Source: Cluster Seven
Sumitomo Mitsui Banking Corporation Europe Limited (SMBCE), a subsidiary of the global Japanese commercial bank, is deploying ClusterSeven’s End User Computing (EUC) governance platform to enable the bank to understand its EUC (spreadsheets, databases and financial modelling tools) landscape, identify where the risks lie and institute the necessary automated controls to mitigate them.
This is driven by the ever-growing and stringent reporting requirements stipulated by Common Reporting (COREP), the reporting framework issued by the European Banking Authority for the Capital Requirements Directive; and the Sarbanes Oxley Act of 2002, among many other Prudential Regulation Authority directives.
The ClusterSeven framework will be centrally deployed in the Risk Management department of the bank and rolled out to users across the bank. This will encourage broader ‘ownership’ of risk management.
SMBCE will establish a central, automated control framework for EUC management based on the risk policies and procedures of the organisation. The bank will have visibility of all its critical EUC files across their lifecycle - from creation through to retirement - that have been prioritised and reside in the ClusterSeven solution. To support SMBCE’s data integrity, departments will be able to easily track and closely monitor the changes being made to the critical / high risk EUC files. Where there is duplication of models for similar calculations, the bank will be able to eliminate repetition, for cost and time efficiency. Likewise, where deemed important, the bank will be able to decommission critical EUC files and move the data to the enterprise system for confidentiality and data security.
“This approach to EUC control will enable us to help control the bank’s residual risk,” explained Keith Haylock, Assistant General Manager, Risk Management Department at Sumitomo Mitsui Banking Corporation Europe Limited. “As the burden of regulatory reporting has grown, so has the use of EUC applications in the organisation. The number of reports we need to submit have increased from 20 to nearly 200. An understanding, visibility and control of our EUC landscape is vital. The ClusterSeven solution will assist us with our own internal business risk management and governance, and in complying with the regulatory mandate.”
SMBCE chose the ClusterSeven platform for its functionality and suitability for the organisation, proven track record for successful deployment, the team’s consultancy-led approach to implementation and excellent customer support. All this clearly came to light in the way the company undertook the six-week proof of concept at the bank.
Chris Gomersall, CEO of ClusterSeven, commented, “Often, regulation is the trigger for financial institutions to undertake EUC risk management. Nonetheless, it’s only after EUC management is embedded that organisations realise and appreciate the true business value of the discipline. A recent report from Chartis, which for the first time quantifies the risk associated with EUC errors, clearly demonstrates that organisations have no choice, but to make EUC risk management a Board-level agenda item, due to the financial, regulatory and operational risks they face.
“EUC management provides control and change management mechanisms to ensure the highest quality of data, which is fundamental to curtailing all manner of business risks and informed decision-making in today’s highly competitive business environment. Automation is the only cost-effective and fool-proof way to control and manage the environment.”