Why Spreadsheets can send the Pillars of Solvency II Crashing Down


Solvency II is now fast approaching and while it may provide added protection to policy holders, its impact on the insurance industry is not all a bed of roses. Expect insurance companies to restructure, increase manpower, and raise spending on actuarial operations and risk management initiatives. Those that cannot, will have to go. But what have spreadsheets got to do with all these?

Well, spreadsheets aren’t really the main casts in this blockbuster of a regulatory exercise but they certainly have a significant supporting role to play. Pillar I of Solvency II, which calls for improved supervision on internal control, risk management, and corporate governance, and Pillar II, which tackles supervisory reporting and public disclosure of financial and other relevant information, both affect systems that have high-reliance on spreadsheets.

A little background about spreadsheets might help.

Who needs an IT solution when you can have spreadsheets?

Everyone in any organisation just love spreadsheets; from the office clerk to the CEO. Because they’re so easy to use (not to mention they’re a staple in office computers), people employ them for processing numbers and as an all-around tool for planning, forecasting, reporting, complex modelling, market data analysis, and so on. They make such tasks faster and easier. Really?

You probably haven’t heard of spreadsheet hell

Unfortunately, spreadsheets do have certain shortcomings. Due to their inherent structure and lack of controls, it is so easy to commit simple errors like an accidental copy paste, an omission of a negative sign, an incorrect data input, or an unintentional deletion. Such shortcomings may seem harmless until your shareholders discover a multi-million discrepancy in your financial report.

And because spreadsheet errors can go undetected for a long time, they are constant targets of fraudsters. In other words, spreadsheets are high risk applications.

Solvency II Impact on Spreadsheet-based Financial and IT Systems

Regulations like Solvency II, are aimed at reducing risks to manageable levels. Basically, Solvency II is a risk-based system wherein a company?s capital requirements will depend on its measured riskiness. If companies want to avoid facing onerous capital requirements, they have to comply.

The three pillars of Solvency II have to be in place. Now, since spreadsheets (also known as User Developed Applications or UDAs) are high-risk applications with weak control features and prone to produce inaccurate reports, companies will have a lot of work to do to establish Pillars II and III.

There are at least 8 articles that impact spreadsheets in the directive. Article 82, for example, which requires firms to ensure a high level of data quality and accuracy, strikes at the very core of spreadsheets? weakness.

A whitepaper by Raymond Panko entitled ?Spreadsheets and Sarbanes-Oxley: Regulations, Risks, and Control Frameworks? mentioned that 94% of audited real world operational spreadsheets that were included in his study were found to have errors and that an average of 5.2% of all cells in the audited spreadsheets had errors.

Furthermore, many articles in the directive call for the enforcement of better documentation. This is one thing that’s very tedious and almost unrealistic to do with spreadsheets because just about anyone uses them. Besides, with different ‘versions? of the same data existing in different workstations throughout the organisation, it would be extremely difficult to keep track of them all.

Because of spreadsheets you now need an IT solution

It is clear that, with the growing number of regulations and the mounting complexity of tasks needed for compliance, spreadsheets no longer belong in this era. What you need is a server-based solution that allows for seamless collaboration, data reliability, data consistency, increased security, automatic consolidation, and all the other features that make regulation compliance more doable.

One important ingredient for achieving Solvency II compliance is sound data risk management. Sad to say, the ubiquitous spreadsheet will only expose your data to more risks.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

Advert-Book-UK

amazon.co.uk

Advert-Book-USA

amazon.com

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

Cloud Computing Trends: Where is the Cloud Headed Next?

Cloud adoption has been quick and painless at the consumer level. For instance, everyone’s on Gmail, YouTube, Facebook and Twitter on a daily basis yet most think nothing of the fact that they’re already using cloud-based services. Small businesses have also discovered how cloud solutions have raised efficiency in the workplace up a notch or two, while also bringing about significant cost savings. Cloud applications, particularly those for communication, file sharing, office software, backup and storage, and customer management, have rapidly grown in usage among SMBs.

In the same manner, large corporations are starting to see the potential of moving some of their IT department, whether its infrastructure or network management, to the cloud. By all indications it would seem that whether we are ready for it or not, cloud computing technology is here for the long haul.

So where is the cloud headed to next? In this post we examine the trends in the world of cloud computing and what likely lies in store in the near future for cloud users.

Focus on Security

Security has always been a key concern in the cloud computing industry and this will not go away anytime soon. If anything, data security in the cloud will only get to be in the limelight even more as cloud adopters grow in number. That’s why we expect professional cloud services providers to start implementing measures that will help slowly build up confidence in cloud security.

We should soon see more advanced security techniques and protocols that would increase the overall level of privacy and protection for cloud-stored information. Tighter security for login encryptions and prevention of unauthorized access are priority although there are a lot more issues that may need to be addressed. Now it remains to be seen whether these moves are enough for corporate clients to put their full trust in the cloud. But then again, they can always find ways to stay secure while making use of cloud computing where they can, which brings us to the next cloud trend.

Hybrid Approach

Large businesses are taking a longer time to get used to and actually use cloud services, and understandably so. After all, these companies have more at stake when it comes to dealing with such valid issues as security, compliance, outages, legacy systems, and more. However, they also cannot ignore the very appealing characteristics of the cloud. For big companies that have substantial IT needs, scalability, business agility, and faster deployment are listed as the biggest draws of the cloud.

This is why analysts predict that as as these businesses look toward leveraging the benefits of the cloud while at the same time maintaining control over mission critical data and systems, the use of a hybrid approach, i.e. putting some services in a public and at the same time opting to utilize a private cloud for other applications, will see enormous growth.

Mobile Cloud Computing

The BYOD or Bring Your Own Device business policy is another emerging trend that would not have been possible if not for cloud technology. This practice involves having employees bring their mobile devices to work, allowing them to access company files, data, and applications from their personally-owned gadgets in and out of the workplace.

As with any new business practice, the concept of BYOD can be both advantageous and disadvantageous. On the one hand, some believe it helps increase employee productivity and lifts their morale, while reducing overall IT costs. On the other hand, BYOD also opens up a whole new set of problems that are quite consistent with what many businesses take issue with with cloud technology: security. Do the pros outweigh the cons or vice versa? This much isn’t clear yet but what is evident is that more cloud apps are going mobile.

Efficiency, Innovation

While cost savings has always been one benefit that cloud proponents are quick to point out, its capability to improve and streamline business processes, thereby increasing efficiency and agility within the organization, is another key opportunity that the cloud offers. This is evident when you take a look at the most commonly used cloud services: backup and archiving, business continuity, collaboration tools, and big data processing.

Moreover, the cloud is making it easier for individuals to create new products and produce new lines of business. With access to higher IT capacity at lesser cost and at faster deployment rates, businesses can scale into more innovation without having to worry about the availability of computing resources.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
How Accenture Keeps Rolling Out Sustainability

Multinational management-consulting and technology-services company Accenture has a good eye for sniffing out new business, with 305,000 employees advancing its interests in more than 200 cities in 56 countries evidence. Last year, it netted US$30 billion profit that is a tidy sum of money in anybody?s books.

Accenture also practices what it preaches. This is maximum business efficiency within moral standards. It tracks its carbon emissions from its offices around the world. Being a technology services company it is unsurprising that it automated the process. Being management consultants it can drill down to finest detail in its search for continuous improvement.

As a forward-thinking company Accenture is committed to transplanting its business skills into other organizations, in order to drive higher performance and sustain greater profits in the long term. It works with clients across borders and industries to integrate sustainability into their business models, and find effective ways to lighten carbon footprints.

The City of Seattle in Washington is a case in point. Following a proud history of nature and energy conservation, it engaged Accenture in 2013 to help it reduce downtown power consumption by 25%. Other project members were Microsoft supplying software, the local power utility for technical advice, and a non-profit to set up a smart building program. The initiative uses cloud services to process the big data generated by a host of building management services, plus a multitude of sensors, controls and meters.

The project is vital for the City. It wants to continue expanding but needs to avoid another power plant polluting its skyline. At the time of writing, the pilot sites had proved successful and the program was rolling out. Seattle?s next challenge is to acquire 15% of its energy from renewable sources by 2020.

The smart building solutions Seattle trialled in five downtown buildings, had a further welcome spinoff; by reducing operating times, facility managers can look forward to extended equipment life and fewer maintenance downtimes. The green building philosophy is alive and well in the City of Seattle, driven both by necessity and vision.

It is a no longer as question of if – but when – other urban communities follow suit. EcoVaro believes it is time long due for individual companies to start enjoying lower energy costs plus the prospect of profitably trading carbon credits. The process begins with measuring what you have and identifying cost-effective savings.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
2015 ESOS Guidelines Chapter 6 – Role of Lead Assessor

The primary role of the lead assessor is to make sure the enterprise?s assessment meets ESOS requirements. Their contribution is mandatory, with the only exception being where 100% of energy consumption received attention in an ISO 50001 that forms the basis of the ESOS report.

How to Find a Lead Assessor

An enterprise subject to ESOS must negotiate with a lead assessor with the necessary specialisms from one of the panels approved by the UK government. This can be a person within the organisation or an third party. If independent, then only one director of the enterprise need countersign the assessment report. If an employee, then two signatures are necessary. Before reaching a decision, consider

  • Whether the person has auditing experience in the sector
  • Whether they are familiar with the technology and the processes
  • Whether they have experience of auditing against a standard

The choice rests on the enterprise itself. The lead assessor performs the appointed role.

The Lead Assessor?s Role

The Lead Assessor?s main job is reviewing an ESOS assessment prepared by others against the standard, and deciding whether it meets the requirements. They may also contribute towards it. Typically their role includes:

  • Checking the calculation for total energy consumption across the entire enterprise
  • Reviewing the process whereby the 90% areas of significant consumption were identified
  • Confirming that certifications are in place for all alternate routes to compliance chosen
  • Checking that the audit reports meet the minimum criteria laid down by the ESOS system

Note: A lead assessor may partly prepare the assessment themselves, or simply verify that others did it correctly.

In the former instance a lead assessor might

  • Determine energy use profiles
  • Identify savings opportunities
  • Calculate savings measures
  • Present audit findings
  • Determine future methodology
  • Define sampling methods
  • Develop audit timetables
  • Establish site visit programs
  • Assemble ESOS information pack

Core Enterprise Responsibilities

The enterprise cannot absolve itself from responsibility for good governance. Accordingly, it remains liable for

  • Ensuring compliance with ESOS requirements
  • Selecting and appointing the lead assessor
  • Drawing attention to previous audit work
  • Agreeing with what the lead assessor does
  • Requesting directors to sign the assessment

The Environment Agency does not provide assessment templates as it believes this reduces the administrative burden on the enterprises it serves.

Ready to work with Denizon?

Contact Us Today