5/7/2014
1
Copyright © FraudResourceNet LLC
Catch T&E and P‐Card Fraudsters With Data Analytic Power Tools
Special Guest Presenter: Rich Lanza, CPA, CFE
Copyright © FraudResourceNet LLC
President and Founder of White Collar Crime 101
Publisher of White-Collar Crime Fighter Developer of FraudAware® Anti-Fraud Training Monthly Columnist, The Fraud Examiner, ACFE
Newsletter
Member of Editorial Advisory Board, ACFE
Author of “Fraud in the Markets”
• Explains how fraud fueled the financial crisis.
About Peter Goldmann, MSc., CFE
5/7/2014
2
Copyright © FraudResourceNet LLC
About Jim Kaplan, MSc, CIA, CFE
• President and Founder of AuditNet®, the global resource for auditors (now available on Apple and Android devices)
• Auditor, Web Site Guru,
• Internet for Auditors Pioneer
• Recipient of the IIA’s 2007 Bradford Cadmus Memorial Award.
• Author of “The Auditor’s Guide to Internet Resources” 2nd Edition
Copyright © FraudResourceNet LLC
Richard B. Lanza, CPA, CFE, CGMA
• Over two decades of ACL and Excel software usage• Wrote the first practical ACL publication on how to
use the product in 101 ways (101 ACL Applications)
• Has written and spoken on the use of audit data analytics for over 15 years.
• Received the Outstanding Achievement in Business Award by the Association of Certified Fraud Examiners for developing the publication Proactively Detecting Fraud Using Computer Audit Reports as a research project for the IIA
• Recently was a contributing author of:• Global Technology Audit Guide (GTAG #13) Fraud
in an Automated World - IIA• Data Analytics – A Practical Approach - research
whitepaper for the Information System Accountability Control Association.
• “Cost Recovery – Turning Your Accounts Payable Department into a Profit Center” – Wiley & Sons.
Please see full bio at www.richlanza.com
5/7/2014
3
Copyright © FraudResourceNet LLC
The CPE certificates and link to the recording will be sent to the email address you registered with in GTW. We are not responsible for delivery problems due to spam filters, attachment restrictions or other controls in place for your email client.
Submit questions via the chat box on your screen and we will answer them either during or at the conclusion.
After the Webinar is over you will have an opportunity to provide feedback. Please complete the feedback questionnaire to help us continuously improve our Webinars
If GTW stops working you may need to close and restart. You can always dial in and listen and follow along with the handout.
This webinar and its material are the property of FraudResourceNet LLC. Unauthorized usage or recording of this webinar or any of its material is strictly forbidden. We are recording the webinar and you will be provided with a link access to that recording as detailed below. Downloading or otherwise duplicating the webinar recording is expressly prohibited.
Webinar recording link will be sent via email within 5-7 business days.
NASBA rules require us to ask polling questions during the Webinar and CPE certificates will be sent via email to those who answer ALL the polling questions
Webinar Housekeeping
Copyright © FraudResourceNet LLC
The views expressed by the presenters do not necessarily represent the views, positions, or opinions of FraudResourceNet LLC (FRN) or the presenters’ respective organizations. These materials, and the oral presentation accompanying them, are for educational purposes only and do not constitute accounting or legal advice or create an accountant‐client relationship.
While FRN makes every effort to ensure information is accurate and complete, FRN makes no representations, guarantees, or warranties as to the accuracy or completeness of the information provided via this presentation. FRN specifically disclaims all liability for any claims or damages that may result from the information contained in this presentation, including any websites maintained by third parties and linked to the FRN website
Any mention of commercial products is for information only; it does not imply recommendation or endorsement by FraudResourceNet LLC
6
Disclaimers
5/7/2014
4
Copyright © FraudResourceNet LLC
Today’s Agenda
How to effectively screen for red flags of travel fraud
How to gather the data you need to audit for card fraud using data analytics
How to use data analytics to identify falsification of meal, hotel and cab receipts
Best ways to screen for suspicious corporate and P‐card transactions
Effective controls for minimizing your organization exposure to all forms of T&E and P‐card fraud
Essentials of proactive anti‐fraud management targeting expense reimbursement and card fraud
Copyright © FraudResourceNet LLC
Key Considerations Before Entering Pcard and T&E Reviews
Is 3% to 5% savings in T&E worth the controls? It probably won’t be enough of an issue for SarbOx
It DOES make for an embarrassing paper headline
98% of people are honest…Do you want to hound them for the 2%?
Is T&E a company benefit?
Will you be able to take on the executives?
5/7/2014
5
Copyright © FraudResourceNet LLC
Asset MisappropriationTops The Charts
Copyright © FraudResourceNet LLC
Top Fraud Schemes By Department
5/7/2014
6
Copyright © FraudResourceNet LLC
Making $20K Extra This Year(assume 20 trips a year)
Meals ($30 a day * 4 days * 20 trips) = $2,400
Gas/Mileage ($20 per trip * 20 trips) = $400
Airline ($100 per trip * 20 trips) = $2,000
Hotel ($10 per day * 4 days * 20 trips) = $800
Entertainment ($50 per trip * 20 trips) = $1,000
Other ($50 per trip * 20 trips) = $1,000
Airline/Other miles for free tickets = $7,000
Total of $14,600 after tax or $20,000 before tax
Copyright © FraudResourceNet LLC
Types of T&E Fraud (in order of
occurrence per ACFE Study Report to the Nations ‐ 2006)
Miscategorized – personal expenses that are submitted as business.
Overstated – inappropriate overstatement of submitted expenses.
Fictitious Receipt – phony receipt used as support.
Over‐purchase – purchase more than needed and keep the rest.
Collusion – manager and employee scheme against the company
5/7/2014
7
Copyright © FraudResourceNet LLC
Polling Question 1
What is not one of the top occurring fraud types per the ACFE study?
A. Asset MisappropriationB. CorruptionC. Other Document Fraud D. All of the Above
Copyright © FraudResourceNet LLC
Key Steps to Committing T&E Fraud (Tasks )
Submit claims for personal expenses labeled as business expenses
Bypass review by approving own claims
Create fictitious vendor to vouch for purchases
Avoid approval limits by splitting purchases
Submit claims for non‐existent expenses on behalf of other employees who also submit directly
Submit altered claims for legitimate expenses that are larger than actuals, pocket difference in cash
Purchase legitimate item twice or more, secure refund(s)
Submit invented claims using blank receipts or other forms from vendor
Organize legitimate expenses to secure a cash discount or other benefit from vendor that should go to the employer
Create additional expense cards / accounts that are outside the normal reporting system
5/7/2014
8
Copyright © FraudResourceNet LLC
Playing The T&E Game Can Be Addictive
The extra cash always helps
It’s tax‐free!
The “getting back” at the company feeling
Managers never check anyway
What are they going to do…fire me over $20?
The slippery slope to go for more
Copyright © FraudResourceNet LLC
The Basic Tests
Review the business purpose of each expense for reasonableness.
Validate expenses with proper receipts (when applicable).
Recalculate the total reimbursable amount to test accuracy.
Review each report for proper approval
Trace and agree the total reimbursable amount on the T&E report to the disbursement(s).
5/7/2014
9
Copyright © FraudResourceNet LLC
Remember the Tips(Not the Dinner Kind)
Tip Line is Still the #1 Way to Find Fraud
Analytics play a role
Most frauds are detected based on a pattern of past frauds within the entity
Copyright © FraudResourceNet LLC
Airline Schemes and Tests
Book a personal trip as a business one:
Match dates of travel to airline dates
Book an expensive refundable ticket and a cheaper ticket, cancel the refundable ticket, and then submit it for payment
Obtain payment receipt (i.e., Visa bill for the month) and airline support
See “How To Pad Your Expense Report…..and Get Away With It” by Employee X
5/7/2014
10
Copyright © FraudResourceNet LLC
Airline Schemes and Tests
Edit the E‐mail on an E‐Ticket
Obtain payment receipt (i.e., Visa bill for the month) and airline support
Use one airline to get mileage points (even if not the best)
Get a general sense of flight costs and airlines for key company locations
See “How To Pad Your Expense Report…..and Get Away With It” by Employee X
Copyright © FraudResourceNet LLC
Hotel Schemes and Tests
Scan invoice and increase amounts
Get extra invoice paper from hotel and type phony bill
Complain to reverse charges and submit the original invoice
Ask for a discount (i.e., AAA) after the bill is printed
Obtain payment receipt (i.e., Visa bill for the month) and hotel support
See “How To Pad Your Expense Report…..and Get Away With It” by Employee X
5/7/2014
11
Copyright © FraudResourceNet LLC
Meal Schemes and Tests
Buy tear off receipts at office supply store and submit phony receipts
Eat cheap meals or have someone else pay for them and then submit thrown away receipts
Check dates are within travel period
Obtain payment receipt (i.e., Visa bill for the month) and hotel support
See “How To Pad Your Expense Report…..and Get Away With It” by Employee X
Copyright © FraudResourceNet LLC
Taxi / Mileage
Put through phony taxi receipt and have someone drive you to the airport
Obtain payment receipt (i.e., Visa bill for the month)
Add more mileage to the mileage allowance
Get a general sense of mileage between company locations or use Mapquest
See “How To Pad Your Expense Report…..and Get Away With It” by Employee X
5/7/2014
12
Copyright © FraudResourceNet LLC
Little More Advanced Tests
Submit altered claims for legitimate expenses that are larger than actuals, pocket difference in cash
Create fictitious vendor to vouch for purchases
Use a “Square” to become a vendor yourself
Change the vendor’s name between the P‐Card and T&E system
Avoid approval limits by splitting purchases
Organize legitimate expenses to secure a cash discount or other benefit from vendor that should go to the employer
Submit same expense to multiple authorities or multiple general ledger accounts
Copyright © FraudResourceNet LLC
Polling Question 2
What is the number one way to detect fraud per past studies?
A. Strong Pcard policyB. Management tip (hotline)C. Employee trainingD. Fraud policy
5/7/2014
13
Copyright © FraudResourceNet LLC
Book It For Them
Travel agency to process hotel, car, and air
Use a car service
Ensure that payment is made by company directly to the vendor
Copyright © FraudResourceNet LLC
Benefits of Automation
Enforce company financial policy
Established system of approvals
Increased visibility
Sound internal controls
Heightened accountability
Reduced audit fees
Peace of mind
5/7/2014
14
Copyright © 2013 FraudResourceNet™ LLC
Data Tables and Fields – P-Card
Cardholder: Card Number Cardholder Address City Post Code Limit
MCC Description:
MCC MCC Description
Transactions:
Name Card Number Merchant Merchant City Merchant State Merchant Cntry Merchant PostCode MCC Amount Curr ency Post Date Trans Date
Copyright © FraudResourceNet LLC
Data Tables and Fields T&E Considerations
Business Purpose
Who Entertained
Flight/Hotel Information (from Travel Company)
Days before the flight booking made
Type of airline and ticket
5/7/2014
15
Copyright © FraudResourceNet LLC
The Data Aggregators
Online T&E system
Travel company / Car Service company
Vendor System (i.e., Office Supplies)
Procurement card
Access database / Excel spreadsheet
Copyright © FraudResourceNet LLC
Data Marts and Server Benefits
Centralized data and backups
Audit knowledge is saved in one place
Security and user management
Better data than the business units
Faster processing for large data sets
Page 30
5/7/2014
16
Copyright © FraudResourceNet LLC
Polling Question 3
What is not one of the key tables for P‐Card analysis?
A. Cardholder
B. Travel Information
C. MCC Code Description
D. Transactions
Copyright © FraudResourceNet LLC
The Overall Fraud Analytic Process
Get the Most Useful Data for Analysis
Develop Fraud Query Viewpoints The 5 Dimensions
Brainstorm report ideas
Analytically TrendBenford’s Law
Statistical averages and simple trending by day, month, day of week
Post dated changes
Use Visualization Techniques
5/7/2014
17
Copyright © FraudResourceNet LLC
Our Viewpoints orData Dimensions
Copyright © FraudResourceNet LLC
It’s The Trends….Right?
• Trend categories (meals, hotel, airfare, other)
• Trend mileage
• Trend departments
• Trend in the type of receipts
• Trend under limits (company policy)
• Trend by person
• By location
• By vendor
5/7/2014
18
Copyright © FraudResourceNet LLC
Another Way of Presenting Data Mining Approaches
Personnel Analysis Adjustments by employee Processing by employee
Contextual Summarizations Transaction types
Time Trending Month, week, and day / Also by department Last month to first 11 months Transactions at the end of and start of a fiscal year
Copyright © FraudResourceNet LLC
Top Reports
Unmatched query of cardholders to an active employee masterfile
Cards used in multiple states in the same day
Cards processing in multiple currencies in the same day
Identify cards that have not had activity in the last six months
Cardholders that have more than one card (Duplicates on card holder)
Extract any cash back credits processed through the card
Extract declined card transactions and determine if they are frequent for certain cards
Summary of card usage by merchant to find newly added merchants and most active
5/7/2014
19
Copyright © FraudResourceNet LLC
Top Reports (continued)
Duplicates on card number, amount, and transaction date
Duplicates on merchant, amount, and transaction date (regardless of card)
Duplicates on merchant and amount
Duplicates on cardholder and amount
A multitude of transactions under the card purchase limit or MCC amount limit to identify split purchases on the card to purchase higher amount items using multiple charges.
Postings to unusual MCC codes
Align the P‐card to T&E system to ensure merchant and amounts line up for each transactions
Copyright © FraudResourceNet LLC
Violating Statistical Patterns to the Norm• Supplier values that are deemed exceptional after applying regression and standard
deviation calculations• Invoice amount values themselves that appear unusual based on the number's digits and
past patterns• Suppliers who have a large percentage of rounded‐amount invoices or in sequence invoice
numbers.
Conflicting External Data • Supplier addresses not listed in Google Maps• Supplier matches to a world compliance “watch list”• Google Maps shows supplier (business) address to be an apartment or other personal
residence
Timing Differences• Suppliers who are consistently paid quickly, typically in less than 10 days• Checks cut on a weekend or after‐hours based on time stamps• Unusual increasing or decreasing trends across business quarters for a supplier
Sample Red Flag Vendor Reports (Focus on the potential accomplice )
5/7/2014
20
Copyright © FraudResourceNet LLC
Cost Recovery Opportunity Tests
Vendors that are sole sourced to one employee
Employees that have too many vendors
Categories that map to the “recovery list” (TELCOM!!!)
Top 100 vendors
Trend analysis over time
Trend analysis by vendor (scatter graph)
Copyright © FraudResourceNet LLC
Stratify Data ‐ Results
5/7/2014
21
Copyright © FraudResourceNet LLC
Scatter Data
Copyright © FraudResourceNet LLC
Scatter Graph
5/7/2014
22
Copyright © FraudResourceNet LLC
Map of the Vendor Population
43
Copyright © FraudResourceNet LLC
0.0000
0.0500
0.1000
0.1500
0.2000
0.2500
0.3000
0.3500
10 15 20 25 30 35 40 45 50 55 60 65 70 75 80 85 90 95
Freq
uenc
y
Digits
Quarterly law
Benford
4th
3rd
2nd
1st
Benford’s Law Continuous View
5/7/2014
23
Copyright © FraudResourceNet LLC
Deeper into Benford’s
Copyright © FraudResourceNet LLC
Invoices Near The Approval Limit
5/7/2014
24
Copyright © FraudResourceNet LLC
Polling Question 4
What is the best Excel chart for reviewing Pcard and T&E data?
A. Scatter GraphsB. Pivot TablesC. VlookupD. Data Analysis Toolkit
Copyright © FraudResourceNet LLC
T&E Scoring Analysis (Using Macros)
1. Employees with low transaction, high dollar activity ‐ 20
2. Employees with a high proportion of round dollar payments. ‐ 25
3. Payments to any employees that exceed the twelve month average payments to that employee by a specified percentage (i.e., 200%) or 3x the standard deviation for that vendor. ‐ 20
4. Employees with a high proportion of charges near approval limits ‐ 35
5/7/2014
25
Copyright © FraudResourceNet LLC
Transactional Score Benefits
Instead of selecting samples from reports, transactions that meet multiple report attributes are selected (kill more birds with one stone). Therefore a 50 unit sample can efficiently audit:
38 duplicate payments
22 round invoices
18 in sequence invoices
….and they are the best given they are
mathematically the most “severe”.
Sampling can be based on quadrants
which takes into account different
severity, volume, and value dimensions
49
Copyright © FraudResourceNet LLC
P‐Card Process Steps
Create/Issue Cards
Maintain Cards
Cancel Cards
Approve Merchants / Merchant Codes
Block Merchants / Merchant Codes
Set Approval Limits / Policies of Use
Initiate Transactions
Validate Transactions
Approve Transactions
5/7/2014
26
Copyright © FraudResourceNet LLC
The Controls Summary
Whistleblower Hotline
Code of Conduct
Employee Training
Review the Data
Book It For Them
Automated Workflow
Deal With the Fraudsters
Copyright © FraudResourceNet LLC
Set the Baseline
Establish set of core values
Communicate them
Train people in them
Give people examples So they understand in practical terms
when they break the code
5/7/2014
27
Copyright © FraudResourceNet LLC
Other Fraud Policy Categories
Definitions of misconduct and dishonesty
Organizational policy and responsibilities regarding reporting suspected misconduct.
Deterrence and detection responsibilities of individuals with supervisory or review responsibility.
Policy specifying the responsibility and authority related to the investigation of incidents of misconduct and dishonesty.
General procedures for the follow up and investigation of reported incidents.
Note that questions or other clarifications of the fraud policy should be addressed to the corporation’s Chief Counsel.
Copyright © FraudResourceNet LLC
P‐Card Policy Considerations
Who can have the card / Who cannot have the card (former employees, non‐employees, agents/students/vendors)
Reconciliation procedures
What can and cannot be purchased with the card
Restricting use to organizational business needs
How to get the card
How to handle exceptions and irregularities
How a card can and should be deactivated
How to get help
Cardholder agreements
Rights and responsibilities of the cardholder, department manager responsible for managing card usage, department manager, organization and card‐issuer
5/7/2014
28
Copyright © FraudResourceNet LLC
Train the Frontline Troops
Explain the basics of fraud How it starts
How it grows fast
Red flag signs
Explain what to do if they sense it
Make it fun Case studies using past or
fictional examples
Copyright © FraudResourceNet LLC
Have a Response Team
Have an incident response program
Set the investigation plan
Set accountabilities
Do appropriate marketing
Put everyone on notice that a team exists and is ready to investigate as needed
Communicate wrongdoing through company newsletters even if it is done at a departmental level
5/7/2014
29
Copyright © FraudResourceNet LLC
Ways To Deal With Fraudsters
Terminate Make an example of those who get
caught
Put fraud on their W‐2
Remember it is better to prevent and deter than try to reclaim later
Copyright © FraudResourceNet LLC
Polling Question 5
Which of the following are key to the P‐Card fraud control framework?
A. Employee Training
B. Review the Data
C. Book It For Them
D. Automated Workflow
E. All of the above
5/7/2014
30
Copyright © FraudResourceNet LLC
Questions?
Any Questions?Don’t be Shy!
Copyright © FraudResourceNet LLC
May 14 Vendor Master File Fraud Detection and Prevention Using Data Analytics
June 11 Essentials of an Effective Fraud Response Plan
June 18 Quick Response Fraud Detection Using Data Analytics
Coming Up Next
5/7/2014
31
Copyright © FraudResourceNet LLC
The best information newsletter on fraud and white collar crime is now available for free!
Sign Up Now
Please share with your network!
WCC Fighter News ‐ Free
Copyright © FraudResourceNet LLC
Thank You!
Website: http://www.fraudresourcenet.com
Jim KaplanFraudResourceNet™
800‐385‐1625 [email protected]
Peter GoldmannFraudResourceNet™
800‐440‐[email protected]
Rich LanzaCash Recovery Partners, LLC
Phone: 973‐729‐[email protected]
Top Related