Risk Management Using Excel: Improving Spreadsheet Safety
Fred Vacelet, MBA, FRM/PRM, CTM, IFQ, is an international Financial Risk
Management Consultant with expertise in Risk Management methodological
frameworks. His experience spans some 25 years, advising international
banks and software houses on risk management. Fred holds various
degrees, including from London Business School, England, with
post-graduate studies at the Technische (then West)-Berlin, Germany, and
Keio, Japan, universities. His client list includes ABN Amro, Barclays,
Credit Suisse, National Bank of Egypt. He is a published author on risk
management and Basel Accords and a regular speaker at international
conferences. Fred writes and presents training courses and workshops on
risk management and Basel Accords.
Model risk is considered a critical risk, especially after the 2008 crisis and the witch hunt that followed. Financial institutions are still facing huge model risks. The mistakes are as costly as the inconvenience of not trusting models. Yet, there are ways to alleviate the issue.
- Horror stories with spreadsheets
- A few tips of fault-tolerance
- Data capture, dashboards, and others
- Core and peripherals of spreadsheets
- Setting up warnings within spreadsheets
- Cross-validation of spreadsheets
- Peer review and co-authoring
- Regular spreadsheet purges
- Regulating the use of spreadsheets, between modern back-of-envelope and overall ruling
- Training and spreading knowledge
- Setting up procedures with embedded spreadsheet risk management
Course Level - Intermediate
Who Should Attend
- Risk Managers
Why Should You Attend
Financial institutions are still navigating between two reefs: either use structured IT systems to house complex models, and stifle flexibility and innovation, or let people develop their measurements, models, and calculations, and face the quasi-certainty to work with inappropriate data, badly applied models, and misinterpretations of results.
A few measures can be taken, when building a spreadsheet model, to improve safety with data capture, calculations, and displaying of results, and significantly reduce the number of errors, as well as the time, is taken to chase for these errors. However, these all-too-simple steps are not always taken. We review a few of these. A more promising set of steps revolves around organizing the human interactions between the different users of spreadsheet-based information. In our experience, this is where things can go dramatically wrong in a few processes, and bring about the most frequent tensions between different functions.
The third line of defense, which is more difficult to implement but in our view more beneficial, consists in setting up a modus vivendi with spreadsheets, in that policies, procedures, systems, and controls acknowledge that spreadsheets are a part of life, yet their results can be used as evidence only with a set of conditions. This includes a few rules about structure, cross-validation rules, co-authoring obligations, and especially the documentation. Let us add that no user should consider spreadsheet results without having good knowledge about the topic of the calculations, hence cross-training and external training will be included within the spreadsheet-beware procedures.
With these measures being taken, it can go a long way towards ensuring a good balance between the flexibility of working processes and safety of operations.