Payhawk helps companies cover all their responsibilities concerning accounting, reporting and controls. We keep the data secure, the processes compliant and the administrator in full control so that our customers can focus on growing their business.
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from the major card schemes. Validation of compliance is performed annually or quarterly. Payhawk has a PCI DSS Level 1 certification. This translates into bank-level security for the transactions and documents of our customers.
Storing data safely is not enough. The administrator needs to be able to trace all changes made to a document. Since this month, Payhawk helps customers by giving them a detailed expense history. In a log, they can see who, did what and when. If somebody tried to manipulate the data, the administrator can trace the changes and act immediately.
In the context of paperless accounting, this feature is especially important for our German customers. It covers the requirement of auditability from the Grundsätze zur ordnungsmäßigen Führung und Aufbewahrung von Büchern, Aufzeichnungen und Unterlagen in elektronischer Form sowie zum Datenzugriff (GoBD).
Closing and archiving accounting periods
Companies must close their books at the end of an accounting cycle for tax and reporting purposes. These finalized reports show the financial situation of a business over a certain accounting period. Building on them, the management makes investment decisions. And the state taxes the company. Changing the numbers in a later period can have negative consequences, even leading to prosecution.
Payhawk helps by giving our customers the option to close and archive months. If the administrator decides to archive an accounting period, they can turn the state of all expenses in this period to read-only. This means that expenses and their history logs show up. Their documents can be downloaded and they are part of the organisational export for this time-period. However, their values cannot be changed and the expense itself cannot be deleted anymore.
In the context of paperless accounting, this feature is especially important for our Spanish customers. For our German customers, it covers the requirement of unchangeable version history for the GoBD:
Request and approval history
The focus of the compliance features until now was post-transaction. It was about making sure that data is not changed. If changed, that all alternations are traceable.
Payhawk goes a step further. We offer our customers the option to account the history of every fund’s request and approval. In this log, they can see who requested funds and why as well as who approved these. If there is suspicious activity, the administrator can trace it and act swiftly.
Unfortunately, fraud and manipulation are part of the business world. Compliance measures aim to minimize the risk of infringements. At Payhawk, we provide our customers with well-matched tools to enhance the compliance and control process of companies.