1 / 25

Overview

Data analytics in the audit March 18, 2011 Keith Barger, Principal, Advisory Services & Forensic Technology Services Practice Leader Keith.Barger@us.gt.com. Overview. Speaker background Introduction What is fraud? Data analytics: Defined Data analytics: Practical use Case studies

cher
Download Presentation

Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Data analytics in the auditMarch 18, 2011Keith Barger, Principal, Advisory Services & Forensic Technology Services Practice LeaderKeith.Barger@us.gt.com

  2. Overview • Speaker background • Introduction • What is fraud? • Data analytics: Defined • Data analytics: Practical use • Case studies • Wrap up / Q & A

  3. Keith Barger • ATF – 18+ years of special agent • Technical operation • Big 4 – Director • Forensic Technology and e-Discovery • Grant Thornton – Principal, Practice Leader • Forensic & Litigation Services • Forensic Technology Services

  4. Introduction • Fraud examiners and internal/external auditors utilize data analytics to aid in revealing potential concerns, enabling the detection of fraudulent circumstances as early as possible

  5. What is fraud? • A general concept that refers generally to any intentional act committed to secure an unfair or unlawful gain. Financial fraud typically falls into the following categories: • Fraudulent financial transactions and reporting • Misappropriation of assets • Revenue of assets gained by fraudulent or illegal acts • Expenditures or liabilities avoided for inappropriate purpose • Improperly obtained assets and costs / expenses avoided • Other misconduct (e.g., conflicts of interest, insider trading, theft of trade secrets, etc.)

  6. What is fraud? (continued) • Public reports related to fraud occurrences • Association of Certified Fraud Examiners 2008 Report to the Nation • Occupational fraud schemes tend to be extremely costly • The median loss caused by occupational frauds $175,000 • More than 25% of the fraud involved losses of more than $1M • Critical Perspectives on Accounting, 2010 • 90% of the frauds occur at the senior executive level • PCAOB proposed Auditing Standard indicates • Controls related to the preventions, identification, and detection of fraud often have a pervasive effect on the risk of fraud

  7. What is fraud? (continued) • Goals of fraud risk management • Understand fraud and misconduct risks that can undermine their business objectives • Reduce exposure to corporate liability, sanctions, and litigation • Achieve the highest levels of business integrity through sound corporate governance and intelligence, and internal policies and controls

  8. Data analytics: Defined • Data analytics is the science of examining raw data with the purpose of drawing conclusions about that information

  9. Data analytics: Defined (continued) • A data analytic aided program • Information technology and use of computer based audit techniques such as data analytics can significantly improve the effectiveness of a corporate fraud risk management program and corporation investigations • The data analytics program can be generally outlined as: • Consideration of potential fraud schemes and scenarios • Assessment at various levels: globally (corporate-wide), significant business units, substantial account levels • Testing of the effectiveness of the internal policies and controls • On-going monitoring and evaluations on a periodic and random frequency to access performance and effectiveness

  10. Data analytics: Defined (continued) • Key benefits of data analytics • Rapidly evaluate large amounts of data which could mitigate fraud risks and/or detect fraud • Capable of analyzing large data set and oftentimes, 100% of the relevant data • Abilities to apply similar analysis routines to various data sets without excess development time

  11. Data analytics: Defined (continued) • How good is your data? • Data quality is essential to interoperability and should be evaluated based on: • How do you verify the completeness or data? • Accuracy • Consistency on data formats, naming conventions and precision • Do data sources triangulate? • Exportability and portability • How easy can the data be exported? • Audit trail • How much effort is required to uncover the change in data values and accountability of the changes?

  12. Data analytics: Defined (continued) • Data integrity • Data normalization and standardization is often required before computerize tools start analyzing corporate financial and transactional data

  13. Data analytics: Practical use • Examples of potential fraud risks in financial management system • Fraudulent financial reporting • General ledger • Misappropriation of assets • Asset management and asset retirement calculation • Unauthorized or improper receipt and expenditures • GL, Account payable, time and expense management, purchase care program • Management override of transactions • Transaction audit trails • Theft and improper use of material and resource • Asset management, inventory management and human resource

  14. Data analytics: Practical use (continued) • Journal entries (JE) / General ledger (GL) • Account payable (AP) / Purchasing • Account receivable (AR) / Sales • Payroll / Human resource (HR) • Time and expense / HR • FCPA / Anti-bribery and corruption • Sales and use tax • Purchase card program • Regulation and compliance

  15. Data analytics: Practical use (continued)Industry agnostic • Software license review • Financial risk management • Dispute resolution • Healthcare regulatory compliance • Pharmaceutical regulatory compliance (Medicaid pricing) • Contract compliance • Royalty audits • Construction cost recovery • Financial restatements • Fraud risk management (Sub-prime lending) • Financial investigations

  16. Data analytics: Practical use (continued) • Effective use of Benford's law • Benford's law has been providing investigators with a simple, yet effective, tool for detecting fraudulent transactions • Choose appropriate data sets that conform to the distribution • Consider large concentration of assigned numbers or firm-specific numbers • Verify upper and lower number boundaries

  17. Data analytics: Practical use (continued)

  18. Data analytics: Practical use (continued) • User activity and accountability • Most established financial management systems have a built in function to record chronological sequence of activities. The logged records show who has accessed the system and what operations he or she had performed during a given period of time • Audit trail helps to identify fraudulent transactions based on • User name or ID (e.g., unauthorized or blocked users) • Entry timestamps (e.g., created or updated during questionable period of time) • Volume of transactions (e.g.: unnecessary access) • Audit trail also assists on identifying management override of transactions and process flow

  19. Data analytics: Practical use (continued)

  20. Data analytics: Practical use (continued) • Through continuous monitoring of the operations, controls and procedures, weak or poorly designed or implemented controls can be corrected or replaced • A technology-aided anti-fraud program can be periodically executed and as frequent as needed • Random execution and manual test review helps to enhance the quality of the program • A real time "red flags" response system can alert management for immediately actions

  21. Case study – Government agency anti-fraud program • Directed and oversaw an anti-fraud program with regard to government grant disbursements related to disaster recovery • The program involved development of a data repository and analytics to identify fraud, waste and abuse across several areas ranging from false claims, duplicate benefits, grant calculation verification, and construction-related fraud • Large number of data sources and terabytes of data were accessed, on an on-going basis, to retrieve program related data from a variety of government and private agencies

  22. Case study – Government agency anti-fraud program (continued) • Data marshalling procedures were conducted on database servers and accounted for the normalization • Approximately 3,500 data analytic routines and queries were executed against the data to identify anomalous and outlier data • Weekly reports were compiled which outlined the current analytic results and the overall status of the program

  23. Case study – Insurance company internal investigation • Applied data analytics to claims data • Performed analysis of 130,000+ transactions • 5 years worth of data analyzed • Work performed in ½ time 100% manual review • Internal control weaknesses identified

  24. Case study – Forensic in the audit program • Grant Thornton is implementing a data analytics program helping external auditors to conduct a comprehensive analysis and identify potential "red flags" related to clients' accounting practices • The program utilizes customizable analytical routines and queries to evaluate data records from clients' ledger systems

  25. Wrap up / Q & A • Sampling vs. complete review • Rapid turn around with streamline reporting • Cost matches client's need • Flexible and fully customizable to specific industries

More Related