Spreadsheet Fraud

To any company executive or business owner, the mere possibility of fraud can be enough to send alarm bells ringing – for good reason. In a prolonged recession, the last thing investors would want to discover is a huge, gaping hole where supposedly a neat profit should have been. Also to find out that such loss was brought about by deliberately falsified accounting and poor spreadsheet controls only makes the situation even more regrettable.

Why?

Because these losses would not have occurred had there been a stronger risk management program in place and more stringent quality control on critical data to begin with.

But given the nature of a spreadsheet system i.e. its sheer flexibility and easy accessibility, plus the fact that they were never intended to be enterprise-level tools, there are no hard and fast rules for auditing spreadsheets. Also because of the lack of internal controls for end user computing (EUC) applications, in this case spreadsheets, you can’t expect these systems to yield consistently accurate results.

In fact, most managers assume that major spreadsheet errors should result in figures that are blatantly out of touch with how things stand in the real world, making these errors easily detectable.

Well they assumed wrong. You’ll find cases where the losses ran to millions of dollars without anyone being the wiser.

In instances of fraud, the problem becomes more complicated as these errors are deliberately hidden and cleverly disguised, perhaps one erroneous cell at a time. Even if these cover-ups started out with smaller figures that may have had negligible impact on a company?s operation, the cumulative costs of these ?insignificant? errors multiply exponentially as the spreadsheets are reused and utilised as bases for other related reports.

While there is no generally accepted definition of the term ?spreadsheet fraud?, its quite easy to identify one when a case crops up. Fraud arising from spreadsheets are typically characterised by:

Fallacious inputs – correct figures are deliberately replaced with false values.

Erroneous outputs owing to data alteration – hyperlinks are linking to the wrong spreadsheets or cells; use of macros or special lines of code which are understandable only to the person who developed the code.

Concealment of critical information – can be done with easy ?tweaks? such as hidden rows and columns, using the same colour for both the font and the background, or hard coding additional values into a cell.

There is nothing really highly-sophisticated or technical in any of these methodologies. But without internal spreadsheet controls in place, it would take a discerning eye and a thorough review to catch the inconsistencies contained in a spreadsheet fraught with errors. Also, if these errors are knowingly placed there, the chances of finding them are close to nil.

Learn more about our server application solutions and discover a better way to protect your company from spreadsheet fraud.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Check our similar posts

The Connection Between Six Sigma and CRM

Six Sigma is an industrial business strategy directed at improving the quality of process outputs by eliminating errors and system variables. The end objective is to achieve a state where 99.99966% of events are likely to be defect free. This would yield a statistical rating of Sigma 6 hence the name.

The process itself is thankfully more user-friendly. It presents a model for evaluating and improving customer relationships based on data provided by an automated customer relations management (CRM) system. However in the nature of human interaction we doubt the 99.99966% is practically achievable.

Six Sigma Fundamentals

The basic tenets of the business doctrine and the features that set off are generally accepted to be the following:

  1. Continuous improvement is essential for success
  1. Business processes can be measured and improved
  1. Top down commitment is fundamental to sustained improvement
  1. Claims of progress must be quantifiable and yield financial benefits
  1. Management must lead with enthusiasm and passion
  1. Verifiable data is a non-negotiable (no guessing)

Steps Towards the Goal

The five basic steps in Six Sigma are define the system, measure key aspects, analyse the relevant data, improve the method, and control the process to sustain improvements. There are a number of variations to this DMAIC model, however it serves the purpose of this article. To create a bridge across to customer relationships management let us assume our CRM data has thrown out a report that average service times in our fast food chicken outlets are as follows.

<2 Minutes 3 to 8 Minutes 9 to 10 Minutes >10 Minutes
45% 30% 20% 5%
Table: Servicing Tickets in Chippy?s Chicken Caf?s

Using DMAIC to unravel the reasons behind this might proceed as follows

  • Define the system in order to understand the process. How are customers prioritised up front, and does the back of store follow suit?
  • Break the system up into manageable process chunks. How long should each take on average? Where are bottlenecks most likely to occur?
  • Analyse the ticket servicing data by store, by time of day, by time of week and by season. Does the type of food ordered have a bearing?
  • Examine all these variables carefully. Should there for example be separate queues for fast and slower orders, are there some recipes needing rejigging
  • Set a goal of 90% of tickets serviced within 8 minutes. Monitor progress carefully. Relate this to individual store profitability. Provide recognition.

Conclusion

A symbiotic relation between CRM and a process improvement system can provide a powerful vehicle for evidencing customer care and providing feedback through measurable results. Denizon has contributed to many strategically important systems.?

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Spreadsheet Risks in Banks

No other industry perhaps handles such large volumes of critical financial data more than the banking industry. For decades now, spreadsheets have become permanent fixtures in the front-line reporting tool sets of banks, providing organised information when and where needed.

But as banks enter into a period of heightened credit risks, elevated levels of fraud, and greater regulatory scrutiny, many are wondering if continued reliance on spreadsheets is a wise decision for banks today.

The downfall of Lehman Brothers which eventually led to its filing for Chapter 11 bankruptcy protection on September 15, 2008, served as a wake up call for many institutions across the globe to make a serious examination of their own risk management practices. But would these reforms include evaluating the security of user developed applications (UDAs), the most common of which are spreadsheets, and putting specific guidelines as to when they can – or cannot be – used?

Banks and Spreadsheet Use

Banks have been known to utilise spreadsheets systems for many critical functions because most personnel are well-acquainted with them, and the freedom of being able to develop customised reports without needing to consult with the IT department offers flexibility and convenience. In fact, more than having a way to do financial budgeting and analysing customer profitability, even loan officers and trade managers have become reliant on spreadsheets for risk management reporting and for making underwriting decisions.

But there are more than a few drawbacks to using spreadsheets for these tasks, and the sooner bank executives realise these, the sooner they can adopt better solutions.

General Limitations

Spreadsheets are far from being data base systems and yet more often than not, they are expected to act as such, with figures constantly added and formulas edited to produce the presumably right set of reports.

In addition, data integrity is always a cause for concern as most values in spreadsheets are entered as manual inputs. Even the mere misplacement of a comma or a negative sign, or an inadvertent ?edit? to a formula can also be a source of significant changes in the outcome.

Confidentiality risk is also another drawback of the use of spreadsheets in banks as these tools do not have adequate?access controls to limit access to only authorised individuals. Pertinent financial information that fall into the wrong hands can lead to a whole new set of problems including the possibility of fraud.

Risks in Trading

For trading transactions, spreadsheets can prove to be of immense use – but only for small market volumes. As trade volumes increase and the types vary, spreadsheets are no longer a viable solution and may likely become more of a hindrance, with calculations taking longer in the face of bigger transaction amounts and growing transaction data.

And in trading, there is always the need for rigorous computational functions. Computing for the Value at Risk (VaR) for large portfolios for instance, is simply way beyond the capabilities of spreadsheets. Banks that persist in using them are increasing the risk of loss on those portfolios. Or, they can be opening up?opportunities for fraud?as Allied Irish Bank (in the case of John Rusnak – $690 million) learned the hard way.

Risks in Underwriting

Bankers who use spreadsheets as their main source of information for underwriting procedures also face certain limitations. Loan transactions require that borrowers? financial data be centralised and easily accessible to risk officers and lending officers involved in making decisions. With spreadsheets, there is no simple and secure way of doing that. Information can be pulled from different sources – individual tax returns, corporate tax documents, partnership documents, audited financial statements – hence there is difficulty in verifying that these reports adhere to underwriting policies.

Spreadsheet control and monitoring

Financial institutions which are having difficulty weaning themselves from the convenience and simplicity that spreadsheets offer are looking for possible control solutions. Essentially, they want to find ways that allow them to continue using these UDAs and yet somehow eliminate the?spreadsheet risks?and limitations involved.

Still, the debate goes back and forth on whether adequate control measures can be implemented on spreadsheets so that that the risks are mitigated. Many services have come forward to herald innovative solutions for better spreadsheet management. But at the end of the day, there really is no guarantee that such solutions would suffice.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
How the Dodd-Frank Act affects Investment Banking

The regulatory reform known as the Dodd-Frank Act has been hailed as the most revolutionary, comprehensive financial policy implemented in the United States since the years of the Great Depression. Created to protect consumers and investors, the Dodd-Frank Act is made up of a set of regulations and restrictions overseen by a number of specific government departments. As a result of this continuous scrutiny, banks and financial institutions are now subject to more-stringent accountability and full-disclosure transparency in all transactions.

The Dodd-Frank Act was also created to keep checks and balances on mega-giant financial firms that were considered too big to crash or default. This was especially deemed crucial after the collapse of the powerhouse financial institution Lehman Brothers in 2008. The intended result is to bring an end to the recent rash of bailouts that have plagued the U.S. financial system.

Additionally, the Dodd-Frank Act was created to protect consumers from unethical, abusive practices in the financial services industry. In recent years, reports of many of these abuses have centered around unethical lending practices and astronomically-high interest rates from mortgage lenders and banks.

Originally created by Representative Barney Frank, Senator Chris Dodd and Senator Dick Durbin, the Dodd-Frank Wall Street Reform and Consumer Protection Act, as it is officially called, originated as a response to the problems and financial abuses that had been exposed during the nation’s economic recession, which began to worsen in 2008. The bill was signed into law and enacted by President Obama on July 21, 2010.

Although it may seem complicated, the Dodd-Frank Act can be more easily comprehended if broken down to its most essential points, especially the points that most affect investment banking. Here are some of the component acts within the Dodd-Frank Act that directly involve regulation for investment banks and lending institutions:

* Financial Stability Oversight Council (FSOC): The FSOC is a committee of nine member departments, including the Securities and Exchange Commission, the Federal Reserve and the Consumer Financial Protection Bureau. With the Treasury Secretary as chairman, the FSOC determines whether or not a bank is getting too big. If it is, the Federal Reserve can request that a bank increase its reserve requirement, which is made up of funds in reserve that aren’t being used for business or lending costs. The FSOC also has contingencies for banks in case they become insolvent in any way.

? The Volcker Rule: The Volcker Rule bans banks from investing, owning or trading any funds for their own profit. This includes sponsoring hedge funds, maintaining private equity funds, and any other sort of similar trading or investing. As an exception, banks will still be allowed to do trading under certain conditions, such as currency trading to circulate and offset their own foreign currency holdings. The primary purpose of the Volcker Rule is to prohibit banks from trading for their own financial gain, rather than trading for the benefit of their clients. The Volcker Rule also serves to prohibit banks from putting their own capital in high-risk investments, particularly since the government is guaranteeing all of their deposits. For the next two years, the government has given banks a grace period to restructure their own funding system so as to comply with this rule.

? Commodity Futures Trading Commission (CFTC): The CFTC regulates derivative trades and requires them to be made in public. Derivative trades, such as credit default swaps, are regularly transacted among financial institutions, but the new regulation insures that all such trades must now be done under full disclosure.

? Consumer Financial Protection Bureau (CFPB): The CFPB was created to protect customers and consumers from unscrupulous, unethical business practices by banks and other financial institutions. One way the CFPB works is by providing a toll-free hotline for consumers with questions about mortgage loans and other credit and lending issues. The 24- hour hotline also allows consumers to report any problems they have with specific financial services and institutions.

? Whistle-Blowing Provision: As part of its plan to eradicate corrupt insider trading practices, the Dodd-Frank Act has a proviso allowing anyone with information about these types of violations to come forward. Consumers can report these irregularities directly to the government, and may be eligible to receive a financial reward for doing so.

Critics of the Dodd-Frank Act feel that these regulations are too harsh, and speculate that the enactment of these restrictions will only serve to send more business to European investment banks. Nevertheless, there is general agreement that the Dodd-Frank Act became necessary because of the unscrupulous behaviour of the financial institutions themselves. Although these irregular and ultimately unethical practices resulted in the downfall of some institutions, others survived or were bailed out at the government’s expense.

Because of these factors, there was more than the usual bi-partisan support for the Dodd-Frank Act. As a means of checks and balances, the hope is that the new regulations will make the world of investment banking a safer place for the consumer.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today