofall work fatalities were male.This mirrors what has beenoccurring across the EastMidlands, as in recent yearsthe HSE has taken toarranging surprise checks onbuilding sites, with hefty fines andimmediate shut-downs for companieswhich fail to meet their requirements. While the HSE does report adownward trend in figures of thoseinjured from two decades ago, this ishardly something for the industry to beproud of. Health and safetyrequirements were a lot less lax in 1980,and are only just approaching a level ofwhat should be expected as standard.In addition there were around 13,000deaths from work-related fatal diseases,many of which could be attributed topast exposure to chemicals and dust atwork. It is important to note however,that many of these diseases take yearsto have an effect on their victims, sothese figures are more an indication ofpoor health and safety practice in thepast than right now. But it does stillhighlight areas where companiesshould be looking to improve.For some however, accidents occurnot as a result of negligent policy – butdue to unfortunately made decisions atthe time. In recent years, there was acase where a roofing firm wasundertaking work on the roof of aschool. The plans included strictinstructions that roof lights were to beremoved and boarded over to preventany dangerous falls, however when thework began the employees found thatthe roof-lights were difficult to remove.The Director of the firm was called in,and after some checking decided thatthey would skip that part of the plan –and inevitably someone did indeed fallthrough and suffer injuries that wouldlater prove fatal. The company inquestion was fined £80,000 and orderedto pay nearly £40,000 in costs. The moral of the story is clear, that28 Á© Shutterstock / yuttana Contributor Studio 28East Midlands Business Link www.eastmidlandsbusinesslink.co.ukHEALTH & SAFETY IN CONSTRUCTION© Shutterstock / Andreas G Karelias www.eastmidlandsbusinesslink.co.ukEast Midlands Business Link 29HEALTH & SAFETY IN CONSTRUCTIONeven for the most safety-consciousfirms, there must always be strictadherence to the instructions that havebeen given. Although difficult, therewould have been a solution to theroof-lights issue, and the decision toignore the matter in favour of gettingstarted with the work was clearly thewrong one. The results seem to indicate thathealth and safety in the workplaceremains a nebulous concern for manybusinesses. Nowadays there’s not asingle company that doesn’t recognisethe risks inherent with an accidentoccurring, be that the potential injuryto employees – or the legal action andcompensation that might follow. Andyet it’s no exaggeration to say thatmany SME’s and medium-sizedbusinesses lack a formal health andsafety procedure. Many companies see health andsafety principles as, at best, aninconvenience, assuming that acommon sense approach is best andcertainly not requiring anything moreformal than that. While it’s true to saymanagers and employees alike usuallyhave the wit to deal with potentialproblems, there are clear advantagesfrom having a formal policy in place.Most obviously, companies thataren’t able to point to clear health andsafety regulations will usually findthemselves unable to win contractsfrom major organisations. Theimportance of security and speedacross the supply chain meansretailers demand manufacturers anddistributors reach the higheststandards and must be able toillustrate their commitment to quality –and a formal health and safety policy,with full information on potentialflashpoints and the measures in placeto deal with them, is usually required.Companies hoping to win contractsare also obliged to keep up to datewith changes to legislation to makesure nobody is put at risk andoperations are proceeding in a safeand effective manner.In many cases these requirementsare more for the reputational securityof the company offering the contract.Assuming for example a largeconstruction contract for a newsupermarket building; if there is aninjury – or worse, a death – then it’soften the supermarket brand itselfwhich would suffer the worst backlashin the public media. Breaches in health and safetyobviously have a short-term cost interms of employee absence andpossible fines, but they can often havea major long-term impact as well –customer confidence in products canbe affected, sometimes terminally.One only have to look at the panicover the horsemeat scandal, where thefacilities used to produce items havebeen subject to increased publicscrutiny and doubtless turned manyconsumers off processed meatproducts for good.Companies need to alwaysremember that having a formal healthand safety policy, first-aid training, andall the other aspects handled – is onlyhalf the battle. The other half is makingsure their staff are not only trained inhow to use it, but regularly checking tomake sure they are taking all due careand processes into account. After all,even if it’s individual workers whodecide it might be too much hassle,it’s the company as a whole who willsuffer the consequences.Next >