You don't need to believe that most of the mistakes are malicious to believe that there are a lot of mistakes. The very idea that their model would be developed and presented as an Excel spreadsheet says to me that they don't have a reasonable mathematical model. Excel was intentionally designed to hide the complexities that are used in a way that inherently makes it difficult to validate. You should never trust ANY model that is implemented in Excel (or any other spreadsheet, as far as I know) until it has been validated extensively. Spreadsheets aren't designed like Mathematica or R or any decent programming language. They are designed to hide your mistakes. They call it "being user friendly". (Perhaps I'm being a touch too cynical, but I may also be cutting them too much slack.)
P.S.: I'd say the same thing about MSAccess, but I haven't as much as looked at it in the last two decades. The last time I used it became the last time when I proved that it was making a simple arithmetic error. I had thought it was one of the periodic code corruption problems that MSAccess was subject to, but it was much worse than that. Perhaps in the last couple of decades they've fixed the thing.