Back to all announcements

Risk Integrated Pioneers New Solution to Mitigate Spreadsheet Risk for Complex Financial Calculations

Meeting Sarbanes Oxley and Basel II regulatory requirements without replacing core spreadsheets

London – 30 May 2006 - Risk Integrated, a consulting firm focusing on risk measurement for specialized finance, today announced a new solution for the effective management of spreadsheet risk. The company’s Enterprise Spreadsheet Platform (ESP) follows client demands for a sophisticated system that focuses on current spreadsheet risk and regulatory requirements. The application allows banks to manage internal controls and audit reporting for complex instruments.

The inherent risk with any spreadsheet based system is that individual users can cause material losses through personal errors. Today most banks already have an established set of rules, standards and controls over their accounting systems and many of the databases they access. However, controls have not yet been put into place for spreadsheet systems. With the introduction of Sarbanes-Oxley and the operational risk requirements of Basel II, this lack of reporting has become a key issue for financial institutions.

ESP facilitates the near elimination of spreadsheet risk in the enterprise computing environment, helping banks maintain control and full flexibility required for modelling complex financial structures. It is particularly useful for spreadsheet-based calculations that have to be applied across multiple instances of data inputs, such as individual deals within a portfolio distributed across the enterprise, while retaining centrally managed consistency and integrity throughout.

By using existing core spreadsheets ESP allows for effective risk management without requiring users to learn new programming languages. This changes the landscape of spreadsheet risk dramatically as current spreadsheets, which have already been proven, can be used without any changes to the underlying logic. The ESP hosts all spreadsheets on a server that is accessible across a company’s intranet. By storing all the data in a centralized location it allows users to see and audit all spreadsheets currently in use.

Yusuf Jafry, CTO of Risk Integrated comments: “By only allowing access to the required functionality for each level of user we can provide a high level of control for any organization that uses spreadsheets. Even those users with full access to spreadsheet functionality are still monitored by ESP. The system assigns and tracks changes for users providing a complete audit trail for all spreadsheets in use within an organization. Our system will help to put an end to the all too common cut-and-paste errors experienced in this industry and help to prevent rogue users committing fraud.”

ESP also allows the company to establish and set user and group level security and permissions. A user who is responsible for data input does not require access to the underlying spreadsheet and by restricting access operational risk is greatly reduced. Within the ESP, inputs and outputs are clearly defined and separable from the spreadsheet itself, thereby eliminating the introduction and propagation of errors within the core of the spreadsheets themselves.

Chris Marrison, CEO of Risk Integrated states: “Spreadsheet risk is something that has been overlooked in the past. As increasing regulatory pressure forces companies to assess this situation it appears the technology is only just catching up with the problem. As we continue to near the deadline for Basel II and other regulations, spreadsheet risk is becoming an increasingly important area. While solutions will be available for this in the future and specific programs to replace spreadsheets are already available, we are offering a solution that can address the issue now without having to replace the existing spreadsheets at the core of the system.”