Belscar

Belscar • Operational risk & shadow systems

The hidden systems running your business—and the operational risk that comes with them.

Critical processes stuck in spreadsheets. Reporting that takes days to reconcile. Workflows only one person understands. Belscar replaces fragile operational workarounds with practical systems your team can run.

The problem

Most businesses grow faster than their operational systems.

Revenue grows. Headcount grows. Sites, channels, and complexity grow. But the way work actually gets done often stays held together by spreadsheets, manual steps, and tools nobody fully owns.

That is not a technology failure on its own. It is what happens when operational needs move faster than the systems meant to support them. The workaround becomes the process. The process becomes invisible to leadership. And the risk sits there quietly—until someone is off sick, numbers do not tie, or a customer issue exposes how fragile things really are.

The issue is rarely “we need more software.” It is visibility, control, workflow, and operational clarity.

Critical work lives in spreadsheets

Stock, margin, scheduling, compliance checks, client reporting—running in files that were never designed to be operational infrastructure.

Nobody has the full picture

Leadership asks a straightforward question. The answer takes three people, four exports, and a day of reconciliation.

Key-person dependency

One person built the workaround. Only they know which version is live, which tab matters, or what breaks if you change a formula.

Systems do not join up

ERP, CRM, ecommerce, finance, and ops each hold part of the truth. The real workflow runs in the gaps between them.

What it looks like

The same patterns show up across very different businesses.

Ecommerce & retail

Margin models, stock allocations, and fulfilment exceptions living in sheets—while the storefront runs on proper systems.

Multi-site operators

Each site runs slightly differently. Consolidated reporting is a weekly manual exercise nobody fully trusts.

Professional services

Utilisation, WIP, and client profitability tracked in spreadsheets because the practice system does not match how work is delivered.

Healthcare & clinics

Scheduling, capacity, and operational reporting built in workarounds around the clinical or booking platform.

Logistics & distribution

Routing exceptions, carrier reconciliations, and customer SLA reporting held together manually at the edge of the TMS or WMS.

PE-backed & scaling SMEs

Due diligence surfaces “we will fix reporting later.” Later arrives and the same spreadsheets still run the business.

The cost

Unmanaged operational processes create hidden risk—not just inconvenience.

VIS

No dependable visibility

Decisions slow down because nobody trusts the numbers without checking. Operational meetings become reconciliation exercises.

BOT

Bottlenecks and manual work

Teams spend hours copying data, chasing approvals, and fixing errors that a joined-up workflow would prevent.

ERR

Errors that only surface late

A wrong cell, a broken link, or the wrong file version can distort margin, stock, or client reporting before anyone notices.

KEY

Key-person fragility

When the person who “knows the spreadsheet” is away or leaves, the process stalls—or people work around it in new, riskier ways.

SCL

Growth exposes the cracks

What worked at one site, one channel, or one headcount breaks when volume, complexity, or scrutiny increases.

SHD

Shadow systems multiply

Each team solves its own gap. Tools and files proliferate. IT and leadership lose line of sight on what actually runs the business.

Spreadsheets are often the symptom. The underlying issue is operational control—who owns the process, where data lives, and whether the business can see what is happening in time to act.

Why it happens

Workarounds are rational—until they become load-bearing.

Core systems—whether that is an ERP, a vertical SaaS product, or a patchwork of tools—are usually bought for a defined job. Day-to-day operations move faster than roadmaps. A team needs something this week: a report, an approval path, a way to handle an exception. The spreadsheet or side tool is the fastest answer.

Over time, that answer becomes infrastructure. Finance, ops, and leadership depend on it. IT may not know it exists, or cannot prioritise a replacement for months. Nobody wants to be the person who breaks it. So the business carries operational fragility because stopping is riskier than continuing—until it is not.

Belscar exists to give you a practical path out: map what is really happening, then deliver a system people will actually use—not another layer of complexity.

What we do

Replace fragile processes with practical systems—not more spreadsheets.

What you have now

  • Critical process in a spreadsheet or shadow tool
  • Manual reconciliations and inconsistent reporting
  • No clear owner or version control
  • Disconnected from the systems that should hold the data
  • Key-person dependency on how it really works
  • Leadership cannot see the operational picture in time

What Belscar delivers

  • Purpose-built system for the exact workflow—not a generic platform squeezed to fit
  • Single source of truth for that process
  • Operational visibility leadership can act on
  • Workflow control: approvals, handoffs, and clear ownership
  • Dependable reporting without days of manual assembly
  • Delivered in weeks, tested against how your team actually works

Need a broader operational system of record—not just one critical process? See Scalable Systems →

Where we are strongest

Focused delivery on the operational problems that create the most risk.

Critical spreadsheet replacement

Workflow and approval systems

Operational dashboards and reporting

Replacing Access databases and legacy side tools

Bridging disconnected systems with a controlled operational layer

Audit and remediation projects (spreadsheet-led findings)

Lightweight operational systems when enterprise platforms will not flex in time

Multi-site or multi-channel reporting consolidation

Processes that must keep running while you migrate off a workaround

Regulated & audit-sensitive environments

When shadow systems meet formal risk, audit, and compliance scrutiny.

In financial services and other regulated sectors, the same operational patterns are often labelled EUC (end-user computing), shadow IT, or spreadsheet governance issues. Internal audit flags critical processes running outside controlled systems. Risk teams ask for inventories, remediation plans, and evidence that critical work is not dependent on unowned files.

We have worked in enterprise and banking environments—alongside core platforms, not instead of them. The delivery model is the same: understand the real workflow, document where control is missing, build a purpose-fit replacement with the access, audit trail, and data integrity your stakeholders need. Practical delivery in weeks—not an 18-month IT queue for a process that is already running the business.

If you are under PRA, FCA, or internal audit pressure on EUC or shadow IT, that context belongs here. If you are a growing operator with no formal EUC programme but the same operational fragility, the work still starts with the process—not the jargon.

Experience

We've seen how businesses actually run—inside the systems and beside them.

Simon Peck — Founder, Belscar

Twenty years with Oracle and Cisco, then years inside growing and complex businesses. The pattern is always the same: the official stack does one job; operations need another—and someone builds a workaround.

Belscar is not a transformation programme. We map the operational reality, identify where fragility sits, and deliver practical systems that improve visibility and control. Sometimes that is one critical workflow. Sometimes it becomes the foundation for a wider operational system through Scalable Systems. Either way, the goal is the same: stop running the business on hidden infrastructure.

Simon Peck, Founder of Belscar

Simon Peck

Founder, Belscar

How we work

Practical delivery. Clear scope. No theatre.

01

Map the real process

What actually happens—inputs, decisions, handoffs, exceptions—not the process diagram from three years ago.

We talk to the people who run it every day.

02

Pinpoint the risk

Where visibility breaks, where manual work piles up, where one person holds the knowledge, and what breaks if the workaround fails.

Clear brief for leadership and, where needed, risk or audit.

03

Design the replacement

A structured system that matches how the work is done—with controls appropriate to your environment.

Signed off before build starts.

04

Build and test

Working software in weeks, tested against real scenarios—not a demo that collapses on first exception.

Weekly progress; no surprise at the end.

05

Embed and hand over

Training, documentation, and a clean handover so the team runs it from day one.

Optional path into wider Scalable Systems delivery.

Sound familiar?

If operational risk is showing up in how you run the business, we should talk.

Reporting takes too long to trust

Weekly or monthly packs are assembled manually. Leadership knows the numbers might be right—but nobody can prove it quickly.

We build reporting and visibility into the workflow itself.

One spreadsheet runs something important

Everyone depends on it. Nobody wants to own replacing it. Growth has made it more fragile, not less.

We replace the process without breaking how the team works.

Systems do not reflect how work happens

The official tools handle part of the job. The real process lives in workarounds, shared drives, and side tools.

We bridge the gap with a practical operational layer.

Audit or risk has flagged spreadsheet dependency

The finding needs a credible remediation path—not another year of 'we are working on it' while the file keeps running the process.

We deliver a controlled replacement on a timeline risk teams can sign off.

The workaround is not going to fix itself. Neither is operational visibility.

Start with one critical process—or map the wider operational picture. We will tell you honestly whether a focused replacement or a broader Scalable Systems engagement is the right next step.

No vendor theatre. A direct conversation about what is running the business today and what a practical system would need to do.

Start with a free operational snapshot

Tell us about the spreadsheet, workflow, or shadow system causing the most pain. We will map the process, identify where risk and friction sit, and outline what a practical replacement would involve—no cost, no commitment.

Request an operational snapshot →

FAQ

Common questions

Plain-language answers on operational risk, spreadsheet dependency, and shadow systems. Formal EUC and shadow IT terminology—where it applies—is covered below for audit and regulated contexts.

How do I know if we have hidden operational risk?
Common signs: a critical process only works if one person is available; leadership cannot get a dependable operational picture without someone pulling numbers together; the same data is maintained in more than one place; reporting takes days of manual reconciliation; or everyone knows the spreadsheet is fragile but nobody wants to touch it. If growth has made the workaround load-bearing, the risk is already real.
Why do spreadsheets become operational infrastructure?
Because they are fast. A team hits a gap—between systems, between departments, or between what the business needs today and what IT can prioritise—and Excel or Google Sheets is the quickest way to keep working. The file works, gets embedded in the process, and eventually runs something important. The problem is not the spreadsheet itself; it is that the business has no practical path to a controlled system.
What are shadow systems and shadow IT?
Shadow systems are operational workflows running outside your proper systems: spreadsheets, Access databases, unapproved tools, shared drives, and manual bridges between apps. Shadow IT is the wider label for technology used without visibility or control. Teams are usually being practical, not reckless—but the business loses version control, access control, and a single source of truth.
How is this different from your Scalable Systems offer?
This page is about recognising operational risk: unmanaged processes, spreadsheet dependency, disconnected workflows, and fragility as you scale. Scalable Systems is where we deliver the broader operational system of record—inventory, customers, margin, reporting, joined-up workflows. Many engagements start here when one critical process is the immediate risk; others move straight to Scalable Systems when the whole operating model needs one dependable system.
What is EUC (end-user computing)?
EUC is the formal term used in audit and regulated environments for tools built and run by business teams—especially spreadsheets and databases that sit outside IT governance. If you are in financial services or under formal audit scrutiny, EUC programmes, shadow IT, and spreadsheet governance are often how risk teams describe the same underlying problem.
Do you work with regulated or audit-sensitive environments?
Yes. We have delivered in contexts where audit trails, access control, and remediation timelines matter—including financial services and other regulated sectors. We map the process, document where control is missing, and build a purpose-fit replacement with the controls your risk and compliance teams need—not a generic platform forced to fit.
How quickly can you replace a critical spreadsheet or workflow?
A working, testable application is typically delivered within 2–3 weeks of design sign-off. The full engagement usually runs 4–6 weeks depending on complexity and how many teams need to be involved in sign-off.