X
Icon


Blog Image

The Quest for Compliance


Tips for Using IDEA for FCPA

Just before 2019 came to a close, Stockholm-based Ericsson begrudgingly made it onto the Foreign Corrupt Practices Act (FCPA) top ten list with a $1.06 billion mega-settlement. Oddly enough, Sweden ranks as one of the world’s cleanest countries according to the Corruption Perceptions Index (CPI). A country’s rank is not always a perfect indicator of how they conduct business overseas, but it’s certainly a good starting point.

While the FCPA has been around for more than 40 years, enforcement has tightened in the last decade. The availability of electronic data and advancements in data analytics are shrinking the dark corners where companies who engage in bribery, corruption or other violations can no longer hide.

Many countries have passed new legislation in recent years to hold companies responsible for failing to prevent bribery committed on their behalf by employees, agents or subsidiaries. Recent FCPA judgments indicate that having proactive and detective procedures in place may mitigate penalties.

Data analysis is playing a significant role in helping companies stay compliant with these laws and regulations. Government watch groups, including long-time CaseWare IDEA® users within the federal government, now have the technology to keep their eye just as closely on the “little guys” doing business abroad as they do the “giants.” Here are a few tips and resources for using IDEA to ensure your company doesn’t make the list of non-compliant companies:

 

Are You Doing Business with High-Risk Countries?

 

Technology advancements have made the world smaller and more accessible. It’s difficult to know where the risks lie when conducting business on a global scale.

Transparency International publishes a Corruption Perceptions Index (CPI), which ranks 180 countries and territories by their perceived levels of public sector corruption. Using a scale of 0 to 100, where 0 is highly corrupt and 100 is considered a non-threat, you can focus your efforts on areas with the highest levels of perceived risk for corruption.

More than 2/3 of countries score below 50 in the 2018 index, with an average score of just 43.

You can easily download the data from the CPI into Excel, then upload it into IDEA to:

  • Search for payments to vendors in high risk countries
  • Identify countries in which you do business which have significant changes in risk profile
  • Use the CPI Index as part of a High-Risk Country Risk assessment

 

Analyzing Payment Data

 

  • Duplicate Testing including Same vendor name and payment amount, but a different invoice number. Often times, this will include instances where regular payments were made to the same vendor, for example, reoccurring phone bills. Over time, you can exclude these from your testing parameters.
  • Analyzing payments made to consultants or to government related accounts
  • Payments made to or from an offshore bank account
  • Payments to new vendors, with no prior relationship
  • Compare vendors to the prohibited vendors list provided by the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC)

Also look for:

  • Expense totals just under the review threshold or authorization limits
  • Payments made directly from a bank
  • One-off payments to vendors, including one-time annual payments
  • Manual payments
  • Round-dollar payments and invoices
  • Sequential invoices

 

Compliance-Sensitive Words

 

IDEA allows you to perform keyword searches to analyze text fields within transactions and invoices or other payment details including:

  • Credit cards
  • Invoices
  • Emails
  • Expense reports
  • P-cards

Within the payment description or notes, look for words that may indicate fraud such as: “facilitation,” “consulting” “cash,” “gifts,” or the catch-all, “NULL” or “N/A.” Blank descriptions are also red flags.

Quick Tip: Use @similarword, which measures the similarity between two strings. For example, when looking for all cash transactions across millions of rows, it will identify any transactions containing the word “cash” or any variation, such as “cash payment.”

These Audimated Apps will save you hours of effort when searching for words or creating a list for frequency detection:

Looping Search – Search in 1, 2, or 3 fields using words or wildcard fragments contained in a second file.

Work List Maker – Search for frequently-used words in a selected field by creating a unique list.

 

Lost in Translation?

 

When working with transactions in foreign languages, you can download a Unicode version of IDEA, which recognizes foreign languages.

You can also use Google Translate to convert a list of keywords or information from a PDF, then use @isini to search for the occurrence of a specified character string (of any case) in a character field or date field. If appending a field and the string is found, it returns the starting position of the specified character string; otherwise, a 0 is returned.

 

Detecting Duplicates

 

Most ERP systems will not allow the same vendor, invoice number and payment to be entered without an error message. A quick workaround, whether intentionally deceitful or not, is to add a space or character (punctuation marks, underscore, etc.) to bypass this control.

@strip removes all spaces, punctuation and special characters from a text field leaving a string of characters and numbers. For example, a field that looks like: “-109A B,V=$%” would be yield: “109ABV.”

The @strip function is also helpful when testing vendor addresses.

One of the largest engineering and construction firms in the world with $10B in revenue and 40,000+ global employees uses IDEA to analyze projects to ensure contract specifications are met and to assure FCPA compliance. Within their first few years of using IDEA they:

  • Avoided over $500k annually in duplicate payments
  • Saved over 300 hours per year of audit time
  • Detected $40k in fraudulent travel expenses

 

Spending Trends

 

IDEA can be used profile travel and entertainment transactions to search for:

  • Instances where employees are reimbursed through both T&E and AP to cover bribes.
  • Search expense descriptions for high-risk words (e.g., gifts)
  • Focus on sales agents and ex-patriots
  • Look for conflict of interest schemes between employees and government entities using the vendor master file to compare address names, phone numbers and tax ID using:

@justletters – Returns characters, spaces and special characters from the character string or field by removing any numbers

@justnumbers – Returns only the numbers from the specified charter string or field

“IDEA has simplified the work we do to help clients check compliance and identify exposures relating to the Foreign Corrupt Practices Act. For instance, at the beginning of an investigation, we are provided with a variety of general ledger information, which we then test to produce a subset of transactions and request documentary evidence. The tests we conducted included looking for round amounts, zero dollar invoices, duplicate invoice numbers, invoices paid with checks where the check date is before the invoice date, employees with the same address as vendors and many others. IDEA performs all these tasks with ease, and in many cases, has preprogrammed functions (such as detecting duplicates) that allow the test to be run in a single step. IDEA is also helpful in completing SAS99 work (consideration of fraud), which involves running similar tests to those used for FCPA purposes.”

– IDEA User and Certified Fraud Examiner

Even the most robust FCPA compliance program is not a 100% defense against rogue employees. There will always be those who believe, “good compliance means not getting caught.” Data analytics is a great way to demonstrate proactive monitoring of transactions for corruption. With the fines now reaching the billion-dollar mark, it’s certainly worth the effort.

Facing an FCPA challenge? Let our experts guide you in applying data analytics to meet FCPA compliance requirements with our co-sourced professional services. Or, we can run the analytics on your data with our full-service outsourced option. Contact [email protected] to get started.


Best Practices , CaseWare IDEA , Data Analytics



Posted By

By Sarah Palombo
Sarah Palombo founded Avery Public Relations in 2007 and took on Audimation Services as her first client. She has more than 20 years of experience developing communications programs and creating content.


Related Posts
Even the Lone Ranger Didn’t Ride Alone
Jul 20 Have you ever heard the expression, "It’s not what you know but who you know"? The workplace of today is far different than it was even a few ye...
Improving Critical Thinking Through Data Analysis
Jul 27 Originally published in the June 2017 issue of Strategic Finance. Written by Kurt Reding, Wichita State University, & Carolyn Newman, Audimation Services ...
Tech Issues: Data Analytics Locks in Relevance
Nov 11 As a CPA, you’ve always been the one who can pick the relevant data out of an array of long columns and rows. These days, however, the amount of data collecte...
BROWSER NOT SUPPORTED

This website has been designed for modern browsers. Please update. Update my browser now

×