Welcome to theInvu User Conference · Invu User Conference. ... (IPO’s etc.) –each is a project lasting weeks to months • 100’s of these a year • Involves establishing a

Welcome to the

Invu User Conference

Putting documents to work in

a process driven environment.

Agenda:

• Automated Accounts Payable - a customer perspective

• An interview with Metrus Property Advisors

• Automated Capture of Contracts (a customer case study)

• Shutting down the shared drive (presented by Sandeep Kang)

• Mobile Capture - powering business processes (presented by ABBYY)

• GDPR and the ethical use of data (Craig Arnold from Redmayne-Bentley)

• Mobile Forms - carry your forms, not the paper! (presented by Objectiflune)

• New Product Information

• Supplier Portal, Invu Dashboard, Document Briefcase & The Invu Roadmap (the next 12-18 months)

• Break Out Sessions

• Document & Email Management – Featuring Invu Drag & Drop

• Accounts Payable – Featuring Flexicapture for Invoices

• The Invu DM Surgery - Ask the experts

Automated Accounts Payable

An interview with Metrus Property Advisors

• The Customer:

• Finance Sector, Corporate Services

• What they do: Facilitate Transactions (IPO’s etc.) – each is a project lasting weeks to months

• 100’s of these a year

• Involves establishing a complete set of finalized documents

• The problem statement:

• Previously managed all documents as paper & email, resulting in printing and more

• No CRM system, No electronic check lists beyond the spreadsheet

• High value staff spend a lot of time filing, sorting and reviewing

• Especially for completeness

• Errors are embarrassing, costly and affect perception – and inevitable in manual system

• ……As ever, a mix of efficiency and control issues.

Automation in Corporate Services

Invu DMSCentral Filing Admin & Post-room

Key Staff

Raw scans& files

Email + Attachment

Client: SmithCode: ZebraType: Engage

Scan to filingPost & DVDs“Regardless of how

informationArrives – it can be quickly routed through central filing for automatic placement in either the project document set or the Day file”

“A full audit trail from the email to the filed attachment is maintained – and all is searchable from the get-go”

• The Problem

• Inconsistent organisation, Hard to search

• Risk of accidental loss – possibly un-noticed

• No real audit trail - not information security compliant

• IT manage bytes not information

• What companies are doing

• Reduce dependency on windows file system

• Some going to DropBox/One Drive, Others using SharePoint (aka an expensive “Shared Drive”)

• Same problem, bigger cost

• Taking control of information, by moving into a DMS system

• Benefits & summary

• Take what you need & make it findable and controlled (security & privacy)

Shutting down the “shared drive”

Drive TargetedCustomer Engagement with ABBYY Mobile Document Capture

Steve PontingHead of Customer EnablementABBYY Europe

@ABBYYEnterprise

One of the most important Industry Topics in 2016...

Source: ECM-Barometer, 2015, BITKOM, Participants: all ECM Providers in DACH

40%

Mobile Capture

37%

Digital Archive

26%

Invoice Processing

26%

Business Collaboration

18%

BigData

18%

UnstructuredInformation

23%

Workflows & BPM

Connect with CustomersAnytime and Anywhere

Thousands Millions BillionsConnected devices

TrillionsCustomer interactions

Mainframe

SNA

Terminal

Server

LAN/WAN

Client

Cloud

Mobile

LTE

Mobile Capture Tools for WorkgroupsIntegrated with Back End Systems

gas, water,electricity,

meter readingfire detectors

check

security systems inspection Envelop barcodes,

bills of lading, custom declarations

Customers ID papers, forms filled

Reports, invoices, statements

Typical Mobile Document Capture ProcessDocument Capture with Mobile Phones or Tablets

Real Time Data Capture

Mobile Capabilities Transformed

Payment Slips for e-banking

Shipping documents

Mobile Solutions for document processing

Health documents

Security & identity documents

Receipts (Travel, Fuel, Taxi, etc.) Other docs. e.g. Invoices?

Single Page Export

Mobile Imaging SDK for Server-side ProcessingMobile Imaging SDK

Noise Detection

Glare Detection Blur DetectionBrightness Perspec. Correction

Rotation

Single and Multi-Page Export

Multi Page ExportAuto Crop

Image Enhancement

Detection of image blur, uneven lighting,

or noise in the scanned image

Crop, perspective correction, rotation, edge detection, manual contrast

adjustment, noise removal, binarisation and sharpening

Single page export toPDF, PNG, or JPG and multi page

export to PDF

Image Quality Evaluation

On-Device Mobile Text RecognitionABBYY Mobile OCR Engine

Compact OCR and Business Card Reading technologies in Mobile Devices for: ID-Card (MRZ) processing, Payment Slip extraction, business card reading, and other on-device OCR tasks

Technical Specifications

• Accurate text recognition in 62 recognition languages

• 21 Main Languages (with dictionary support)

• 41 Additional Languages with Latin, CJK,

• Barcode Recognition

• Business Card reading in 21 languages

• Business Card Reading API

• Compact OCR code optimised for small memory sized systems

USE CASE

Receipt Capture forPersonal Finance

Example: Receipt Capture for Personal Finance & Tax DigitalMobile Capture APP

Step 2Scanning of the

receipt and Image Optimisation

Step 4Validation of the

extracted meta data

Step 5Export into the

backend applicationfor further processing

Step 1Start of the Process

(usernam/password)

Step 3Recognition of theReceipt and data

extraction

QUESTIONS?

Thank you for your attention!

Steve PontingHead of Customer EnablementABBYY Europe

GDPR and the ethical use of dataIMPACT OF THE EUROPEAN GENERAL DATA PROTECTION REGULATIONS

Who knows where this is?

Data Breaches

Target – 40 Million stolen credit card details.

Adobe – 38 Million account details stolen.

Yahoo – 1 Billion email accounts hacked?

Tesco – 20,000 bank accounts compromised.

That email server – President Clinton Trump!!

Origins of the GDPR

General Data Protection Regulation (GDPR) which will replace the 1995 Data Protection Directive and, in the UK, the Data Protection Act 1998.

Comes into force May 2018.

Brexit isn’t going to help anyone in avoiding it.

The GDPR significantly raises the stakes in terms of compliance, with maximum penalties of 4% annual global turnover or up to 20m Euros (whichever is higher).

Designed to protect Personal Data and Sensitive Personal Data

Internet Privacy

8 Nov 2016 - UK information commissioner Elizabeth Denham writes that eight weeks ago she kicked off an investigation into WhatsApp, because “I don’t think users have been given enough information about what Facebook plans to do with their information, and I don’t think WhatsApp has got valid consent from users to share the information.”

Who does it apply to?

The GDPR applies to ‘controllers’ and ‘processors’. The definitions are broadly the same as under the DPA – i.e. the controller says how and why personal data is processed and the processor acts on the controller’s behalf. If you are currently subject to the DPA, it is likely that you will also be subject to the GDPR.

If you are a processor, the GDPR places specific legal obligations on you; for example, you are required to maintain records of personal data and processing activities. You will have significantly more legal liability if you are responsible for a breach. These obligations for processors are a new requirement under the GDPR.

However, if you are a controller, you are not relieved of your obligations where a processor is involved – the GDPR places further obligations on you to ensure your contracts with processors comply with the GDPR.

The GDPR applies to processing carried out by organisations operating within the EU. It also applies to organisations outside the EU that offer goods or services to EU citizens.

The main principles (Article 5)

(a) processed lawfully, fairly and in a transparent manner in relation to individuals;

(b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;

(c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;

(d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;

(e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals;

(f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Article 5(2) requires that

“the controller shall be responsible for, and be able to demonstrate, compliance with the principles.”

Individuals’ rights

The right to be informed

The right of access

The right to rectification

The right to erasure

The right to restrict processing

The right to data portability

The right to object

Rights in relation to automated decision making and profiling.

Consent and Subject Access

Requests

Organisations relying on consent to process personal data will need to show that the consent is freely given, specific and informed and is an “unambiguous indication” of a data subject’s wishes and expressed either by a statement or a clear affirmative action.

Individuals can make subject access requests (SARs) to find out details of information held about them and how it Subject access requirements is used. SARs must be responded to by the data controller without undue delay and, at the latest, within one month of receipt of the request.

Do we need a DPO?

Under the GDPR, you must appoint a data protection officer (DPO) if you:

are a public authority (except for courts acting in their judicial capacity);

carry out large scale systematic monitoring of individuals (for example, online behaviour tracking); or

carry out large scale processing of special categories of data or data relating to criminal convictions and offences.

Any organisation is able to appoint a DPO. Regardless of whether the GDPR obliges you to appoint a DPO, you must ensure that your organisation has sufficient staff and skills to discharge your obligations under the GDPR.

Just send it to anyone…

Codes of Conduct and

Certifications

The GDPR endorses the use of approved codes of conduct and certification mechanisms to demonstrate that you comply.

The specific needs of micro, small and medium sized enterprises must be taken into account.

Signing up to a code of conduct or certification scheme is not obligatory. But if an approved code of conduct or certification scheme that covers your processing activity becomes available, you may wish to consider working towards it as a way of demonstrating that you comply.

Adhering to codes of conduct and certification schemes brings a number of benefits over and above demonstrating that you comply. It can:

improve transparency and accountability - enabling individuals to distinguish the organisations that meet the requirements of the law and they can trust with their personal data.

provide mitigation against enforcement action; and

improve standards by establishing best practice.

When contracting work to third parties, including processors, you may wish to consider whether they have signed up to codes of conduct or certification mechanisms.

Data Breaches and

Notifications

A personal data breach means a breach of security leading to the destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.

You only have to notify the relevant supervisory authority of a breach where it is likely to result in a risk to the rights and freedoms of individuals.

A notifiable breach has to be reported to the relevant supervisory authority within 72 hours of the organisation becoming aware of it.

You should make sure that your staff understands what constitutes a data breach, and that this is more than a loss of personal data.

You should ensure that you have an internal breach reporting procedure is in place.

Territorial scope

The GDPR expands the territorial scope of European data protection legislation to make it applicable to non-EU organisations offering goods or services to data subjects in the EU or monitoring their behaviour to the extent that the behaviour takes place in the EU. This ambitious approach formalises the approach taken by the Court of Justice of the European Union in recent cases but it remains to be seen whether it is enforceable.

"It would seem rather ambitious for the GDPR to seek to have extra-territorial reach, especially with the collection of personal data of European citizens by Asian companies in Asia, who do not have operations or protectable assets in Europe."(Rizwi Wun, Singapore)

"The fact that controllers in third countries will have to comply with the same rules as EU companies under certain circumstances creates a more level playing field for competition purposes."(Bernhard Schörghuber, Vienna)

http://Map.norsecorp.com/#/

Realtime Cyberwar

Sovereignty and Transfers

The GDPR imposes restrictions on the transfer of personal data outside the European Union, to third countries or international organisations, in order to ensure that the level of protection of individuals afforded by the GDPR is not undermined.

What should we do?

Data Classification Policy

Formal Processes and Procedures

Consider Standards Compliance

Appoint a DPO

Pay attention to 3rd-party risk

•

•

INV

U

Use high definition graphics and colours.

Conditional styling.

Graphics and information personalized for each client.

Add barcodes and scan marks.

Dynamic calculation.

Addition of dynamic elements: images, text, etc.

Social Media

On Line Promotion Application

Customer Contact and Help

Mobile Device Viewable

On Line Payments

Capture signatures

Perform validation on input fields

No connection requiredAdd pictures for proof of delivery or to record damages

Record geolocationinformation

Change quantities

• Everyone wants to mobile enabled systems, but getting there is not always so easy:

• Integration with data in back end systems to drive forms & activities

• Provisioning of the forms to the mobile devices

• Reactive designs required for good user experience

• Controlled access to the right forms by the right people

• Capture of the posted data and further processing

• Mobile Forms

• Offline or Connected and Interactive data capture forms

• Static or Data-driven forms delivered to mobile devices

• A perfect start point for a business process with

• Proof of Identity: Login / Signature

• Proof of Location: GPS & Time

• Proof of action: Photo

Mobile Forms

Invu DMS & Wokflow

OL ConnectSystem

Line of BusinessSystem(s)

Data Drives Forms

Form DataDelivered Push Data into

Systems

InvuDatabase

Store Data as a record

Line of BusinessSystem(s)

Mobile Forms DeliveredTo users (selective)

ConnectForm Store

Form templates &Powerful data-mapping

Offline or Connected forms

Can always link to form “document”

COTG & Invu

• From-TO imagery

• Back office transactions – TO Customer centric end to end process (all about the customer)

• Opinion – TO Data (businesses learning to use data to drive decisions)

• Keep everything – TO keep only what I can justify I need (Info-Sec & GDPR)

• IT: Desktop - TO cloud (365: email & cloud storage)

• Scanner TO mobile device (mobiles a key source of input & point of initiation)

• Document index – TO “Machine Learning” (manual tagging to analytics based extraction)

• Spreadsheet – TO system (control & audit trail)

• “Going Digital” means doing all of these!

Trends & Drivers

• Flexicapture V11 (current)

• Has now been being implemented for 2 years

• Email capture fixed in latest sub-version

• Very stable, Similar features to V10, but with many small improvements

• Upgrade from 10 very simple but only do if seeking a specific benefit/fix

• Flexicapture V12 now in beta

• Support for Office formats

• Better email support

• HTML (browser) verification stations

• Document Analytics based Classification

• And much more

• Slate for 1 years time from Invu

Platinum

Capture

• Flexicapture for Invoices (based on FC V11) – FC4IP

• FC4IP is the Abbyy native Invoice Capture solution – for best of class invoice data capture

• Includes a end user capture “training” feature so customers can manage own per supplier improvements

• Invu now (as of September 2016) implement FC4IP as standard

• It could be worth moving from “Invu Invoice Capture” to FC4IP

• Slightly higher license price – low cost to change from current FC license

• Some PS required, discuss your specific implementation with Invu

New! See it in the breakout session!

Capture - Invoices

Platinum

• Azure is Microsoft’s cloud Infrastructure & services

• Office365: The platform that runs Office365 and other MS cloud products

• Apps & Solutions: Partner Cloud based Products (such as Invu Supplier Portal)

• New technology features (Data Analytics, Internet of things, Mobile, Software Dev.)

• Co-lo: Cloud based “rack space” for IT to move their boxes to

……..Microsoft has bet the whole farm on Azure

• Azure is now the leading business cloud platform

• Secure, scalable, reliable & truly focused on business solutions

• UK based data centres now available & excellent partner support

• Invu as a Microsoft Gold Partner are committed to using Azure for

• Enabling customers who use 365 or virtual servers in Azure to use Invu products to the full

• New Cloud/Portal offerings

Microsoft Cloud: Azure

Customer Area 3

DMS

Invoices

Orders

Other

Supplier Portal

Supplier Area 1

Supplier Area 2

Supplier 1

Supplier 2

Supplier 3

Microsoft Cloud

(Azure)

Supplier Area 3

AP

Automatic

Upload:

• Documents

• Events

View Documents and Event history

Upload Invoice

WF & POP

Received

Coded

Approved or

Rejected

PostedAlso Orders

from a 3rd Party

Order System

Part of the Admin feature set.Included with DMS product.

Show key system metrics & trends across the Invu system:

• Documents• Activity• Users• Workflows• Tasks

Analytics Dashboard

• A new feature available for ALL Invu users – coming 2017 (Q3)

• Ability to make a selected number of documents available on the users Invu portal and their mobile device

• Offline access to documents on mobile device

• Ubiquitous (authenticated) access from the browser

• Mobile Notifications

• Secure & high availability:

• Microsoft Identity for access (2 factor if required*)

• Azure secure storage

• Not an uncontrolled sharing mechanism such as

• DropBox

• OneDrive

Briefcase

Sync

Portal:

Auto-Sync

Invu Mobile App

Access from anyDevice/browser

FavouriteDocuments

Offline access

Briefcase

Task: Please approve Holiday Request

Call to

action

Briefcase