AGA Kansas City Chapter Data Analytics & Continuous Monitoring

Size: px
Start display at page:

Download "AGA Kansas City Chapter Data Analytics & Continuous Monitoring"

Transcription

1 AGA Kansas City Chapter Data Analytics & Continuous Monitoring

2 Agenda Market Overview & Drivers for Change Key challenges that organizations face Data Analytics What is data analytics and how can it help drive efficiencies in your audit program and overall organization? Solution Offerings Examples of applied data analytics solutions within the audit profession Data Analytics Tools Specific tools utilized to perform Computer Assisted Auditing Techniques (CAAT) Continuous Monitoring How can data analytics be applied to facilitate continuous monitoring?

3 Section 1 Market Overview & Drivers for Change

4 Market Overview & Drivers for Change The need for risk mitigation and assurance has drastically changed Strategic risk is a key concern for executive leadership, yet the amount of information provided regarding strategic, value impacting opportunities and threats is often limited Globalization, expansion, and the heightened pace of change are increasing the complexity of risks While risks around financial controls and basic compliance are managed more effectively, there are few robust techniques for overseeing broader types of risk Do More with Less - there are increasing pressure to reduce the cost of compliance 4

5 Market Overview & Drivers for Change As operating models evolve, it is critical to grow the organization s decision support capabilities and provide the ability for management to make key business decisions at the right time, with the right information, based upon a single version of the truth to improve operation effectiveness and risk management. The available data is wrong but we get it so late it doesn t matter I am probably making bad decisions because of bad data Too much detail delivered to too many people people get lost in the detail Need to be an expert in the systems to get any information out of them The reporting environment and process is akin to Database Dim Sum; pull a little information from every database If I had better data, I would make different business decisions We spend lots of work hours constructing the analysis it leaves little time to actually analyze 5

6 Section 2 Data Analytics

7 Introduction to Data Analytics What is Data Analytics? Data Analytics refers to the processes and procedures used to interpret raw data with the purpose of gaining insight and understanding from the information. Data Analytics Operational Insight 7

8 Introduction to Data Analytics Types of data analytics Ad-hoc Repeatable Centralized Continuous Monitoring Effectiveness of Corrective Action Evolution of Data Analytic Techniques Continuous Monitoring Centralized Repeatable Ad-hoc Analytic Frequency The results of Data Analytics may be used to identify areas of key risk, fraud, errors or misuse; improve business efficiencies; verify process effectiveness; or influence business decisions. 8

9 Introduction to Data Analytics Why is Data Analytics beneficial? Gain a better understanding of your organization s data Gain complete coverage over a data set Automate testing procedures (reduce manual effort needed) Testing procedures are easily repeated Test for more complex scenarios than possible through manual review Automated / streamlined reporting Data Analytics Improved Testing Efficiency Improved Coverage Increased Granularity Completeness & Accuracy Checks 9

10 Introduction to Data Analytics How can data analytics drive efficiencies in your audit program? Increase audit coverage o 100% coverage over a data set Significantly More Value 1. Realigning audit coverage Focus on strategic auditing increases Focus on anomalies o Identify and mediate early Predictive analysis and monitoring 2. Improving process and leveraging technology Materially Less Cost 10

11 Introduction to Data Analytics Key benefits and challenges for using data analytics Benefits Remove sampling risk by gaining audit coverage over 100% of population Increase independence from information system functions (developers, technology administration) Decreased cost over time due to reusability Provide real-time audit opinions Efficiently test certain assertions such as completeness and accuracy Challenges First year costs can be higher than a manual test Auditor needs a strong understanding of the operation, financial or technology supporting the data Perception by information providers that data cannot be extracted or used 11

12 Section 3 Data Analytics Solution Offerings

13 Solution Offerings Fraud Analytics The use of data analytic techniques to identify false, altered or manipulated records or supporting documentation used in preparing or maintaining an organization's financial data. Identify fraudulent or misstated transactions used to produce financial statements Allows the organization to save money by identifying and mitigating fraud schemes (embezzlement, asset misappropriation, accounts payable fraud, etc.) Maintain reputation 13

14 Solution Offerings Fraud Analytics Time & Expense Target Area Description Outcome Collusion Employee Lists repeat reimbursements to employees (accommodating for a certain amount of variance) related to the same payee, creditor, or vendor Identify duplicate payment of the same expense activity from different employees Fraud / Abuse Analyze employee expense activities for potential duplicate reimbursements from different expense reports Multiple reimbursement requests for the same expense activity with different management approval Fraud / Abuse Non typical vendor analysis name and address comparison to identify vendors and expense activities to casino, clubs and other suspicious entertainments Identify high-risk employee who has abused the objective of the company related expense policy P-Card Management List employees whose average amounts per expense category is higher than average Identify employee who misused P-Card for personal purchases Control Deficiency Employee expense transaction amount stratification Identify employees exceeding the P-card authorization/ approval limit by time period that is daily, monthly, quarterly and/or annually 14

15 Solution Offerings Revenue Recognition Analysis around a company's order/sales process to gain insight into operational effectiveness and ensure revenue is being recognized appropriately. Test contract terms and conditions to ensure they are met & calculated correctly Analyze the sales / revenue / reimbursement cycle to look for trends / misstatements in recorded revenue / expenses Analyze bills for accuracy vs. contracts 15

16 Solution Offerings Accounts Payable Analytics Procure to Pay processing and reporting capabilities for expense control and cash disbursement management Identify weaknesses in controls in payment to suppliers Determine issues around duplicate payments, abnormal invoice activities, and payments to employees Isolate variances in master data set such as master vendor file 16

17 Solution Offerings Accounts Payable Target Area Description Outcome Vendor Identify suspicious or fictitious vendor Identify vendor with the same address as employee or created by/paid by the same employee AP Recovery Identify overpayment, duplicate payments Identify opportunity for volume discounts, working capital improvement Control Deficiency Identify fraud/abuse Identify fraud/abuse Foreign Corrupt Practices Act (FCPA) Identify corruption, bribery with payments to high-risk individuals (i.e., politically exposed) Compliant with FCPA and the Federal Trade Commission s red flag program, avoid fines from regulatory agencies Reputation Identify payments to suspicious addresses (i.e., P.O. Box) or high-risk businesses Transparency via ethical supply-chain and vendor sourcing 17

18 Solution Offerings Sustainable Cost Reduction Analysis Controlling and optimizing the money organizations spend Help organizations reduce costs with a detailed analysis of the organization s spending patterns Focus on identifying and delivering savings opportunities Monitor activities, capturing related spend results, and producing robust reports 18

19 Solution Offerings Post System Implementation Reviews Assessment of the effectiveness of the system development after the system has been in production for a period of time Provide comfort over the quality of data from legacy to new system Analyze data to resolve complex reconciliation issues Identify areas of improvements in the system s controls 19

20 Section 4 Data Analytics Tools

21 Data Analytics Tools What is Computer Assisted Auditing Techniques (CAAT)? Creating new or using existing end user system reports to analyze data (using software such as Microsoft Excel, Microsoft Access, ACL, etc.) to identify and quantify transactions that merit further investigation due to their nature, size or because they highlight control weaknesses and opportunities for process improvement. 21

22 Data Analytics Tools CAAT as a Data Analysis Technique: Testing whether system fields have the appropriate value/calculation for a population of accounts, securities or transactions Testing and quantifying fraud and control failure scenarios Identifying the unusual transactions that have bypassed controls Determining and measuring the impact of data quality issues Recognizing unusual transactions and events Increasing audit coverage and assurance 22

23 Data Analytics Tools CAAT Benefits: Use CAATs to increase the: Effectiveness of monitoring Impact of findings Depth of understanding The data tells the story! Enables you to qualify the financial impact of business decisions, accounting practices, and internal controls 23

24 Data Analytics Tools Available Tools: Download a text file into Microsoft Excel or Access database Download an existing end user report into Microsoft Excel or Access database Use the report writer capabilities of the software application to create reports Available Analytic Software: ACL, Oversight, Tableau, Spend Radar 24

25 Data Analytics Tools Recommended Practices Review all transactions rather than sample basis Obtain as many data elements (fields from the system) as possible for each transaction Validate integrity of data Confirm limitations from using data warehouse vs. production environment Look for hidden patterns Identify full impact of overpayments (example) rather than estimate May indicate causes of overpayments (example) Work with IT to enhance data retention capabilities Refine your queries to provide targeted results Integrate reports into Continuous Monitoring activities 25

26 Section 5 Continuous Monitoring

27 Continuous Monitoring Overview What is Continuous Monitoring? Continuous monitoring is the process and technology used to detect compliance and risk issues associated with an organizations financial and operational environment. What does this mean? The processes that management puts in place to ensure that the policies, procedures, and business processes are operating effectively Ongoing insight into the effectiveness of controls and the integrity of transactions running within them. Provides the most to benefit from timely insight into errors/issues Management is the owner of this process Performed by operational/financial management; audit independently evaluates adequacy of management activities 27

28 Continuous Monitoring Overview Continuous Monitoring Process and technology used to detect compliance and risk issues associated with an organization's financial and operational environment. Significant increase of controls effectiveness over time Key risks Monitoring /IT/ Automated controls Process controls Early identification of required actions short term implementation of actions and monitoring of the effectiveness Synergies across various types of audits 28

29 Continuous Monitoring Overview What can Continuous Monitoring be used for? Monitoring of Key Performance Indicators (KPIs) Monitoring of Key Controls Fraud Detection Audit Testing Monitoring Risks 29

30 Continuous Monitoring Overview Continuous Monitoring Usage Reduce / eliminate the manual, detailed transaction reviews currently being performed / tested. o Moving from substantive testing to controls testing Scenario 1 Scenario 2 Management Effort Comprehensive Monitoring Little to no monitoring Audit Effort Reduced Effort / Testing Significant Effort / Testing 30

31 Continuous Monitoring Overview Key Benefits of Continuous Monitoring The key focus for continuous-monitoring solutions is to reduce recurring manual compliance effort, chiefly through replacing manual controls with automated ones. Compliance and cost reduction aside, these solutions can increase assurance of financial integrity several ways. Attribute Benefit Improved Consistency Manual controls are subject to manual errors, whereas automated controls tend to operate more reliably Improved Coverage Improved or complete transaction coverage is possible Increased Sophistication Controls can be designed with more complexity if they are not required to be performed manually Improved Timeliness Detective controls can be executed very quickly, rather than after-thefact or in an audit Additional Controls More controls can be achieved through automation than would be possible to perform manually Robert Martin. "Continuous Monitoring Meets Enterprise Risk Management." Information Management Online (2005) 31

32 Continuous Monitoring Overview Types of Continuous Monitoring Although there are different types of monitoring, they all play a role in comprehensive risk management programs. Type Description Control Monitoring Detection and escalation of risk control violation events Indicator Monitoring Detection of non-control events, Key Risk Indicators or early warning indicators of changes to factors that could impact the risk environment. These could be internal or external, current or forward looking, etc. Performance Monitoring Measuring the effectiveness of the risk program or of the organization as a whole (organizational performance optimization is a goal of many Enterprise Risk Management programs) 32

33 Continuous Monitoring Overview How does Continuous Monitoring fit in the picture? Identify the key risks in a business process Determine what risks can be measured through data analysis Prioritize the risks Document the risks as controls Throughout the year, monitor the controls that were identified Formula Definition Responsibility Ongoing analysis of the effectiveness of controls and the integrity of transactions running within them Typically performed by management, with independent evaluations periodically performed by internal audit + Continuous Auditing Identifying, assessing, mitigating and monitoring risks throughout the year Typically performed by an Internal Audit/Controls group separate from management = Continuous Assurance Combination of continuous monitoring and continuous auditing Operational/financial management and oversight by internal audit Continuous Monitoring 33

34 Continuous Monitoring Overview 34

35 Thank You! Presented by: Eric Hinrichs, Director Brett Dauffenbach, Senior Associate

Using Technology to Automate Fraud Detection Within Key Business Process Areas

Using Technology to Automate Fraud Detection Within Key Business Process Areas Using Technology to Automate Fraud Detection Within Key Business Process Areas 2013 ACFE Canadian Fraud Conference September 10, 2013 John Verver, CA, CISA, CMA Vice President, Strategy ACL Services Ltd

More information

ACL WHITEPAPER. Automating Fraud Detection: The Essential Guide. John Verver, CA, CISA, CMC, Vice President, Product Strategy & Alliances

ACL WHITEPAPER. Automating Fraud Detection: The Essential Guide. John Verver, CA, CISA, CMC, Vice President, Product Strategy & Alliances ACL WHITEPAPER Automating Fraud Detection: The Essential Guide John Verver, CA, CISA, CMC, Vice President, Product Strategy & Alliances Contents EXECUTIVE SUMMARY..................................................................3

More information

Procurement Fraud Identification & Role of Data Mining

Procurement Fraud Identification & Role of Data Mining The paper describes the known boundaries of Procurement Fraud and outlines the scope of data mining within the same. The paper also highlights some of the basic steps to be taken care of before the application

More information

Strong Corporate Governance & Internal Controls: Internal Auditing in Higher Education

Strong Corporate Governance & Internal Controls: Internal Auditing in Higher Education Strong Corporate Governance & Internal Controls: Internal Auditing in Higher Education Contents Introduction Internal Audit as Trusted Advisor & Business Partner Big Ticket Items: Fraud, Revenue Leakage

More information

Types of Fraud and Recent Cases. Developing an Effective Anti-fraud Program from the Top Down

Types of Fraud and Recent Cases. Developing an Effective Anti-fraud Program from the Top Down Types of and Recent Cases Developing an Effective Anti-fraud Program from the Top Down 1 Types of and Recent Cases Chris Grippa (404-817-5945) FIDS Senior Manager with Ernst & Young LLP Works with clients

More information

GOVERNANCE: Enhanced Controls Needed To Avoid Duplicate Payments

GOVERNANCE: Enhanced Controls Needed To Avoid Duplicate Payments GOVERNANCE: Enhanced Controls Needed To Avoid Duplicate Payments Audit Report OIG-A-2013-018 September 20, 2013 NATIONAL RAILROAD PASSENGER CORPORATION Office of Inspector General REPORT HIGHLIGHTS Why

More information

Fraud Prevention, Detection and Response. Dean Bunch, Ernst & Young Fraud Investigation & Dispute Services

Fraud Prevention, Detection and Response. Dean Bunch, Ernst & Young Fraud Investigation & Dispute Services Fraud Prevention, Detection and Response. Dean Bunch, Ernst & Young Fraud Investigation & Dispute Services Agenda Fraud Overview Fraud Prevention Fraud Detection Fraud Response Questions Page 2 Fraud Overview

More information

San Francisco Chapter. Jonathan Shipman, Ernst & Young David Morgan, Ernst & Young

San Francisco Chapter. Jonathan Shipman, Ernst & Young David Morgan, Ernst & Young Jonathan Shipman, Ernst & Young David Morgan, Ernst & Young Learning Objectives Understand how data analysis can impact/improve business Understand typical data analysis challenges Understand the various

More information

Auditing for Value in the Procure to Pay Cycle Dallas IIA Chapter. October 1, 2009

Auditing for Value in the Procure to Pay Cycle Dallas IIA Chapter. October 1, 2009 Auditing for Value in the Procure to Pay Cycle Dallas IIA Chapter October 1, 2009 Supply Chain Risk Overview * Today s Focus * Includes Working Capital benefits 1 2009 Protiviti Inc. An Equal Opportunity

More information

Leveraging Big Data to Mitigate Health Care Fraud Risk

Leveraging Big Data to Mitigate Health Care Fraud Risk Leveraging Big Data to Mitigate Health Care Fraud Risk Jeremy Clopton, CPA, CFE, ACDA Senior Managing Consultant BKD, LLP Forensics & Valuation Services Introduction Health Care Is Victimized by Fraud

More information

LGMA Qld Governance and Corporate Planning Village Forum

LGMA Qld Governance and Corporate Planning Village Forum www.pwc.com.au Fraud Risk Management Fraud Risk Assessments LGMA Qld Governance and Corporate Planning Village Forum March 2015 Agenda Introductions Fraud Risk Management Fraud Statistics s Global Economic

More information

Audit Quality Thematic Review

Audit Quality Thematic Review Thematic Review Professional discipline Financial Reporting Council January 2014 Audit Quality Thematic Review Fraud risks and laws and regulations The FRC is responsible for promoting high quality corporate

More information

www.pwc.com PwC The Path Forward for Data Analysis and Continuous Auditing May 2011

www.pwc.com PwC The Path Forward for Data Analysis and Continuous Auditing May 2011 www.pwc.com The Path Forward for Data Analysis and Continuous Auditing May 2011 Agenda What are we hearing in the market? The CA Maturity Path Where to start? What is the difference between CA & CCM? Best

More information

THE ABC S OF DATA ANALYTICS

THE ABC S OF DATA ANALYTICS THE ABC S OF DATA ANALYTICS ANGEL BUTLER MAY 23, 2013 HOUSTON AREA SCHOOL DISTRICT INTERNAL AUDITORS (HASDIA) AGENDA Data Analytics Overview Data Analytics Examples Compliance Purchasing and Accounts Payable

More information

Internal Audit Testing and Sampling Techniques. Chartered Institute of Internal Auditors May 2014

Internal Audit Testing and Sampling Techniques. Chartered Institute of Internal Auditors May 2014 Internal Audit Testing and Sampling Techniques Chartered Institute of Internal Auditors May 2014 Controls Testing Slide 1 Testing Priorities Risk B1 Risk A1 Risk B2 Risk A2 Risk C2 Risk C1 Controls testing

More information

Accounts Payable Best Practices

Accounts Payable Best Practices Accounts Payable Best Practices Presented by: Eddy Castaneda, CPA, MBA Accounts Payable Best Practices Top Practices AP Top Practices Document your current AP procedures Can identify overlapping work Can

More information

U S I N G D A T A A N A L Y S I S T O M E E T T H E R E Q U I R E M E N T S O F R I S K B A S E D A U D I T I N G S T A N D A R D S

U S I N G D A T A A N A L Y S I S T O M E E T T H E R E Q U I R E M E N T S O F R I S K B A S E D A U D I T I N G S T A N D A R D S U S I N G D A T A A N A L Y S I S T O M E E T T H E R E Q U I R E M E N T S O F R I S K B A S E D A U D I T I N G S T A N D A R D S A C a s e W a r e I D E A R e s e a r c h R e p o r t CaseWare IDEA Inc.

More information

Continuous Monitoring and Case Management For SAP: Prevent Errors and Fraud in your most important Business Processes

Continuous Monitoring and Case Management For SAP: Prevent Errors and Fraud in your most important Business Processes REMEDYNE Continuous Monitoring Document Version: Rel. 1.6 2015-09- 07 Continuous Monitoring and Case Management For SAP: Prevent Errors and Fraud in your most important Business Processes TABLE OF CONTENTS

More information

Applying Data Analytics to Address Fraud Risk

Applying Data Analytics to Address Fraud Risk Applying Data Analytics to Address Fraud Risk Vikas Dutta Abbasali Tavawala November 9, 2013 2013 CA. All rights reserved. 2013 CA. All rights reserved. Agenda COSO Framework Requirements for Fraud Risk

More information

Current Uses and Trends in ACL and Data Mining

Current Uses and Trends in ACL and Data Mining Current Uses and Trends in ACL and Data Mining Weaver and Tidwell, L.L.P. January 10, 2013 Marlon B Williams, CPA, ACDA Partner, Assurance Reema Parappilly, CISA Senior Manager, IT Advisory Objective Discuss

More information

ACCOUNTS PAYABLE AUDIT RECOVERING LOST DOLLARS AT NO COST

ACCOUNTS PAYABLE AUDIT RECOVERING LOST DOLLARS AT NO COST ACCOUNTS PAYABLE AUDIT RECOVERING LOST DOLLARS AT NO COST 1 Our Objective To assist organizations in finding lost thousands of dollars in profits through duplicate payments, duplicate billings, overpayments,

More information

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 THE AUDITOR S RESPONSIBILITIES RELATING TO FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 THE AUDITOR S RESPONSIBILITIES RELATING TO FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 Introduction THE AUDITOR S RESPONSIBILITIES RELATING TO FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS (Effective for audits of financial statements for

More information

Internal Audit Practice Guide

Internal Audit Practice Guide Internal Audit Practice Guide Continuous Auditing Office of the Comptroller General, Internal Audit Sector May 2010 Table of Contents Purpose...1 Background...1 Definitions...2 Continuous Auditing Professional

More information

FRAUD RISK ASSESSMENT

FRAUD RISK ASSESSMENT FRAUD RISK ASSESSMENT All agencies are subject to fraud risks and need to complete a fraud risk assessment for their agency at least every biennium. A detailed fraud assessment needs to be performed by

More information

Reduce Audit Time Using Automation, By Example. Jay Gohil Senior Manager

Reduce Audit Time Using Automation, By Example. Jay Gohil Senior Manager Reduce Audit Time Using Automation, By Example Jay Gohil Senior Manager Today s Session Speaker Bio: Jay Gohil, Protiviti Jay is a Senior Manager in the ERP Services practice in Atlanta. In the past seven

More information

Table of Contents. Transmittal Letter... 1. Executive Summary... 2-3. Background... 4-5. Objectives and Approach... 6. Issues Matrix...

Table of Contents. Transmittal Letter... 1. Executive Summary... 2-3. Background... 4-5. Objectives and Approach... 6. Issues Matrix... Internal Audit Committee of Brevard County, Florida Internal Audit Review of Accounts Payable Prepared By: Internal Auditors of Brevard County September 22, 2010 Table of Contents Transmittal Letter...

More information

Continuous Audit and Case Management For SAP: Prevent Errors and Fraud in your most important Business Processes

Continuous Audit and Case Management For SAP: Prevent Errors and Fraud in your most important Business Processes REMEDYNE Fraud Prevention Document Version: Rel. 1.4 2015-03-05 Continuous Audit and Case Management For SAP: Prevent Errors and Fraud in your most important Business Processes TABLE OF CONTENTS 1. SOLUTION

More information

Fraud Awareness Training

Fraud Awareness Training UT System Administration General Compliance Training Fall 2014 This training will take approximately 20 minutes to complete Objectives What is occupational fraud Common myths about fraud Conditions for

More information

Internal Controls and Fraud Detection & Prevention. Harold Monk and Jennifer Christensen

Internal Controls and Fraud Detection & Prevention. Harold Monk and Jennifer Christensen Internal Controls and Fraud Detection & Prevention Harold Monk and Jennifer Christensen 1 Common Fraud Statements Everyone in government has an honest and charitable heart. It may happen other places,

More information

Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained

Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained Performing Audit Procedures in Response to Assessed Risks 1781 AU Section 318 Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained (Supersedes SAS No. 55.)

More information

Data Mining/Fraud Detection. April 28, 2014 Jonathan Meyer, CPA KPMG, LLP

Data Mining/Fraud Detection. April 28, 2014 Jonathan Meyer, CPA KPMG, LLP Data Mining/Fraud Detection April 28, 2014 Jonathan Meyer, CPA KPMG, LLP 1 Agenda Overview of Data Analytics & Fraud Getting Started with Data Analytics Where to Look & Why? What is Possible? 2 D&A Business

More information

Accounts Payable Fraud & Risk Reduction

Accounts Payable Fraud & Risk Reduction Accounts Payable Fraud & Risk Reduction Implementing a Proactive Position Accounts Payable Fraud & Risk Reduction Implementing a Proactive Position Accounts Payable Fraud & Risk Reduction Implementing

More information

www.pwc.com Internal Audit Data Analytics

www.pwc.com Internal Audit Data Analytics www.pwc.com Internal Audit Data Analytics What s driving the need for enhanced data analytics in the market Analytics maturity model Capabilities developed and adopted Capabilities used to drive audits

More information

Integrating Data Analytics into Internal Audit

Integrating Data Analytics into Internal Audit Integrating Data Analytics into Internal Audit IIA Beach Cities Meeting May 19, 2011 Agenda Introductions Background Industry Perspective Benefits of Challenges in Examples / Case Studies Tools Of The

More information

Microsoft Confidential

Microsoft Confidential Brock Phillips, CPA, CFE, CCEP Forensic Accounting Sr. Manager Financial Integrity Unit Microsoft Audit Group Lou DeCola, CPA, CIA, CFE Forensic Accounting Sr. Manager Financial Integrity Unit Microsoft

More information

SPG 223 Fraud Risk Management. June 2015

SPG 223 Fraud Risk Management. June 2015 SPG 223 Fraud Risk Management June 2015 Disclaimer and copyright This prudential practice guide is not legal advice and users are encouraged to obtain professional advice about the application of any legislation

More information

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 THE AUDITOR S RESPONSIBILITY TO CONSIDER FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 THE AUDITOR S RESPONSIBILITY TO CONSIDER FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 THE AUDITOR S RESPONSIBILITY TO CONSIDER FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS Paragraphs Introduction... 1-3 Characteristics of Fraud...

More information

Fraud Detection and Prevention

Fraud Detection and Prevention Fraud Detection and Prevention Financial Management Advisory Council August 28, 2014 Sarah Mahugh, CPA, MBA Financial Audit Audit Manager Overview Fraud trends Fraud Risks and internal controls Case Studies

More information

A Framework for Managing Crime and Fraud

A Framework for Managing Crime and Fraud A Framework for Managing Crime and Fraud ASIS European Security Conference & Exhibition Gothenburg, April 15, 2013 Torsten Wolf Group Head of Crime and Fraud Prevention Agenda Introduction Economic Crime

More information

Validating Third Party Software Erica M. Torres, CRCM

Validating Third Party Software Erica M. Torres, CRCM Validating Third Party Software Erica M. Torres, CRCM Michigan Bankers Association Risk Management & Compliance Institute September 29, 2014 MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT

More information

Data Analytics Leveraging Data Visualization and Automation in Audit Real World Examples

Data Analytics Leveraging Data Visualization and Automation in Audit Real World Examples Data Analytics Leveraging Data Visualization and Automation in Audit Real World Examples June 3, 2015 Cliff Stephens, CISA Agenda Introductions Technological Advances in Analytics Capitalizing on Analytics

More information

INTERNATIONAL STANDARD ON AUDITING 240 THE AUDITOR S RESPONSIBILITIES RELATING TO FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

INTERNATIONAL STANDARD ON AUDITING 240 THE AUDITOR S RESPONSIBILITIES RELATING TO FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS INTERNATIONAL STANDARD ON 240 THE AUDITOR S RESPONSIBILITIES RELATING TO (Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS Paragraph Introduction

More information

Sarbanes-Oxley Compliance A Checklist for Evaluating Internal Controls

Sarbanes-Oxley Compliance A Checklist for Evaluating Internal Controls Sarbanes-Oxley Compliance A Checklist for Evaluating Internal Controls Companies today are immersed in audits of their internal controls and financial processes in an effort to comply with Section 404

More information

Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement

Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement Understanding the Entity and Its Environment 1667 AU Section 314 Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement (Supersedes SAS No. 55.) Source: SAS No. 109.

More information

CFO. Improving the Bottom Line with Advanced Controls CONTENTS

CFO. Improving the Bottom Line with Advanced Controls CONTENTS CFO Improving the Bottom Line with Advanced Controls CONTENTS EXECUTIVE SUMMARY 1 THE PROBLEM ILLUSTRATED 2 SOLUTIONS 4 PROCESS RISKS AND CONTROLS 6 CASE STUDY 9 SELF ASSESSMENT 12 WHAT DOES THE FUTURE

More information

The Power of Risk, Compliance & Security Management in SAP S/4HANA

The Power of Risk, Compliance & Security Management in SAP S/4HANA The Power of Risk, Compliance & Security Management in SAP S/4HANA OUR AGENDA Key Learnings Observations on Risk & Compliance Management Current State Current Challenges The SAP GRC and Security Solution

More information

Advanced Data Analytics, the Fraudsters Worst Enemy

Advanced Data Analytics, the Fraudsters Worst Enemy Advanced Data Analytics, the Fraudsters Worst Enemy Introducing Powerful Tools and Techniques to Uncover Fraud Agenda Overview of data analytics in the anti-fraud and fraud investigation context Capability

More information

Fraud Workshop Finding the truth in the transactions

Fraud Workshop Finding the truth in the transactions Your Trusted Partner for Audit Analytics Fraud Workshop Finding the truth in the transactions Copyright 2011 ACL Services Ltd. Robin Clough, ACDA ACL Certified Trainer Copyright 2011 ACL Services Ltd.

More information

Preventing Healthcare Fraud through Predictive Modeling. Category: Improving State Operations

Preventing Healthcare Fraud through Predictive Modeling. Category: Improving State Operations Preventing Healthcare Fraud through Predictive Modeling Category: Improving State Operations Commonwealth of Massachusetts Executive Office of Health and Human Services Project initiated: July 2012 Project

More information

by: Scott Baranowski, CIA

by: Scott Baranowski, CIA Community Bank Auditors Group A/P, Procurement and Credit Card Internal Controls June 4, 2014 by: Scott Baranowski, CIA MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2013 Wolf

More information

Data Analytics for Internal Auditors

Data Analytics for Internal Auditors Data Analytics for Internal Auditors Getting Started and Beyond A Presentation for Auditors Presenter Christopher Mishler, CMA, CIA, CISA SME User-Developed Application Risks Experis Finance 2 Experis

More information

Strategically Detecting And Mitigating Employee Fraud

Strategically Detecting And Mitigating Employee Fraud A Custom Technology Adoption Profile Commissioned By SAP and Deloitte March 2014 Strategically Detecting And Mitigating Employee Fraud Executive Summary Employee fraud is a universal concern, with detection

More information

Feature. A Framework for Estimating ROI of Automated Internal Controls. Do you have something to say about this article?

Feature. A Framework for Estimating ROI of Automated Internal Controls. Do you have something to say about this article? Feature A Framework for Estimating ROI of Automated Internal Controls Angsuman Dutta is the unit leader of the marketing and customer acquisition support teams at Infogix. Since 2001, he has assisted numerous

More information

Procurement Fraud Red Flags & Investigative Techniques

Procurement Fraud Red Flags & Investigative Techniques Procurement Fraud Red Flags & Investigative Techniques Procurement Process Contracting to acquire goods or services Often based on relationships Decisions to acquire made objectively and subjectively

More information

S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma

S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma Governance, Risk, Compliance (GRC) Automation Siamak Razmazma Siamak.razmazma@protiviti.com September 2009 Agenda Introduction to

More information

Internal Controls over Accounts Payable and Expenditure Processes

Internal Controls over Accounts Payable and Expenditure Processes The North Carolina Office of the State Controller Internal Controls over Accounts Payable and Expenditure Processes March 30, 2010 David McCoy State Controller Introduction Administrative Items Please

More information

Fraud Prevention and Detection in a Manufacturing Environment

Fraud Prevention and Detection in a Manufacturing Environment Fraud Prevention and Detection in a Manufacturing Environment Introduction The Association of Certified Fraud Examiners (ACFE) estimated in its 2008 Report to the Nation on Occupational Fraud and Abuse

More information

www.pwc.com Being protected Using data analytics to detect fraud

www.pwc.com Being protected Using data analytics to detect fraud www.pwc.com Being protected Using data analytics to detect fraud Are you currently exposed to fraudulent activities? It will surprise few to learn that occupational fraud, IP infringement, corruption,

More information

Neil Meikle, Associate Director, Forensic Technology, PwC

Neil Meikle, Associate Director, Forensic Technology, PwC Case Study: Big Data Forensics Neil Meikle, Associate Director, Forensic Technology, PwC 6 November 2012 About me Transferred to Kuala Lumpur from PwC s Forensic Technology practice in London, England

More information

Continuous Auditing / Continuous Monitoring

Continuous Auditing / Continuous Monitoring Continuous Auditing / Continuous Monitoring Using Technology to Drive Value by Managing Risk and Improving Performance KPMG LLP Introduction As business risks of all kinds continue to proliferate, management

More information

Continuous Auditing with Data Analytics

Continuous Auditing with Data Analytics Continuous Auditing with Data Analytics Brooke Miller, CPA, CIA, CPCU brooke.miller@rlicorp.com Sean Scranton, CPCU, CISSP, CISM, CISA sean.scranton@rlicorp.com Overview Understand embedding data analytics

More information

ISOLATE AND ELIMINATE FRAUD THROUGH ADVANCED ANALYTICS. BENJAMIN CHIANG, CFE, CISA, CA Partner, Ernst and Young Advisory Singapore

ISOLATE AND ELIMINATE FRAUD THROUGH ADVANCED ANALYTICS. BENJAMIN CHIANG, CFE, CISA, CA Partner, Ernst and Young Advisory Singapore With ever-increasing data volumes, more sophisticated fraud patterns, and a drive for strong corporate governance, how can organisations build a culture of integrity and compliance? Learn how data analytics

More information

The Auditor s Responsibilities Relating to Fraud in an Audit of Financial Statements

The Auditor s Responsibilities Relating to Fraud in an Audit of Financial Statements ISA 240 February 2008 International Standard on Auditing The Auditor s Responsibilities Relating to Fraud in an Audit of Financial Statements INTERNATIONAL STANDARD ON AUDITING 240 The Auditor s Responsibilities

More information

PREPARING AUDITORS IN THEIR USAGE OF DATA ANALYTICS TOOL IN FRAUD PREVENTION PROGRAM

PREPARING AUDITORS IN THEIR USAGE OF DATA ANALYTICS TOOL IN FRAUD PREVENTION PROGRAM IN THEIR USAGE OF DATA ANALYTICS TOOL IN FRAUD PREVENTION PROGRAM Auditors need to understand that while audit findings are common, they are not necessarily fraud and due care is needed in building evidence.

More information

Introductions, Course Outline, and Other Administration Issues. Ed Ferrara, MSIA, CISSP eferrara@forrester.com. Copyright 2015 Edward S.

Introductions, Course Outline, and Other Administration Issues. Ed Ferrara, MSIA, CISSP eferrara@forrester.com. Copyright 2015 Edward S. MIS 520 Week 2 Fraud Detection & Prevention Introductions, Course Outline, and Other Administration Issues Ed Ferrara, MSIA, CISSP eferrara@forrester.com Fraud Awareness & Internal Controls Awareness Internal

More information

INTERNATIONAL STANDARD ON AUDITING 330 THE AUDITOR S PROCEDURES IN RESPONSE TO ASSESSED RISKS CONTENTS

INTERNATIONAL STANDARD ON AUDITING 330 THE AUDITOR S PROCEDURES IN RESPONSE TO ASSESSED RISKS CONTENTS INTERNATIONAL STANDARD ON AUDITING 330 THE AUDITOR S PROCEDURES IN RESPONSE TO ASSESSED RISKS (Effective for audits of financial statements for periods beginning on or after June 15, 2006) CONTENTS Paragraph

More information

Use of Data Extraction & Analysis Software In a Financial Statement Audit

Use of Data Extraction & Analysis Software In a Financial Statement Audit Use of Data Extraction & Analysis Software In a Financial Statement Audit A Message from The Audit Wizard April 2008 Making Auditors Proficient, Inc. Phone: 352-750-9636 www.billallen.com E-mail: ballen@billallen.com

More information

Optimizing Compliance through the Integration of AML and Fraud Prevention Broker-Dealers Perspective

Optimizing Compliance through the Integration of AML and Fraud Prevention Broker-Dealers Perspective Optimizing Compliance through the Integration of AML and Fraud Prevention Broker-Dealers Perspective Katherine M. Sikora Nelson Chair BNY Mellon Broker Dealer Anti-Money Laundering Oversight Committee

More information

Great Expectations : How to Detect and Prevent Fraud using Data Analysis

Great Expectations : How to Detect and Prevent Fraud using Data Analysis Technology for Business Assurance Great Expectations : How to Detect and Prevent Fraud using Data Analysis Copyright 2009 ACL Services Ltd. Peter Millar Director, Technology Application ACL Services Ltd

More information

Leveraging data analytics and continuous auditing processes for improved audit planning, effectiveness, and efficiency. kpmg.com

Leveraging data analytics and continuous auditing processes for improved audit planning, effectiveness, and efficiency. kpmg.com Leveraging data analytics and continuous auditing processes for improved audit planning, effectiveness, and efficiency kpmg.com Leveraging data analytics and continuous auditing processes 1 Executive

More information

FRAUD PREVENTION STRATEGIES FOR HEALTH CARE A FORENSIC ACCOUNTANT S PERSPECTIVE

FRAUD PREVENTION STRATEGIES FOR HEALTH CARE A FORENSIC ACCOUNTANT S PERSPECTIVE FRAUD PREVENTION STRATEGIES FOR HEALTH CARE A FORENSIC ACCOUNTANT S PERSPECTIVE CPAs & ADVISORS experience reach // S. Todd Burchett, CPA, ABV, ASA, CFF, CFE Partner tburchett@bkd.com 210.268.1932 AGENDA

More information

Fraud Control Theory

Fraud Control Theory 13 Fraud Control Theory Using a variation of a saying from the 1960s, fraud happens. Like all costs of doing business, fraud must be managed. Management must recognize that people commit fraudulent acts

More information

Risk-based Data Analytics for Internal Audit and Compliance

Risk-based Data Analytics for Internal Audit and Compliance Leading Trends in Conducting Leading Trends in Conducting Risk-based Data Analytics for Internal Audit and Compliance Top issues for Life Sciences companies what we are seeing in Asia Bribery and corruption

More information

Vendor Audit and Cost Recovery: Improving Bottom Line Results WHITE PAPER

Vendor Audit and Cost Recovery: Improving Bottom Line Results WHITE PAPER Vendor Audit and Cost Recovery: Improving Bottom Line Results WHITE PAPER 2002 ACL Services Ltd. All rights reserved. AMWE109003 ACL and the ACL logo are registered trademarks of ACL Services Ltd. All

More information

Chapter 15 Auditing the Expenditure Cycle

Chapter 15 Auditing the Expenditure Cycle Chapter 15 Auditing the Expenditure Cycle Expenditure cycle consists of activities related to the acquisition of and payment for plant assets and goods and services. Two major transaction classes: 1 purchases

More information

FCPA 10 Hallmarks Self- Assessment

FCPA 10 Hallmarks Self- Assessment FCPA 10 Hallmarks Self- Assessment How exposed is your business to corruption risk? Take this assessment to find out if your systems are sufficiently robust to protect your business October 2014 Prepared

More information

Data analysis for Internal Audit

Data analysis for Internal Audit Data analysis for Internal Audit What is Data Analytics Analytics is the process of obtaining an optimal or realistic decision based on existing data. Wikipedia Data analytics is the science of examining

More information

SEMINAR FACT SHEET. HOW YOU WILL BENEFIT During this program, you will:

SEMINAR FACT SHEET. HOW YOU WILL BENEFIT During this program, you will: THE A Division of The ARC Consulting Group, Inc. A Profit Enhancement Firm Providing Educational and Consultative Services to the International Business Community SEMINAR FACT SHEET ARC S ACCOUNTS PAYABLE

More information

Data Mining Methodologies for Anti Fraud and Continuous Auditing Programs

Data Mining Methodologies for Anti Fraud and Continuous Auditing Programs Data Mining Methodologies for Anti Fraud and Continuous Auditing Programs 2014 Governmental Accounting & Audit Update May 7, 8, & 9 2014 CLAconnect.com Agenda Presentation Objectives 2 Defining Anti Fraud

More information

Centre for Corporate Governance. Sample listing of fraud schemes

Centre for Corporate Governance. Sample listing of fraud schemes Centre for Corporate Governance Sample listing of fraud schemes Sample listing of fraud schemes The following listing of possible fraud schemes can be utilized by management and auditors to assist in identifying

More information

Tel. 202.332.3566 Fax 202.332.3672 www.martinwallcpa.com MANAGEMENT LETTER

Tel. 202.332.3566 Fax 202.332.3672 www.martinwallcpa.com MANAGEMENT LETTER Tel. 202.332.3566 Fax 202.332.3672 www.martinwallcpa.com MANAGEMENT LETTER In planning and performing our audit of the financial statements of the U.S. Nuclear Waste Technical Review Board (NWTRB) for

More information

Continuous Monitoring: Match Your Business Needs with the Right Technique

Continuous Monitoring: Match Your Business Needs with the Right Technique Continuous Monitoring: Match Your Business Needs with the Right Technique Jamie Levitt, Ron Risinger, September 11, 2012 Agenda 1. Introduction 2. Challenge 3. Continuous Monitoring 4. SAP s Continuous

More information

Leveraging Data Analytics and Continuous Auditing. Internal Audit. January 9, 2014

Leveraging Data Analytics and Continuous Auditing. Internal Audit. January 9, 2014 Leveraging Data Analytics and Continuous Auditing to Transform Internal Audit January 9, 2014 Presenter Introductions John Isenberg, Director KPMG Risk Consulting Dallas Cortnye King, Manager KPMG Risk

More information

CIIA South West Analytics in Internal Audit - Tackling Fraud

CIIA South West Analytics in Internal Audit - Tackling Fraud CIIA South West Analytics in Internal Audit - Tackling Fraud 10 December 2014 Agenda Intro to Analytics When to use analytics and how to get started Risk Monitoring and Control Automation Common Pitfalls

More information

Physician Payments Sunshine Act

Physician Payments Sunshine Act Physician Payments Sunshine Act The Sunshine Act: A tough act to follow? The Physician Payments Sunshine Act will require companies to record any physician payments or benefits provided in 2012 and to

More information

May 2011 Report No. 11-030. An Audit Report on Substance Abuse Program Contract Monitoring at the Department of State Health Services

May 2011 Report No. 11-030. An Audit Report on Substance Abuse Program Contract Monitoring at the Department of State Health Services John Keel, CPA State Auditor An Audit Report on Substance Abuse Program Contract Monitoring at the Department of State Health Services Report No. 11-030 An Audit Report on Substance Abuse Program Contract

More information

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

The Changing IT Risk Landscape Understanding and managing existing and emerging risks The Changing IT Risk Landscape Understanding and managing existing and emerging risks IIA @ Noon Kareem Sadek Senior Manager, Deloitte Canada Chris Close Senior Manager, Deloitte Canada December 2, 2015

More information

INTERNATIONAL STANDARD ON AUDITING 330 THE AUDITOR S RESPONSES TO ASSESSED RISKS CONTENTS

INTERNATIONAL STANDARD ON AUDITING 330 THE AUDITOR S RESPONSES TO ASSESSED RISKS CONTENTS INTERNATIONAL STANDARD ON AUDITING 330 THE AUDITOR S RESPONSES TO ASSESSED RISKS (Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS Paragraph Introduction

More information

AML Topics Using analytics to get the most from your transaction monitoring system

AML Topics Using analytics to get the most from your transaction monitoring system www.pwc.com AML Topics Using analytics to get the most from your transaction monitoring system March 2011 Contents Components of the AML Compliance Program... 1 Transaction Monitoring... 1 Transaction

More information

White Paper - Travel & Entertainment Spend Analytics Best Practices

White Paper - Travel & Entertainment Spend Analytics Best Practices White Paper - Travel & Entertainment Spend Analytics Best Practices T&E is probably your company s second largest discretionary expense, representing on average as much as 6% of all corporate expenses.

More information

UNITED STATES DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL 400 MARYLAND AVENUE, S.W. WASHINGTON, DC 20202-1500.

UNITED STATES DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL 400 MARYLAND AVENUE, S.W. WASHINGTON, DC 20202-1500. UNITED STATES DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL 400 MARYLAND AVENUE, S.W. WASHINGTON, DC 20202-1500 February 1, 2006 Michell Clark, Designee Assistant Secretary for Management and Acting

More information

Embedding Fraud Fighting Techniques into Internal Audit

Embedding Fraud Fighting Techniques into Internal Audit Embedding Fraud Fighting Techniques into Internal Audit Mary Breslin MBA, CIA, CFE What is Fraud? The Association of Certified Fraud Examiners defines occupational fraud as: The use of one s occupation

More information

Internal Controls, Fraud Detection and ERP

Internal Controls, Fraud Detection and ERP Internal Controls, Fraud Detection and ERP Recently the SEC adopted Section 404 of the Sarbanes Oxley Act. This law requires each annual report of a company to contain 1. A statement of management's responsibility

More information

Consideration of Fraud in a Financial Statement Audit

Consideration of Fraud in a Financial Statement Audit Consideration of Fraud in a Financial Statement Audit 151 AU-C Section 240 Consideration of Fraud in a Financial Statement Audit Source: SAS No. 122; SAS No. 128. Effective for audits of financial statements

More information

Internal Control Systems and Maintenance of Accounting and Other Records for Interactive Gaming & Interactive Wagering Corporations (IGIWC)

Internal Control Systems and Maintenance of Accounting and Other Records for Interactive Gaming & Interactive Wagering Corporations (IGIWC) Internal Control Systems and Maintenance of Accounting and Other Records for Interactive Gaming & Interactive Wagering Corporations (IGIWC) 1 Introduction 1.1 Section 316 (4) of the International Business

More information

Fraud in the Non-Profit Organizations: Schemes & Strategies. presented by: Lynn L. Menard, CFE, CPA

Fraud in the Non-Profit Organizations: Schemes & Strategies. presented by: Lynn L. Menard, CFE, CPA Fraud in the Non-Profit Organizations: Schemes & Strategies presented by: Lynn L. Menard, CFE, CPA Common Fraud Myths in Non Profits Everyone in a non profit has an honest and charitable heart. It may

More information

Performance Audit City s Payment Process

Performance Audit City s Payment Process Performance Audit City s Payment Process January 2013 City Auditor s Office City of Kansas City, Missouri 18-2011 Office of the City Auditor 21 st Floor, City Hall 414 East 12 th Street (816) 513-3300

More information

Reports. Leading Practices in Report Testing

Reports. Leading Practices in Report Testing Reports Leading Practices in Report Testing 1 Agenda What are reports, really? Why is report testing important? Which reports should be tested? How is report testing performed? How often should reports

More information

MEMORANDUM. 2015 Risk Assessment, 2015 Audit Plan, and 2014 Audit Plan

MEMORANDUM. 2015 Risk Assessment, 2015 Audit Plan, and 2014 Audit Plan ORANGE COUNTY EMPLOYEES RETIREMENT SYSTEM MEMORANDUM DATE: January 21, 2015 TO: FROM: SUBJECT: s of the Audit Committee David James, Director of Internal Audit 2015 Risk Assessment, 2015 Audit Plan, and

More information