Many financial institutions ignore or accept the risks inherent in using spreadsheets in critical business processes but it doesn’t have to be that way.

Although it is difficult to get a precise number, there are over a billion users of Excel in the world. Excel is both ubiquitous and heavily used because it offers a non-IT person a powerful tool for performing complex tasks. In the realm of financial services this includes financial reporting and analysis, credit evaluation and exceptions and operational workflow. These are business processes that attract the attention of auditors and regulators because they are so important to the functioning of the institution.

Significant risks remain in using Excel in these situations, though. Whether they are called EUCs (end user computing), UDAs (user developed applications) or something else, the main issues are that the spreadsheet is fundamentally a user tool rather than a platform.  Some organizations have taken a control-based posture in which they lock down access to shared drives and even employ a check-in/check-out process for the spreadsheet assets. There are significant gaps in this approach that present meaningful risk to the institution, among them:

1. Lack of auditability: a potential regulatory issue because even with the controls mentioned above the ability to show who changed what at which time is lacking in Excel.
2. Data isolation: spreadsheet data is located on islands (shared drives and desktops), meaning data controls fall short of what is possible even in a simple database.  Moreover, extracting the data for centralization and other uses (such as AI LLMs) creates risk related to ETL activities.

So, if the check-in/check-out mitigation is not a complete answer what are the alternatives?  Some Fis have turned to conversion of the EUC pseudo-systems onto a platform such as Appian or Pega. This approach answers the problems noted above but it can be time-consuming and costly to migrate users to a new experience.  In addition, this strategy introduces risks of its own; namely, errors in translating formulas and logic from one platform to another, users learning a new interface and procedures as well as data migration between disparate solutions.

There is another alternative that provides comprehensive risk mitigation while minimizing the disruption to users and development delays:  Velocity from Boardwalktech.  Boardwalk Velocity is the first product designed to address Excel EUC risk in a way that satisfies IT, regulators, and users simultaneously. Velocity’s cutting-edge technology eliminates Excel EUC risk at scale while preserving the Excel user experience, and at a remarkable 15x time and cost advantage compared to many re-platforming alternatives.

Boardwalk Velocity uses precision migration to transform the EUC to a server-driven database application with software development lifecycle (SDLC) controls thereby eliminating data-at-rest-on-the-desktop, and the EUC designation. But the user continues to work with native Excel on the desktop with changes to the formulas and macros under SDLC control.

This isn’t just theory – Velocity is in use by a Fortune 500 bank which is one of the top three in the United States and top 15 globally (by asset size). They are remediating a sizable EUC risk at scale and deriving significant benefits:

1. Complete data visibility and control:  auditable and trackable down to the cell level with fine-grained access control, the data is also now available in a true database for inclusion in the overall corporate data asset universe.
2. Low user impact:  while the data and functions have moved to a server database, the users continue to use Excel’s familiar interface so disruption to workflow is minimized or even eliminated.
3. Speed to remediation:  migration tools mean Excel data and logic is rapidly moved to the Velocity platform, reducing time and cost to address risk.

If you are ready to gain control over EUC risk, you can learn more and ask for a demo at https://www.boardwalktech.com/velocity