Spreadsheet Fraud

To any company executive or business owner, the mere possibility of fraud can be enough to send alarm bells ringing – for good reason. In a prolonged recession, the last thing investors would want to discover is a huge, gaping hole where supposedly a neat profit should have been. Also to find out that such loss was brought about by deliberately falsified accounting and poor spreadsheet controls only makes the situation even more regrettable.

Why?

Because these losses would not have occurred had there been a stronger risk management program in place and more stringent quality control on critical data to begin with.

But given the nature of a spreadsheet system i.e. its sheer flexibility and easy accessibility, plus the fact that they were never intended to be enterprise-level tools, there are no hard and fast rules for auditing spreadsheets. Also because of the lack of internal controls for end user computing (EUC) applications, in this case spreadsheets, you can’t expect these systems to yield consistently accurate results.

In fact, most managers assume that major spreadsheet errors should result in figures that are blatantly out of touch with how things stand in the real world, making these errors easily detectable.

Well they assumed wrong. You’ll find cases where the losses ran to millions of dollars without anyone being the wiser.

In instances of fraud, the problem becomes more complicated as these errors are deliberately hidden and cleverly disguised, perhaps one erroneous cell at a time. Even if these cover-ups started out with smaller figures that may have had negligible impact on a company?s operation, the cumulative costs of these ?insignificant? errors multiply exponentially as the spreadsheets are reused and utilised as bases for other related reports.

While there is no generally accepted definition of the term ?spreadsheet fraud?, its quite easy to identify one when a case crops up. Fraud arising from spreadsheets are typically characterised by:

Fallacious inputs – correct figures are deliberately replaced with false values.

Erroneous outputs owing to data alteration – hyperlinks are linking to the wrong spreadsheets or cells; use of macros or special lines of code which are understandable only to the person who developed the code.

Concealment of critical information – can be done with easy ?tweaks? such as hidden rows and columns, using the same colour for both the font and the background, or hard coding additional values into a cell.

There is nothing really highly-sophisticated or technical in any of these methodologies. But without internal spreadsheet controls in place, it would take a discerning eye and a thorough review to catch the inconsistencies contained in a spreadsheet fraught with errors. Also, if these errors are knowingly placed there, the chances of finding them are close to nil.

Learn more about our server application solutions and discover a better way to protect your company from spreadsheet fraud.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Check our similar posts

Firewalls

There are two main reasons why some companies are hesitant to plug into the Internet.

  1. They know they’ll be exposing their company data to outside attacks from malicious individuals and malware.
  2. They fear their employees might get too many distractions: games, porn, chats, videos, and even social networking sites.

One vital component for your overall security strategy against such concerns? A firewall.

A firewall can block unauthorised access to certain Internet services from inside your organisation as well as prevent unauthenticated access from the outside. It is also used to monitor users’ activities while they were online.

In an enterprise setting, one may expect a collection of firewalls either for providing layered protection or segmenting off different units in the organisation. Some areas only need a standard line of defence while others require more restrictions. As such, certain firewalls may have different configurations compared to others.

Naturally, the more intricate an organisation’s defence requirements get, the more complex the task of monitoring, testing and configuring the firewalls becomes. That’s why we’re here to help.

  • We’ll evaluate your network as well as the security requirements of each department under your organisation to determine which firewall architecture is most suitable.
  • To achieve maximum efficiency, we’ll point out where each firewall should be positioned.
  • We’ll work with your key personnel to make sure all firewall configurations are set and optimised with your business rules in mind.
  • If a large number of firewalls are required, we’ll help you set up a firewall configuration management system.
  • Firewalls should be regularly tested and assessed to ensure they are in line with the organisation’s security policies. We’ll perform these routine tasks as well.

Firewalls aren’t very good at defending against sophisticated viruses. There are much better solutions for malware-related vulnerabilities, and we can help you in that regard too.

Other defences we’re capable of putting up include:

Six Sigma

Six Sigma has received much attention worldwide as a management strategy that is said to have brought about huge improvements and financial gains for such big-name companies as Allied Signal, General Electric (GE) and Motorola.

If you want to give your business the chance to attain the same resounding success, Six Sigma could be the method that will steer you towards that direction.

What is Six Sigma?

So what really is it? Six Sigma is a business management tool that was developed using the most effective quality improvement techniques from the last six decades. Basing its approach on discipline, verifiable data, and statistical calculations, Six Sigma aims to identify the causes of defects and eliminate them, thereby resulting in near-perfect products that meet or exceed customer’s satisfaction.

The core concept behind the Six Sigma method is that if an organisation can quantify the number of “defects” there are in a particular process, improvement activities can be implemented to eliminate them, and get as close to a “zero defects” scenario as possible. Defect here is defined as any process output that fails to meet customer specifications.

Six Sigma is also unique from other programs in that it calls for the creation of a special infrastructure of people within the organisation (“Champions“, “Black Belts“, “Green Belts“) who are to be expert in the methods.

Six Sigma Methodologies

When implementing Six Sigma projects, two methodologies are often employed. Although each method uses five phases each, these two are distinguished from each other using 5-letter acronyms and their specific uses.

DMAIC ? is the project methodology used to improve processes and maximise productivity of current business practices. The 5 letters stand for:

  • D ? Define (the problem)
  • M ? Measure (the main factors of the existing process)
  • A ??Analyse?(the information gathered to deter mine the causes of defects)
  • I ? Improve (the current process based on the analysis)
  • C ? Control (all succeeding processes so as to minimise additional defects)

DMADV – is the method most suitable if your business is looking to create new products or designs. The acronym stands for:

  • D ? Define (product goals as the consumer market demands)
  • M ? Measure (and identify product capabilities and risks)
  • A ??Analyse?(to create the best possible design)
  • D ? Design (the product or process details)
  • V ? Verify (the design)

How does Six Sigma differ from other quality programs?

If you think that Six Sigma is just another one of those business strategies that produce more hype than actual results, think again. Six Sigma uses three key concepts that sets it apart from other business management methods.

  • It is strictly a data-driven approach, where assumptions and guesswork do not figure in the decision making.
  • It focuses on achieving quantifiable financial results ? the bottom line ($) ? as much as giving emphasis on customer satisfaction.
  • It requires strong management leadership, while at the same time creating a role for every individual in the organisation.

Is Six Sigma right for your business?

While many other organisations such as Sony, Nokia, American Express, Xerox, Boeing, Kodak, Sun Micro-systems and many other blue chip companies have followed suit in adopting Six Sigma, the truth is, any company — whether you have a large manufacturing corporation, or a small business specialising in customer service.

Certainly, there is a lot more to Six Sigma than what you can probably absorb in one sitting or reading.

With our wide range of business management consultancy services, we can help you understand the Six Sigma method in the context of your business. We can also help you establish your improvement goals, set up your program, and train your own team of “champions” who can lead in implementing your Six Sigma goals.

Find out more about our Quality Assurance services in the following pages:

Excel Spreadsheet Conversion to SQL Reports

Spreadsheets are flexible, inexpensive and easy to use. They are especially handy when it comes to beating report submission deadlines or making impromptu data computations.

Unfortunately, organisations heavy reliance on spreadsheets have made these User Developed Applications (UDA) into high-risk office tools. Simple spreadsheet errors like leaving out a negative sign or a cut-and-paste mistake have already caused million-dollar discrepancies. Also, when a fraudulent employee enters into the picture, the risks become unimaginable.
Think TransAlta’s spreadsheet cut-and-paste glitch (the company later called this a ‘simple clerical error’) which caused the energy firm a whopping $24 million loss or Fidelity’s overstatement of its earnings owing to the omission of the minus sign on the spreadsheet of a $1.3 billion net capital loss.

Denizon can convert your Excel Spreadsheets to a web based SQL Server Reporting Services (SSRS). It does not import Excel data, rather it allows the creation and deployment of reports in a more efficient manner by querying the data.

So what is the problem with Spreadsheets?

  • Plagued with risk issues and vulnerable to fraud
  • Lacking in control features especially when copied, edited and emailed between many users
  • A burden to regulation compliance e.g. SOX (Sarbanes-Oxley)
Moreover:
  • Accidental copy-paste/Omission of a negative sign/Erroneous range selection
  • Incorrect data input or unintentional deletion of a character, cell, range, column, or row
  • Possibility of the user working on the wrong version
  • Prone to inconsistent company-wide reporting
  • Often ‘defenceless’ against unauthorised access

See Top 10 Disadvantages of Spreadsheets

What makes SQL Server Reporting Services better than Spreadsheets?

  • Free from spreadsheet risks & equipped with built-in controls that substantially reduce risks to data
  • Less prone to fraud
  • More suitable for regulatory compliance e.g. SOX
  • Designed for an agile business environment

Automatic consolidation eliminates errors and wasted time caused by tedious copy-pasting of data and linking of cells
Better collaboration capabilities allows team members to bring their heads together for planning, budgeting, and reporting even while on the go
Mobility support enables users to input data or retrieve information through their wireless mobile device

Superior sharing features ensures that everyone is exactly on the same page and viewing real-time information
Dashboards provide insightful information at-a-glance through KPIs, graphs, and various metrics
Drill-downs enable users to investigate unusual figures and gain a better understanding of the details that contribute to the big picture
Easy to learn interfaces allow your organisation to cope with fast personnel turnaround or Mergers & Acquisitions

Don’t know how to shift from Spreadsheets to SQL Server Reporting Services?

We’ve got the knowledge and expertise to assist you in:

  • Making a smooth and cost-efficient transition from risky spreadsheets to reliable reports
  • Designing and implementing SOX-compliant report-generating methods and procedures
  • Putting exposure to high-risk reporting methods a thing of the past

Ready to work with Denizon?

Contact Us Today