The Best of Crimes, the Worst of Crimes - Fraud Conference · Fictitious vendors Run checks to...

Technology for Business Assurance

Copyright © 2009 ACL Services Ltd.

The Best of Crimes, the Worst of Crimes: Fraud Stories That Prove the Truth Is in the Transactions

Peter Millar

Director, Technology ApplicationACL Services Ltd

[email protected] | twitter.com/PBMillar

mailto:[email protected]

http://twitter.com/PBMillar

Copyright © 2009 ACL Services Ltd. 2ACL Services Ltd.

t was the best of times, it was the worst of times,

…it was the age of wisdom, it was the age of

foolishness, it was the epoch of belief, it was the epoch

of incredulity…

…we had everything before us, we had nothing before

us, we were all going direct to Heaven, we were all

going direct the other way…

…the period was so far like the present period, that

some insisted on being received, for good or for evil, in

the superlative degree of comparison only.


t was the best of Crimes, it was the worst of Crimes,

…it was the age of deceit, it was the age of foolishness, it was

the epoch of belief that no one would know.

…we had everything before us—as evidenced in the data, we

had nothing before us—because we failed to see.

…in the superlative degree of comparison, it was the worst of

crimes because the truth lay in the transactions and all one

had to do was to look for it.


ey events—past decade

2000: ―Bull Market‖ and Y2K

2001: Terrorism, BCP, and disaster recovery

2002: Enron, WorldCom, and Cynthia Cooper

2002–2003: Sarbanes-Oxley and PCAOB

2004–2007: SOX, SOX, and things like SOX (at least for Auditors)

2008: Implosion of the economy

2010–Today: Economic recovery; realignment of coverage


―It’s only when the tide goes

out that you learn who's

been swimming naked.‖

- Warren Buffet


Changes Owing to the Economic Crisis

Assurance providers now need to:

– Work more closely with management to identify risk, and add value to the

bottom line.

– Take a more strategic role and help the business make sound decisions.

Management needs to:

– Leverage the knowledge/expertise of those providing business assurance.

Technology is:

– Critical to delivering more insight, improved quality, and greater confidence.


Using Data Analysis for Fraud Detection

1. Test against 100 percent of transactions

2. Automate testing to enable:– Continuous assessment of problem areas

– Scheduled repetitive monitoring of other risk areas

– Increased efficiencies in identifying indicators of fraud

3. Access and relate data from virtually any source– Internal or external to organization

– Without moving sensitive data outside of the secure data center

4. Identify where automated system-based controls:– Are not functioning effectively

– Do not apply to the business process (manual controls only)


Sampling for Fraud Detection?

Acceptable

Range

Population Sample

Control Breach

Suspicious Transactions


A process that uses [technology] is light years ahead of

manual sampling. In the past, you’d have to hit the

lottery to find something big. With [data analysis,] we

can find the root issues, identify trends, and provide our

clients with detailed results.

Jill LindenVice President of Operations

CHAN Healthcare Auditors


A Variety of Analytical Techniques for Fraud Detection

Calculation of statistical parameters,such as averages, standard deviations, and highest and lowest values, to identify statistical anomalies

Classifications to find patterns and associations among groups of data

Stratifications of numeric values to identify unusual and outlying values

Digital analysis, using Benford’s Law, to identify statistically unlikely occurrences of numeric amounts

Joining or matching data fields between disparate systems, typically looking for expected matches or differences for data such as name, address, telephone, or part/serial number

―Sounds like‖ functions that identify fraudulent variations of valid company and employee names

Duplicates testing that identifies both simple or complex combinations of duplication

Gaps testing that identifies missing sequential data

Summing and totaling to check control totals that may be falsified

Graphing to provide visual identification of anomalous transactions


Application Areas for Data Analytics in Fraud

Vertical Business Processes

Insurance Claims

Health Care

Financial Services

Manufacturing

Retail

Construction/Engineering Contracts

Telco

Standard Business Processes

Procure-to-Pay

Travel and Entertainment

Corporate Cards

Order-to-Cash

Payroll

Inventory and Materials Management

Capital Assets

Financial Statements and Reporting

General Ledger

Revenue Recognition

Information Systems

Segregation of Duties

Systems Access

Master Data Files

Configuration Settings


Food for Thought …

Is it reasonable to expect a correlation between the current

economic climate and instances of fraud and abuse?

– From employees?

– From suppliers?

– From customers?

– From other business partners?


3rd Party

ProvidersCustomers

Impact of a Troubled Economy

People

Business

Strategy

Internal

Processes

Your company


As employees or managers

– Feeling pressure to make miracles happen

– Forced to do more with less

– Bonuses unlikely

– Fearing job loss

– Reduced work enjoyment and, ultimately, company loyalty

As people

– Stressed from financial obligations

– Increase in ―survival mode‖

What Is Happening to Your People?

Completeness/Integrity of

Internal ReportingSegregation of

duties exposure from downsizing

Employee fraudand policy abuse


May still be operating under decisions made during better

economic times

– Controls

– Acceptable risk

– Error rates

– Tolerance levels

The desire to capture business may be at odds with existing

policies

―Non-negotiable‖ legal terms and conditions may become

negotiable in practice

What Is Happening to Your Processes?

Quantification ofremaining risks

Exposure fromexisting tolerances

Policy circumvention(e.g., ―splitting‖)

New vendor/contractmonitoring


What Is Happening to Your Customers?

Economic uncertainties are forcing budget cuts

Additional approvals are required to free budget dollars,

lengthening the buying cycle

Previously-approved projects are being cut

Looking to stretch the value for their dollar

Desire for returns and warranty redemptions may increase

Verification ofassumptions

Sales order cancellations to

purchase cancellations

Returns andwarranty estimates

Ineligiblediscounts


What Is Happening to Your 3rd Party Providers?

Similar to your own issues

May or may not have contractual obligation to inform you in

advance of dire circumstances

May be looking for ways to increase their revenues, even if not

technically in line with contract terms

May be reticent to disclose poor buying behavior on the part of

your company

Significantvendor assessment

Fraudulent/erroneous billing

Price trendingDuplicate vendors,

contracts, etc.

Overpayments / discounts not taken


Types of Fraud Tests—Low-Hanging Fruit

Type Tests used

Fictitious vendors Run checks to uncover post office boxes used as addresses and to find any

matches between vendor and employee addresses and/or phone numbers.

Altered invoices Search for duplicates.

Check for invoice amounts not matching contracts or purchase order amounts.

Duplicate invoices Review for duplicate invoice numbers, duplicate dates, and duplicate invoice

amounts.

Duplicate payments Search for identical invoice numbers and payment amounts.

Payroll fraud Check whether a terminated employee is still on payroll by comparing the date of

termination with the pay period covered by the paycheck, and extract all pay

transactions for departure date less than the date of the current pay period.


Examples of Fraud Tests: P-Cards

Split purchases to avoid purchasing card limits– Purchases processed as two or more separate transactions

– Identified by isolating purchases from specific vendors

within short periods of time

Favored vendors for kickbacks– Trend analysis to compare current transaction volumes

to previous time period

Suspicious purchases– Transactions that occur on weekends, holidays,

or vacations

U.S. Government Agency Monitored 12 million transactions, identified

$38 million in suspect transactions


Depending on your business, this may

very well be a valid business expense

… but probably not


Do we really have to ask?


Examples of Fraud Tests: Payables

Questionable invoices

– Invoices without a valid P.O.

– Sequential invoices

Over-billing

– Quantity shipped less than quantity ordered

– Item shipped of lower value than item ordered

Duplicate invoices

– Multiple invoices for same item description

– Invoices for same amount on the same date

– Multiple invoices for same P.O. and date

UK Supplier of Construction Materials Simple test uncovered £1.5 million worth of duplicate invoices billed over three years.


Is your firm sponsoring a racing team?


Examples of Fraud Tests: T&E

Duplicate claims

– Submitting claims twice

Tracking ―no receipt‖ claims

– Isolate expenses without receipts and identify underlying

trends through profiling techniques

Threshold reviews

– Track personnel exceeding thresholds

Inappropriate activity

– Compare expenses to travel records to ensure expenses

claimed for valid trips

Financial Services Firm Identified a single expense fraud worth $30,000 and in excess of

200 instances of expense abuse in one month.


Business expense?


Fraud Indicator Test: Benford’s Law

Numbers occur with predictable frequency within

a ―natural‖ population

Numbers 1–9 appear with declining frequency

– 1 = 30 percent

– 9 = 4.6 percent

Test points to numbers appearing more frequently

than normal, therefore suspect

Billings Spike in the number ―5‖ identified fraudulent billings.


What happens in Vegas…


http://www.expenseasteak.com/


Analytics for Fraud Detection: Six Steps

1) Build a profile of potential frauds.

– This profile includes a list of the many different areas in which fraud may

occur and the types of fraud that are possible in those areas.

– This can be developed as part of a risk assessment.



2) Test data for possible indicators of fraud.

– A complete testing program should include ad hoc testing in addition to more

formalized or regular tests.

– The spectrum of automated testing ranges from ad hoc, to repetitive, to

continuous.



3) Improve the process by implementing continuous analysis.

– Use continuous analysis to test and validate the effectiveness of your

controls and identify fraud indicators—on a timely basis.

– Provide management with immediate notification.

– Create processes for control remediation.

– Implement on a comprehensive basis across business process areas.


The Analytic Spectrum for Fraud Detection

Explorative and

investigative in nature—

varied in frequency

Seeking documented

conclusions and

recommendations

Periodic analysis of

processes from multiple

sources and high data

volumes

Seeking to improve the

efficiency and quality of

fraud detection processes

―Always on‖—scripted

monitoring of key processes

Seeking timely notification of

trends, patterns, and

exceptions supporting fraud

detection programs

Ad Hoc Repetitive Continuous



4) Review results from testing and continuous analysis .

– Investigate patterns and indicators that emerge from the fraud detection tests

and continuous analysis.

– Quantify the risk of fraud.

– Identify and target high-risk areas.

– Consider risk monitoring dashboards.



5) Expand scope and repeat.

– This process of building a profile, testing data, improving controls, and

reviewing information needs to be done on a regular basis.



6) Report.

– Report recommendations on how to tighten controls or change processes to

reduce the likelihood of fraud recurrence.

– Follow up to see if those recommendations have been acted upon and if they

have had the desired effect.

– Communicate—―Tone at the Top.‖


Data Analysis: Fraud Detection—or Prevention, Too?

Iterative process

– Analyze transactions to find out control deficiencies

– Improve the control

For key risks, transaction analysis can be used to prevent

completion of a process

– Immediate alert to management and audit

Visibility of internal controls and detection system effectiveness

– Creates changes in awareness and culture

– Sets an appropriate Tone at the Top


Benefits

Close control loopholes before fraud escalates

Quantifies the impact of fraud

Cost-effective deterrent

Can be automated for continuous analysis

Provides focus based on risk and probability of fraud

Direct pointers to critical evidence


Questions You Should Ask About Data Analysis and Fraud

Where is my highest risk of fraud?

What indicators—if any—would I expect to see in the data?

What systems do I need to access to highlight suspected fraud?

Can I get access to this data?

What techniques (matching, grouping, filtering) should I apply?

Can I automate these analytics to drive efficiency into my work?


We can do a far, far better job of detecting fraud.

This will give us all a better night’s rest.

…than I have ever done; it is a far, far better rest that I go to than I

have ever known.”

t is a far, far better thing that I do,

I have Great Expectations that you can…


Questions?

[email protected] | twitter.com/PBMillar

mailto:[email protected]

http://twitter.com/PBMillar

The Best of Crimes, the Worst of Crimes - Fraud Conference · Fictitious vendors Run checks to...

Documents

Transcript of The Best of Crimes, the Worst of Crimes - Fraud Conference · Fictitious vendors Run checks to...