Transcription
Technology for Business AssuranceGreat Expectations :How to Detect and Prevent Fraud using Data AnalysisCopyright 2009 ACL Services Ltd.Peter MillarDirector, Technology ApplicationACL Services Ltdpeter [email protected] twitter.com/PBMillar
ACL Services Ltd.Copyright 2009 ACL Services Ltd.called myself Pip, and came to be called Pip.' Great Expectations, a novel Charles Dickens(1861) Major themes are of crime, and ambition Starts with a 6-year old boy stealing food to helpan escaped convict, who threatens him not to tell a soul or he willcut out his heart and liver Not exactly a bed-time story but one that aptly suits adiscussion on fraud how to live up to the great expectationsof management in detecting and preventing fraud2
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Using Data Analysis for Fraud Detection1. Test against 100% of transactions2. Automate testing to enable:–––Continuous assessment of problem areasScheduled repetitive monitoring of other risk areasIncreased efficiencies in identifying indicators of fraud3. Access and relate data from virtually any source––Internal or external to organizationWithout moving sensitive data outside of the secure data center4. Identify where automated system-based controls:––Are not functioning effectivelyDo not apply to the business process (manual controls only)3
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Application areas for data analytics in fraudStandard Business Processes Procure-to-Pay Travel & Entertainment Corporate Cards Order-to-Cash Payroll Inventory and Materials Management Capital AssetsFinancial Statements and Reporting General Ledger Revenue RecognitionVertical Business Processes Insurance Claims Healthcare Financial Services Manufacturing Retail Construction/Engineering Contracts TelcoInformation Systems Segregation of Duties Systems Access Master Data Files Configuration Settings4
ACL Services Ltd.Copyright 2009 ACL Services Ltd.How to integrate analytics into fraud detection work5
ACL Services Ltd.Copyright 2009 ACL Services Ltd.It’s a Journey6
ACL Services Ltd.Think in Terms of People & ProcessCopyright 2009 ACL Services Ltd.7
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Analytic Capability Modelrepetitivead hoccontinuousLevel 5ForesightMonitoringLevel 4ContributionAutomatedInsightLevel 3ManagedLevel 2AppliedHindsightLevel 1BasicSophistication8
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Level 1: BasicCharacteristics Leverages technology Ad hoc query and analysis Used to perform analysis of large data setsLevel 5MonitoringBenefits Rapid insight into entire data populations Increased ability to detect fraud, errors and inefficiencies Increased quality and levels of assuranceLevel 4AutomatedLevel 3ManagedLevel 2AppliedLevel 1Basic9
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Level 1: Basic Fraud Management Role1.2.3.4.5.Encourage experimentationEnsure analytic objectives are realisticFacilitate the access to dataApply technology that can support growthProvide support for training, as necessary10
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Level 2: AppliedCharacteristics Analytics fully integrated into fraud detection process Comprehensive suite of repeatable tests are designed and developed Applied to a range of fraud detection and control objectivesLevel 5MonitoringBenefits Gain greater insight into targeted areas Improved quality and reliability of tests Improve efficiency & effectiveness of anti-fraud activitiesLevel 4AutomatedLevel 3ManagedLevel 2AppliedLevel 1Basic11
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Level 2: Applied Fraud Management Role1. Clearly set your expectation for using analytics2. Define roles for both technical and non-technical staff– Brainstorming– Analytic development– Testing & QA3. Integrate analytic planning as part of the normal processes4. Allow time for data acquisition & profiling5. Build analytic expectations into investigation and reviewprocesses6. Provide effective team incentives12
ACL Services Ltd.Copyright 2009 ACL Services Ltd.– assessing the risk of fraud throughVendor Master DataScripps Health is a non profit, community-based health care delivery network inSan Diego, California, that includes: Four acute-care hospitals on five campuses More than 2,600 affiliated physicians Extensive outpatient care network Home health care Associated support services13
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Vendor Master Analysis 5,941– vendors with no Taxpayer Identification Number (TIN) 15,268– vendor records with no phone number. 11,497– vendor records with no Vendor Contact. 23,391– vendors with no email address or website entered. 548– Active Vendors in the Vendor Master Not Existing in the Vendor Address Table14
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Vendor Master/EE File MatchComparison of the Vendor Master and Employee File revealed 211– Employee Names established as Vendors in the Vendor Master. 418– Addresses in the Employee File that were also in the Vendor Master. 79– Social Security Numbers that are also in the Vendor Master.15
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Employee Master FileVendor Master FileJOIN on Matching Addresses:16
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Level 3: ManagedCharacteristics Centralized processing Secure environment to store data Analytic content shared within the teamLevel 5MonitoringBenefits Manage all analytic content in one secure place Do more with faster analysis Risk mitigation / sustainabilityLevel 4AutomatedLevel 3ManagedLevel 2AppliedLevel 1Basic17
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Level 3: Managed Fraud Management Role1. Champion the move to secure, collaborative, centralized technology2. Define processes for standardizing, and sharing analytics /data– Consider nominating a librarian or ‘knowledge czar’3. Facilitate partnership with IT to refresh of key data files into thecentral repository4. Formalize QA & evaluation into analytic processes5. Provide strategic program oversight, ensuring that tactical analyticsmeet bigger-picture fraud detection & prevention objectives18
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Case Study: Managed helped us overcome our data access challenges with anorganized roll-out. Now we know how to prioritize our time andresources.Gina AnonuevoFirst Hawaiian BankHighlights: Secure script sharing within a centralized repository Permission based access to data and scripts Ability to test complete data populations19
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Level 4: AutomatedCharacteristics Recurring and scheduled analysis Fraud detection analytics change from cyclical to continuous A broader set users applying analytics across their fraud detection processesLevel 5MonitoringBenefits Achieve timely insight into fraud and control issues Improve team efficiency through automation Scope increased through multiple business processesLevel 4AutomatedLevel 3ManagedLevel 2AppliedLevel 1Basic20
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Level 4: Automated Fraud Management Role1. Rethink traditional analytic procedures– Reporting cycle & frequency– Issue follow-up and resolution procedures2. Communicate goals, objectives, and timelines for processes to bemoved to continuous fraud detection3. Provide sufficient technology training for staff that will bedeveloping fully automated testing procedures4. Allow time to convert analytics previously designed for ad-hocmode to automated– Focus on testing only new/updated transactions vs. all data5. Ensure appropriate conversations with IT are occurring aroundthe proper scheduling of analytics21
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Case Study: AutomatedIn these times, it is not good enough to look back over six monthsat audit time and discover wrongdoing or process inefficiency thatmay have cost the company money.Marius Kies,AngloGold AshantiHighlights: Identifying deviations, weaknesses and breaches as they happen Moving from a reactive model, to an immediate proactive one Automated data collection, analysis and reporting22
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Level 5: MonitoringCharacteristics Exceptions routed to business process owners for review and remediation Reporting and monitoring of the results and trends identified Increased use of analytics across the organizationLevel 5Benefits Develop a partnership with business process owners toprovide insight into their operational performance Achieve timely resolution of exceptions Provide the organization with a clearer pictureof risks in business processesLevel 2AppliedLevel 1BasicMonitoringLevel 4AutomatedLevel 3Managed23
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Case Study: Monitoring fundamentally transform how we manage spending and evaluatecompliance. Reporting that was previously non-existent will nowprovide senior leadership with a clear picture of our controlenvironment.Hal LaughlinHighlights: Continuous monitoring with a common set of analytics in all operations Consistent reporting and tracking of exceptions across the business Improved regulatory compliance with Sarbanes Oxley and FCPA24
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Questions you should ask about data analysis & fraud Where is my highest risk of fraud?What indicators – if any – would I expect to see in the data?What systems do I need to access to highlight suspected fraud?Can I get access to this data?What techniques (matching, grouping, filtering) should I apply?Can I automate these analytics to drive efficiency and immediacyof results?25
ACL Services Ltd.Copyright 2009 ACL Services Ltd.Questions?peter [email protected] twitter.com/PBMillar26
3. Provide sufficient technology training for staff that will be developing fully automated testing procedures 4. Allow time to convert analytics previously designed for ad-hoc mode to automated – Focus on testing only new/updated transactions vs. all data 5. Ensu
