moving beyond ap and payroll with data analytics · moving beyond ap and payroll with data...
TRANSCRIPT
Accounts PayablePayrollGeneral LedgerAccounts PayablePayrollGeneral LedgerAccounts PayablePayrollGeneral LedgerAccounts PayablePayrollGeneral LedgerAccounts PayablePayroll
Active Directory• Analyze active directory group membership changes• Analyze folder permissions by active directory groups• Identify inactive active directory accounts• Monitor changes to high risk groups such as Domain
Admin• Compare with HR data to identify users with
inappropriate permissionsApplication Security• Compare HR data termination date with last login
date by user account• Identify stale accounts by last login date over a
specified threshold• Identify patters of failed login attempts to high risk
users (Admin, CFO, AP Manager)
Mergers & Acquisitions
• Company “rules”• Accounting principals• Compliance and regulatory requirements
• SOX requirements
Monitoring COBIT 4.1
DS 5.5 ‐ Security Testing, Surveillance and Monitoring
Example Control Objectives:• Servers are monitored• IT monitors servers• Server violations are investigated
Monthly Risk Assessment
• Risk Red Flags• Transactional Attributes• Fraud Red Flags• Trends & Patterns• Budget to Actual
Monthly Risk AssessmentData Scorecard• Monthly risk scorecard for all retail locations• Outliers – outside of established parameters in RED
Why Visualization?
65% % of the population that are visual learners
% of information processed by the brain that is visual.
60,000 X How much faster thebrain processes visual information than text
90%
Visualization Will Help YouCommunicate Success
$‐ $1,000.00 $2,000.00 $3,000.00 $4,000.00 $5,000.00 $6,000.00 $7,000.00
Hotline
Employee Complaint
Customer Complaint
Inventory
IDEA
Average Cost Per Fraud
Fraud $ By Identification Tool
0
2
4
6
03/14 04/14 05/14 06/14 07/14 08/14 09/14 10/14 11/14 12/14 01/15 02/15
# of Terminations
Visualization Can Make the Complex…Country Favorable Unfavorable Undecided or neutral
Argentina 36% 44% 20%Bangladesh 76% 22% 2%
Brazil 65% 27% 8%Chile 72% 19% 9%China 50% 43% 7%
Colombia 64% 22% 14%Egypt 10% 85% 5%
El Salvador 80% 15% 5%France 75% 25% 0%
Germany 51% 47% 2%Ghana 77% 9% 14%Greece 34% 63% 3%India 55% 16% 29%
Indonesia 59% 33% 8%Israel 84% 16% 0%Italy 78% 18% 4%Japan 66% 30% 4%Jordan 12% 85% 3%Kenya 80% 12% 8%
~http://www.perceptualedge.com/example8.php
Simple and… Instantly Understood
ARGENTINA
BANGLADESH
BRAZIL
CHILE
CHINA
COLOMBIA
EGYPT
EL SALVADOR
FRANCE
GERMANY
GHANA
GREECE
INDIA
INDONESIA
ISRAEL
ITALY
JAPAN
JORDAN
KENYA
GLOBAL VIEW OF USFavorable Unfavorable Undecided or neutral
SOX Testing
• Repetitive use scripts• Significant reduction in testing time• 100% population for year‐end and/or interim testing• Automation of SOX Testing including integration of analytics testing and workpapers
And who doesn’t want that?
SOX Testing to Automate
IT• Terminated Users• Segregation of Duties (SOD)• Backups / Recovery• Physical Access• Database Access• Security Monitoring• Help Desk Tickets
Operational• Non‐Standard Journal Entries• Account Reconciliation• A/R• A/P• Payroll• Accounting Close Process
3 Fraud Examples
• Incentives Fraud (coupons)• Off Hours Transactions• Financial Statement Manipulation
Incentive Fraud
Fraud
• $25 Coupon• $30k in fraud in 3 weeks• 33 people terminated
Data Analytic Detection
• Excessive voids• Excessive re‐rings• Time per transaction
Off Hours Transactions
• Transactions occurring before or after normal working hours.• Unusual times and/or days.• Retail – store hours• GL transactions• …even expenses
Financial Statement Manipulation
• Company subsidiary ‐ operated like a startup• Declining business • Significant financial incentives for meeting targets• Loans were “rolled forward” to make them appear current
• Resulting in the appearance of • healthy loan balance • significantly lower bad debt
And…
• Anti‐money Laundering (AML)• Foreign Corrupt Practices Act (FCPA)• Inventory • Ratios for Financial Statements• Continuous Fraud Auditing
Thank You
Keith BarberDirector, Business Analytics Insight(877) 332‐[email protected]://www.empoweraudit.com/