All industries are struggling with the concept of big data.
With servers across the country capturing tens of thousands of terabytes
of data each day
regarding all facets of business, the challenge is not finding usable data;
the challenge today is how to effectively review and manage the data
you have.
This section of the course will examine some of the methods Fraud Examiners use
to analyze data to help find fraudulent activity.
It's important for the fraud examiner and forensic accountant to
understand how data is collected and what are some of the specific tools and
techniques
that help you locate that fraud needle
in the business haystack. Fraud prevention is an important part of
every organization. If you do nothing to prevent fraud,
it will flourish and ultimately consume your business. But at the same time
you cannot completely eliminate fraud. It is amazing how often a fraud perpetrator
can find the one hole in an otherwise solid set of internal controls.
For example, failures may occur within internal control such as
even duties are separated, people work together to circumvent controls.
Sharing or stealing usernames or passwords belonging to other employees,
they could then be used to commit fraud, or you may have a situation where
adequate controls are just not in place to stop a particular risk.
One of the keys are fraud prevention is a concept called
perception of detection. Not only can data analysis
detect fraud, the fact that an organization regularly
analyzes data for fraud can be an effective control mechanism
all by itself. If employees and vendors know
that an organization is conducting vigorous tests
to detect fraud that may cause them to think twice about committing it.
One of the primary considerations is whether or not
data are available to find a particular type for fraud. But in
order to know what data to look at, you must also understand how particular
frauds occur.
When designing data analysis tests, you must think about the various operations
of the business
and how they are vulnerable to fraud. For example,
let's say you have a purchasing manager who's taking payments
or kickbacks from a vendor for every order placed.
If these payments are made in cash to the manager
outside working hours, then how could you find this activity through data analysis?
Is there any way to detect it? Surprisingly to most people,
there are several ways to possibly detect such a fraud.
A careful review of purchasing transactions
can reveal if one vendor has seen a dramatic increase in purchases. Additionally, tests can be run to
determine whether
there's been a dramatic increase in inventory or supply.
Unusual activity should be reviewed to determine if there is a legitimate
explanation for anomalies or whether fraud could be at play.
But being able to find such activity
also involves two other important items:
one is understanding what the data should
look like (this requires not only knowledge of the business operations
but an understanding up the historical data available);
additionally, effective data analysis
means understanding the software and other tools available
to conduct the analysis.
As we mentioned, one of the problems today is the
overabundance of data. Almost everything is captured somewhere.
It's important for the fraud examiner to work closely with the information
technology or IT department to identify the potential sources of data.
Much data are gathered inside the organization.
If you are working with their foreign organization,
you and the IT representative can identify what types of data
might be of most assistance in proactive fraud detection
analysis. The IT representative will understand what data is collected
but it will take the fraud examiner's skill to understand what types of schemes
the organization is at risk for. There are also a lot of data available
external to the organization. For example, if a company is publicly traded, a wealth
of financial filings are available from the SEC
or other government regulators. Other types of non-financial information are
available through the Internet,
newspaper, magazine articles, and trade journal reports.
These sources should also be reviewed for information that is relevant to the
particular case under investigation. There have been many instances of
investigators finding references in newspaper articles regarding
company employees having been charged with theft in previous jobs or locations.
You won't find such information on the individual's resume,
but you may find it through careful records searching.
Financial data analysis is an extremely sophisticated endeavor.
Not only is it necessary to understand what data is available and how to
capture it,
but you also have to know what you're looking for.
Historical comparisons are extremely important.
If there's an unexplained and dramatic increase in one item
from one period to the next, that could be a sign a fraud,
or could simply be normal operations.
In order to find out, you need to understand how the business operates
and what you would expect the numbers to show. For example,
if sales remain steady but inventory goes down
dramatically, what is the cause? It could be that older obsolete inventory has been
written off the books,
or it could mean that inventory is being stolen.
You'll need to review the records and conduct more inquiries
to know for sure, but understanding the business
and its operations is critical
to understanding the data you've analyzed.