Using Technology to Automate Fraud Detection Within Key Business Process Areas 2013 ACFE Canadian Fraud Conference September 10, 2013 John Verver, CA, CISA, CMA Vice President, Strategy ACL Services Ltd
2 Topics Fraud detection and integrated audit, risk management and compliance Role of data analysis technology in fraud detection Automation of fraud detection analytics and continuous monitoring Practical steps for implementation Examples of fraud tests for key business process areas
3 Integrated Audit, Risk Management, and Compliance Enterprise Risk Management gaining momentum Fraud a key focus area for risk management and control Increasing trend toward continuous risk and control assessment Technology is critical but underutilized Data driven risk management, control, and compliance
4 Technology and Fraud Detection Surveys by IIA, Big 4, and ACL Technology: a critical factor for successful performance in risk management, audit, and fraud detection Data analysis is the technology expected to have the greatest impact on effectiveness and productivity.
Fraud and Risk Management 5 ACL s 2013 Survey of 2,200 audit, risk management, and compliance professionals Internal fraud and abuse area of highest concern
6 Decide on Strategic Approach Integrate fraud-detection analytical testing into those of overall risk management and control? Automated fraud detection as a standalone function?
7 Fundamentals of technology for fraud detection Analyze 100% populations of transactional data (plus master data and application control settings) Identify indicators of fraudulent activities Overall statistical analysis to indicate anomalies ( don t know what you don t know ) Specific analysis to identify specific circumstances that indicate a high probability of fraud Compare data across different databases and systems Generate exceptions suspect items for review and investigation
8 Capabilities of data analysis technologies for fraud detection Pre-built analytic routines classification, stratification, duplicate testing, aging, join, match, compare, statistical analysis, digital analysis (Benford) Flexibility to support full automation and complex tests Automated logging Ability to access and manipulate a broad range of data Scheduled automatic processing Security Workflow and exception management Dashboard reporting
9 Continuous Monitoring Model Data Data Data Transactional Data Access transactional data from disparate sources Controls & Compliance Rules Test transactional data against established internal control rules and transactional profiles Significant Control Breaches Alerts Immediate notification of critical exposures Historical and statistical transactional profiling Financial & Business Unit Managers & Audit Suspect Transactions Findings Transactions detailed for further analysis Management & Audit Action Investigations, recoveries, and improved controls and procedures
Audit Contribution ACL Transforming Audit and Risk 10 Audit Analytic Capability Model ad hoc repetitive continuous Foresight Level 5 Monitoring Level 4 Automated Insight Level 3 Managed Level 2 Applied Hindsight Level 1 Basic Sophistication
Audit Contribution ACL Transforming Audit and Risk 11 Audit Analytic Capability Model Survey responses: Level of current audit analytics usage ad hoc repetitive continuous Foresight Continuous 11% Level 5 Monitoring Insight Hindsight Ad Hoc 67% Level 1 Basic Automated Repeatable 22% Level 2 Applied Level 3 Managed Sophistication Level 4 Automated
Audit Contribution ACL Transforming Audit and Risk 12 Audit Analytic Capability Model Survey responses: Level of highest desired analytics usage ad hoc repetitive continuous Foresight 30% 67% Level 5 Monitoring 3% Level 4 Automated Insight Level 3 Managed 0% 0% Level 2 Applied Hindsight Level 1 Basic Sophistication
13 Continuous Monitoring for Fraud Detection Timely repeated processing of tests against recent transactions Provides timely insight and reduces risk of fraud escalation Actual timing varies according to cycles of the underlying process Technically, progression from ad-hoc test processing to continuous monitoring is not usually complex Critical issues to address are people and process
14 Implementation steps for effective and sustainable fraud detection (1) Define overall objectives, including decision on fraud detection as part of an overall risk management and control testing vs. standalone function Assign roles and responsibilities Define fraud risks to be tested fraud risk universe For each fraud risk, establish data analysis fraud detection test in terms of: data requirements data access processes analysis logic
15 Implementation steps for effective and sustainable fraud detection (2) Coordinate with IT department Develop tests Validate tests Establish timing and responsibilities for automated test processing Establish workflow and responsibilities for exception management and resolution Implement reporting processes
16 Fraud tests for key business process areas Start with core set of basic tests for a business process area Progressively build and implement a broader library of tests for different business process areas In practice, organizations may establish large libraries of tests over a period of time Fraud specialist or auditor is often in best position to understand specific fraud risks in given business process Develop analytics to reflect 1. known risks 2. potential risks in circumstances that are not likely to be foreseen (DKWYDK)
17 Examples of fraud tests for Purchase to Pay (1) P.O. with blank / zero amount Split P.O.s (multiple under approval threshold) Duplicate invoices (same #, same amount same date, same vendor same amount) Invoice amount paid > goods received Invoices with no matching receiving report Multiple invoices for same P.O. and date Pattern of sequential invoices from a vendor
18 Examples of fraud tests for Purchase to Pay (2) Unapproved vendors Suspect purchases of consumer items Employee and vendor with same: Name Address Phone number Bank account number Vendor address is a mail drop Payment without invoice Vendor master changes for brief periods
19 Examples of fraud tests for Procurement Cards Purchases of consumer items Suspect vendors Prohibited merchant codes Transactions made on weekends or holidays Split transactions (multiple items under threshold) Duplicate purchases (same item multiple employees)
20 Examples of fraud tests for Order to Cash Unusually high sales discounts Unusually high credit terms or limits Frequent credit memos to the same customer Shipments where employee address matches the ship address
21 Examples of fraud tests for Payroll /HR Terminated employees still on payroll Multiple employees with same address Unusually high O/T amounts and rates Invalid SSNs Unusually high commissions
22 Examples of fraud tests More information on fraud tests by business process and industry is available on www.acl.com Other resources include: TBD
23 Best Practices for Integrated Fraud Detection An integrated approach for technology in Audit, Risk, and Control Technology and data analysis as an integral part of risk and control strategy, including fraud detection Risk and controls management systems in place CA and CM in operation Risk and controls management systems integrate with fraud detection objectives and audit risk assessment and planning Data Driven Risk Management Data Driven Fraud Detection
Some Real World Case Studies 24 Los Angeles Unified School District Belmont Learning Center Data analysis use resulted in the identification of fraud and abuse in excess of $70 million Fictitious vendors Duplicate payments Overbilling No competitive bidding Policy violations Exceeding purchasing limits Improper coding
Some Real World Case Studies 25 U.S. government agency $6.5 billion in annual procurement card purchases Situation Millions of transactions occur each year Management oversight limited due to large number of direct reports Organization encouraged to spend more using P-cards due to rebate program Bad publicity resulted in more oversight from Congress
Some Real World Case Studies 26 U.S. government agency $6.5 billion in annual procurement card purchases Approach Used data analysis to monitor 12 million transactions 38 indicators of inappropriate transactions established and compared to actual data Data from disparate sources integrated including employee listings, authorizations, merchant restrictions, credit limits
Some Real World Case Studies 27 U.S. government agency $6.5 billion in annual procurement card purchases Result Identified $38 Million in suspect transactions (13,500 transactions or 0.001%) 2,000 cardholders flagged for further investigation Created timely and cost-effective reporting system to follow-up with vendors and banks in subsequent recovery process
28 For more information John Verver Vice President, Strategy ACL Services John_Verver@acl.com www.acl.com Tel. (604) 646 4230