Quick Links
Advertise with Sarbanes Oxley Compliance Journal

< Back

Sarbanes Oxley : Technology : Spreadsheet

Are Greed, Lack of Oversight & Lack of Transparency to Blame?

The Financial Crisis & Spreadsheets

By Soheil Saadat
Soheil Saadat
President and CEO
Prodiance Corporation

In the midst of the current economic crisis, greed, lack of oversight, and lack of transparency have left an “open door” in many organizations for non-compliance, gross accounting errors, and even fraud. According to Baseline Consulting, approximately 68% of today’s corporate data is managed in IT controlled applications, and 32% is stored in key spreadsheets, Access databases, BI and management reports, office documents, and other end-user computing (EUC) applications. In many cases, these EUCs are managed in uncontrolled environments and lack the proper safeguards and controls needed to ensure that bad things don’t happen. It’s these bad things – gross errors in key spreadsheets, “undocumented” transactions hidden in invisible cells or hidden worksheets, unauthorized changes, and logic errors - that create unacceptable risk and exposure for organizations.

Uncontrolled Spreadsheets Leave an Open Door for Fraud
In a recent case involving fraud, a CFO was falsifying financial statements for a period of 5 years. When the fraud was exposed, it was too late and the company suffered steep fines, a $437 million decline in market cap, and will suffer for a long time from a shattered company and brand image. In another recent case, a French banking powerhouse realized a €7 billion loss in a rouge trading scandal where auditors speculated uncontrolled spreadsheets were once again the vehicle for fraud activity.

Taking a Proactive Approach to Mitigating Risk
Spreadsheets are perhaps the most risky EUC in most organizations. They are used in some of the most mission critical processes: equities trading, risk and uncertainty analysis, financial reporting, closing the books, account reconciliations. Their ubiquity and flexibility in delivering immediate results also presents many challenges, including lack of change control, multiple outdated and even conflicting versions, unauthorized changes, no archival or backup process, lack of documentation, logic errors, and more. Organizations that do not take a proactive approach to controlling mission critical spreadsheets and other EUCs may face significant loss events, non-compliance with regulatory mandates, and even losses in shareholder value due to earnings restatements.
Fortunately, help is on the horizon. A new breed of software applications for Spreadsheet Management and Control are emerging within the GRC market, leading tax and audit firms have issued guidance on spreadsheet control, and many have developed new practices to help get companies started. The business case for Spreadsheet Management and Control is compelling and there are many ROI contributors, including:

•    Effective risk mitigation to help avoid fraud and loss events
•    Improved compliance with legal and regulatory mandates
•    Process efficiencies gained through faster audit cycles and faster closes

The average cost savings in the first year after deploying an automated solution is $250,000, and additional returns can realized from avoiding significant loss events. If your organization is exposed to spreadsheet risk, be proactive and ask your auditor for guidance.

Soheil Saadat
President and CEO
Prodiance Corporation
Dr. Soheil Saadat is president and CEO at Prodiance Corporation, a leading provider of Governance, Risk and Compliance (GRC) solutions to help organizations increase visibility, transparency and control over End User Computing applications such as spreadsheets, databases and BI reports which comprise a significant portion of mission critical data within organizations.

About Us Editorial

© 2019 Simplex Knowledge Company. All Rights Reserved.   |   TERMS OF USE  |   PRIVACY POLICY