Across the world the new swathes of regulatory reporting – such as Dodd-Frank, Form PF, Stress-testing, Solvency II and many more to come – are being accompanied by the regulatory questions of the kind ‘how do you know these numbers are correct?’.

This white paper introduces the increasingly important concept of data lineage and what this means in environments where end user computing applications are part of the data manipulation/preparation process to create critical reports.

In most insurers the internal model will consume information from a wide range of technology platforms. The prohibitive cost of formal integration of these platforms means that inevitably a significant proportion of the data feeding internal models is held in, passes through, or is manipulated by End User Computing (EUC) applications (such as Microsoft Excel and Access) or similar files such as .CSVs. This paper explores the impact of the FSA Data Audit on these data sources and how automated checks can meet your obligations in this area.

Insurers face an uncertain future as the final stages of Solvency II and its accompanying internal models for managing capital adequacy are debated and finalised. The FSA has stated that one of the biggest risks for insurance companies in the run-up to Solvency II is managing the data contained in large estates of spreadsheets that exist within the business.

ClusterSeven has developed this business guide to help insurance companies navigate their way through the spreadsheet risk management process.

There has been a rapid growth in organizations seeking to establish control over business-critical spreadsheets and MS Access databases, collectively called end user computing (EUC) or user developed applications (UDA). Demand for control has been stimulated by regulatory/guidance releases over the last few years (Basel II, Solvency II and the Institute of Internal Audit (IIA) GTAG 14). As a result there are few people with experience of the critical requirements for larger or more complex deployments. This paper seeks to guide newcomers through some of the issues that organizations will face in completing such a project and the associated questions they should ask.

This paper explores the alternative approaches to control regimes for spreadsheets, and other user developed applications (UDA) or end user computing (EUC), considering the pros and cons of both preventive and detective controls.