The Association of Certified Fraud Examiners (ACFE) 2012 Report to the Nations estimates ‘that the typical organization loses 5% of its revenues to fraud each year.’ In many cases, evidence of the fraudulent activity is captured in the online systems and databases that support the business. However existing tools – such as spreadsheets – mean that this web of company systems can be difficult to navigate and analyze effectively.
The ACFE itself has developed its ‘Occupational Fraud and Abuse Classification System’ that identifies over 40 types of fraud schemes that fraudsters use to victimize their companies. Today’s Data Analysis tools are designed for fraud and audit analysis and are used by successful businesses to proactively data mine for evidence of fraud and make a big impact on reducing the company’s fraud risk exposure from both a financial and reputational perspective.
Distribution of Losses
Of the 1,388 individual fraud cases reported to us, 1,379 included information about the total dollar amount lost to the fraud.2 The median loss for all of these cases was $140,000, and more than one-fifth of the cases involved losses of at least $1 million. The overall distribution of losses was notably similar to those observed in our 2010 and 2008 studies.
Source: 2012 Global Fraud Study, Report to the Nations on Occupational Fraud and Abuse, Association of Certified Fraud Examiners 1
USING PEOPLE AND PROCESS WITH TECHNOLOGY
THERE IS NO SILVER BULLET
While there are certain areas in every business that should always be looked at for fraud, there are many others that can impact the types of risk an organization should examine. This makes it difficult to find and fight fraud with a ‘one size fits all’ cookie-cutter solution since most applications and ERPs are customized to the business they support.
Successful implementation requires a clearly defined strategy and commitment to changing the way you and your team think. Operating in a shot-gun fashion or taking an “on the fly” approach will result in less valuable results.
A SMART APPROACH FOR SUCCESS
The first key to success is ensuring that the team is aligned on a clear vision, strategy and plan for using the audit software tool to fight fraud. Don’t set the bar too high as you get started. Set realistic expectations for success. Don’t expect everyone to have the same capabilities.
Task the folks that are more IT savvy with getting and importing the data in IDEA®. Once the data is in the tool, encourage the people that are more analytical to perform the analyses.
You can even use a workshop approach as a team to brainstorm ideas and help build capability across the group.
1. Get the team in a room and display the imported data on an overhead projector.
2. Have the team member(s) responsible for the data import walk the entire team through the data in IDEA® and where it came from.
3. Have the team member(s) responsible for data analysis in IDEA walk the team through the menu toolbars and some very basic tests to show how the software works.
4. Encourage the team to come up with ideas for tests that should be performed on the data.
5. Have different people (without much experience) try to run those tests on the overhead so everyone can participate and provide input.
6. Based on the results of the tests, assign follow-up tasks to individuals on the team and meet again to discuss results of follow-ups and/or any additional work that may need to be performed.
When considering which data you want to focus on and analyze, a simple process is usually the best approach.
Here is an example of a simple three-step approach that can be successfully applied to any business or industry:
1. Identify which processes or areas in the business could have the highest risk of fraud
2. Select a high risk process or area to evaluate and identify how fraud could occur in the particular process/area:
3. Determine what the fraudulent activity would look like in the data in order to determine what data is needed and what data analyses to perform
EASY TO RUN ANALYSIS FOR FRAUD DETECTION
People that have championed the implementation and use of audit software tools like IDEA to fight fraud know the incredible value of being able to convert raw data into business information from disparate sources.
They know about the power of analyzing complete populations of data to reveal the needles in the haystack. They also know that their implementation was successful because of their dedication to setting their team up for success.
Built-in routines and easy to use interfaces make fraud detection analysis easy with IDEA. Regardless of the business or industry that you are in, there are some simple common sense analysis routines that you can use to begin to look for evidence of fraud. Below are some examples in the areas of accounts payable, payroll and journal entries.
Many companies fall victim to fraudulent vendor schemes. These are schemes where an employee of the company is able to establish a fraudulent vendor in the system and then submit fraudulent invoices that get paid. The master data for the vendor may contain indicators of the fraud. Here are some analytics that can help point to suspicious vendors:
Use DUPLICATE KEY DETECTION to identify different vendors with the same information as another vendor such as:
Use DUPLICATE KEY DETECTION to identify vendors that have the same information as an employee of the company such as:
Use SORT in ASCENDING ORDER to display the vendor list in alphabetical order and look for:
Transactional analysis can also help point to suspicious activity:
Use GAP DETECTION on vendor invoice numbers to identify vendors that that have sequential or close to sequential invoice numbers
Drill down into transactions using the DATE and/or TIME FIELD STATISTICS to look at transactions posted on weekends, at night or any period outside normal business hours
Use SUMMARIZATION on ‘invoice amount’ by ‘vendor’ and SORT in DESCENDING ORDER to look for vendors that have an unusual volume of invoices that contain rounded amounts or amounts with repetitive ending patterns such as .99.
Complex data analysis of the entire population of accounts payable transactions can be done easily:
BENFORD’s LAW can be used to identify unusual patterns in the frequency of distribution of digits in a field such as ‘invoice amount’
The APPEND function can be used to aggregate transactions from the Accounts Payable system with transactions from the Travel and Expense and P-Card systems to enable you to look for evidence of duplicate or multiple payments for the same transaction across the systems submitted by the same or different individuals
Practical Use of Data Analysis: Case Study
Fraud Specialists, The Fraud and Risk and Advisory Group, were hired by a Global 500 retailer to investigate why credit card chargebacks in their e-commerce business were increasing at an alarming rate. The activity was becoming frustrating to manage and costly for the business. They needed to find a way to slow it down to the extent possible.
Upon initial review, it appeared that a majority of the chargebacks were identified by the credit card companies, as being fraudulent transactions. Using IDEA, The Fraud and Risk Advisory Group analyzed the entire transaction population of chargebacks over a 12 month period and found that there were common elements in the data that indicated that most of the fraudulent activity was somehow connected. Simple summarization analyses of the originating IP Addresses revealed that the fraudulent transactions were originating from the same individual or group of individuals. Duplicate key detections on billing addresses, shipping addresses, telephone numbers, emails addresses and fuzzy matching on names further supported the linkages in the transactional activity.
Once the connection patterns were identified, The Fraud and Risk Advisory Group used IDEA to look at the transactional activity that had not yet been evaluated by the credit card companies for chargebacks. With a high degree of precision, they were able to predict which existing transactions were likely to result in additional chargebacks.
The Fraud and Risk Advisory Group evaluated the company’s existing fraud screening methods and helped to develop a more robust set of upfront screening processes including a transactional fraud scoring model to improve the business’ ability to spot the activity before the order was shipped. As a result, chargeback rates reduced significantly. They were reduced to levels below the normal rates they were experiencing before they noticed the increase in the fraudulent activity.
There are many ways that a fraudster can victimize a company through its payroll system. Here are some analyses that can help identify evidence of some of the more common schemes:
Ghost Employee schemes occur when an employee gets someone added to the payroll that either doesn’t exist or simply doesn’t work for the company. The employee or their friend or family member is the one who receives the fraudulent payroll. Here are some easy ways to catch a potential ghost:
Use DUPLICATE KEY DETECTION to identify employees that have the same:
Use SORT in ASCENDING ORDER on each of the employee identification fields such as telephone number, date of birth, emergency contact, etc. to identify employees that are missing the type of information that a valid employee would have
Use SORT in ASCENDING ORDER on each of the ‘taxes’ and ‘voluntary deduction’ fields such as insurance, 401k, etc. to identify employees that have no deductions for the types of things that a legitimate employee would have
Identify employees that have never received a raise or salary adjustment by drilling down into the # of ZERO ITEMS in the DATE FIELD STATISTICS for the field that contains the date of the last pay raise or salary adjustment 5
I FOUND A FRAUD, NOW WHAT?
It is important to remember that not everything that looks like a fraud is a fraud. Audit software tools like IDEA can help you isolate and identify data that has a potential indicator or pattern of fraud, but you should corroborate the data with other things such as hard copy or electronic back up documents. Company investigative protocols can be helpful in determining how to proceed once a potential fraud is identified.
Fraudulent Pay Raise or Salary Adjustment schemes occur when an employee gets an unauthorized pay raise processed for him or herself and/or another individual. These can be detected by:
Identifying the ‘pay raise’ and/ or ‘salary adjustment’ transaction codes and creating an EXTRACTION of those transactions then use the SUMMARIZATION function on the extracted file to summarize on ‘employee’ and ‘amount’ then SORT in DESCENDING ORDER on the ‘NO_OF_RECS’ field that get created to identify `those that have a higher rate of activity than others in the population
Use the KEY VALUE EXTRACTION on the field that contains a ‘salary grade’ or ‘level’ to create separate files for each salary grade or level then you can:
Fraudulent journal entries can be used to manipulate company performance for many reasons such as making the company look better to investors, meeting or exceeding targets for bonuses, etc. Fraudsters can also use them in an attempt to cover the tracks of their main fraud scheme. Many IDEA functions can be used to run simple and more complex analyses of the transactional data to identify potential fraud. Here are some ideas for data analyses that will help point you in the direction of unusual activity – look for:
The timely detection of fraud directly impacts the bottom line, reducing losses and reputational risk for an organization. Data analysis tools, when integrated with the strengths of an organization’s fraud and audit teams, can reap tremendous benefits in the proactive fight against fraud. With the bounty of regulatory and compliance demands instituted over the past decade, the internal controls debate is over it is no longer a question if an organization should implement a complete fraud detection and prevention program, but rather how quickly that program can be put into place.
APPENDIX (COMMON DATA ANALYSIS TASKS)
TASK & DESCRIPTION