The Trump administration is proud of its deregulation endeavors. However, despite this backdrop, Citigroup finds itself subject to a Cease and Desist order from one of its key regulators, which has been concerned “for several years” about the bank’s risk controls.
The OCC was quite specific, including a requirement for “An EUC Tools Framework that shall, at a minimum, include … ongoing processes to inventory, track, and report compliance with the policies, procedures, standards, and controls for the use of EUC tools.”
Only Human
This post is part of our Only Human series where we highlight human error in spreadsheets and other end user computing (EUC) tools that negatively impact organizations.
What is an EUC Tool and Why Should l Care?
End user computing tools are used by every bank. They include spreadsheets and other user-developed applications in languages such as Python and R. While these may sound arcane and even quaint, these applications can support especially important business processes including modeling, stress testing, financial statements, trading and regulatory reporting to name but a few.
Uncle Sam and the regulators know that this is the case and are increasingly demanding banks manage the risks these EUCs pose.
It has come to Apparity’s attention that even the FDIC is now asking smaller banks to build an EUC inventory.
A Spreadsheet of Spreadsheets is Not the Solution
How difficult is it to develop a list of important spreadsheets?
You may ask yourself, “Why don’t we just email a spreadsheet around the firm and ask people to fill in the needed information. Job done!”
Unfortunately it requires more work than that. Working closely with banking clients, we’ve been told that the regulators (and auditors for that matter) will usually ask two questions.
- Do you have an EUC inventory
- Are you certain that it is accurate and complete?
Very few banks can answer the second question with any degree of conviction and confidence.
That spreadsheet of spreadsheets you just emailed around is a sitting duck to a regulator or auditor. Do you want to be on the receiving end of a Cease and Desist order, an MRA or even an audit point for poor risk controls?
More Than Peace of Mind
Apparity’s EUC risk management software offers not only peace of mind by accurately finding and controlling your important EUCs, but time and cost savings through automation and workflow tools. Apparity’s platform is the only 3rd generation solution and is proven in many of the world’s most complex financial institutions.
