Our experience is that Vontu/Symantec DLP will find policy-matching data in Word or Excel files, even if they are embedded in other Office files, including PowerPoint, as long the file is not password-protected/encrypted. In the incident snapshot, we usually see the highlighted matches under a file name like "ext83017_kv0.tmp". This name apparently reflects a temp file created by Vontu when scanning through embedded files.
Unfortunately, at least in v9, getting more detail appears to require manual detective work. There doesn't seem to be any way to quickly see the actual name of the embedded file or its container (where there are multiple attachments, etc.). But, if Vontu can see the content, so can we - it just might take some work and experience to find it.
Once you locate the embedded document, it still may take some work to locate the matching content. In Excel, checking for hidden rows/columns, or even whole sheets, usually reveals. But, we've seen white-on-white text, 1-pt. text, and other user "tricks".