Using Data Analytics to - Session Three-Aldar International For Governance ...
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Session Three – Using Data Analytics to
Contents
1 Background on Fraud
5 Procurement Fraud
2 Detecting Fraud
6 Data Analytics &
Reporting
3 IT Login Fraud
7 Unlocking the Potential of
Data Analytics
4 HR & Payroll Fraud
© 2021 Aldar International for Governance Consultancy. All rights reserved. 2
1 Background on Fraud
Fraud and the Economy
ACFE 2020 Report to the Nations showed the following statistics:
▪ Company’s lose 5% of their Revenue to Fraud each year;
▪ In the Middle East, the average loss from Fraud cases in 2020 was USD 1,302,000;
▪ Median Duration of a Fraud Scheme was 12 months;
▪ The most common occupational fraud in the Middle East was Corruption
© 2021 Aldar International for Governance Consultancy. All rights reserved. 4
What is Fraud?
FRAUD is defined by:
COSO Framework
As “any intentional act or omission designed to deceive others, resulting in the victim suffering a loss and/or the perpetrator
achieving a gain.”
Black’s Law Dictionary
As “A knowing misrepresentation of the truth or concealment of a material fact to induce
another to act to his or her detriment”.
Consequently, Fraud includes any intentional or deliberate act to deprive another of
property or money by guile, deception, or other unfair means.
© 2021 Aldar International for Governance Consultancy. All rights reserved. 5
Types of Fraud (The Fraud Tree)
Corruption Asset Misappropriation Financial Statement Fraud
Conflicts of Economic Net worth/ Net income Net worth/ net income
Bribery Illegal Gratuities overstatement understatement
interest Extortion
Purchasing Schemes Invoice Kick-backs Timing Differences Timing Differences
Sales Schemes Bid Rigging Fictitious Revenue Understated Revenue
Please refer to Concealed liabilities Overstated liabilities
next slide and expenses and expenses
Improper asset Improper asset
valuations valuations
Improper disclosures Improper disclosures
© 2021 Aldar International for Governance Consultancy. All rights reserved. 6
Types of Fraud (The Fraud Tree) (Cont.)
Asset Misappropriation
Cash Inventory and all other assets
Theft of cash on Theft of cash Fraudulent
Misuse Larceny
hand receipts disbursements
Expenses
Register
Skimming Cash Larceny Billing Scheme Payroll schemes Reimbursement Check tampering
Disbursements
scheme
Refunds and Mischaracterized Asset Requisitions
Sales Receivables Shell company Ghost employees Forged maker False voids and transfers
others expenses
Non-compliance Overstated Forged False sales and
Unrecorded Write-off schemes Falsified wages False refunds shipping
vendor expenses endorsement
Personal Commissions Purchasing and
Understated Lapping schemes Fictitious expenses Altered payee receiving
purchases schemes
Multiple Unconcealed
Unconcealed Authorized maker larceny
reimbursements
© 2021 Aldar International for Governance Consultancy. All rights reserved. 7
What is Fraud – Fraud Triangle
The Fraud triangle is used to explain the motivation behind a Fraud.
▪ Pressure to perform
▪ Too much work
▪ Weak Internal Control ▪ Debt burden
▪ Poor tone at the top ▪ Life style needs
Rationalization ▪ I don’t get paid what I am worth
▪ Every one else is doing it
▪ No body will miss the money
© 2021 Aldar International for Governance Consultancy. All rights reserved. 8“
Poll Question
An employee noted that there is no Segregation of Duties
between recording and verifying cheque payments. Which
element of the Fraud Triangle does this relate to?
Opportunity
Rationalization
Incentive2 Detecting Fraud
“
Poll Question
What do you believe are the most common three
methods of detecting Fraud?
By Accident Internal Audit
External Audit Management Review
Account Reconciliation Surveillance
Tips/ Whistle blows Law Enforcement
IT Controls OtherHow is Fraud Discovered?
As per the ACFE 2020 Report to the Nations, Fraud is detected through the following:
Tips 43%
Internal Audit 15%
Management Review 12%
Other 6% With 43% of Fraud being detected by
Whistleblowing or accident we should therefore be
By Accident 5% aiming to increase the % of fraud detected by
Internal Audit/Management Review.
Account Reconciliation 4%
External Audit 4% It is clearly not enough to rely upon somebody
stumbling across evidence of fraud by accident
Document Examination 3% and then whistleblowing.
Surveillance/Monitoring 3%
Notified by Law Enforcement 2%
IT Controls 2%
Confession 1%
© 2021 Aldar International for Governance Consultancy. All rights reserved. 12Identifying potential Fraud Risks
Determination by scheme Determination by Area
Identify area of operations at risk Identify area of operations at risk
Identify areas of Company operations
Identify potential fraud schemes where schemes are most likely to occur
Identify red flags and indications associated with schemes and areas
Build audit steps to search for indicators
Conduct further enquiry if red flag is detected or suspected
Fraud event identified or suspected
Yes
Fraud investigation process
© 2021 Aldar International for Governance Consultancy. All rights reserved. 133 IT Login Fraud
IT Login Fraud
IT Login Fraud can take place in various ways, when an unauthorized person access organization internal IT
system seeking illegal access to information. Analysis of login data from an IT entry system or firewall logs can
uncover unauthorized accesses (or attempts) to internal system
“Red Flags” for IT Login Fraud Include
▪ Ex-employees still accessing the system
▪ Entry to the system at times not defined as “normal working patterns”
▪ Weekend entry from non weekend workers
▪ Login on a non registered company asset
© 2021 Aldar International for Governance Consultancy. All rights reserved. 20“
Poll Question
You have been tasked to identify unauthorized access to
the company internal system by employees on vacation.
What kind of Information do you need to verify it
Employees timesheet
System access log
List of vacation by employee
Employees MasterfilePractical Example
Case Background
You work as an auditor in a company that supplies contract cleaning services. You noted that one purchase order
in the month of February was approved by a departing employee during your audit on Procurement function.
This transaction raised your suspicion that unauthorized access to company internal system is occurring, and
accordingly you started an investigation to see whether any anomalies or suspicious behavior is taking place.
Required Data
For the purpose of this review, you were provided with the following documents:
• Employees Masterfile
• Current Asset List - Employee PC’s
• List of Departing Employees
• February Logins Report - Employee PC's
© 2021 Aldar International for Governance Consultancy. All rights reserved. 22Practical Example
The main areas of focus for your investigation is to examine and analyze the data, to see if any of the
following are taking place:
• A login ID is being used after an employee has left the company’s employment (Ex-Employee Logins)
• A login ID is being used outside of normal business hours (i.e. before 07:00:00 and after 19:00:00)
• A login ID is being used by employees at weekends, but only for employees who are not registered to work
at weekends.
• A login ID is used on a pc, where the login is not the registered user for that listed asset.
`
© 2021 Aldar International for Governance Consultancy. All rights reserved. 234 HR & Payroll Fraud
HR & Payroll Fraud
Payroll is one of the largest outlays of every organization and
although internal controls, such as segregation of duties, may
help to mitigate the risk of payroll fraud, they don’t prevent it
occurring.
Common HR & Payroll Fraud Schemes Include
▪ Ghost Employees
A person not employed by the company is on the payroll
▪ Overpayment (Timesheet Fraud)
A company pays an employee based on falsified hours or rates
▪ Commission
The amount of sales made, or the rate of commission is
fraudulently inflated
© 2021 Aldar International for Governance Consultancy. All rights reserved. 25The Use of Data Analytics in Combatting HR & Payroll Fraud Whilst Payroll Fraud may be hard to prevent, we can deploy various data analytics tests to help identify “Red Flags” for further examination. Examples of Suspicious activities that can be identified using data analytics ▪ Unrelated employees with the same address or home phone ▪ Two or more employees with the same mobile phone number ▪ Multiple employees using the same bank account number ▪ An employee who is on the payroll but not on the company’s employee list ▪ Missing information in employee files ▪ An employee who shares an address, telephone number or bank account number with an accounts payable vendor ▪ Payments to employees for holidays, weekends or off-days ▪ Gaps in check number sequence ▪ A terminated employee who is still on the payroll list ▪ Unusually high overtime pay ▪ An employee who has been paid for working more than a reasonable number of hours in one day ▪ Duplicate pay checks. ▪ Unusual number of cheques / payroll payments issued for an employee in a year ▪ Employees on the payroll register before their start date or after their termination date ▪ Deceased employees who are still on the payroll list ▪ Manual payroll cheques ▪ Multiple pay cheques issued to an employee within a single pay period ▪ Unusual ratio of gross to net pay ▪ Employees who have had no paid time off, holiday or sick leave © 2021 Aldar International for Governance Consultancy. All rights reserved. 26
Practical Example
Case Background
Your client, the CEO of a Company that supplies contract cleaning services to several locations, is concerned that the salaries
expenses witnessed a significant increase in the month of February. He has asked you to conduct an analytical review over the
payroll to identify any suspicious payroll transactions The objective of these reviews is to check if:
1. Former employees were included in the timesheet after their departure date.
2. Overlapping in working hours for staff working in multiple locations
3. Non-authorized Staff were paid for weekend working
4. Overtime pay was claimed correctly and there was no overpayment to certain employees.
Required Data
For the purpose of this review, the CEO has supplied you with the following documents:
`
• Employees Masterfile
• February Payroll File
• List of Departing Employees
• Current Pay rate
• Employees timesheets
© 2021 Aldar International for Governance Consultancy. All rights reserved. 27Practical Example
Tests Required
1. Identifying former staff working after their Departure Date
2. Overlapping in working hours for staff working in multiple locations
3. Non-authorized staff that were paid for weekend working
4. Verifying the correctness of overtime pay and that there was no overpayment to certain employees.
`
© 2021 Aldar International for Governance Consultancy. All rights reserved. 28“
Poll Question
You have been tasked to identify payments processed to
departing employees during the month of February. Which
file (or combination of files) will enable you to identify
those transactions
February Payroll File
February Timesheet
Employees Masterfile
List of Departing Employees5 Procurement Fraud
“
Poll Question
Which of the following is a Procurement Fraud Scheme?
Ex-employees still accessing the system
Overcharging for Cost
Ghost EmployeesProcurement Fraud
Procurement fraud is a deliberate deception intended to influence
any stage of the procure-to-pay cycle in order to make a financial
gain or cause a loss. It can be perpetrated by contractors or sub-
contractors external to the organization, as well as staff within the
organization.
Common Procurement Fraud Schemes Include:
▪ False claims
Fraud Scheme that involves the invoicing for work not carried out by
the vendor
▪ Mischarging/ Overcharging for Cost or Labor
Fraud scheme that involves addition to the cost of particular goods
and/or services above the amount a client is expecting or contracted
to pay
▪ Cover pricing and bid rigging
Fraud scheme that involves collision between suppliers to secure the
win of a tender
© 2021 Aldar International for Governance Consultancy. All rights reserved. 32The Use of Data Analytics in Combatting Procurement Fraud
Procurement fraud is difficult to detect; cases are rarely reported and subsequently it is difficult to measure the extent
of the problem. Where fraud is detected, resource is generally channeled into investigation and prosecution which is
expensive and rarely ends in a conviction or the recovery of losses. Data Analytics can help in proactively identifying
early indicators “Red Flags” of Suspicious Procurement activities.
Examples of data analytics tests that can help in uncovering fraudulent procurement activities
▪ Comparing bank details and addresses of suppliers against those of staff to identify
conflict of interest this includes joining supplier and employee files on bank details and
employee addresses to identify matches
▪ Duplicate testing to identify duplicate invoices from same supplier
▪ Fuzzy Duplicate testing to detect manipulated duplicate invoices from the same supplier
▪ Extracting payments coded as extras/adjustments
▪ Comparing contracted rate for goods and services against billed amount
▪ Comparing historic vendor master file to current file to identify major differences
▪ Comparing the values of successful bids to highlight trends and anomalies.
▪ Calculating the Standard deviation of a tender to determine how far the lowest bidder is
from the norm.
© 2021 Aldar International for Governance Consultancy. All rights reserved. 33Practical Example
Case Background
You work in an Internal audit department of a Company and you received an allegation from a whistle-blower hotline,
indicating that an employee, identified by “AD” initials has colluded with suppliers to extract cash from the company.
You have been tasked to examine if there is sufficient evidence to support the allegation and to check for possible fraudulent
activity.
Required Data
For the purpose of this review, you were provided with the following documents:
`
• Employees Master File • Purchase Invoices
• Suppliers Master File • List of Purchase Orders
• Product Master File • List of Payments
© 2021 Aldar International for Governance Consultancy. All rights reserved. 34Practical Example
Tests Required
1. Initial Search for employees who have “AD” initials.
2. Identify Employee to Supplier Links.
3. Identify payments to fictious/ ghost suppliers. This includes identifying employees who authorized the payments.
4. Gather invoices submitted by ghost suppliers. This includes identifying employees who entered the invoices on the system.
5. Identify if Purchase Orders were submitted to the ghost suppliers.
6. Identify Non-Preferred suppliers and payments processed to Non-Preferred suppliers.
`
© 2021 Aldar International for Governance Consultancy. All rights reserved. 356 Data Analytics & Reporting
Data Analytics Benefits in Reporting Lifecycle
1 Preliminary Communication
✓ Data Analytics allows for developing a better understanding of the engagement
client business activities and transactions. Thus, it results in better discussions.
2 Interim Communication
✓ Data Analytics allows to quickly identify significant issues and report them instantly.
3 Final Communication
✓ Assure senior management and the board that 100% of the data was analyzed
✓ Data Analytics s allows using graphical illustrations which allows us to explain
complex data and critical issues
© 2021 Aldar International for Governance Consultancy. All rights reserved. 37“
Poll Question
Which of the following should be included in your final
engagement report?
Data Obtained but not used in the analysis
Steps followed to reach the conclusion
Table containing all the records examined regardless of sizeData Analytics and Enhancing Working Papers Quality
▪ 2330 – Working Papers
Internal Auditor must document sufficient, reliable, relevant and useful information to support the engagement results and
conclusions
The following are aspects that you may include in your working papers:
▪ Titles that identify the engagement ▪ Analytical methods used
▪ Purpose of the working paper ▪ Result of tests and analyses
▪ Indexing ▪ Conclusions cross-referenced to
▪ Time of the engagement observations
▪ Names of the internal auditor(s)
▪ Sources of information
▪ Review notation and name of the
▪ The population, sample size, and
reviewer(s)
means of selecting the sample
➢ Working Papers should also summarize information and focus on the
most important information.
➢ Internal Audit team leaders should review working papers, evidence
indicating that reviews were conducted should be available.
© 2021 Aldar International for Governance Consultancy. All rights reserved. 397 Unlocking the Potential of Data
AnalyticsApproach to a Successful Implementation
Demonstrate Visionary Leadership
Manage Stakeholders’ Expectations
RISK
Unlocking the Integrate Risk
Potential of Data
Analytics
Optimize Internal Processes
Align People & Technology
© 2021 Aldar International for Governance Consultancy. All rights reserved. 41Data Analytics Process
Raw Data VS. Disciplined , Focused and Analyzed Data
© 2021 Aldar International for Governance Consultancy. All rights reserved. 42You can also read
