Interview: The Privileged Position of the CFO in a World of Data

Implementing cybersecurity strategies, improving the ERP system, and automating basic tasks are all crucial for corporations today. The CFO, with access to all of the information in a company, is in a privileged position to recommend the best ways to carry out those tasks.

But without a good internal communication strategy, those tasks will remain in a to-do list. This is one of the ideas that Ricardo Sánchez Baker, CFO at Mexican flagship carrier Aeroméxico, highlights in this interview.

Sánchez Baker also shares his ideas and experience on topics such as cybersecurity, the importance of cultural changes when implementing new technology to the financial department, and the evolution and future of the CFO’s role in a world of constant technological changes.

Q: How are you handling cybersecurity in Aeroméxico’s finance department?

A: Cybersecurity is a very relevant and complex topic. We operate in an industry where so much information is exchanged with clients, providers, and authorities around the world. This means there are many points where information is shared, and it becomes difficult to control. There is also a lack of clear and consistent international regulation to protect ourselves.

That’s why we see cybersecurity from a global perspective. We’ve designed a plan that includes several changes. It used to be about protecting computers, but now it extends far beyond that. You have to protect employees’ cell phones, tablets, if a company computer is taken home, etc. That’s why we carried out an internal analysis, asking each of the areas what their “crown jewels” of information were that they want to protect the most. That’s how we prioritized the company’s key information.

During the analysis, we asked where they saw themselves as an area in three years, and from their answers we designed a security plan.

We’ve also worked very closely with Delta, a very important strategic partner for us.

Another area we’ve put particular emphasis on is cultural change. Because cybersecurity isn’t the sole responsibility of one area, such as IT or finance; it’s a collaborative effort, and that’s why it’s about company culture. Vulnerability can come from a simple phishing email, so our effort has been geared toward changing the company’s culture.

Our goal is to carry out a three-year plan—we are already halfway there—and once we’ve reached our goals, we’ll design a new plan. I believe it’s an effort that never ends.

Q: How do you handle cultural change when it comes to cybersecurity and new technologies?

A: With lots of communication. We’ve organized seminars and workshops saying that when it comes to security, everybody is involved. At the end of the day, airlines always have security in mind, in particular the security of the operation.

It’s something we’re working on with Human Resources, and we’re making progress, but we still have a way to go. For example, phishing emails are becoming increasingly sophisticated, we’ve even had some that look like internal emails. We’ve established very clear procedures so that, even when we do have a situation such as a phishing email, they can be detected it the procedures are followed.

While it’s certainly a cultural issue, it’s necessary to give people the tools for their protection.

Q: What technologies, current or emerging, do you consider the most important for a corporate financial department?

A: In terms of current technologies, we believe the cloud is increasingly important. It’s extremely relevant because on one hand, it allows for so much flexibility and scalability, and on the other, in an industry that handles so much data, we believe it’s safer and makes analyzing information much easier.

Something that’s still incipient but we are paying close attention to is blockchain because it allows you to handle data safely and swiftly. Form a financial point of view, that is very good because it strengthens the information and makes processes smoother. It’s still incipient but we’ve already talked with the IT department and we are paying attention to the trends. For now, we are very focused on transferring all of our ERP system to the cloud.

Q: What are the main risks of implementing new technologies to the finance department?

A: The main ones are to avoid vulnerability and to not lose historical data. For the finance department, saving all historical data is crucial, and that always comes with risks.

At the end of the day, each of these projects offers so many advantages, but during the transition [to the new technology] you can risk losing information and opening vulnerabilities. Guaranteeing constant access to the information is also necessary, so you don’t lose visibility of the business, even when you’re in the process of transitioning to the new technology.

Q: How has the role of the CFO changed over the past years, and how will it evolve over the next decade?

A: The role of a CFO has changed a lot in the past years. It used to be focused on producing financial reports and analysis for the CEO to help in decision-making. But the responsibilities of the CFO have evolved because we are in a privileged position where we have access to all of the information in the company. We can see what’s going on in each area, we can see if a route is operating well or not, and that allows us to be more proactive and use that information not only for reports, but to make recommendations and have a more strategic vision of what’s happening in the company. So, the CFO becomes a very valuable collaborator of the CEO. We’ve seen it ourselves here in Aeroméxico. We are lucky to have a CEO and a board who are very open to listening to alternatives. When you have access to information and your ideas are taken into account, it creates a virtuous circle where you are encouraged to continue looking for opportunities.

I believe that as technology advances, the CFO will become more dependent on it to deliver better reports and with more opportunities to be proactive when it comes to strategy. I think technology will allow many of the traditional aspects of the role to be automated, such as reporting and accounting. That will give the CFO more opportunities to play more strategic roles, and I think that’s where we should be headed.

This interview was conducted by Latin Trade for Council of the Americas.