uncovering fraud in key financial accounts using data analysis

Copyright © 2013 FraudResourceNet™ LLC

Uncovering Fraud in Key Financial Accounts using Data Analysis

November 12, 2013

Special Guest Presenter:

Don Sparks, CIA, CISA, CRMAVice President, Audimation Services IncPartner with CaseWare IDEA


About Peter Goldmann, MSc., CFE

President and Founder of White Collar Crime 101Publisher of White-Collar Crime

FighterDeveloper of FraudAware® Anti-

Fraud Training Monthly Columnist, The Fraud Examiner, ACFE Newsletter

Member of Editorial Advisory Board, ACFE

Author of “Fraud in the Markets”Explains how fraud fueled the financial crisis.


About Jim Kaplan, MSc, CIA, CFE

President and Founder of AuditNet®, the global resource for auditors (now available on Apple and Android devices)

Auditor, Web Site Guru,

Internet for Auditors Pioneer

Recipient of the IIA’s 2007 Bradford Cadmus Memorial Award.

Author of “The Auditor’s Guide to Internet Resources” 2nd Edition


CIA, CISA, CRMA, ARM

Vice President Industry Relations -Audimation Services, Inc.

24-years property/casualty insurance internal audit experience (12 as CAE)

ISACA Central Florida Board NAIC IT Working Papers Committee 6-years The IIA – eLearning: GAIN,

Flash Surveys, & Role of Audit in SOX 2002 monthly 2 hour web broadcasts

Co-Author of GTAG 13 & GTAG 16 June 2011, Creator & Programmer

Auditchannel.tv Don Sparks


Webinar Housekeeping

This webinar and its material are the property of AuditNet® and FraudAware®. Unauthorized usage or recording of this webinar or any of its material is strictly forbidden. We will be recording the webinar and you will be provided access to that recording within 5 business days after the webinar. Downloading or otherwise duplicating the webinar recording is expressly prohibited.

Webinar will be recorded and will be made available as soon as possible.

Please complete the evaluation to help us continuously improve our Webinars.

You must answer the polling questions to qualify for CPE per NASBA.

Submit questions via the chat box on your screen and we will answer them either during or at the conclusion.

If GTW stops working you may need to close and restart. You can always dial in and listen and follow along with the handout.


Disclaimers

The views expressed by the presenters do not necessarily represent the views, positions, or opinions of FraudResourceNet LLC (FRN) or the presenters’ respective organizations. These materials, and the oral presentation accompanying them, are for educational purposes only and do not constitute accounting or legal advice or create an accountant-client relationship.

While FRN makes every effort to ensure information is accurate and complete, FRN makes no representations, guarantees, or warranties as to the accuracy or completeness of the information provided via this presentation. FRN specifically disclaims all liability for any claims or damages that may result from the information contained in this presentation, including any websites maintained by third parties and linked to the FRN website. Any mention of commercial products is for information only; it does not imply recommendation or endorsement by FraudResourceNet LLC.

5


Today’s Agenda

The auditor’s role in detecting and preventing fraud Drilling into financial & operational data to look for

red flags of fraud [procurement/AR/disbursements/ operations/inventory/etc.]

Which business processes/procedures lend themselves best to data analysis for fraud

Preparing for a transaction‐level data analysis test

Gathering the data you need to do a fraud analysis

How to reduce false positives


The Auditor’s Role

IPPF Standard 1210.A3 Internal auditors must have sufficient knowledge of…available technology based audit techniques to perform their assigned work


IIA Guidance – GTAG 13

Internal auditors require appropriate skills and should use available technological tools to help them maintain a successful fraud management program that covers prevention, detection, and investigation. As such, all audit professionals — not just IT audit specialists — are expected to be increasingly proficient in areas such as data analysis and the use of technology to help them meet the demands of the job.


Professional Guidance


Do Patterns in Data Mean Anything

Statistics students are asked to perform a simple task. Create a matrix of heads and tails by recording the results of 200 coin flips. The professor reviews the results and easily identifies the students that just made up the results without flipping a coin. How did he know?


Expectations

Are you LOOKING for fraud?

Never going to eliminate Fraud

Hope it never happens is ok, but a prudent auditor will plan for being involved in fraud issues:

Awareness of Red Flags (IPPF)

Consider professional CAATTs (IPPF)

Continuously improve internal control’s

Develop work a-rounds for false positives

COSO provides an excellent framework


Largest Fraud

You can read about the biggest fraud I detected as an internal auditor in the June 2012 Internal Auditor magazine. There were no tips or red flags and I had worked at this company for 10 years. The fraud scheme was simple, saving credit balances on canceled insurance accounts in accounts receivable, an area I assumed the external auditors covered thoroughly.


Polling Question 1

Most auditors will never detect fraud in the organization of employmentin their lifetime:

A. TrueB. False


ACFE 2012 Report

Occupational Fraud and Abuse: Compiled from 1,388 cases From Jan. 2010 - Dec. 2011 By CFEs investigating those cases Cases from 94 nations

“most striking about the data gathered is how consistent the patterns of fraud are around the globe and over time”


Proactive Anti‐Fraud Program


Source: July 2011 ISACA

Creating a Continuous Auditing Application


Why Internal Auditing Matters


Audit Life Cycle


Start with the Audit Program

No two audits are alike; customize to fit the audit objective and the client

Audit TestActivity

Occurance/existance

Accuracy/valuation

Completeness Cutoff Classify Disclosure

Inspection

Observation

Reconciliation

Data Analysis

Interview

Tracing

Vouching


Polling Question 2

In the ISACA white paper titled Data Analytics –A Practical Approach which of the following phases is not included in the maturity model?

1. Ad Hoc Analysis2. Data Cleansing3. Repeatable4. Consistent5. Continuous Auditing


Data Analysis Process


Data Analysis Top Challenges

CFO 2012


Governance – Data Access


Rules for Auditors to Follow

Work on a COPY of Clients data

Document all actions taken with data

Audit tests repeatable with same results

Do not make changes to client data

Maintain custody & security of data

Properly store and destroy data


What is a “Red Flag”

Understanding symptoms of fraud is the key to detecting fraud. A symptom of fraud may be defined as a condition which is directly attributable to dishonest or fraudulent activity. It may result from the fraud itself or from the attempt to conceal the fraud.

Internal Auditor – June 2012


Polling Question 3

The most common means of detecting fraud according to the 2012 ACFE Report to theNations is:

A. Internal AuditorsB. External AuditorsC. By accidentD. Notified by policeE. Tips


Where to Look

Read the local newspaper, trade magazines, web blogs, etc. Could it happen here?


Where to Look – “Tips”

Is your “door” open?

“Squirrel” File NotebookACFE RTTN


Where to Look

ACFE RTTN


Where to Look

ACFE RTTN


Understand what Fraud looks like in your organization

ACFE RTTN


Obvious Signals – Red Flags

Transactions that are odd as to:Time of day, week, month, year, or season

Frequency (many, few), Places (far, near, or "Far out"), Amount (high, low, consistent, alike, different), Parties or personalities (related parties, oddball personalities, strange and estranged relationships, management performing clerical functions)

Internal controls that are not enforced or too often compromised by higher authorities


Request - Use Existing Tools


Indicate Appropriate System(s)


Complete Form


Data Reconciliation Principles

Once the data has been obtained it must be read into your data analysis tool. Before commencing testing, it is important the data is reconciled back to the "client’s" system. Potential errors are:

Requesting the wrong data

Being supplied with the wrong data (and/or wrong time)

Errors on the extraction of data from the host system

Problems when transferring the data to PC or media

Errors when importing the data, etc.


Reducing False Positives

Balancing act – how to be surgical and precise, not a rip-saw

1. Better tuning - Test results to determine the cause and develop an exclusion list of most common false alerts

2. Proactive defense - Prioritize the results to eliminate many false positives (newest date, low dollar amount)

3. Involve the business - The business people may know, carefully involve what they already know in the process


Journal Entry Tests

Nonbalancing JE

Missing JE’s

Unusually large line item entries

JE posted on a specific date, time, or week day


Polling Question 4

Which one of the following is not a critical task asdefined by the IIA Red Book?

1.Achievement of the organization’s strategic objectives2.Reliability & integrity of financial & operational information3.Effectiveness & efficiency of operations & programs4.Fraud Prevention and Detection5.Compliance with laws, regulations, policies, procedures


Additional JE Tests

JE by user id

Summary by account contributions

JE with rounded amounts

JE with amounts that end in 999

JE with specific comments

Summary by account number

JE by posted period and Journal Source

JE by period

Account balances by Journal Source

Account balances by period


Accounts Receivable Tests

Customers Exceeding Credit Limit

Aging of open receivables

Unresolved Credit Balances


Additional AR Tests

Debtors transaction summary

Transactions around a certain date

Duplicate Field Search


Accounts Payable Tests

Duplicate Detection

Aging Function

Determine the pay date from set up date

Employees in Vendor Master File

Travel and Entertainment

False entries in AP


Additional AP Tests

Recurring identical amounts from the same vendor.

Unusual even dollar or high cash disbursement amounts for routine odd dollar or low value purchase.

Multiple remittance addresses for the same vendor.

Vendor addresses not the same as vendor approval application.

Sequential invoice numbers from the same vendor or invoice numbers with an alpha suffix.

Payments to vendor have increased dramatically for no apparent reason.

Invoices without purchase order numbers

Transactions with rounded amounts


Accounts Payable - SOD

Processing of invoice and updates to vendor master files

Check preparation and posting to vendor account

Check preparation and mailing of signed checks

No proper documentation of additions, changes, or deletions to vendor master file

Excessive credit adjustments to a particular vendor and/or credit issued by unauthorized department (credits involving quantities and price)

Systematic pattern of adjustments for goods returned


Inventory Tests

Re-computation of Cost of Items

Isolating Large Inventory Items

Searching for Zero or Negative Unit Costs


Additional Tests Inventory

Aging by receipt date and ending inventory balance

Aging by receipt date and unit cost

Calculate inventory turnover ratio

Inventory location summary

Inventory received around specified dates

Last sales price lower than unit cost

Compare sales price with unit cost

Duplicate field search


Polling Question 5

Which of the following could be a red flag of fraud during journal entry testing?(Either a dishonest act or fraud activity and/or concealment)

1. Numerous Non-balancing JE’s2. Missing JE’s3. Unusually large line item entries posted near the end of a period5. All of the above


Expand Your Reach

You do not need to be a programmer or an expert IT Auditor to make a simple script from work already completed:

Repeatable

Continuous


Conclusion – Some Advice

1. The data is good2. The analysis is correct3. The necessary data is readily available4. The data speaks for itself5. Management will terminate the offender6. Only the perpetrator knew about the scam7. Best practice at one company will work for all8. One “tool” will work in all situations9. Fraud can’t happen in your company10.Know tools, competencies, company, industry!


Questions?

Any Questions?Don’t be Shy!


Thank You!

Website: http://www.fraudresourcenet.com

Jim KaplanFraudResourceNet™

800-385-1625 [email protected]

Peter GoldmannFraudResourceNet™

[email protected]

Don [email protected]

832-327-1877


Coming Up This Month

Fraud Risks Associated with Management Override of Controls November 14 1:00 PM

Using Data Analytics to Detect and Prevent Corporate and P-Card Fraud November 20 11:00 AM

To register and pay go to http://bit.ly/151WI1s

uncovering fraud in key financial accounts using data analysis

Economy & Finance