Spreadsheet Risks in Banks

No other industry perhaps handles such large volumes of critical financial data more than the banking industry. For decades now, spreadsheets have become permanent fixtures in the front-line reporting tool sets of banks, providing organised information when and where needed.

But as banks enter into a period of heightened credit risks, elevated levels of fraud, and greater regulatory scrutiny, many are wondering if continued reliance on spreadsheets is a wise decision for banks today.

The downfall of Lehman Brothers which eventually led to its filing for Chapter 11 bankruptcy protection on September 15, 2008, served as a wake up call for many institutions across the globe to make a serious examination of their own risk management practices. But would these reforms include evaluating the security of user developed applications (UDAs), the most common of which are spreadsheets, and putting specific guidelines as to when they can – or cannot be – used?

Banks and Spreadsheet Use

Banks have been known to utilise spreadsheets systems for many critical functions because most personnel are well-acquainted with them, and the freedom of being able to develop customised reports without needing to consult with the IT department offers flexibility and convenience. In fact, more than having a way to do financial budgeting and analysing customer profitability, even loan officers and trade managers have become reliant on spreadsheets for risk management reporting and for making underwriting decisions.

But there are more than a few drawbacks to using spreadsheets for these tasks, and the sooner bank executives realise these, the sooner they can adopt better solutions.

General Limitations

Spreadsheets are far from being data base systems and yet more often than not, they are expected to act as such, with figures constantly added and formulas edited to produce the presumably right set of reports.

In addition, data integrity is always a cause for concern as most values in spreadsheets are entered as manual inputs. Even the mere misplacement of a comma or a negative sign, or an inadvertent ?edit? to a formula can also be a source of significant changes in the outcome.

Confidentiality risk is also another drawback of the use of spreadsheets in banks as these tools do not have adequate?access controls to limit access to only authorised individuals. Pertinent financial information that fall into the wrong hands can lead to a whole new set of problems including the possibility of fraud.

Risks in Trading

For trading transactions, spreadsheets can prove to be of immense use – but only for small market volumes. As trade volumes increase and the types vary, spreadsheets are no longer a viable solution and may likely become more of a hindrance, with calculations taking longer in the face of bigger transaction amounts and growing transaction data.

And in trading, there is always the need for rigorous computational functions. Computing for the Value at Risk (VaR) for large portfolios for instance, is simply way beyond the capabilities of spreadsheets. Banks that persist in using them are increasing the risk of loss on those portfolios. Or, they can be opening up?opportunities for fraud?as Allied Irish Bank (in the case of John Rusnak – $690 million) learned the hard way.

Risks in Underwriting

Bankers who use spreadsheets as their main source of information for underwriting procedures also face certain limitations. Loan transactions require that borrowers? financial data be centralised and easily accessible to risk officers and lending officers involved in making decisions. With spreadsheets, there is no simple and secure way of doing that. Information can be pulled from different sources – individual tax returns, corporate tax documents, partnership documents, audited financial statements – hence there is difficulty in verifying that these reports adhere to underwriting policies.

Spreadsheet control and monitoring

Financial institutions which are having difficulty weaning themselves from the convenience and simplicity that spreadsheets offer are looking for possible control solutions. Essentially, they want to find ways that allow them to continue using these UDAs and yet somehow eliminate the?spreadsheet risks?and limitations involved.

Still, the debate goes back and forth on whether adequate control measures can be implemented on spreadsheets so that that the risks are mitigated. Many services have come forward to herald innovative solutions for better spreadsheet management. But at the end of the day, there really is no guarantee that such solutions would suffice.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

Choosing Routes for ESOS Compliance

Along the introduction of Energy Savings Opportunity Scheme in UK is the quick emergence of various companies that offer ESOS compliant services. While some energy audit providers can help, qualified businesses should understand what their compliance options are, how these routes work and learn both the pros and cons in order to carefully take their pick.

Independent ISO 50001 Certification

ISO 50001 comprises the integration and application of processes geared to motivate energy saving and overall improvement. Simply stated, it is a framework that drives the organisation’s governance to realise energy saving strategies by allocating resources and participating in energy management. The good thing about ISO 50001 is that it includes an energy review that documents ideas and opportunities to save more energy.

However, ISO 50001 does not obligate organisations to cover 90% of their overall energy consumption. In case of partial coverage, the company needs to undergo additional energy assessments to evaluate all the significant energy consumption areas.

In order for an ISO 50001 certification to be valid, it must be certified by the United Kingdom Accreditation Service (UKAS), by an accreditation body which is a member of the International Accreditation Forum, or by a body accredited by another EU member state?s national accreditation body.

Display Energy Certificates and Green Deal Assessments

These two kinds of energy assessment reports can also contribute to ESOS compliance. Both of them are carried out by qualified lead assessors and valid for 10 years. However, they are only based on the building structures and services. They do not cover the overall significant areas in energy consumption. Since these reports are valid for 10 years, they would be used for two ESOS reporting periods. Thus, they would not be as current as the ISO 50001 certification. Aside from that, the assessments are purely based on energy efficiency and anyone can qualify to use the software that produce the certifications after taking the accreditation course.

Energy Audits

A successful energy audit leads to better understanding of the company?s energy consumption, identify alternatives, determine cost-effective energy saving opportunities and stimulate energy efficiency. Energy audits are beneficial to the organisation. What makes it complex is that the organisation applying it, needs to clearly define the scope and type of energy audit to use in order to comply with ESOS. Furthermore, the organisation also has to identify the teams that would be competent enough to do the audit work for the building, transport and industrial area, respectively.

Each route is not formed equal. Thus, organisations have the option to either choose one or combine the routes and meet their company needs. The options mentioned are different approaches to ESOS and the core value is to grab the opportunity towards acquiring more savings through efficient energy system.

How Ecovaro Can Help

Ecovaro is passionate about making a difference. We are knowledgeable when it comes to ESOS legislation and regulation, ISO 50001 energy management system, DECs and Green Deal Assessments. More than that, we recognise the great impact of efficient management system to your organisation. And with this, we provide an enthusiastic team of software engineers and expert project managers to offer you our professional help at reasonable price. Ecovaro comes to you fully equipped with services tailored to your organisation’s energy management needs.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
How Small Irish Businesses Avoid the GDPR Sting

Accountants providing chartered accounting services and tax advice are alerting smaller Irish companies to the consequences of the pending General Data Protection Regulation (GDPR). They believe these are going to feel the most pain come 25 May 2018, if they do not implement GDPR by then. We are trying our best to help avoid this situation by providing advice.

How to Kick the GDPR Ball into Play

The Irish Information Commissioner?s Office has produced a toolkit regarding where?s best to start. They suggest beginning with an information security assessment to determine the gaps companies need to close. Once quantified, this leads naturally to a plan of action, and resources needed to fulfil it. Here?s how to go about it:

1. Start by assessing your current ability to identify, assess, and manage threats to customer data security. Have you done anything at all to date? You must be holding some customer information surely, and it is highly likely the GDPR applies to you.

2. Next, review your company?s current customer data security policies. Are they documented and approved, or do new employees discover them sitting next to Nellie? Rate yourself on a scale where ten is successful implementation.

3. Now consider how well you have pinned responsibilities on individuals to implement policies and take the lead on GDPR. The latter should be the business owner, or a board member with clout to make things happen.

4. By now, you should have a grasp of the scale of work ahead of you, remembering the EU deadline is 25 May 2018. If this sounds overwhelming, consider outsourcing to your accountant or a specialist provider.

5. Under the General Data Protection Regulation you have only 72 hours to report a breach of customer data security to the Information Commissioner?s Office. Do you have a quality assurance mechanism to oversee this?

Tangible Things to Bring Your Own People on Board

With all the changes going on, there is a risk of your employees regarding GDPR as ?another management idea going nowhere.? Thus, it is important to incorporate the new EU regulations in staff training, particularly with regard to data security generally. They may fully come on board only once they see tangible signs of progress. You should in any case put the following measures in place unless you already have them:

1. A secure area for your servers and for any paperwork your customers provided. This implies access control on a need-to-know basis to protect the information against loss, damage, and theft.

2. A protocol for storage media and record disposal when you no longer require them or something supersedes them. You are the custodian of other people?s information and they deserve nothing less.

3. Procedures to secure customer data on employee mobile devices and computers: This must extend to work done at home, at consultant sites, and by remote workers.

4. Secure configuration of all existing and new hardware to minimise vulnerability and storage media crashes. These quality assurance measures should extend to removable media and remote backups.

So Is This the Worst of the Pain?

We are at the heart of the matter, although there is more to tell in future articles. You may be almost there, if you already protect your proprietary information. If not, you may have key company information already open to malware.We should welcome the EU General Data Protection Regulation as a notice that it is time to face up to the challenges of data protection and security generally. The age of hacking and malware is upon us. The offender could be a disgruntled employee, or your competition just down the street. It is time to take precautions.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Successful Engineer Communication With FieldElite

Technological innovations have been on the rise in the recent past. Our news media are awash with new technologies that are being released in almost every industry. From smart buildings to sophisticated gadgets, every industry has a technological invention to flaunt. 

One area in which technology has blossomed is the field service. In the field service management, things have moved a notch higher. Right from communication, document management, monitoring and evaluation, to information storage, nothing remains where it was a couple of years ago. You no longer have to carry clipboards around to do your inspections or pile files in the office. You no longer have to wait for your field service employees to return to the office before you can receive reports. By using a field service management software like FieldElite, you have it all done at a click. 

With FieldElite, you’ve got everything under control right from the comfort of your office. Provided you’re doing what you need to do and posting updates using the app, the rest will fall into place. Your employees will receive updates from you and vice versa. If there is a client who needs attention, they can easily issue a request through the app and the next available field service officer who?s within proximity will pick it up and attend to the customer?s needs. 

Everything is just a click away. Sounds great, right?

FieldElite is a robust field service management software that’s packed with a wide array of tools meant to simplify communication between the office and the field service employees. With FieldElite, you can reach all your engineers at one go. 

Below are a few of the communication features that make FieldElite the software of choice when it comes to field service management.

Simplified Communication

It’s very important to stay in touch with your engineers in the field to monitor the ongoing activities. For this reason, you need to choose a platform that doesn’t complicate the process. You don’t want important information to reach your team late. That would drag your activities.

Fast and effective communication is, therefore, very key in field service. FieldElite has consequently been made to simplify communication in the field service. Its simplicity can be compared to the usual consumer messaging apps. On the back-end, however, there are very many complex procedures executed through refined algorithms meant to process information and generate instant reports for engineers, supervisors, and the rest of the company team members.  

With the FieldElite app, communication is as easy as dropping a message in the team members? inbox. Again, the app?s communication system is centralised and, thus, every communication trail is easily retrievable. You don’t need different apps for messaging, audio and video calling, and document sharing. You have it all in FieldElite. Simply put, FieldElite is an all-in-one field service management tool that ropes in all essential digital modes of communication. 

But what’s the benefit of having all work-related communication in one place? 

With an all-in-one communication platform like FieldElite, you’ll cut down on wasted time and field tech frustration. Again, any urgent information will reach your engineers on time, and none of them will be left out. What’s more? With effective communication, expect the performance of your team to shoot up. 

Consistent Communication

Field technicians, in this case engineers, need to be kept on toes to get the job done. You can only achieve this by communicating with them more often. Therefore, you need a field service management platform that can offer you that. Most field service management software facilitates constant communication with team members in the field. Even so, not all are as good as you expect. So, you’ve got to be a bit more critical when choosing a field service management software for your business. 

A good field service management software is one that enables you to regularly check in with field techs to make sure that they have everything they need. With FieldElite, you can achieve more than this. FieldElite app allows you to communicate with your engineers from time to time through messages, calls, or shared documents. Again, the team gets information at the same time. 

So, how important is regular communication with your business? 

Keeping in touch with your team members in the field helps you build strong relationships with them. Additionally, you can easily spot areas that need improvement that otherwise could have been hidden from your viewpoint. What’s more? Employees feel valued when you check on them from time to time. As a result, this will boost their overall productivity, which contributes positively to the well-being of your business.

So, take your business to another level by making use of FieldElite communication tools to reach out to your engineers at any time.

Two-Way Communication

Communication in field service can only be successful if you can get feedback from your field techs. As such, the field management software should make it easier for your engineers to notify you of anything that needs urgent attention. With the FieldElite app?s communication features, your engineers can give you real-time updates from any device. The app is compatible with any android device, and, therefore, the field techs can use their smart handsets to communicate important information. 

The messaging and calling features are easy to manipulate, and with a little training, anyone can use them easily. Again, FieldElite allows you to make group calls or send many messages at the same time. Therefore, in case you?d like to talk to the entire team, you can choose to make a group call or send out bulk messages. 

Real-Time Updates

With FieldElite, you don’t need to wait until you meet your team to communicate any changes. You can notify your team on any work-related changes anytime, and as many times as is necessary. The good thing about FieldElite is that the information reaches all your engineers instantly and at the same time. Provided there?s strong network coverage, you’ll not have to deal with delayed communication. Again, your field techs can always get back to you in case they need clarifications on some matters.

Timely updates are very necessary for field service management. Field techs that get real-time updates tend to be more productive than those who get information late. At least they can make necessary changes on time to avoid wasting time on tasks that aren’t urgent. Therefore, make use of FieldElite communication features to keep your engineers updated.

Would you like to take your business to another level? Well, it’s time to improve communication with your field techs. Get the FieldElite android app for successful communication with your engineers.

Ready to work with Denizon?

Contact Us Today