Proactive Data Analysis Techniques to Detect Financial Statement Fraud

1/22/2014

1

Copyright © FraudResourceNet LLC

Proactive Data Analysis Techniques to Find Financial Statement Fraud

Special Guest Presenter: Richard Cascarino, CFE, CIA, CISM, CRMA Richard Cascarino & AssociatesJan 22, 2014


President and Founder of White Collar Crime 101

• Publisher of White-Collar Crime Fighter• Developer of FraudAware® Anti-Fraud Training • Monthly Columnist, The Fraud Examiner, ACFE Newsletter

Member of Editorial Advisory Board, ACFE

Author of “Fraud in the Markets”

• Explains how fraud fueled the financial crisis.

About Peter Goldmann, MSc., CFE

1/22/2014

2


About Jim Kaplan, MSc, CIA, CFE

• President and Founder of AuditNet®, the global resource for auditors (now available on Apple and Android devices)

• Auditor, Web Site Guru,

• Internet for Auditors Pioneer

• Recipient of the IIA’s 2007 Bradford Cadmus Memorial Award.

• Author of “The Auditor’s Guide to Internet Resources” 2nd Edition


• Principal of Richard Cascarino & Associates based in Colorado USA

• Over 28 years experience in IT audit training and consultancy

• Past President of the Institute of Internal Auditors in South Africa

• Member of ISACA

• Member of Association of Certified Fraud Examiners

• Author of Auditor's Guide to Information Systems Auditing

About Richard Cascarino, MBA, CIA, CISM, CFE

1/22/2014

3


This webinar and its material are the property of FraudResourceNet LLC. Unauthorized usage or recording of this webinar or any of its material is strictly forbidden. We are recording the webinar and you will be provided with a link access to that recording as detailed below. Downloading or otherwise duplicating the webinar recording is expressly prohibited.

Webinar recording link will be sent via email within 5-7 business days.

NASBA rules require us to ask polling questions during the Webinar and CPE certificates will be sent via email to those who answer ALL the polling questions

The CPE certificates and link to the recording will be sent to the email address you registered with in GTW. We are not responsible for delivery problems due to spam filters, attachment restrictions or other controls in place for your email client.

Submit questions via the chat box on your screen and we will answer them either during or at the conclusion.

After the Webinar is over you will have an opportunity to provide feedback. Please complete the feedback questionnaire to help us continuously improve our Webinars

If GTW stops working you may need to close and restart. You can always dial in and listen and follow along with the handout.

Webinar Housekeeping


The views expressed by the presenters do not necessarily represent the views, positions, or opinions of FraudResourceNet LLC (FRN) or the presenters’ respective organizations. These materials, and the oral presentation accompanying them, are for educational purposes only and do not constitute accounting or legal advice or create an accountant‐client relationship.

While FRN makes every effort to ensure information is accurate and complete, FRN makes no representations, guarantees, or warranties as to the accuracy or completeness of the information provided via this presentation. FRN specifically disclaims all liability for any claims or damages that may result from the information contained in this presentation, including any websites maintained by third parties and linked to the FRN website

Any mention of commercial products is for information only; it does not imply recommendation or endorsement by FraudResourceNet LLC

6

Disclaimers

1/22/2014

4


Introduction: Fraud Statistics: The Growing Fraud Threat

Where & How Financial Statement Fraud Occurs

Detection/Auditing/Investigative Techniques –Including Automation

Entity-Level Red Flags of Fraud Prevention and Deterrence Your Questions Conclusion

Today’s Agenda


According to major accounting firms, professional fraud examiners and law enforcement: jumps significantly during tough economic times

Business losses due to fraud increased 20% in last 12 months, from $1.4 million to $1.7 million per billion dollars of sales. (Kroll 2010/2011 Global Fraud Report)

Average cost to for each incident of fraud is $160,000 (ACFE) Of Financial Statement fraud: $2 million

Approx. 67% of corporate fraud committed by insiders (Kroll)

Approx. 50% of employees who commit fraud have been with their employers for over 5 years (ACFE)

Fraud: The Big Picture

1/22/2014

5


Victims of financial fraud are stakeholders with claims against the entity: shareholders, lenders, regulators.

Financial fraud occurs less frequently than asset misappropriation but the losses are substantially higher.

Financial Statement Fraud: The Big Picture

Source: ACFE 2008 Report to the Nation


Selling More (Overstating revenue)

Costing Less (Understating/not reporting expenses)

Owing More (Overstating debt to reduce taxes)

Owing Less (Understating debt to boost share price)

Inappropriate Disclosure (Depreciation/asset value, etc)

Other Miscellaneous Techniques (Concealment)

Accounting Fraud

1/22/2014

6


Falsification, alteration, manipulation of material financial records, supporting documents or business transactions

Material intentional omissions or misrepresentations of events, transactions, accounts or other significant information from which financial statements are prepared

Deliberate misapplication of accounting principles, policies and procedures used to measure, recognize, report and disclose economic events and business transactions

Intentional omission of disclosures or presentation of inadequate disclosures regarding accounting principles and policies and related financial amounts

Jim Gravitt and Jennifer Johnson, “Recognizing Financial Statement Fraud”

Financial Statement Fraud Schemes


Missing documents Excessive voids or credits Increased reconciliation items Alterations on documents Duplicate payments Common names or addresses of payees or

customers Increased past due accountsUnusual spikes in payables or receivablesOdd patterns in key ratios

Accounting Fraud: Red Flags

1/22/2014

7


Example: Interactive Data Extraction and Analysis

21 years young

Database limitations:

2.1 billion records (100,000 records for IDEA Express) depending on the operating system

1.8 Exabytes file size (Tera, Peta, Exa) (Quintillion)

Some facilities not available in IDEA (Server)

The Power of Automation


Example: Orders Over Credit Limit

1/22/2014

8


1) Improper Revenue Recognition

Common Types of Financial Statement Fraud


Backdating agreements Stock options and other time-sensitive

valuation issues that may result in fraudulently high revenue or low cost basis

Need for controls in recording contracts/sales, including independent verification of the terms of the agreement and contemporaneous recording of transactions when they are approved

Need for in-house legal, corporate board approval

Revenue Recognition

1/22/2014

9


Sham Sales

Falsify inventory records, shipping records, and invoices and record the fictitious transactions as sales

Company may pretend to ship the inventory and hide it from company auditors

Revenue Recognition


Sales to Fictitious Customers

1/22/2014

10


Channel Stuffing

Shipping excess merchandise to distributors

Right of return exists/ Side agreements

Need to examine conditions of sale, analyze sales returns during cutoff period/after year-end, review of sales and contract files to determine if side agreements exist

Revenue Recognition


Bill and Hold Schemes

Recording fictitious sales and shipping goods to third-party warehouse

Need to examine shipping documents and analyze real estate rental costs

Look for evidence of side agreements

Review inventory changes

Revenue Recognition

1/22/2014

11


Holding Books Open

Failure to match revenues with related expenses in the period in which they were incurred (CA’s “35-day month)

Examine cut-off procedures for month, quarter and year-end

Need for oversight and approval controls in recording contracts/sales

Revenue Recognition


Not Recording Detailed Transactions on Sub-ledger

Overstating Sales and A/R

Where sub-ledger does not reconcile to General Ledger control account

Examine reconciliation and top-side journal entries

Revenue Recognition

1/22/2014

12


A side agreement would NOT be a typical part of which of the following:

Channel Stuffing

Holding the Books Open

Bill and Hold Schemes

All of the above

Polling Question 1


2. Management Estimates


1/22/2014

13


Allowance for Bad Debts

Altering underlying A/R aging to manipulate computation

Refreshing of receivables by writing off aged A/R and booking new, fictitious sales

Use of credit memos

Analyze Bad Debt expense and Sales accounts, looking for similar levels of transaction activity for the same customers

Management Estimates


A/R Inquiries

1/22/2014

14


Overstatement of assets by:

Understating allowances for receivables

Overstating the value of inventory, property, plant, equipment, and other tangible assets,

Recording assets that did not exist



Fraudulent Input from Sales orCredit Department on Credit

Quality

Lack of independent review of customer’s creditworthiness

Inadequate documentation in credit file

Credit analyses should be performed by individuals who are independent of the sales process, periodic review of credit files


1/22/2014

15


3. Expense Manipulation



Under-Accruing Expenses

Lack of monthly or quarterly reconciliation of accruals to actual amounts

Charging accrual “true-ups” to other, infrequently-used accounts

Compare monthly accruals to actual expenses and cash disbursements, noting variations in the adequacy of accruals

Capitalizing expenses

Expense Manipulation

1/22/2014

16


Expense Examination


Overstating assets can be achieved by (Choose all that apply):

A. Understating allowances for receivables

B. Overstating the value of inventory, property, plant, equipment, and other tangible assets

C. Recording assets that do not exist

D. All of the above

Polling Question 2

1/22/2014

17


Not Recording Expenses

Paying unrecorded expenses must be offset by not paying other expenses

Need to ensure adequate segregation of duties in the receipt of invoices and the recording of expenses, review invoice file for past due invoices and collection notices



Not Recording DetailedTransactions on Sub-ledger

Understating Expenses and A/P

Where sub-ledger does not reconcile to General Ledger control account

Examine reconciliation and search for unrecorded expenses


1/22/2014

18


Capitalizing Expenses

Moving expenses from the P&L to the Balance Sheet and amortizing them over an extended period

WorldCom – telecom line charges

Examine capitalized asset accounts for year-on-year changes



Changing InventoryValuation Methods

May result in lower COGS and higher sales margins

Review calculation of inventory valuation and related disclosures


1/22/2014

19


Manipulating Non-CashExpenses

Changing depreciation and amortization methods

Review calculation of depreciation and related disclosures



Moving expenses from the P&L to the Balance Sheet is a form of…

A. Improper revenue recognition

B. Expense manipulation

C. Capitalization of expenses

D. None of the above

Polling Question 3

1/22/2014

20


4. Detection and Investigative Techniques For Auditors, Fraud Investigators,

Legal Staff, HR and Senior Management

Detection and Investigation Techniques


What are you looking for? (Avoid spinning your wheels).

Where are you going to find it?

Choose the best technique (interviewing, audit, CAAT’s)

Select the tool

Detection and InvestigationTechniques

1/22/2014

21


Where are the weakest links in the system’s controls?

What deviations from conventional good accounting practices are possible?

How are off-line transactions handled and who has the ability to authorize these transactions?

What would be the simplest way to compromise the system?

What control features in the system can be bypassed by higher authorities?

What is the nature of the work environment?

Ask These Questions…


Be Skeptical!!!!

Analytical Procedures

Other Investigative Techniques

CAATs

Tools and Techniques

1/22/2014

22


Always request originals.

Ask yourself whether transactions make sense.

Have documents been altered?

Look to see where the documents are maintained.

Do employees have close personal relationships with vendors?

Is there a lack of supporting documentation?

Do background checks identify related parties and DBAs?

Does an answer not make sense?

Are you avoided more than usual?

When asking a relatively simple question, are you unexpectedly referred to someone high up in the organization?

Go with your gut!

BE SKEPTICAL!!!!!


Increased scrap.

Excessive purchases.

Unexplained inventory shortages or adjustments.

Significant increase or decrease in account balances.

Cash shortages or overages.

Deviations from specifications.

Analytical Red Flags

1/22/2014

23


WorldCom’s massive accounting fraud was characterized PRIMARILY by:

A. Not recording detailed transactions on sub-ledger

B. Not recording expenses

C. Capitalizing expenses

D. None of the above

Polling Question 4


Range from simple to complex;

Identify trends or anomalies

Four Key Steps:

1. Develop an expectation/hypothesis

2. Determine the acceptable deviation from the expected value

3. Compare the result of the analytical procedure to the expected value

4. Investigate and evaluate any significant differences

Analytical Procedures

1/22/2014

24


Unusual Financial statement ratios such as:

Increased revenues with

• decreased inventory.

Increased revenues with • decreased receivables. Increased inventory with • decreased payables. Increased volume with

• increased cost per unit.

Analytical Anomalies


Financial Statement Analysis

Vertical – a/k/a “common-sized statements”

Analyzes each line as a % of its relevant total

Income items as a % of total revenue

Expenses as a % of total expense

Identifies disproportionate items

Identifies fluctuations between periods

Horizontal – a/k/a “time-series analysis”

Measures $ and % changes from period to period

Identifies fluctuations and seasonality

Data Analysis: Testing for Red Flags

1/22/2014

25


Data Selection.

Data Cleaning.

Data Enrichment.

Data Coding/Reduction.

Data Mining.

Interpretation/Reporting.

Action.

Measurement and Evaluation.

Knowledge Discovery


Data Mining/Analysis

Using file interrogation software to examine underlying data

General Ledgers

Vendor files

Payroll

A/P and A/R

Data Analysis –Testing for Red Flags

1/22/2014

26


Using File Interrogation Software is an example of:

a) Data Mining / Analysis

b) Knowledge Discovery

c) Vertical Analysis

d) Horizontal Analysis

Polling Question 5


Public Document Reviews & Background Investigations

Interviews of Knowledgeable Persons

Confidential Sources

Other Investigative Techniques

1/22/2014

27


Entity-Level Red Flags

Internal control gaps, deficiencies, weaknesses

Business results that continually outperform expectations

Management override of controls Rapid or significant turnover of

resources, especially senior management or employees in key positions

Employee, customer or vendor complaints

Inadequate segregation of duties

Unusual end‐of‐month or end‐of‐quarter variations

High‐level of related‐party transactions

Systems are manual and/or decentralized

Repeated changes of independent public accountants

Continuous problems with various regulatory agencies

Disclosures of Investigations Suspicion of illegal activities


Prevention, Deterrence and Detection

Prevention

Tone at the top Value system (“Code of

Ethics / Conduct”) Positive workplace

environment Hiring, promoting and

retaining appropriate employees

Training and awareness programs

Confirmation / affirmation of Code of Conduct/Ethics

Ombudsman programs Whistleblower programs Incident response / case

management processes Investigative procedures Discipline, prosecution and

recovery guidelines

Prevention

Tone at the top Value system (“Code of

Ethics / Conduct”) Positive workplace

environment Hiring, promoting and

retaining appropriate employees

Training and awareness programs

Confirmation / affirmation of Code of Conduct/Ethics

Ombudsman programs Whistleblower programs Incident response / case

management processes Investigative procedures Discipline, prosecution and

recovery guidelines

Deterrence

“Active” oversight by Board and/or Audit Committee

– Fraud risk assessment and related measures

– Code confirmation / affirmation process

– Management’s involvement in financial reporting process and override of control

– Process to receive, retain and treat complaints of fraud / unethical conduct

– Internal and external audit effectiveness

Internal audit– Evaluation of adequacy /

effectiveness of internal controls

Disciplinary examples

Detection

Identification and measurement of fraud risk (“fraud risk assessment”)

Processes &procedures to mitigate identified fraud risk

Effective internal controls at entity and process level

On-going monitoring activities

Computer-assisted audit techniques

Investigation of:– Internal control

weaknesses / breaches– Non-response to Code

confirmation / affirmation– Reported issues

Detection

Identification and measurement of fraud risk (“fraud risk assessment”)

Processes &procedures to mitigate identified fraud risk

Effective internal controls at entity and process level

On-going monitoring activities

Computer-assisted audit techniques

Investigation of:– Internal control

weaknesses / breaches– Non-response to Code

confirmation / affirmation– Reported issues

1/22/2014

28


CAATs IDEA


CAATs ACL

1/22/2014

29


Common Analytical Mistakes

Failure to maintain proper documentation Failure to notify decision makers Failure to control digital evidence Failure to report incidents in a timely manner Underestimating the scope of the incident No incident response plan in place Technical mistakes: Altering date and time stamps on evidence systems before

recording them Killing rogue processes Patching the system back together before investigation Not recording commands used Using untrusted commands and tools Overwriting evidence by installing tools


Questions?

1/22/2014

30


Peter Goldmann

FraudResourceNet LLC

800-440-2261

www.fraudresourcenet.com

[email protected]

Jim Kaplan

FraudResourceNet LLC

800-385-1625

www.fraudresourcenet.com

[email protected]

Richard Cascarino

Cascarino Associates

[email protected]

Thank You!

Proactive Data Analysis Techniques to Detect Financial Statement Fraud

Business

Transcript of Proactive Data Analysis Techniques to Detect Financial Statement Fraud