Shawbrook Bank, a specialist UK savings and lending Bank, has deployed a central platform for the management of business-critical spreadsheets, from ClusterSeven, the leading global supplier of strategic spreadsheet and end-user computing (EUC) management software.
A hosted solution, the Bank’s adoption of ClusterSeven is a key element of Shawbrook Bank’s strategy to build and strengthen its model risk management capabilities.
Shawbrook Bank was founded in 2011 to serve the needs of SMES and individuals in the UK. At 31 December 2016, the Bank’s total lending reached more than £4.1 billion and has raised over £3.9 billion in deposits since its launch.
With spreadsheets extensively used by Shawbrook to develop business-critical processes and applications, ClusterSeven is providing the Operational Risk team with central, automated oversight of all the Bank’s major spreadsheets and EUC models. The solution non-intrusively manages all Shawbrook’s business-critical spreadsheets, providing automated audit trails that highlight when and what changes have been made by individuals in the Bank’s high-risk applications. The level of detail provided to spreadsheet owners, reviewers and senior managers is exceptional – it is right down to a specific cell or formula in the file.
Head of Operational Risk at Shawbrook Bank Limited, Donna Bradley, explained the importance of such capability for risk management, “Many of our business-critical models are user-developed applications in Excel, which fall outside of the scope of IT and other enterprise systems. Excel offers tremendous benefits for collating, reconciling, manipulating and summarising key data, but due to a lack of controls (like in Word), there is a risk of critical structural changes to macros and links going undetected and passed into production.
“Manually monitoring changes in these complex models is impossible, and spreadsheet errors can potentially be extremely costly to our organisation, both financially and reputation wise,” Bradley elaborated. “With the pressure of regulation and demands for auditable model governance, automating spreadsheet management is the only conceivable way that we can comply and mitigate spreadsheet risk.”
The burden of model validation on the Operational Risk team has reduced. Due to the availability of the history of changes to models in ClusterSeven, the team is undertaking less frequent validation of the models to demonstrate compliance to regulators.
ClusterSeven has enabled strict enforcement of spreadsheet and EUC build policy among users. Every time a new spreadsheet is built, it is risk checked against a default set of rules configured in the solution to ensure that no rules have been broken. This capability is ensuring consistency, accuracy and integrity of all spreadsheet-based models in the Bank.
“Shawbrook Bank is realistic about the fact that user-built spreadsheet applications will always be a key tool in business operation,” Henry Umney, CEO of ClusterSeven commented. “Rather than trying to limit its use in favor of other enterprise systems – an exercise that often fails – the Bank has taken a strategic approach to its management for the benefit of users who need the flexible functionality of Excel to perform their day-to-day activities. In doing so, the organization is delivering against the needs of its users without putting the Bank at operational, regulatory, financial or reputational risk. In fact, most of the regulations (e.g. SOX, MIFID II, BCBS 239, Solvency II) today are demanding that financial institutions adopt demonstrable spreadsheet management in recognition of how widely Excel is used in business.”