Presentation
Presentation
Presentation
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Mining for Gold:<br />
Data Mining & the Internal Audit Function<br />
Presenters:<br />
Calvin E. Webb II<br />
Cherie R. Wright<br />
May 22, 2011<br />
Today’s Agenda<br />
• Why Should We Perform Data Analysis?<br />
• Data – It Has Something To Say!<br />
• What the Heck Should We Be Doing Now?<br />
1
• Inform You<br />
Today’s Objectives<br />
• Educate You<br />
• Motivate You<br />
• Scare You into Action / Change<br />
Hopefully We Will Learn …..<br />
“Insanity: doing the same thing over and over<br />
again and expecting different results.”<br />
Albert Einstein<br />
2
Why Should We Perform Data Analysis?<br />
Who Mentions<br />
“Computer Assisted Audit Techniques”?<br />
• (SAS No. 99 ‐ Consideration of Fraud in a Financial Statement Audit)<br />
“Internal auditors may conduct proactive auditing to search for corruption,<br />
misappropriation i of assets, and financial i statement t tfraud. This may include<br />
the use of computer‐assisted audit techniques to detect particular types of<br />
fraud. Internal auditors also can employ analytical and other procedures to<br />
isolate anomalies and perform detailed reviews of high‐risk accounts and<br />
transactions to identify potential financial statement fraud.”<br />
• Enterprise Risk Management — Integrated Framework Executive Summary<br />
Framework September 2004 (The Committee of Sponsoring Organizations of the<br />
Treadway Commission)<br />
• Managing the Business Risk of Fraud: A Practical Guide (Sponsored by The<br />
Institute of Internal Auditors, The American Institute of Certified Public Accountants and<br />
Association of Certified Fraud Examiners)<br />
3
Data Analysis –The Possibilities<br />
The Cost of Fraud<br />
Annual<br />
Cost<br />
$2.9<br />
Trillion<br />
Average<br />
Loss<br />
5% of<br />
Revenues<br />
"2010 Report to the Nation on Occupational Fraud and Abuse. Copyright<br />
2010 by the Association of Certified Fraud Examiners, Inc."<br />
4
Types of Fraud<br />
Asset<br />
Misappropriationi 86.3% of cases<br />
Median loss<br />
$135,000<br />
Fraudulent<br />
Statementst<br />
t<br />
4.8% of cases<br />
Median loss<br />
$4,100,000<br />
Corruption<br />
32.8% of cases<br />
Median Loss<br />
$250,000<br />
"2010 Report to the Nation on Occupational Fraud and Abuse. Copyright<br />
2010 by the Association of Certified Fraud Examiners, Inc."<br />
Occupational Fraud and Abuse<br />
Classification System<br />
(Continued)<br />
"2010 Report to the Nation on Occupational Fraud and Abuse. Copyright<br />
2010 by the Association of Certified Fraud Examiners, Inc."<br />
5
Occupational Fraud and Abuse<br />
Classification System<br />
"2010 Report to the Nation on Occupational Fraud and Abuse. Copyright<br />
2010 by the Association of Certified Fraud Examiners, Inc."<br />
Detection of Fraud ‐ Government<br />
Fraud Schemes (All Cases) – Median length of time prior to detection is 18 months<br />
for all entity types – Range 12 months to 27 months<br />
"2010 Report to the Nation on Occupational Fraud and Abuse. Copyright<br />
2010 by the Association of Certified Fraud Examiners, Inc."<br />
6
Why Perform Data Analysis?<br />
Convert the 5% By Accident to Not By Accident<br />
Find It On Your Terms Not Someone Elseʹs<br />
All organizations should perform<br />
comprehensive Data Analysis<br />
Why Perform Data Analysis? (con’t)<br />
• How many of you in the audience sign the year‐end<br />
representation letter to the external auditors?<br />
• Key representations:<br />
– Responsible for internal control environment<br />
– No known significant deficiencies in the design of or<br />
operation of internal controls<br />
– Acknowledge responsibility for the design and<br />
implementation of programs and controls to prevent and<br />
detect fraud<br />
– No known material instances of fraud<br />
• Fiduciary responsibility as a member of the executive<br />
management team<br />
• Convert the “Isolated Occurrence” comment to a thing of the<br />
past<br />
7
Data –It Has Something To Say!<br />
Significant assets of an Organization<br />
•People<br />
• Cash h& investments<br />
t<br />
• Property, plant & equipment<br />
• Intellectual property<br />
• Reputation<br />
• Financial & operational data (one of the most<br />
underutilized assets)<br />
•Many others<br />
8
Various Types of Data<br />
Capital Assets<br />
Property Tax<br />
Vendors<br />
Payroll<br />
Many Others<br />
Employees<br />
(HR)<br />
Receivables<br />
Disbursements<br />
Purchasing Cards<br />
General Ledger<br />
Traditional View of Data<br />
• Assets, Liabilities and Equity<br />
• Revenues versus Expenses<br />
•Budget versus Actual<br />
•Ratios, etc.<br />
9
A New View of Data<br />
Application Areas for Transactional<br />
Data Analysis<br />
• Accounts Payable<br />
• Accounts Receivable<br />
• Bid Rigging<br />
• Cash Disbursements<br />
• Conflict of Interest<br />
• Credit Card Management<br />
• Customer Service<br />
Management<br />
• Deposits<br />
• General Ledger<br />
• Kickbacks<br />
• Life Insurance<br />
• Loans<br />
• Materials Management and<br />
Inventory Control<br />
• Policy and Administration<br />
• Purchase Order Management<br />
• Real Estate Loans<br />
• Retail Loss Prevention<br />
• Salaries and Payroll<br />
• Sales Analysis<br />
• Travel Claims<br />
• Vendor Management<br />
• Work In Progress<br />
ACL – White Paper - Analyze Every Transaction in the Fight Against<br />
Fraud: Using Technology for Effective Fraud Detection<br />
• Operational<br />
A New View of Data (con’t)<br />
• Vendors & Disbursements<br />
• Human Resources & Payroll<br />
• Vendors Compared to Human Resources<br />
• Property Tax versus Utility Billings<br />
• Eligibility – Federal and State programs<br />
• Delinquent Taxes / Assumed Names / Vendors<br />
DATA ANALYSIS – LIMITED ONLY TO<br />
ELECTRONIC DATA AND YOUR<br />
IMAGINATION<br />
10
Dallas County<br />
Best Practice Award Project<br />
Financial / General Management Category<br />
Surprise Audits<br />
• Effective, yet underutilized<br />
•Less than 30% of victim organizations<br />
conducted surprise audits<br />
•Lower fraud losses and detect frauds more<br />
quickly<br />
•Perception of detection<br />
"2010 Report to the Nation on Occupational Fraud and Abuse. Copyright<br />
2010 by the Association of Certified Fraud Examiners, Inc."<br />
11
Applications<br />
• Collect information about current/ potential<br />
customers<br />
•Credit card companies track patterns and<br />
identify stolen cards<br />
• Department of Defense tracks passport and visa<br />
applications, i work permits, driver’s di licenses,<br />
etc.<br />
Applications<br />
12
Irregularities<br />
• Accounts Payable<br />
– Duplicate payments<br />
–Rounded amounts<br />
– Just below thresholds<br />
–Check theft<br />
–Abnormal volume<br />
– Cancelled checks<br />
–Above average payments<br />
– Vendor/employee crosscheck<br />
– Mail drop addresses<br />
ROW VND NAM INV NUM INV DATE INV AMT<br />
CHECK<br />
NUM<br />
PAY DATE<br />
PROCESS<br />
TIME APP PO AMT<br />
1 ROBINSO 94225 12/13/2008 399.50 174709 10/25/2009 1:31 PM GH 400.00<br />
2 SOUTHCO JT5941511 11/14/2009 4,999.99 174915 12/6/2009 2:33 PM GH 4,999.99<br />
3 Q COAT JT6134612 12/20/2009 30.73 175144 2/13/2010 9:10 AM GH 35.00<br />
4 ONETIME 11637 4/30/2010 5,093.38 175779 6/6/2010 1:32 AM SK 5,000.00<br />
5 NEWMAN 4334 11/28/2009 1,086.88 175201 2/7/2010 12:32 PM GH 1,500.00<br />
6 ONETIME 106040 6/11/2010 49.76 175957 7/11/2010 12:34 PM GH 45.00<br />
7 ONETIME 185396 1/26/2010 1,398.25 175229 2/14/2010 4:01 PM GH 1,350.00<br />
8 DESARIO 12126 6/8/2010 23.00 175896 7/4/2010 3:43 PM GH 25.00<br />
9 FILTERS 69688 10/18/2009 175.00 174762 11/8/2009 1:33 PM GH 200.00<br />
10 BOWIE 6573 10/10/2009 1,412.71 174649 10/17/2009 5:05 PM GH 1,500.00<br />
11 ONETIME 37338 11/7/2009 296.10 174929 12/13/2009 5:45 PM GH 275.00<br />
12 Q COAT JT61346‐12 12/21/2009 30.73 175239 2/14/2010 2:35 PM GH 35.00<br />
13 ONETIME 01104666I 4/23/2010 42.30 175680 5/16/2010 9:01 AM GH 45.00<br />
14 HOUWATE 78763 11/20/2009 55,000.00 174950 12/25/2009 11:43 AM GH 55,000.00<br />
15 ONETIME 0109‐8635 1/10/2010 50.00 175174 1/31/2010 1:01 AM SK 45.00<br />
16 WATKINS 8219 3/8/2010 525.81 175830 6/13/2010 7:43 AM GH 525.00<br />
17 SOUTHCO JT5941622 11/16/2009 4,999.99 174932 12/10/2009 4:23 PM GH 4,999.99<br />
13
Irregularities<br />
•Payroll<br />
–Gross equal net pay<br />
–Ghost employees<br />
–Off‐cycle payments<br />
– Payments to terminated employees<br />
–False social security numbers<br />
–High overtime<br />
ROW<br />
EMP<br />
NUM<br />
GROSS<br />
PAY PAY DATE NET PAY SS HIRE DATE TERM DATE<br />
DD BANK<br />
ACCT NUM<br />
1 1123 2,250.00 5/15/2009 1,346.17 579627851 8/20/1973 23896<br />
2 1156 2,060.00 11/15/2009 1,335.91 396152031 9/13/2008 12/24/2009 89000567<br />
3 1178 1,800.01 11/30/2009 1,800.01 123456789 3/4/1980 65324<br />
4 1198 2,370.00 11/15/2009 1,716.47 543945471 3/16/1994 7832112<br />
5 2134 2,370.94 5/15/2009 1,592.08 417337241 11/12/2008 455599021<br />
6 2346 288.75 8/31/2009 126.33 308801411 5/15/2008 78345<br />
7 2389 1,725.00 8/15/2009 1,118.67 294624211 6/30/2008 12/1/2008 9998001326<br />
8 2399 7,754.00 8/15/2009 5,251.79 256024861 6/15/2009 78231<br />
9 1101 4,647.00 2/15/2010 2,668.53 142422251 1/19/2009 90433389<br />
10 1109 2,657.00 11/15/2009 1,563.65 605843191 12/15/2009 51938215<br />
11 2369 1,000.00 8/15/2009 65.01 634999999 4/5/1992 1/14/2010 89000567<br />
12 1178 2,250.00 11/30/2009 1,459.14 341549121 3/4/2008 21903198<br />
13 2478 2,550.00 5/15/2009 1,640.92 303764511 9/14/1991 89100026<br />
14 1103 2,095.76 5/15/2009 1,231.26 626829921 9/8/2008 9875<br />
15 2198 3,093.00 11/15/2009 2,291.15 243454611 8/3/1995 2999843<br />
14
Irregularities<br />
• General Ledger<br />
– Duplicate or missing JEs<br />
–JEs posted on specific dates<br />
–JEs with large amounts<br />
Irregularities<br />
• Receivables<br />
– Duplicate invoices<br />
–Debtors with balances over credit limits<br />
–Debtors with credit balances<br />
– Large write‐offs<br />
15
Irregularities<br />
• Capital Assets<br />
– Depreciation recalculation<br />
– Duplicate tag numbers<br />
– Depreciation exceeding cost<br />
– Comparison of listings<br />
Systematic Approach<br />
• Identify inherent fraud scheme<br />
• Build fraud scenario<br />
•Obtain data<br />
• Identify and link data to fraud scenario<br />
• St Set up Proactive Fraud Monitors<br />
16
Data Interrogation<br />
• Pattern and frequency<br />
• Circumvention strategies<br />
• Duplicate analysis<br />
• Changes<br />
• Illogical<br />
•Trends<br />
•Mistakes or unsophisticated perpetrator<br />
•Data interpretation challenge or sophisticated<br />
perpetrator<br />
•Master file<br />
• Transactional history<br />
• Overt vs. covert<br />
Benford’s Law<br />
Place<br />
Digit 1 2 3 4<br />
0 11.97% 10.18% 10.02%<br />
1 30.10% 11.39% 10.14% 10.01%<br />
2 17.61% 10.88% 10.10% 10.01%<br />
3 12.49% 10.43% 10.06% 10.01%<br />
4 9.69% 10.03% 10.02% 10.00%<br />
5 7.92% 9.67% 9.98% 10.00%<br />
6 6.69% 9.34% 9.94% 9.99%<br />
7 5.80% 9.04% 9.90% 9.99%<br />
8 5.12% 8.76% 9.86% 9.99%<br />
9 4.58% 8.50% 9.83% 9.99%<br />
17
Benford’s Law Analysis<br />
•Number sets result from mathematical<br />
combination<br />
– Accounts Payable (number purchased * price)<br />
•Transaction‐level data<br />
–Disbursements, se e s, expenses, ses,sales<br />
•Large data sets<br />
–A full year or multiple years’ set of transactions<br />
18
Benford’s Law Analysis<br />
•Data set comprised of assigned numbers<br />
–Check numbers, invoice numbers<br />
• Accounts with firm‐specific numbers<br />
–An account with a large number of $100 transactions<br />
Data Mining Example<br />
•GAO purchase and travel card program audits<br />
– Nature of transaction<br />
–Merchants<br />
– Timing<br />
– Dollar amount<br />
–Other characteristics<br />
19
What the Heck Should We Be Doing Now?<br />
COSO Framework<br />
Source: The Committee of Sponsoring Organizations of the Treadway Commission<br />
20
34<br />
.<br />
2<br />
1<br />
I<br />
dm<br />
ep<br />
nl<br />
te<br />
im<br />
fe<br />
yn<br />
t<br />
I<br />
nM<br />
fo<br />
on<br />
ri<br />
mt<br />
ao<br />
tr<br />
i<br />
on<br />
ng<br />
4. Develop and<br />
implement costeffective<br />
procedures to<br />
evaluate that<br />
persuasive information<br />
.<br />
I<br />
P<br />
d<br />
r<br />
e<br />
i<br />
n<br />
o<br />
t<br />
r<br />
i<br />
f<br />
t<br />
y<br />
i<br />
z<br />
C<br />
e<br />
o<br />
n<br />
R<br />
t<br />
i<br />
r<br />
s<br />
o<br />
k<br />
l<br />
s<br />
Monitoring<br />
1. Understand and<br />
prioritize risks to<br />
organizational<br />
objectives<br />
3. Identify information<br />
that will persuasively<br />
indicate whether the<br />
internal control system<br />
is operating effectively<br />
2. Identify key controls<br />
across the internal<br />
control system that<br />
address those<br />
prioritized risks<br />
Source: The Committee of Sponsoring Organizations of the Treadway Commission<br />
The Cost of Fraud<br />
21
Thanks For<br />
Your<br />
Involvement!<br />
22
Change language