SysnetAIR, Sysnet Global Solutions compliance management and merchant intelligence solution, is the winner of both the ‘Jury Vote’ and ‘Best Product Pitch’ awards at the 11th edition of the international EPCA Payment Summit, which took place in Rome (18 – 20 April 2012), under the heading “Rethinking Transactions - Fostering Europe’s digital agenda”.
Gabriel Moynagh is Sysnets Chief Executive Officer and is ultimately responsible for Sysnets performance and direction, making strategic and investment decisions to ensure Sysnets long-term sustainable growth. Gabriel oversees all Sysnet divisions, which have grown to provide services in over 35 countries. In addition to sitting on Sysnets board of directors, Gabriel also sits on the board of SaaS Markets and iScan, two of Sysnets strategic investments. Gabriel joined Sysnet in 2005 and was responsible for Sysnet entering the PCI DSS space and the companys decision to aggressively focus on this market. Initially acting in sales and account management roles, Gabriel was appointed General Manager in December 2009 and became CEO in January 2012.
What kind of business model does your company follow?
Gabriel Moynagh: Our clients are banks and other acquiring organisations. We provide them with merchant intelligence and loyalty solutions that center around compliance management. Our clients use our completely white-labelled compliance management solution ComplianceMakerTM to manage their merchants through the PCI DSS compliance process, which enables them to meet their compliance requirements as dictated by the card schemes. Merchants pay a small fee to enable the acquirer to manage their compliance and this fee is split between the client and Sysnet. The revenue covers the client’s costs of providing the service and the split that Sysnet receives enables us to provide the service and generates a profit for the business. In addition, when merchants engage with the compliance solution they receive a range of value added services that help them do better business.
Could you briefly summarize the target user/market and customer demand/need SysnetAIRTM, Sysnet Global Solutions compliance management and merchant intelligence solution, has been designed to satisfy?
Gabriel Moynagh: We developed SysnetAIRTM for banks and other acquiring organisations who want to build better relationships with their merchant portfolios. Initially, our solutions focused on compliance management – PCI DSS in particular. However, the valuable feedback and discussions we had with our clients regarding the issues that are important to them, led us to develop the broader SysnetAIRTM solution. Our clients expressed the need to engage their merchants at the right time and in meaningful ways, and Sysnet was well placed to meet that need. Through our compliance management solution we had developed detailed and up-to-date profiles for our clients on their entire merchant portfolio. We already had powerful integration and communication solutions in play as part of the compliance solution so the next step was to develop and deliver a range of services and solutions that enable our clients to interact with their merchants, offering them assistance, advice and value added services that are tailored to their needs and available when needed. For example, as a merchant reports on their PCI DSS compliance through the ComplianceMakerTM portal, they may come to a point where they identify that they do not have the appropriate measures or process in place to comply with the Standard. Rather than simply leave them figure it out on their own, the portal will feed that information back to the data integrator platform, they will then receive a communication giving them instructions on how to resolve that issue. This can be a link to the client branded app store that allows them to view solutions, read product reviews, access white papers, download free trials and maybe even purchase at a discounted rate. SysnetAIRTM doesn’t only offer compliance solutions; it offers a whole range of bespoke value added services that are tailored to the merchants’ specific needs. Our clients improve their merchant relationships by becoming more than a solution provider – they become a business enabler.
How is integration achieved between Sysnet and the acquirers’ back-offices?
Gabriel Moynagh: The Data Integrator element of our solution ensures that we make the most use of our clients existing merchant data from all sources. It feeds information such as principle owners, address details, hierarchies, POS terminals etc. into the ComplianceMakerTM platform. The data integrator also collates billing information as well as clean merchant data and feeds this back to our client and to the communications platform. We can facilitate the automatic or manual upload of data. This includes validation and automated feedback of results. Similarly our platform can be used to feed the PCI DSS compliance status data back to the client, in effect creating a straight through processing platform for PCI DSS self-service compliance validation that can be offered to all of our partner entities.
This year, SysnetAIRTM has been awarded both the ‘Winner Jury Vote’ and ‘Best Product Pitch’ awards at the Florin Transaction Services Innovation Awards 2012. Could you elaborate a bit on the degree of innovation you deliver?
Gabriel Moynagh: SysnetAIRTM’s ComplianceMakerTM platform is unique in that our clients can implement a fully branded, tailored, compliance management solution that meets the specific needs of their merchants. The client gets dedicated, ring-fenced contact center resources which become a seamless extension of their own merchant contact center. This is an industry first service that has proven itself as the right way to approach PCI compliance. The overall SysnetAIRTM solution is extremely innovative in that it provides the acquirer with a distinct competitive advantage as it enables them to deliver a range of bespoke value added services to their merchants. Helping them to build strong relationships with their merchants, who in turn are using the value added services to grow their businesses – increasing merchant loyalty and revenue.
What parts of your business model has proven most convincing in bringing acquirer’s and their merchants on board?
Gabriel Moynagh: Acquirers respond particularly well to the fact that we white-label and that we do not contract directly with their merchants. We contract only with the acquirer and the relationship between the acquirer and their merchants remains unchanged. Critically – we do not take ownership of the merchant data we gather during the process, it belongs to the acquirer and they use it however they see fit. Acquirers also like the fact that we have a full communication suite that provides their merchants with assistance and guidance throughout the entire process. And the statistics support this approach – our clients have achieved over 80% merchant engagement and over 70% merchant compliance within the first year of implementing the solution. In addition, the value added services we deliver that are tailored to merchants’ requirements provide a real competitive differentiator for our clients that enables them to win new merchants and to retain their existing merchant base.
Sysnet and WorldPay have recently partnered to develop a fully branded, customised solution that meets the specific needs of WorldPay’s merchant portfolio. Could you tell us more about this partnership? What does this customised solution consist of and what does this initiative signify for Sysnet?
Gabriel Moynagh: We worked very closely with WorldPay to develop a fully branded, customised solution. The solution includes a tailored communication programme designed to encourage merchant engagement and to assist business owners throughout the compliance journey. The solution is delivered through a WorldPay-branded, online portal and the programme provides merchants with a step-by-step approach to achieving and maintaining PCI compliance. The programme also included live support to assist WorldPay’s merchants with questions they may have during the validation process. The solution incorporates an online self-assessment questionnaire that enables merchants to quickly and easily identify any areas of their business where they may fall short of the minimum security requirements of the PCI standard. They also receive scheduled scans of their website, e-commerce applications and IP addresses to identify potential points that could be compromised or hacked, along with easy-to-follow instructions to remedy deficiencies. We have also provided WorldPay with enhanced reporting and monitoring capabilities to manage the compliance of its merchants, which assists them in meeting their compliance requirements.
The partnership involves WorldPay’s US based merchants and signifies an important step forward for Sysnet it its global expansion which has a particular emphasis on the US.
What other significant partnerships and strategic alliances with other business partners (banks, service providers and merchants) has your company made?
Gabriel Moynagh: We have partnerships with 6 of the top 8 acquirers in the UK and Ireland with a number of major European clients coming on board later this year. We have over 300 clients, including banks, service providers and merchants in over 35 countries worldwide.
In your opinion, merchants can more easily comply with and reduce the cost of PCI requirements if ….
Gabriel Moynagh: … they properly train and educate their staff and reduce the scope of PCI so that it only forms a small element of their overall information security management programme. However, for some organisations this is not possible and their systems and/or business models mean that every day is a constant effort to remain compliant. For merchants that are going to the market for solutions it is important that they do so with a clear understanding of the issues that they are actually trying to address. There will always be those willing to sell you what they think you need. Many companies spend a significant amount of money to achieve compliance in the first place and are astounded when they subsequently fail assessments. The main reason for this is that the existing mind-set is that PCI DSS is a technology issue and while there are many technical elements in the standard if you look at it as a whole, it is more about having the correct processes in place to ensure the technology does what it is supposed to. Where data security and compliance responsibilities are clearly described and communicated to everyone from C-level right down to the interns, the organisation almost forces itself to remain compliant.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now