AGA Kansas City Chapter Data Analytics & Continuous Monitoring

Similar documents
Using Technology to Automate Fraud Detection Within Key Business Process Areas

ACL WHITEPAPER. Automating Fraud Detection: The Essential Guide. John Verver, CA, CISA, CMC, Vice President, Product Strategy & Alliances

GOVERNANCE: Enhanced Controls Needed To Avoid Duplicate Payments

Procurement Fraud Identification & Role of Data Mining

Strong Corporate Governance & Internal Controls: Internal Auditing in Higher Education

Types of Fraud and Recent Cases. Developing an Effective Anti-fraud Program from the Top Down

Leveraging Big Data to Mitigate Health Care Fraud Risk

PwC The Path Forward for Data Analysis and Continuous Auditing May 2011

Fraud Prevention, Detection and Response. Dean Bunch, Ernst & Young Fraud Investigation & Dispute Services

Internal Audit Testing and Sampling Techniques. Chartered Institute of Internal Auditors May 2014

LGMA Qld Governance and Corporate Planning Village Forum

THE ABC S OF DATA ANALYTICS

Auditing for Value in the Procure to Pay Cycle Dallas IIA Chapter. October 1, 2009

San Francisco Chapter. Jonathan Shipman, Ernst & Young David Morgan, Ernst & Young

Audit Quality Thematic Review

Continuous Monitoring and Case Management For SAP: Prevent Errors and Fraud in your most important Business Processes

U S I N G D A T A A N A L Y S I S T O M E E T T H E R E Q U I R E M E N T S O F R I S K B A S E D A U D I T I N G S T A N D A R D S

Internal Controls and Fraud Detection & Prevention. Harold Monk and Jennifer Christensen

Accounts Payable Best Practices

SPG 223 Fraud Risk Management. June 2015

FRAUD RISK ASSESSMENT

Data Mining/Fraud Detection. April 28, 2014 Jonathan Meyer, CPA KPMG, LLP

Fraud Awareness Training

Continuous Audit and Case Management For SAP: Prevent Errors and Fraud in your most important Business Processes

Table of Contents. Transmittal Letter Executive Summary Background Objectives and Approach Issues Matrix...

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 THE AUDITOR S RESPONSIBILITIES RELATING TO FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS

Internal Audit Practice Guide

Reduce Audit Time Using Automation, By Example. Jay Gohil Senior Manager

Data Analytics Leveraging Data Visualization and Automation in Audit Real World Examples

Integrating Data Analytics into Internal Audit

Current Uses and Trends in ACL and Data Mining

Strategically Detecting And Mitigating Employee Fraud

How To Prevent Fraud On A Credit Card

by: Scott Baranowski, CIA

ACCOUNTS PAYABLE AUDIT RECOVERING LOST DOLLARS AT NO COST

Fraud Workshop Finding the truth in the transactions

Validating Third Party Software Erica M. Torres, CRCM

Data analysis for Internal Audit

Sarbanes-Oxley Compliance A Checklist for Evaluating Internal Controls

Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained

Advanced Data Analytics, the Fraudsters Worst Enemy

Neil Meikle, Associate Director, Forensic Technology, PwC

INTERNATIONAL STANDARD ON AUDITING 240 THE AUDITOR S RESPONSIBILITIES RELATING TO FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

Use of Data Extraction & Analysis Software In a Financial Statement Audit

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 THE AUDITOR S RESPONSIBILITY TO CONSIDER FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

Microsoft Confidential

Leveraging data analytics and continuous auditing processes for improved audit planning, effectiveness, and efficiency. kpmg.com

Feature. A Framework for Estimating ROI of Automated Internal Controls. Do you have something to say about this article?

Preventing Healthcare Fraud through Predictive Modeling. Category: Improving State Operations

Fraud Prevention and Detection in a Manufacturing Environment

Continuous Monitoring: Match Your Business Needs with the Right Technique

CIIA South West Analytics in Internal Audit - Tackling Fraud

Being protected Using data analytics to detect fraud

A Framework for Managing Crime and Fraud

Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement

Continuous Auditing / Continuous Monitoring

The Auditor s Responsibilities Relating to Fraud in an Audit of Financial Statements

ISOLATE AND ELIMINATE FRAUD THROUGH ADVANCED ANALYTICS. BENJAMIN CHIANG, CFE, CISA, CA Partner, Ernst and Young Advisory Singapore

The Power of Risk, Compliance & Security Management in SAP S/4HANA

Internal Controls, Fraud Detection and ERP

S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma

Introductions, Course Outline, and Other Administration Issues. Ed Ferrara, MSIA, CISSP Copyright 2015 Edward S.

Kroll Ontrack Data Analytics. Forensic analysis and visualization of complex data sets to provide intelligence around investigations

Chapter 15 Auditing the Expenditure Cycle

PREPARING AUDITORS IN THEIR USAGE OF DATA ANALYTICS TOOL IN FRAUD PREVENTION PROGRAM

Forensic Audit and Automated Oversight Federal Audit Executive Council September 24, 2009

Tel Fax MANAGEMENT LETTER

AML Topics Using analytics to get the most from your transaction monitoring system

Physician Payments Sunshine Act

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

Leveraging Data Analytics and Continuous Auditing. Internal Audit. January 9, 2014

Continuous Auditing with Data Analytics

Fraud and Role of Information Technology. September 2008

Performance Audit City s Payment Process

Internal Controls and Financial Accountability for Not-for-Profit Boards NEW YORK STATE OFFICE. of the ATTORNEY GENERAL.

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

GOVERNANCE, RISK AND COMPLIANCE. Internal Audit. Assessing Fraud Vulnerabilities. kpmg.com/in

The Role of Oversight and Monitoring and the Use of Analytics to Increase Effectiveness of your Compliance Program

Fighting Fraud with Data Mining & Analysis

OFFICE OF AUDITS & ADVISORY SERVICES ACCOUNTS PAYABLE VENDOR MASTER FILE AUDIT FINAL REPORT

FRAUD PREVENTION STRATEGIES FOR HEALTH CARE A FORENSIC ACCOUNTANT S PERSPECTIVE

Accounts Payable Outsourcing Audit April 2014

White Paper - Travel & Entertainment Spend Analytics Best Practices

A Performance Audit of the State s Purchasing Card Program

P-Card Fraud Controls. Introduction

How To Find Out If A Company Misstatement Is True

Centre for Corporate Governance. Sample listing of fraud schemes

Fraud Control Theory

Fundamentals Level Skills Module, Paper F8 (IRL) 1 (a) Audit procedures procurement and purchases system

UNITED STATES DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL 400 MARYLAND AVENUE, S.W. WASHINGTON, DC

Using COBiT For Sarbanes Oxley. Japan November 18 th 2006 Gary A Bannister

ASTRAZENECA GLOBAL POLICY SAFEGUARDING COMPANY ASSETS AND RESOURCES

Transcription:

AGA Kansas City Chapter Data Analytics & Continuous Monitoring

Agenda Market Overview & Drivers for Change Key challenges that organizations face Data Analytics What is data analytics and how can it help drive efficiencies in your audit program and overall organization? Solution Offerings Examples of applied data analytics solutions within the audit profession Data Analytics Tools Specific tools utilized to perform Computer Assisted Auditing Techniques (CAAT) Continuous Monitoring How can data analytics be applied to facilitate continuous monitoring?

Section 1 Market Overview & Drivers for Change

Market Overview & Drivers for Change The need for risk mitigation and assurance has drastically changed Strategic risk is a key concern for executive leadership, yet the amount of information provided regarding strategic, value impacting opportunities and threats is often limited Globalization, expansion, and the heightened pace of change are increasing the complexity of risks While risks around financial controls and basic compliance are managed more effectively, there are few robust techniques for overseeing broader types of risk Do More with Less - there are increasing pressure to reduce the cost of compliance 4

Market Overview & Drivers for Change As operating models evolve, it is critical to grow the organization s decision support capabilities and provide the ability for management to make key business decisions at the right time, with the right information, based upon a single version of the truth to improve operation effectiveness and risk management. The available data is wrong but we get it so late it doesn t matter I am probably making bad decisions because of bad data Too much detail delivered to too many people people get lost in the detail Need to be an expert in the systems to get any information out of them The reporting environment and process is akin to Database Dim Sum; pull a little information from every database If I had better data, I would make different business decisions We spend lots of work hours constructing the analysis it leaves little time to actually analyze 5

Section 2 Data Analytics

Introduction to Data Analytics What is Data Analytics? Data Analytics refers to the processes and procedures used to interpret raw data with the purpose of gaining insight and understanding from the information. Data Analytics Operational Insight 7

Introduction to Data Analytics Types of data analytics Ad-hoc Repeatable Centralized Continuous Monitoring Effectiveness of Corrective Action Evolution of Data Analytic Techniques Continuous Monitoring Centralized Repeatable Ad-hoc Analytic Frequency The results of Data Analytics may be used to identify areas of key risk, fraud, errors or misuse; improve business efficiencies; verify process effectiveness; or influence business decisions. 8

Introduction to Data Analytics Why is Data Analytics beneficial? Gain a better understanding of your organization s data Gain complete coverage over a data set Automate testing procedures (reduce manual effort needed) Testing procedures are easily repeated Test for more complex scenarios than possible through manual review Automated / streamlined reporting Data Analytics Improved Testing Efficiency Improved Coverage Increased Granularity Completeness & Accuracy Checks 9

Introduction to Data Analytics How can data analytics drive efficiencies in your audit program? Increase audit coverage o 100% coverage over a data set Significantly More Value 1. Realigning audit coverage Focus on strategic auditing increases Focus on anomalies o Identify and mediate early Predictive analysis and monitoring 2. Improving process and leveraging technology Materially Less Cost 10

Introduction to Data Analytics Key benefits and challenges for using data analytics Benefits Remove sampling risk by gaining audit coverage over 100% of population Increase independence from information system functions (developers, technology administration) Decreased cost over time due to reusability Provide real-time audit opinions Efficiently test certain assertions such as completeness and accuracy Challenges First year costs can be higher than a manual test Auditor needs a strong understanding of the operation, financial or technology supporting the data Perception by information providers that data cannot be extracted or used 11

Section 3 Data Analytics Solution Offerings

Solution Offerings Fraud Analytics The use of data analytic techniques to identify false, altered or manipulated records or supporting documentation used in preparing or maintaining an organization's financial data. Identify fraudulent or misstated transactions used to produce financial statements Allows the organization to save money by identifying and mitigating fraud schemes (embezzlement, asset misappropriation, accounts payable fraud, etc.) Maintain reputation 13

Solution Offerings Fraud Analytics Time & Expense Target Area Description Outcome Collusion Employee Lists repeat reimbursements to employees (accommodating for a certain amount of variance) related to the same payee, creditor, or vendor Identify duplicate payment of the same expense activity from different employees Fraud / Abuse Analyze employee expense activities for potential duplicate reimbursements from different expense reports Multiple reimbursement requests for the same expense activity with different management approval Fraud / Abuse Non typical vendor analysis name and address comparison to identify vendors and expense activities to casino, clubs and other suspicious entertainments Identify high-risk employee who has abused the objective of the company related expense policy P-Card Management List employees whose average amounts per expense category is higher than average Identify employee who misused P-Card for personal purchases Control Deficiency Employee expense transaction amount stratification Identify employees exceeding the P-card authorization/ approval limit by time period that is daily, monthly, quarterly and/or annually 14

Solution Offerings Revenue Recognition Analysis around a company's order/sales process to gain insight into operational effectiveness and ensure revenue is being recognized appropriately. Test contract terms and conditions to ensure they are met & calculated correctly Analyze the sales / revenue / reimbursement cycle to look for trends / misstatements in recorded revenue / expenses Analyze bills for accuracy vs. contracts 15

Solution Offerings Accounts Payable Analytics Procure to Pay processing and reporting capabilities for expense control and cash disbursement management Identify weaknesses in controls in payment to suppliers Determine issues around duplicate payments, abnormal invoice activities, and payments to employees Isolate variances in master data set such as master vendor file 16

Solution Offerings Accounts Payable Target Area Description Outcome Vendor Identify suspicious or fictitious vendor Identify vendor with the same address as employee or created by/paid by the same employee AP Recovery Identify overpayment, duplicate payments Identify opportunity for volume discounts, working capital improvement Control Deficiency Identify fraud/abuse Identify fraud/abuse Foreign Corrupt Practices Act (FCPA) Identify corruption, bribery with payments to high-risk individuals (i.e., politically exposed) Compliant with FCPA and the Federal Trade Commission s red flag program, avoid fines from regulatory agencies Reputation Identify payments to suspicious addresses (i.e., P.O. Box) or high-risk businesses Transparency via ethical supply-chain and vendor sourcing 17

Solution Offerings Sustainable Cost Reduction Analysis Controlling and optimizing the money organizations spend Help organizations reduce costs with a detailed analysis of the organization s spending patterns Focus on identifying and delivering savings opportunities Monitor activities, capturing related spend results, and producing robust reports 18

Solution Offerings Post System Implementation Reviews Assessment of the effectiveness of the system development after the system has been in production for a period of time Provide comfort over the quality of data from legacy to new system Analyze data to resolve complex reconciliation issues Identify areas of improvements in the system s controls 19

Section 4 Data Analytics Tools

Data Analytics Tools What is Computer Assisted Auditing Techniques (CAAT)? Creating new or using existing end user system reports to analyze data (using software such as Microsoft Excel, Microsoft Access, ACL, etc.) to identify and quantify transactions that merit further investigation due to their nature, size or because they highlight control weaknesses and opportunities for process improvement. 21

Data Analytics Tools CAAT as a Data Analysis Technique: Testing whether system fields have the appropriate value/calculation for a population of accounts, securities or transactions Testing and quantifying fraud and control failure scenarios Identifying the unusual transactions that have bypassed controls Determining and measuring the impact of data quality issues Recognizing unusual transactions and events Increasing audit coverage and assurance 22

Data Analytics Tools CAAT Benefits: Use CAATs to increase the: Effectiveness of monitoring Impact of findings Depth of understanding The data tells the story! Enables you to qualify the financial impact of business decisions, accounting practices, and internal controls 23

Data Analytics Tools Available Tools: Download a text file into Microsoft Excel or Access database Download an existing end user report into Microsoft Excel or Access database Use the report writer capabilities of the software application to create reports Available Analytic Software: ACL, Oversight, Tableau, Spend Radar 24

Data Analytics Tools Recommended Practices Review all transactions rather than sample basis Obtain as many data elements (fields from the system) as possible for each transaction Validate integrity of data Confirm limitations from using data warehouse vs. production environment Look for hidden patterns Identify full impact of overpayments (example) rather than estimate May indicate causes of overpayments (example) Work with IT to enhance data retention capabilities Refine your queries to provide targeted results Integrate reports into Continuous Monitoring activities 25

Section 5 Continuous Monitoring

Continuous Monitoring Overview What is Continuous Monitoring? Continuous monitoring is the process and technology used to detect compliance and risk issues associated with an organizations financial and operational environment. What does this mean? The processes that management puts in place to ensure that the policies, procedures, and business processes are operating effectively Ongoing insight into the effectiveness of controls and the integrity of transactions running within them. Provides the most to benefit from timely insight into errors/issues Management is the owner of this process Performed by operational/financial management; audit independently evaluates adequacy of management activities 27

Continuous Monitoring Overview Continuous Monitoring Process and technology used to detect compliance and risk issues associated with an organization's financial and operational environment. Significant increase of controls effectiveness over time Key risks Monitoring /IT/ Automated controls Process controls Early identification of required actions short term implementation of actions and monitoring of the effectiveness Synergies across various types of audits 28

Continuous Monitoring Overview What can Continuous Monitoring be used for? Monitoring of Key Performance Indicators (KPIs) Monitoring of Key Controls Fraud Detection Audit Testing Monitoring Risks 29

Continuous Monitoring Overview Continuous Monitoring Usage Reduce / eliminate the manual, detailed transaction reviews currently being performed / tested. o Moving from substantive testing to controls testing Scenario 1 Scenario 2 Management Effort Comprehensive Monitoring Little to no monitoring Audit Effort Reduced Effort / Testing Significant Effort / Testing 30

Continuous Monitoring Overview Key Benefits of Continuous Monitoring The key focus for continuous-monitoring solutions is to reduce recurring manual compliance effort, chiefly through replacing manual controls with automated ones. Compliance and cost reduction aside, these solutions can increase assurance of financial integrity several ways. Attribute Benefit Improved Consistency Manual controls are subject to manual errors, whereas automated controls tend to operate more reliably Improved Coverage Improved or complete transaction coverage is possible Increased Sophistication Controls can be designed with more complexity if they are not required to be performed manually Improved Timeliness Detective controls can be executed very quickly, rather than after-thefact or in an audit Additional Controls More controls can be achieved through automation than would be possible to perform manually Robert Martin. "Continuous Monitoring Meets Enterprise Risk Management." Information Management Online (2005) 31

Continuous Monitoring Overview Types of Continuous Monitoring Although there are different types of monitoring, they all play a role in comprehensive risk management programs. Type Description Control Monitoring Detection and escalation of risk control violation events Indicator Monitoring Detection of non-control events, Key Risk Indicators or early warning indicators of changes to factors that could impact the risk environment. These could be internal or external, current or forward looking, etc. Performance Monitoring Measuring the effectiveness of the risk program or of the organization as a whole (organizational performance optimization is a goal of many Enterprise Risk Management programs) 32

Continuous Monitoring Overview How does Continuous Monitoring fit in the picture? Identify the key risks in a business process Determine what risks can be measured through data analysis Prioritize the risks Document the risks as controls Throughout the year, monitor the controls that were identified Formula Definition Responsibility Ongoing analysis of the effectiveness of controls and the integrity of transactions running within them Typically performed by management, with independent evaluations periodically performed by internal audit + Continuous Auditing Identifying, assessing, mitigating and monitoring risks throughout the year Typically performed by an Internal Audit/Controls group separate from management = Continuous Assurance Combination of continuous monitoring and continuous auditing Operational/financial management and oversight by internal audit Continuous Monitoring 33

Continuous Monitoring Overview 34

Thank You! Presented by: Eric Hinrichs, Director Brett Dauffenbach, Senior Associate eric.r.hinrichs@us.pwc.com brett.dauffenbach@us.pwc.com 816-218-1728 816-591-1662

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information