spreadsheets - Blog - Global Risk Community2024-03-28T17:45:51Zhttps://globalriskcommunity.com/profiles/blogs/feed/tag/spreadsheetsTime to revisit rushed Dodd Frank compliance?https://globalriskcommunity.com/profiles/blogs/time-to-revisit-rushed-dodd-frank-compliance2014-10-03T10:26:51.000Z2014-10-03T10:26:51.000ZNeilVernonhttps://globalriskcommunity.com/members/NeilVernon<div><p>Implementation deadlines have been and gone but banks are still living in Dodd-Frank’s shadow. One of the issues is that best practice hasn’t yet been agreed: the regulators still need to clarify standards. This is leaving many fumbling around in the dark for the right route to compliance.</p><p>While the regulators iron out the standards, several financial institutions have cobbled together ‘half-way house’ applications so they can tick the compliance box. Some have even resorted to Excel for a quick fix. But this can’t be a long term solution.</p><p>So how much of an issue is this lack of standardisation? Under Dodd-Frank, banks must put any discrepancies in a trade with a counterparty under the microscope. Some banks are taking a literal, granular approach, creating an exception for every attribute of a trade that doesn’t match. Others are saving energy by grouping batches of similar exceptions together. It’s not yet clear which approach regulators will favour. But from this example, it’s evident that some banks are generating more work for themselves than others. The result? Increased operational cost to cope with the additional volumes of exceptions.</p><p>While uncertainty over the standards is still rife, one thing is for sure: manual processes won’t cut it when the standards are finalised or another rule comes along. To ensure they are completely compliant – fast – banks must leave spreadsheets behind and turn to automated systems that are easily adaptable and can accommodate any changes in the rules. Else they risk being overshadowed by competitors who have already adopted this approach.</p></div>No one-size-fits-all approach for recshttps://globalriskcommunity.com/profiles/blogs/no-one-size-fits-all-approach-for-recs2013-07-08T11:47:57.000Z2013-07-08T11:47:57.000ZNeilVernonhttps://globalriskcommunity.com/members/NeilVernon<div><p>We recently worked with Aite Group on a <a href="http://digbig.com/5bhnht">benchmark survey</a> exploring the reconciliation challenges facing financial services firms. The benchmark threw up a number of interesting findings around issues such as an over-reliance on manual processes, delays in onboarding and issues in handling non-standard and inter-system recs. In this first of a series of blogs on the benchmark findings, I will examine how a ‘one-size-fits-all’ approach no longer fits the bill.</p><p>Many banks are trying to use yesterday’s methods to solve today’s challenges. Shoehorning complex reconciliations into an existing model designed to process cash and nostro accounts simply won’t work for today’s more complex products. Even if another model is created, the time and costs outweigh the benefit so they turn to their beloved spreadsheets. Despite having numerous reconciliation platforms, 70-80% of reconciliations are still taking place in Excel.</p><p>And what happens if you’re only looking at conducting reconciliations once or twice? Do these recs continue to be done manually? The time and effort required to build a one-off rec is a wasted effort and there is no opportunity for future reuse.</p><p>Financial institutions might be compelled to stick to spreadsheets but this rudimentary tool equals increased cost and risk. The solution? Firms need to think outside the nostro box and look for a system that can eradicate their manual reconciliation footprint and provide results in real-time.</p></div>Risk Management and Spreadsheetshttps://globalriskcommunity.com/profiles/blogs/risk-management-and-spreadsheets2012-02-28T16:22:05.000Z2012-02-28T16:22:05.000ZRebecca Beardhttps://globalriskcommunity.com/members/RebeccaBeard<div><p>Many organisations are now using spreadsheets to monitor and manage their risks but research suggests that this could be inefficient and impractical for risk managers.</p><p>Software, such as StratexPoint, allows risks, that an organisation face, to be clarified, aligned and effectively managed. StratexSystems believe that every business should be able to execute their business strategy whilst operating within an acceptable level of risk exposure. With a series of easy-to-deploy visual tools, like those provided in StratexPoint, risk management can be made more efficient and effective, for any organisation.</p><p>The following papers reinforce the view that spreadsheets are not the best risk management tool; throughout the papers, common weaknesses and limitations when using spreadsheets to manage risks, particularly within the financial sector, are discussed.</p><p><a href="http://blogs.hbr.org/cs/2010/09/basel_iii_and_the_problem_with.html">http://blogs.hbr.org/cs/2010/09/basel_iii_and_the_problem_with.html</a></p><p><a href="http://arxiv.org/abs/0908.4420">http://arxiv.org/abs/0908.4420</a></p><p><a href="http://www.spreadsheetrisks.com/SpreadsheetsLondon.pdf">http://www.spreadsheetrisks.com/SpreadsheetsLondon.pdf</a></p></div>5 Reasons Why You Need ERM Softwarehttps://globalriskcommunity.com/profiles/blogs/5-reasons-why-you-need-erm-software2012-02-17T09:30:00.000Z2012-02-17T09:30:00.000ZSteven Minskyhttps://globalriskcommunity.com/members/StevenMinsky<div><p>How do you manage the uncertainty of what has not happened yet?</p><p><img src="http://www.logicmanager.com/img/erm-heatmap.png" width="259" align="right" alt="ERM Heat Map" />That’s where <a href="http://www.logicmanager.com/erm-software/product/">enterprise risk management software (ERM Software)</a> also known as operational risk management software comes in. It tracks the emerging risks and changes to existing risks across the enterprise and connects these changes to the activities and business metrics that run the business. A change in risk at the business process level, demands a change in the operating procedures to prevent this risk from materializing or seize an opportunity.<br /> <br /> The next time someone in your organization, has doubts about needing enterprise risk management software to effectively manage risk, consider these 5 universal truths:</p><ol><li><strong>Content: <a href="http://www.logicmanager.com/erm-software/product/assess/" target="_blank">Risk assessment templates, risk identification root cause libraries</a></strong> – ERM software comes with all the templates, standards, and libraries you need, on day one. ERM programs need this content before they can have an ERM program. Spending months developing this content and the time wasted of all those around the organization as well as the missed risks and opportunities. A change in risk at the business process level, demands a change in the operating procedures to prevent this risk from materializing or seize an opportunity.</li><li><strong>All in one Place: Timely decision making</strong> - this requires governance over the complex and time consuming activity of organizing and grouping information across silos and levels. With ERM software, all of your risk management activities are all in one place, so the process of rolling up and grouping information is automated to just a click of a button.</li><li><strong><a href="http://www.logicmanager.com/erm-software/product/dashboard-reports/" target="_blank">ERM Reports:</a> Accurate but easy to interpret views for your board</strong> – Since it is so hard to roll up information using spreadsheets, risk managers typically have to choose between presenting accurate but far too granular information, or high-level but less accurate assumptions to the board. ERM software eliminates this choice, as accurate risk information directly from the process owners is easily rolled up into holistic views of the enterprise. All of the information, metrics, and reporting tools are available right at your finger-tips, so senior management can make strategic decisions before goals are impacted based on reliable risk data aggregated from the process owners.</li><li><strong>Business Intelligence Tools with a forward looking perspective</strong> – spreadsheets, by nature, can only manage risk from a historical perspective; aka identify risks that have already happened. While this is important, what about the risks that your organization is susceptible to, but has been fortunate enough to avoid so far? ERM software provides the structure to prioritize and manage risk from a historical and forward looking perspective with capabilities to identify emerging and systemic risks and track trends over time.</li><li><strong>Linking risk to performance management</strong> – spreadsheets simply lack the ability to tie risks to goals and success measures. Only a robust taxonomy within ERM software is able to manage the complex relationships and interdependencies between root-cause risks, business activities, and the strategic goals they impact.</li></ol><p>Typically an organization starts their ERM journey from either a top-down strategic or bottom-up governance approach and then evolves to cover their entire enterprise. <span style="text-decoration:underline;"><strong><a href="http://www.logicmanager.com/erm-software/knowledge-center" title="Click here to watch the video">Click here to watch the video</a></strong></span> that best represents your current ERM challenge.</p></div>Risk Managers: Why Spreadsheets are Failing Youhttps://globalriskcommunity.com/profiles/blogs/risk-managers-why-spreadsheets2011-05-20T07:00:00.000Z2011-05-20T07:00:00.000ZSteven Minskyhttps://globalriskcommunity.com/members/StevenMinsky<div><div style="margin:10px 30px;"><p style="padding-bottom:4px;">While spreadsheets are still an excellent tool for data manipulation and one-dimensional analysis, they fall significantly short of delivering the capabilities a risk manager really needs to analyze trends and see the relationships the job entails.</p><p>The limitations of spreadsheets verses <a href="http://www.logicmanager.com/erm-software/erm-software.php" target="_blank">ERM software</a> are systemic and largely stem from the way they manage data, their inability to easily show relationships, and their general inaccessibility.</p><h3>Impractical</h3><div style="padding-left:3%;"><p style="padding-bottom:4px;">Risk management is an iterative process that requires collecting a great deal of information to glean the necessary insights. This often results in dozens of spreadsheets and documents each with multiple versions and revisions.</p><p>Not only does this impede the process of combining data into a coherent big picture, it also means any changes to <a href="http://www.logicmanager.com/erm-software/risk-management-culture.php" target="_blank">data structure</a> becomes a great undertaking. Dependent on spreadsheets, risk managers will spend countless hours validating data, double-checking formulas, and updating values instead of spending that time on much needed evaluation and mitigation.</p></div><h3>Relationships</h3><div style="padding-left:3%;"><p style="padding-bottom:4px;">Risk analysis is not a static process; it's dynamic and highly strategic. Assessment structure, information, and the people involved evolves over time as management's requirements and priorities change. </p><p style="padding-bottom:4px;">Spreadsheets, however, are ridged. With each change to a spreadsheet, <a href="http://www.logicmanager.com/erm-software/risk-management-culture.php" target="_blank">links between information</a> are lost making it very difficult to analyze relationships over time. Without these relationships, how will you link risks and their controls to your organization's strategic goals?</p><p style="padding-bottom:4px;">What's worse, spreadsheets can actually limit the depth of risk analysis. You can only analyze the relationships your risk tools can uncover. Spreadsheets offer limited access to past and current data, you cannot easily aggregate and dissect information, and they require a high level of technical knowledge to compare data over time.</p><p>Simply put, spreadsheets prevent an understanding of the dependencies and consequences between departments, processes, and strategic goals. Without these connections it's impossible to see how multiple risk can come together to create a disaster like the <a href="http://info.logicmanager.com/bid/36749/Government-Finds-BP-Blowout-was-Preventable-by-ERM-and-Not-GRC">BP oil spill</a> or the <a href="http://info.logicmanager.com/bid/44059/Japanese-Nuclear-Crisis-lessons-for-risk-managers">Japanese nuclear crisis</a>.</p></div><h3>Inaccessible</h3><div style="padding-left:3%;"><p style="padding-bottom:4px;">Risk management isn't something that can be done in isolation. The information risk managers collect and analyze needs to be accessible to the rest of the organization. Spreadsheets, however, aren't accessible to business intelligence software, to management, or to other support functions that could benefit from that data.</p><p>The result is a risk management function without support from management and an organization with an abundance of duplicate tests, controls, and information. Risk managers need to be able to aggregate and access information across business silos and multiple levels in order to engage the right people with the right information.</p></div><h3>The Solution</h3><div style="padding-left:3%;"><p style="padding-bottom:4px;">Risk management requires dynamic tools that can organize and link data automatically, analyze dependencies and consequences enterprise-wide, and be accessed by decision makers and other silos.</p><p>The solution is a robust software platform that can organize risk-information all in one place, link the relationships between data, and be accessible to the rest of the organization. Identify duplicate tests and controls, uncover the complex relationships between risks, and make that information accessible to decision-makers with <a href="http://www.logicmanager.com/getting-started-erm-video">one shared risk management platform</a>.</p></div></div></div>