Spreadsheet Fraud

To any company executive or business owner, the mere possibility of fraud can be enough to send alarm bells ringing – for good reason. In a prolonged recession, the last thing investors would want to discover is a huge, gaping hole where supposedly a neat profit should have been. Also to find out that such loss was brought about by deliberately falsified accounting and poor spreadsheet controls only makes the situation even more regrettable.

Why?

Because these losses would not have occurred had there been a stronger risk management program in place and more stringent quality control on critical data to begin with.

But given the nature of a spreadsheet system i.e. its sheer flexibility and easy accessibility, plus the fact that they were never intended to be enterprise-level tools, there are no hard and fast rules for auditing spreadsheets. Also because of the lack of internal controls for end user computing (EUC) applications, in this case spreadsheets, you can’t expect these systems to yield consistently accurate results.

In fact, most managers assume that major spreadsheet errors should result in figures that are blatantly out of touch with how things stand in the real world, making these errors easily detectable.

Well they assumed wrong. You’ll find cases where the losses ran to millions of dollars without anyone being the wiser.

In instances of fraud, the problem becomes more complicated as these errors are deliberately hidden and cleverly disguised, perhaps one erroneous cell at a time. Even if these cover-ups started out with smaller figures that may have had negligible impact on a company?s operation, the cumulative costs of these ?insignificant? errors multiply exponentially as the spreadsheets are reused and utilised as bases for other related reports.

While there is no generally accepted definition of the term ?spreadsheet fraud?, its quite easy to identify one when a case crops up. Fraud arising from spreadsheets are typically characterised by:

Fallacious inputs – correct figures are deliberately replaced with false values.

Erroneous outputs owing to data alteration – hyperlinks are linking to the wrong spreadsheets or cells; use of macros or special lines of code which are understandable only to the person who developed the code.

Concealment of critical information – can be done with easy ?tweaks? such as hidden rows and columns, using the same colour for both the font and the background, or hard coding additional values into a cell.

There is nothing really highly-sophisticated or technical in any of these methodologies. But without internal spreadsheet controls in place, it would take a discerning eye and a thorough review to catch the inconsistencies contained in a spreadsheet fraught with errors. Also, if these errors are knowingly placed there, the chances of finding them are close to nil.

Learn more about our server application solutions and discover a better way to protect your company from spreadsheet fraud.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Check our similar posts

Transformation to a process based organisation

Today’s global marketplace rewards nimble organisations that learn and reinvent themselves faster than their competition. Employees at all levels of these organisations see themselves as members of teams responsible for specific business processes, with performance measures tied to the success of the enterprise. As team members, they are “owners” of the process (or processes) to which they are assigned. They are responsible for both the day to day functioning of their process(s), and also for continuously seeking sustainable process improvements.

Transforming a traditionally designed “top down control” enterprise to a process-based organisation built around empowered teams actively engaged in business process re-engineering (BPR) has proven more difficult than many corporate leaders have expected. Poorly planned transformation efforts have resulted in both serious impacts to the bottom line, and even more serious damage to the organisation’s fabric of trust and confidence in leadership.

Tomislav Hernaus, in a publication titled “Generic Process Transformation Model: Transition to Process-based Organisation” has presented an overview of existing approaches to organisational transformation. From the sources reviewed, Heraus has synthesised a set of steps that collectively represent a framework for planning a successful organisational change effort. Key elements identified by Hernaus include:

Strategic Analysis:

The essential first step in any transformation effort must be development of a clear and practical vision of a future organisation that will be able to profitably compete under anticipated market conditions. That vision must be expected to flex and adjust as understanding of future market conditions change, but it must always be stated in terms that all organisational members can understand.

Identifying Core Business Processes:

With the strategic vision for the organisation in mind, the next step is to define the core business processes necessary for the future organisation to function. These processes may exist across the legacy organisation’s organisational structures.

Designing around Core Processes:

The next step is development of a schematic representation of the “end state” company, organised around the Core Business Processes defined in the previous step.

Transitional Organisational Forms/ Developing Support Systems:

In his transformation model, Hernaus recognises that information management systems designed for the legacy organisation may not be able to meet the needs of the process management teams in the new organisation. Interim management structures (that can function with currently available IT system outputs) may be required to allow IT professionals time to redesign the organisation’s information management system to be flexible enough to meet changing team needs.

Creating Awareness, Understanding, and Acceptance of the Process-based Organisation:

Starting immediately after the completion of the Strategic Analysis process described above, management must devote sufficient resources to assure that all organisation members, especially key managers, have a full understanding of how a process-based organisation functions. In addition, data based process management skills need to be provided to future process team members. It is not enough to schedule communication and training activities, and check them off the list as they are completed. It is critical that management set behavioural criteria for communication and training efforts that allow objective evaluation of the results of these efforts. Management must commit to continuing essential communication and training efforts until success criteria are achieved. During this effort, it may be determined that some members of the organisation are unlikely to ever accept the new roles they will be required to assume in a process-based organization. Replacement of these individuals should be seen as both an organisational necessity and a kindness to the employees affected.

Implementation of Process Teams:

After the completion of required training AND the completion of required IT system changes, process teams can be formally rolled out in a planned sequence. Providing new teams with part time support by qualified facilitators during the firsts weeks after start-up can pay valuable long term dividends.

Team Skill Development and Continuous Process Improvement:

Providing resources for on-going skill development and for providing timely and meaningful recognition of process team successes are two keys for success in a process-based organisation. Qualified individuals with responsibility for providing training and recognition must be clearly identified and provided with sufficient budgetary resources.

The Hernaus model for transformation to a process based organisation is both well thought out and clear. His paper provides an ample resource of references for further study.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Failure Mode and Effects Analysis

 

Any business in the manufacturing industry would know that anything can happen in the development stages of the product. And while you can certainly learn from each of these failures and improve the process the next time around, doing so would entail a lot of time and money.
A widely-used procedure in operations management utilised to identify and analyse potential reliability problems while still in the early stages of production is the Failure Mode and Effects Analysis (FMEA).

FMEAs help us focus on and understand the impact of possible process or product risks.

The FMEA method for quality is based largely on the traditional practice of achieving product reliability through comprehensive testing and using techniques such as probabilistic reliability modelling. To give us a better understanding of the process, let’s break it down to its two basic components ? the failure mode and the effects analysis.

Failure mode is defined as the means by which something may fail. It essentially answers the question “What could go wrong?” Failure modes are the potential flaws in a process or product that could have an impact on the end user – the customer.

Effects analysis, on the other hand, is the process by which the consequences of these failures are studied.

With the two aspects taken together, the FMEA can help:

  • Discover the possible risks that can come with a product or process;
  • Plan out courses of action to counter these risks, particularly, those with the highest potential impact; and
  • Monitor the action plan results, with emphasis on how risk was reduced.

Find out more about our Quality Assurance services in the following pages:

Migrating from CRM to Big Data

Big data moved to centre stage from being just another fad, and is being punted as the latest cure-all for information woes. It may well be, although like all transitions there are pitfalls. Denizon decided to highlight the major ones in the hope of fostering better understanding of what is involved.

Accurate data and interpretation of it have become increasingly critical. Ideas Laboratory reports that 84% of managers regard understanding their clients and predicting market trends essential, with accelerating demand for data savvy people the inevitable result. However Inc 5000 thinks many of them may have little idea of where to start. We should apply the lessons learned from when we implemented CRM because the dynamics are similar.

Be More Results Oriented

Denizon believes the key is focusing on the results we expect from Big Data first. Only then is it appropriate to apply our minds to the technology. By working the other way round we may end up with less than optimum solutions. We should understand the differences between options before committing to a choice, because it is expensive to switch software platforms in midstream. data lakes, hadoop, nosql, and graph databases all have their places, provided the solution you buy is scalable.

Clean Up Data First

The golden rule is not to automate anything before you understand it. Know the origin of your data, and if this is not reliable clean it up before you automate it. Big Data projects fail when executives become so enthused by results that they forget to ask themselves, ?Does this make sense in terms of what I expected??

Beware First Impressions

Big Data is just that. Many bits of information aggregated into averages and summaries. It does not make recommendations. It only prompts questions and what-if?s. Overlooking the need for the analytics that must follow can have you blindly relying on algorithms while setting your business sense aside.

Hire the Best Brains

Big Data?s competitive advantage depends on what human minds make with the processed information it spits out. This means tracing and affording creative talent able to make the shift from reactive analytics to proactive interaction with the data, and the customer decisions behind it.

If this provides a d?j? vu moment then you are not alone. Every iteration of the software revolution has seen vendors selling while the fish were running, and buyers clamouring for the opportunity. Decide what you want out first, use clean data, beware first impressions and get your analytics right. Then you are on the way to migrating successfully from CRM to Big Data.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today