Spreadsheet Woes – Burden in SOX Compliance and Other Regulations

End User Computing (EUC) or end User Developed Application (UDA) systems like spreadsheets used to be ideal ad-hoc solutions for data processing and financial reporting. But those days are long gone.

Today, due to regulations like the:

  • Sarbanes-Oxley (SOX) Act,
  • Dodd-Frank Act,
  • IFRS (International Financial Reporting Standards),
  • E.U. Data Protection Directive,
  • Basel II,
  • NAIC Model Audit Rules,
  • FAS 157,
  • yes, there?s more ? and counting

a company can be bogged down when it tries to comply with such regulations while maintaining spreadsheet-reliant financial and information systems.

In an age where regulatory compliance have become part of the norm, companies need to enforce more stringent control measures like version control, access control, testing, reconciliation, and many others, in order to pass audits and to ensure that their spreadsheets are giving them only accurate and reliable information.

Now, the problem is, these control measures aren’t exactly tailor-made for a spreadsheet environment. While yes, it is possible to set up a spreadsheet and EUC control environment that utilises best practices, this is a potentially expensive, laborious, and time-consuming exercise, and even then, the system will still not be as foolproof or efficient as the regulations call for.

Testing and reconciliation alone can cost a significant amount of time and money to be effective:

  1. It requires multiple testers who need to test spreadsheets down to the cell level.
  2. Testers will have to deal with terribly disorganized and complicated spreadsheet systems that typically involve single cells being fed information by other cells in other sheets, which in turn may be found in other workbooks, or in another folder.
  3. Each month, an organisation may have new spreadsheets with new links, new macros, new formulas, new locations, and hence new objects to test.
  4. Spreadsheets rarely come with any kind of supporting documentation and version control, further hampering the verification process.
  5. Because Windows won’t allow you to open two Excel files with the same name simultaneously and because a succession of monthly-revised spreadsheets separated by mere folders but still bearing the same name is common in spreadsheet systems, it would be difficult to compare one spreadsheet with any of its older versions.

But testing and reconciliation are just two of the many activities that make regulatory compliance terribly tedious for a spreadsheet-reliant organisation. Therefore, the sheer intricacy of spreadsheet systems make examining and maintaining them next to impossible.

On the other hand, you can’t afford not to take these regulations seriously. Non-compliance with regulatory mandates can have dire consequences, not the least of which is the loss of investor confidence. And when investors start to doubt the management’s capability, customers will start to walk away too. Now that is a loss your competitors will only be too happy to gain.

Learn more about our server application solutions and discover a better way to comply with regulations.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

A Business Case for Sharing

We blogged about sharing services in a decentralised business context recently, and explained why we think why these should be IT-Based for speedy delivery. This is not to say that all shared services projects worldwide have been resounding successes. This is often down to the lack of a solid business case up front. We decided to lay out the logic behind this process.

Management Overview ? The overview includes a clear definition of why the current situation is unacceptable, the anticipated benefits of sharing, and an implementation plan were it to go ahead. The project should not proceed until the stakeholders have considered and agreed on this.

Alternatives Considered ? The next stage is to get closer to the other options in order to determine whether an alternative might perhaps be preferable. Substitutes for shared services are often doing nothing, improving the current method, and outsourcing the service to a third party.

The Bottom Line in Business ? Sharing services comes at an initial cost of infrastructure changes, and the impact on human capital (the latter deserves its own blog). The following need careful consideration from the financial angle:

Numbers to Work Through

  • Manpower to design and roll the project out in parallel with the existing organisation.
  • Capital for creating facilities at the central point including civil works, furniture and equipment and IT infrastructure.
  • The costs of travel, feeding and accommodation. These can be significant depending on the time that implementation takes.
  • The opportunity loss of diverting key staff – and the cost of temporary replacements – if appointing line staff to the project team.
  • Crystal-clear project metrics including (a) the direct, realisable savings (b) the medium and long-term effects on profit and (c) where to deploy the savings

Risk Management

Shared services projects don’t go equally smoothly, although planning should reduce the risk to manageable levels. Nonetheless it is important to imagine potential snags, decide how to mitigate them and what the cost might be.

We believe in implementing shared services on a pilot basis in the business unit that eventually provides them. We recommend building these out to other branches only when new processes are working smoothly.

Moving On From a Decision

We recommend you revisit your management overview, the logic behind it, the assumptions you made, and the costs and benefits you envisage before deciding to go ahead

The final step in proving a business case is doable should be fleshing out your roadmap into a detailed operations plan with dependencies on a spreadsheet.

Implementing Matrix Management

Matrix management is a culture change. More than the hierarchical structures, lines of responsibilities, modes of communication and channels of decision-making, it is a concept that needs to be planned ahead and managed appropriately over time.

Implementing matrix management to any organization can be confusing. It is essential to ensure that it fits right to your business strategies, skills and competencies. With this, realizing matrix management should not be taken lightly. Careful stages should be considered, instead.

Here are the steps to proper implementation of matrix management:

Consider Your Business Context

You need to evaluate your organisation to analyse what are your development needs with regards to skills, products, services and market environment. This will help you decide on what type of matrix structure you will apply in your organisation. Consider the following questions in building up your context:

  • What is our strategy?
  • Where are the demands in our business?
  • What are the structures that our competitors currently employ?
  • What are the talents that my people possess?
  • What are other business organizations doing?

Set Your Implementation Scope

Next, you need to define the parameter and set the scope of your implementation. What area in your business do you think matrix management will successfully work? There are several things that you need to consider in setting your scope. You have to make sure that it works well with your overall business strategies, that it can be excellently communicated and easily understood. Also, you must ensure that you acquire the necessary talents and skills in the business to deliver the new system of responsibilities.

Implement the New Structure

When you have already decided what structure type you will implement, you are ready to give it a go. You will need to establish new communication channels so you can monitor the progress and receive feedback effectively.

Here?s how to apply the matrix structure:

  • Highlight your development needs
  • Define roles based on outputs and not inputs
  • Line up procedures and systems to support the structure and the behaviour that comes with it.
  • Invest in training and development
  • Support the key people in the structure by coaching them to better adapt in changes
  • Communicate regularly
  • Monitor progress and make necessary adjustments

Review the Matrix Structure, Roles and Responsibilities

Organisations that successfully implement matrix management adapt to the changes in their environment. With this, they do regular evaluations to highlight the need for changes and revisions. The review can either focus on the structure only or to the entire process as a whole. The results can alter the structure, the roles involved and the responsibilities taken.

The process of implementing matrix management follows a step-by step method. Each stage is equally important with the rest. Hence, if you plan to exploit it in your organisation, you have to recognise the purpose of each step and follow it appropriately. Balance is the key. And when you achieve stability in matrix management, amidst the complex changes in the world of business, then your organisational success is just around the corner.

Disadvantages of Spreadsheets

Spreadsheets are flexible, inexpensive and easy to use. They are especially handy when it comes to beating report submission deadlines or making impromptu data computations. That’s why office workers, managers and even executives have made spreadsheets their go-to solution for such undertakings and more.

Spreadsheets have become so ubiquitous, that they’ve found their way into a wide range of applications including complex modelling, accounting reconciliations, market data analysis, work flow tracking and monitoring, analytical review and financial reporting.

Unfortunately, organisations heavy reliance on spreadsheets have made these User Developed Applications (UDA) into high-risk office tools. Simple spreadsheet errors like leaving out a negative sign or a cut-and-paste mistake have already caused million-dollar discrepancies. Also, when a fraudulent employee enters into the picture, the risks become unimaginable.

Think TransAlta?s spreadsheet cut-and-paste glitch (the company later called this a ?simple clerical error?) which caused the energy firm a whopping $24 million loss or Fidelity?s overstatement of its earnings owing to the omission of the minus sign on the spreadsheet of a $1.3 billion net capital loss.

In both cases and in many other similar spreadsheet fiasco, the errors played a major role in the organisation’s decision-making, leading to disastrous results including, but not limited to financial loss, shattered investor confidence and public embarrassment.

If these are scenarios your organisation can ill afford, then it’s time to ask yourself: Do the disadvantages of spreadsheets far outweigh their benefits to merit a call for total liberation from them?

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today