Contact us
Back
Banking & Financial Consulting
Insurance Consulting
Products
Back
View all services
Back
View all services
Back
View all products
Back

Our Company

Find out more

Our People

Find out more

Our Purpose

Find out more
Back

Careers

Find out more

Graduate Roles

Find out more

Internships

Find out more
UK

What exactly is an ‘EUC’ and why do they need replacing?

19 September 2024

3 minute read

We’ve recently had a number of clients ask us to help replace high-risk manual processes or ‘EUCs’ in their businesses. Here, we share our thoughts on why they need replacing, the benefit it brings, and the very first steps you should take. 

What exactly is an ‘EUC’?

End User Computing (EUC), or End User Development Application (EUDA), refers to the tools and working applications created by a business user to support overarching business objectives. Eventually, these manual processes become critical to running your business, with common applications including the use of Excel, Access and stand-alone SQL or SAS queries.

Typically, EUCs are created to perform a business requirement which is too urgent to be developed by centralised processes, or as a quick work around solution to an immediate issue. For that reason, they tend to be developed outside of…

  • IT functions
  • Software Development Life Cycle (SDLC) processes
  • Formal change management

 

Why are EUCs so bad for business?

Not only are critical processes that rely on layers of manual intervention more resource intensive to carry out, they bring with them the need to establish and operate sufficient controls and assurance to manage or mitigate the associated increase in risk. 

The list of pain points is almost endless. From a user perspective, EUCs are often time-consuming, ad hoc, repetitive and inefficient. But more importantly, they’re prone to errors, unreliable to audit, and costly to maintain. These issues can all combine to result in the misreporting of financial metrics.

That means EUCs are risky — very risky. Regulatory consequences (in terms of both fines and scrutiny) are perhaps the most obvious risk; numerous regulations have relevant sections on the poor design, execution or management of manual processes and end user solutions. But it doesn’t stop there. EUCs can also have a negative impact on business continuity, retention, operations and data governance.

With so many potential risks, taking steps to replace them is more than worthwhile.

 

What are the benefits of replacing EUCs?

There are multiple business reasons to replace EUCs in your organisation. Not only will it help you to address regulatory scrutiny (e.g. the principles of BCBS239 for banking or, in the UK, the issues that the PRA asked (re)insurers to address in one of the Dear CEO letters), but it also aligns to cost reduction programmes and your digital transformation strategies.

In terms of the main reasons, there are three to be aware of:

  1. Regulators are watching: A lack of control and rigour means that EUCs can easily lead to operational risk and misreporting, which creates significant challenges in meeting regulatory expectations. As a result, organisations and regulators now expect that improvements are made to internal governance processes, with risk reporting and aggregation being a key priority. 
  2. Clear cost savings: The cost of supporting and maintaining EUCs can be significant, especially when you consider there could be thousands of these processes scattered throughout an entire organisation. Increasing the efficiency of these processes allows you to reduce the cost of managing them, without compromising any regulatory requirements.
  3. Reducing operational risk: Replacing your EUCs can help improve your data integrity, security / access control, compliance, operational risk, financial risk, business continuity and more. These are all crucial areas to address when improving operational effectiveness across your entire organisation.

 

What you need to do to replace your EUCs

Before you can get started, you need to understand your EUC, operational and IT environment. That way, you can determine what qualifies as an EUC, as well as which EUCs can be targeted to provide the best strategic return. 

Your aim should always be to improve your internal processes in the most efficient and cost-effective way possible. For that matter, our advice would be to prioritise EUCs that are…

  • Business critical.
  • Moderate or high risk in nature.
  • Operating within an ineffective control environment.

Do that, and you’ll be well on your way to future proofing your business and streamlining your critical processes, all while meeting regulatory obligations and reducing operational risk.

There’s still plenty more to consider, so we’ve put together a handy, dedicated guide with all the information you need to start replacing your EUCs. Be sure to give it a read if you have any questions.

Read our dedicated guide for more insights and advice

Learn more

Insights

View all
Europe

Interest-only mortgages under review: Increased regulatory scrutiny for Dutch banks

29 Jan 26 | Banking

UK

UK Deposit Takers Supervision – 2026 Priorities: What banks and building societies need to know about the PRA’s latest Dear CEO letter

21 Jan 26 | Banking

UK

At a glance: PRA’s 2026 insurance supervision priorities

16 Jan 26 | Insurance

Global

BCBS 239: Latest outlook from the Basel Committee

13 Jan 26 | Banking

Europe

EBA publish final ‘Guidelines on Environmental Scenario Analysis’: What European banks need to know about the future of managing ESG risks

19 Dec 25 | Banking

Europe

Solvency II Level 2 Review finalised: What insurers should focus on before 2027

17 Dec 25 | Insurance

UK

Effectively managing climate-related risks: What banks and insurers need to do under PRA’s updated supervisory statement (SS5/25)

12 Dec 25 | Banking

UK

The importance of holistic data risk management

10 Dec 25 | Banking

View all