Better Business Through Data Analysis & Monitoring My Account

The High Cost of Fraud

Tips for Testing Common Schemes Using IDEA

Fraud costs are on the rise…again. More than 23% of occupational fraud cases resulted in a loss of at least $1 million. When owners or executives committed fraud, the median damage was more than 10 times worse than when employees were the perpetrators. 1

Most frauds are detected through tips, rather than internal or external auditors. There is probably a good explanation for that, considering expanding data volumes and the complexity of information that needs to be analyzed. Regardless, there is little tolerance when errors and fraud go undetected.

Using the right tools and knowing where to look are critical. Relevant information resides in financial files within the organization. The larger and more detailed the data files are, the more useful data analysis becomes.

The median loss from a single occupational fraud in the U.S. is $120,000.
Source: Association of Certified Fraud Examiners (ACFE)
2016 Report to the Nations

IDEA 10 has some built-in features to help sift through vast amounts of data to uncover anomalies and outliers that may indicate fraud. If you haven’t upgraded to IDEA 10, you are missing out on some key audit intelligence features that are now available including:

Discover – Identifies trends, patterns and outliers, and creates a dashboard to further refine the data based on your specific needs

Visualize – Helps interpret and monitor data trends in a single or multiple databases

The visualization of the data is key for those that aren’t in the IT world and may not understand how databases are set up. Numbers don’t speak to them as they do to others. Seeing things visually is invaluable.
Aaron Boor, CISA, IT Audit & Project Automation Manager, Donegal Insurance Group

Advanced Fuzzy Duplicate – Identifies multiple similar records using up to 3 character fields, then groups them based on the degree of similarity to detect data entry errors, multiple data conventions for recording information and fraud

Fraud Risk Assessment Steps

  1. Build a profile of potential frauds to be tested
  2. Analyze data for possible indicators of fraud
  3. Automate the detection process through continuous
    auditing/monitoring of high-risk business functions to improve controls
  4. Investigate and drill down into emerging patterns
  5. Expand scope and repeat as necessary
  6. Report

Start where the fraudsters start – where the money is. Here are some key areas and analytics to use to identify commonly-used fraud schemes:

Payroll Fraud Schemes
While most payroll frauds are found by accident, data analysis can be used on a regular basis to analyze payments and search for outliers simply by matching payments to the payroll master file. Often fictitious or “ghost” employees are set up on a salary system to receive automatic payments.

Data to Gather:

  • Payroll master file with cumulative totals and static data
  • Monthly transactions file
  • Employee data including Social Security numbers, address, employee number

Data Analysis Tests to Perform:

  • Test for duplicate employees on the entire payroll file (appending or joining payroll files if necessary) using the employees’ SSNs as a unique employee identifier
  • Check for duplicate bank accounts [Note: False positives may include family accounts where more than one family member is employed by the organization]
  • Identify employee accounts with excessive credit memos, or large deposits
  • Match master information from the payroll file with the organization’s personnel file to determine whether there are “ghost” employees on the payroll
  • Compare the payroll file using two dates (beginning and end of the month) to determine whether new hires and terminations are represented as expected, and if any employees have received unusually large salary increases
  • View employee salaries by minimum and maximum by position and/or level. Also test allowances by position and level
  • Check for excessive overtime and allowance claims
  • Compare holidays/vacation and sick leave against limits by position/level
  • Match termination dates against the final few paychecks – look for scheme where extra checks were issued and diverted to the clerk’s account

Purchase Frauds
Purchase frauds are prevalent, mainly because there are so many ways a potential fraudster can work the system to their advantage. Dummy invoices, reuse of valid invoices and withholding of credit notes are just a few examples of purchasing frauds. Many frauds involve the manipulation of the payments information on personal accounts within the AP system. Examples of this include:

  • Creation of a fictitious supplier in the general ledger
  • Creation of a fictitious branch within a genuine supplier
  • Reactivating a dormant account

Miscellaneous accounts are particularly vulnerable, and don’t overlook frauds perpetuated on a genuine suppliers account without their knowledge. Accounts with high levels of transactions are susceptible to fraud because fictitious items can easily be buried.

Data to Gather:

Complex purchasing systems with automatic reordering capabilities are also a target. Once a supplier has been set up, or a requisition is input, payments are processed automatically. IDEA can be used on multiple files to test for fraud including

  • Supplier master
  • Purchase ledger
  • Payments history
  • Purchase invoices

Supplier Master File

  • Using the first 5-6 characters of the name, match supplier names against a list of employee surnames from the payroll or personnel file
  • Test for accounts without VAT numbers or duplicate VAT numbers
  • Examine purchase ledger transactions for entries at or just below the management approval level – if the system finds the approving authority for a transaction, examine the value distribution for each manager
  • Test to see if amounts are being approved just above or below break points in authority level by a value distribution across the whole ledger
  • Search for split invoices to enable approvals by an individual
  • Extract all invoices within 90% of an approved limit and search for all invoices from that supplier. Next, sort by approving manager, department, and date to identify possible split invoices or summarize payments by invoice number to determine how many partial payments have been made for each invoice.
  • Test for duplicate invoices using value and supplier codes as key fields for one test, and purchase order number for another. The 2nd processing of invoices can be used to establish a value on the purchase ledger to make a fraudulent payment.

Invoices

  • Compare employee home addresses, SSNs, telephone numbers and bank routing/account numbers to the vendor master file
  • Identify invoices without a valid purchase order or from unapproved vendors
  • Find invoices with more than one purchase order authorization
  • Identify multiple invoices with the same item description
  • Extract vendors with duplicate invoice numbers
  • Find invoice payments issued on non-business days, such as weekends or holidays
  • Identify multiple invoices just under approval cut-off levels

Payments

  • Search the payments file for payees without “Inc”, “LLC” and LTD” in their names to identify payments to individuals
  • Stratify the size of payments to extract any exceptionally high payments
  • If payments are made by electronic transfers, extract lists of bank codes and account numbers from both the P/L payments files and the payroll – compare to see if any accounts match
  • Compare voucher or invoices posted against purchase order amounts

Many of these tests can be automated, and if you need assistance with creating a script, contact us at services@audimation.com. We also welcome your questions and provide live, step-by-step assistance at no cost to supported IDEA users – simply contact the IDEA Help Desk at 888.641.2800 and select option 4 or email us at helpdesk@audimation.com.

Source:1 2016 Global Fraud Study, Report to the Nations on Occupational Fraud and Abuse, Association of Certified Fraud Examiners

Print

Number of views (3045)/Comments (0)

Brad Newman

Brad Newman

Other posts by Brad Newman
Contact author

Please login or register to post comments.

Name:
Email:
Subject:
Message:
x
Global Chemical Company Automates Risks Identification with CaseWare IDEA
14 September 2018

Global Chemical Company Automates Risks Identification with CaseWare IDEA

Global corporation used IDEA to standardize & develop an automated process to comply with anti-corruption policy.

Read More

Telecommunications Provider Turns Two Days of Work Into 20 Minutes with CaseWare IDEA®
14 September 2018

Telecommunications Provider Turns Two Days of Work Into 20 Minutes with CaseWare IDEA®

Auditors Analyzing Hundreds of Millions of Records to Track Buying and Usage Patterns

One of the world’s largest telecom companies' internal audit team leverages tech to analyze trends, tendencies & patterns within customer & financial data.

Read More

Exploring IDEA's Built-In Power of Python
20 August 2018

Exploring IDEA's Built-In Power of Python

IDEA Tech Tip

With the release of version 10.3, IDEA created a buzz with its implementation of the Python scripting language, thereby taking a huge step towards having a more robust coding environment.

Read More

Sharing IDEA Data Using IDEA's ODBC Driver
18 July 2018

Sharing IDEA Data Using IDEA's ODBC Driver

IDEA Tech Tip

Read More

Oncor Achieves Operational Efficiencies with CaseWare IDEA
25 June 2018

Oncor Achieves Operational Efficiencies with CaseWare IDEA

Oncor's internal audit team needed to acquire years of data from different environments and formats to help improve processes and efficiency levels.

Read More

Analyzing the Past to Predict the Future with Trend Analysis
18 June 2018

Analyzing the Past to Predict the Future with Trend Analysis

In business, predicting the future is never an easy task. But IDEA can help as long as you have the right data, and Trend Analysis can help.

Read More

2018 IDEA® User of Excellence Award Winner Selected
15 June 2018

2018 IDEA® User of Excellence Award Winner Selected

Jennifer Girard, CIDA with American Red Cross Recognized for Exceptional Use of Data Analytics

Jennifer Girard, Sr Auditor with the American Red Cross is the recipient of the 2018 US IDEA UoE Award. She utilized IDEA to assist Finance Department during a natural disaster.

Read More

The Rules of Nature and Audit
6 June 2018

The Rules of Nature and Audit

What’s missing is often as important as what’s present. The rules of nature apply very well to audit if you consider, “Everyone knows it, but do you test for it?”

Read More

Using IDEA to Import QuickBooks General Ledger Data
4 June 2018

Using IDEA to Import QuickBooks General Ledger Data

The General Ledger is typically the starting point to an expanse of detailed information, see a step-by-step guide on how to get a readable version in idea.

Read More

New Features in IDEA 10.3 Part II
10 May 2018

New Features in IDEA 10.3 Part II

IDEA Tech Tip

In a recent article, we introduced the improvements to Stratified Random Samples and Python integration added in IDEA 10.3. But that’s just a small part...

Read More

Cargo Company Swaps Programming-Intensive Data Analytics Software for CaseWare IDEA
10 May 2018

Cargo Company Swaps Programming-Intensive Data Analytics Software for CaseWare IDEA

Auditors Achieve More Success in First Year with IDEA Than 5+ Years with Other Tool

With the entire audit team up and running using data analytics, they are finding new ways to integrate IDEA into other areas of the business and automate repeatable processes.

Read More

Maximizing Your Environment - Global Variables
8 May 2018

Maximizing Your Environment - Global Variables

Consider scope to be a building in which people work. The tools required to accomplish their tasks will of course be housed in that building, but in scripting it’s important to determine which tools need to be shared among the buildings.

Read More

Tips on Acquiring Data
8 May 2018

Tips on Acquiring Data

An IDEA User Shares Frequent Practices

When working with rows and columns of data to spot suspicious behaviors, fraud and errors can look very similar to one another. While Yeriazarian often uses Excel as an interim format for data, he also understands there are several avenues to navigate before getting the right data.

Read More

Identifying Churn in AR
19 April 2018

Identifying Churn in AR

IDEA Tech Tip

Customer churn (customer attrition, turnover, or defection) is when a customer decides to stop engagement with your company. IDEA can help easily identify “churn” in accounts receivable by following these steps...

Read More

RSS