Archive for the 'Breaking News' Category

The Spreadsheet Risk Continuum

Published January 14, 2010 Best Practices , Breaking News , Press Articles Leave a Comment
Tags: , , , , , , , , ,

After more than 5 years of helping some of the world’s most successful global organizations reduce their risk and exposure due to uncontrolled spreadsheets, Access databases and other end-user computing (EUC) applications, it has become very clear that reducing the risk is as much about technology as it is about cultural change. Almost every company today is dealing with issues surrounding spreadsheet and EUC risk, all with varying levels of maturity. The way I see it, reducing the risk efficiently requires a few key ingredients for success, including: adopting a formal policy on End-user Computing, defining internal controls for critical spreadsheets and EUCs, incorporating best practices, and implementing new Spreadsheet Control technology. As these ingredients are put in place, the organization’s risk level eventually decreases along the Spreadsheet Risk Continuum.

Policies & Controls
In a previous post, I discussed the merits and basics of adopting a formal EUC policy. I have also discussed the latest auditor guidance on spreadsheet controls from the famous white paper published in 2004 by PwC. There about 10 key controls to consider, including: access control, version control, change control, backup and archival, input control, documentation, segregation of duties, logic inspection/analytics, development lifecycle and data integrity.

Best Practices
There are many best practices, but I will mention a few here. The first requires following a formal process when implementing Spreadsheet Control. At Prodiance, we have developed a methodology we call the Spreadsheet Management Lifecycle, which involves inventory, risk assessment, control, remediation and reporting. In addition, it is important to have users properly trained on how to efficiently develop spreadsheets. This can result is models that have a smaller file size and have less margin for error because they are developed properly and are well documented.

Technology
The final stage in the Spreadsheet Risk Continuum involves implementing a technology solution to help make the earlier stages sustainable. Without technology, the tasks and controls  in the earlier stages become one-off projects, requiring end users to do extra work to follow policies. This manual approach often breaks down over time. So my point in all of this is the following:

To efficiently mitigate spreadsheet and EUC risk within an organization, there is a Spreadsheet Risk Continuum leading to success which requires a cultural change (e.g. policies, controls, best practices) and adoption of new technology.

What are your thoughts on this assertion?

Spreadsheets & Accounting Fraud – the Perfect Storm?

Published December 5, 2009 Auditor Guidance , Breaking News , Cases of Fraud & Errors , Press Articles Leave a Comment
Tags: , , , , , , ,

Accounting Fraud on the Rise
In November, PwC published a new report entitled The Global Economic Crime Survey: Economic Crime in a Downturn. Of 3,000 senior executives survey across 54 countries, 62% reported their organizations suffered a decline in revenues in the past year, and 40% reported the risk of economic crime has risen due to the recession. Given this 60-40 split, they expected organizations with increasing revenues would be immune to the increase in economic crime. However, this was not the case. To this end, economic crime remains a pervasive risk in today’s business environment where increasing pressures to perform, increased opportunities to commit fraud, and people’s attitude are skewed by survival instinct and personal motivation.

Spreadsheets & Fraud – The Perfect Storm?
One of the key findings from the survey is the sharp rise in accounting fraud, which contributed 38% of reported cases, which PwC claims is linked to the economic downturn. If we then link this trend with the ubiquity of spreadsheets used in financial and management reporting, we have the “perfect storm” conditions for fraud to occur. Spreadsheets, PC databases and other types of end-user computing applications (EUCs) are used to support many key financial and operational processes, including (but not limited to) journal entries, account reconciliations,  tracking and executing trades, revenue recognition, 401k contributions, executive compensation, actuarial processes, underwriting, budgeting, forecasting, and consolidation. Organizations are at risk and exposed when these mission critical spreadsheets are unmonitored and lack the proper IT controls such as change control, versioning, security and access control, segregation of duties, testing and validation, etc.

Is Your Organization at Risk?
So how do you know if your organization is at risk of spreadsheet accounting fraud? Clearly an assessment is needed which typically requires (at a minimum) performing an inventory and risk assessment of a sampling of key spreadsheets. This process can take several weeks or months to complete via manual means, but it can be accelerated by using Spreadsheet Management & Control software, domain expertise, and best practices from Prodiance. To read more about spreadsheets and fraud, I encourage readers to download my latest white paper entitled Fraud Detection & Prevention for Mission Critical Spreadsheets. For more details from the 2009 PwC Global Economic Crime Survey, you may download the full report here.

Your comments and thoughts?

Join the Prodiance Professional Network on LinkedIn

Published November 13, 2009 Best Practices , Breaking News , Events Leave a Comment
Tags: ,

Prodiance_LinkedIn_GroupProdiance has launched a new LinkedIn Group called the Prodiance Professional Network. The purpose of this group is to connect former and present Prodiance Enterprise Spreadsheet Management users, administrators and employees, allowing them to expand their professional development, exchange ideas, network and continue to be a part of the Prodiance community. The new group also provides news and updates from the company’s web site along with RSS feeds, recent blog posts, articles, upcoming events, job listings and Twitter feeds.

Join Here Today!

Letter to Washington and Response on EUC Risk

Published April 8, 2009 Breaking News , Regulatory Mandates Leave a Comment

Recently our CEO, Dr. Soheil Saadat, sent a letter to Mary Schapiro, the new SEC Chairman highlighting the risks associated with spreadsheets and EUCs in the derivatives trading environment. You can read the letter and the subsequent response from SEC associate director, Michael Macchiaroli. Based on the response, it appears the SEC has the issue licked and appropriate measures are already in place to protect against such financial and operational risks at all broker-dealers.

>> The Letter

>> The Response

What are your thoughts and comments?

Deutsche Bank 2009 Hedge Fund Survey Claims Risk Management & Transparency are Keys to Success

Published March 30, 2009 Analyst Research , Breaking News Leave a Comment
Tags:

Last week Deutsche Bank published its annual Hedge Fund Survey for 2009. Although the report provides an in-depth summary of current market dynamics and benefits of alternative investing, I thought it was worth noting that risk management and transparency were among the top selection criteria for investors in hedge funds. The report also mentions building regulatory pressures, which is in line with what we have heard lately from the Fed and the SEC.

By now, its safe to say that spreadsheets are the leading tool for managing hedge fund investment strategies. With hedge funds predicted at $200 Billion for 2009, a strategy for monitoring and controlling these critical spreadsheets would be prudent for increasing transparency.

You can read the press release and download the full report here.

Schapiro’s Testimony Calls for Fraud Control

Published March 17, 2009 Breaking News , Regulatory Mandates Comments
Tags: , , ,

Newly appointed SEC Chairman Mary Schapiro gave a testimony before the Subcommittee on Financial Services and General Government on March 11, 2009. At several points in her speech, Schapiro made reference to the need for better fraud controls to deal with the complex trading strategies and financial products that exist in today’s market. As we have learned, the trading environment for derivatives is fraught with complex spreadsheet models. Schaprio also made reference to accounting issues and fraud related to off-balance sheet liabilities, and the unregulated world of credit default swaps.

What is common among these scenarios? In many cases, enterprise IT applications have been replaced with complex, uncontrolled, and unmonitored spreadsheets and EUCs. Although their flexibility has enabled firms to model very complex scenarios, left uncontrolled, these spreadsheets are the first place the SEC should look for any fraudulent activities, financial loss or internal control gaps.

You can read the full speech here.

Your comments?

Bernanke Speech Highlights Failure of Risk Systems

Published March 12, 2009 Breaking News Comment
Tags: , ,

In his speech yesterday to the Council on Foreign Relations in Washington D.C., Bernanke highlighted the failure of risk management systems of the private sector as a catalyst in the financial crisis. He went on to state that current government regulatory regimes were inadequate for efficient investment, and that the Fed will take forceful actions moving forward to restore investor confidence and credit by reducing “systemic” risk.

Specifically, what are the “systemic” or inherent risks financial institutions face, and will the reform that is forthcoming address specific control gaps such as unmonitored and uncontrolled spreadsheets and EUCs?

Let’s hear your comments!

You can read the full speech here.

SEC Urges Companies to Keep Up Compliance Programs

Published March 5, 2009 Breaking News , Regulatory Mandates Leave a Comment
Tags: , ,

In case you missed it in the holiday shuffle, in December of 2008 the SEC sent an open letter to CEOs of registered firms urging them to keep up compliance programs despite cost cutting efforts. This call for more transparency and governance is the path toward bolstering public confidence and fairness in financial markets, according to SEC director Lori Richards.

You can read the full letter on the SEC’s web site here.

The Enterprise Spreadsheet: Pushing Toward Transparency (TABB Group)

Published February 24, 2009 Analyst Research , Breaking News Leave a Comment
Tags: , , ,

The TAB Group recently published a new research report entitled The Enterprise Spreadsheet: Pushing Toward Transparency. The report is available for purchase on their web site and promotes the need for greater transparency and control for complex spreadsheets used in derivatives trading within capital markets. In the report, analyst Adam Sussman points out that the spreadsheet ”has and will always be the workhorse of the desktop” but is quick to retort that with this power and flexibility comes complexity and inherent challenges in establishing control. History has proven that increased complexity also leads to increased risk.

You can view the full executive summary or purchase the report here.

Subscribe by Email Subscribe by Email
Add to Technorati Favorites

Prodiance on Twitter