1 / 20

Unemployment Insurance Integrity Conference April 19, 2010

Forensic Techniques And Automated Oversight. Unemployment Insurance Integrity Conference April 19, 2010. Brett Baker, PhD, CPA, CISA. Overview. Forensic Techniques and Automated Oversight Data Mining Techniques Equipment and Software Forensic Approach. Brett M. Baker, PhD, CPA, CISA.

snow
Download Presentation

Unemployment Insurance Integrity Conference April 19, 2010

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Forensic Techniques And Automated Oversight Unemployment Insurance Integrity Conference April 19, 2010 Brett Baker, PhD, CPA, CISA

  2. Overview • Forensic Techniques and Automated Oversight • Data Mining • Techniques • Equipment and Software • Forensic Approach Brett M. Baker, PhD, CPA, CISA

  3. Forensic Techniques and Automated Oversight • Definition of Forensic Audit • Audit that specifically looks for financial misconduct, abusive or wasteful activity. • Close coordination with investigators • More than Computer Assisted Audit Techniques (CAATs) • Forensic audit is growing in the Federal government • GAO’s Forensic Audit and Special Investigations (FSI) • Department of Defense Data Mining • Federal outlays are $2 trillion annually • OMB estimates improper payments for Federal government at $98B (4%) • 100% review using automated business rules versus statistical sampling • There is a place for both • Automated Oversight • Continuous monitoring • Quick response Brett M. Baker, PhD, CPA, CISA

  4. FY2008 Improper Payment Estimates Brett M. Baker, PhD, CPA, CISA

  5. What is Data Mining? • Refers to the use of machine learning and statistical analysis for the purpose of finding patterns in data sets. • If You Know Exactly What You Are Looking for, Use Structured Query Language (SQL). • If You Know Only Vaguely What You Are Looking for, Turn to Data Mining. • Most often used (up until recently) in marketing and customer analysis Brett M. Baker, PhD, CPA, CISA

  6. Information Summary Reports Data Facts, numbers Knowledge Descriptive Analytics Wisdom Predictive Analytics Different Levels of Knowledge ACL, IDEA, MS Access SAS, SPSS, ACL, IDEA Clementine Intelligent Miner Enterprise Miner Brett M. Baker, PhD, CPA, CISA

  7. Data Analysis Software - Fosters Creativity • Can perform the tests wanted, instead of being limited to what technical staff can, or will, provide • Not limited to just predetermined data formats and/or relationships • Can create relationships, check calculations and perform comparisons • Can examine all records, not just a sample • Useful for identifying misappropriation of assets and fraudulent financial reporting • Allows limitless number of analytical relationships to be assessed • within large databases • comparing large databases • Identifies anomalies Brett M. Baker, PhD, CPA, CISA

  8. Common Data Analysis Tests and Techniques • Join • Summarization • Corrupt data (conversion) • Blank fields (noteworthy if field is mandatory) • Invalid dates • Bounds testing • Completeness • Uniqueness • Invalid codes • Unreliable computed fields • Illogical field relationships • Trend analysis • Duplicates Brett M. Baker, PhD, CPA, CISA

  9. Use Tight Selection Criteria E.g. Vendor = “Smith Company” Use Looser Selection Criteria E.g. Vendor = “*Smith*” Finds Smith Company, Smith Co., The Smith Manufacturing Company, etc. Simple Queries You Know Exactly What You’re Looking For e.g. All Payments to a Particular Vendor 9

  10. Use Tight Selection Criteria E.g. Payments With Same Contract #, Invoice # and Invoice Amount Few False Positives Use Looser Selection Criteria E.g. Payments With Same Contract # and Invoice # or Same Contract # and Invoice Amount More False Positives More Detected Duplicates Complex Queries You Know The Specific Condition You’re Looking For e.g. Duplicate Payments 10

  11. Subject Matter Experts Can Describe Indicators Translate Indicators to Detection Logic Apply Indicators Against Population Many False Positives Combine Indicators Reduce False Positives 12 1 2 15 5 8 7 4 3 Sophisticated Solutions You Only Know The General Condition You’re Looking For e.g. Fraud Combine Indicators 11

  12. Control Charts Brett M. Baker, PhD, CPA, CISA

  13. Frequency Distribution Anomalous Activity Normal Activity Anomalous Activity Brett M. Baker, PhD, CPA, CISA

  14. Comparing Data Files (Three-Bucket Theory) Vendors Paid and In Vendor Table Vendors Paid but not In Vendor Table Vendors Not Paid Yet Vendor Table Disbursing Transactions Brett M. Baker, PhD, CPA, CISA

  15. Hardware and Software Applications • Hardware • SQL servers • Mainframe (QMF) • Docking stations • Terminal server • Software Applications • Data mining and predictive analytics, e.g., Clementine • Data interrogation – e.g., ACL, IDEA, MS Access, Excel • Statistical analysis – e.g., SPSS and SAS • Link analysis – I2 • Lexis-Nexis • Data conversion utilities (Monarch) • Internet, open-source research • Access to system query tools Brett M. Baker, PhD, CPA, CISA

  16. Forensic Approach • Start with objectives • Structured brainstorming • Consider SME conference • Identify indicators of potential fraud and ways to find in data • Process to identify financial risks • Map out the end-to-end process • Identify systems and key processes • Identify key controls • Identify and obtain transaction-level data • Record layout • Look at 1000 records before examining all records • ACL, IDEA, and Monarch can read virtually any data format • Flat files, Delimited files, Dbase files, MS Access, Report files, …. • No file size limits • Build targeted business rules and run against data • Examine anomalies Brett M. Baker, PhD, CPA, CISA

  17. End-to-End Payment UniverseForensic Audit Approach Personnel Systems $$ Treasury Check People Pay Entitlement Systems Federal Reserve System Accounting Systems Disbursing Systems Commercial Bank Commercial Pay Entitlement Systems Contracting Systems Central Contractor Registry Data Analysis Brett M. Baker, PhD, CPA, CISA

  18. Unemployment Insurance Over-payments Unemployment Benefits Employment Employment Under-payments

  19. How To Apply In Your Organization • Decide What You Are Looking For • Assign Personnel With Analytical Skills • Gather Data • Understand Data and Business Rules • Select Detection Method/Tools • Produce and Research Anomalies • Refine the Detection Process • Discover the Irregular/Illegal Transactions • Improve the Business Process • Automated oversight • Continuous monitoring

More Related