In our first blog in a series on fraud data analytics, we identified a ten-step methodology for conducting a fraud data analytics project. In this blog, we will discuss steps nine and ten:
- What is the plan for resolving false positives?
- What is the design of the fraud audit test for the selected sample?
Fraud data analytics is both a science and an art. I have tried to explain a logical methodology for developing a fraud data analytics plan. This step-by-step process may initially seem a little bureaucratic. In time, however, the entire process will become natural, much like when you first learned to walk. The final blog in this series is designed to illustrate the importance of building the fraud test at the same time as you are building your fraud data analytics plan.
What is the plan for resolving false positives?The first step is to identify the types of false positives that may occur based on your data interrogation routine. To illustrate, let’s use the duplicate test to locate hidden companies. The search routine examines the address field on the master file. Why might there be a duplicate address for two or more companies if the fraud statement is not occurring? The following are the typical reasons:
- A dormant vendor on your master file ceased doing business and a new vendor moved into the address.
- Different company files have been merged.
- An inherent weakness in the new vendor procedures allows the same company to be added to the master file twice.
- A real company operates different businesses under different names.
There are two fundamental strategies for managing false positives. The first is to minimize the false positives through the data analytics plan. The second is to resolve the false positives through the audit procedure. Which is the best option? The only wrong answer is to choose neither.
The data analytics strategy uses data to suggest that the red flag is most likely a data anomaly rather than fraud. No, you will not reach 100% certainty, but you can obtain a reasonable degree of certainty. In contrast, with the audit procedure strategy, the red flag will be resolved through documents, interviews or other physical evidence.
Let’s discuss the first reason, a dormant vendor. We have two different vendors with the same address. What evidence would you need to call this a false positive rather than a fraud indicator? From a data analytics perspective, the fact that one vendor has no expenditure data while the other vendor is currently active should be sufficient evidence that it’s not fraud. Therefore, no further audit testing is needed.
From an audit testing perspective, the fact the telephone number has been disconnected, could be sufficient to convince the auditor that the second company is not in business.
The importance of step nine can be summed up in one word: Efficiency. Without properly considering how to manage false positives, the audit team will waste time and effort in resolving something that was really nothing.
- What is the design of the fraud audit test for the selected sample?
I have had the pleasure of discussing fraud auditing, and in particular the use of fraud data analytics, with many professionals over the last 40 years. I have listened and heard many interesting techniques to uncover fraud through the use of fraud data analytics. However, there is continued frustration that auditors are not uncovering fraud or that management won’t accept the results of the fraud data analytics as proof of fraud occurring. So, what is causing this disconnect?
The final step of the fraud data analytics plan is the design of the fraud audit test to gather convincing evidence that someone is committing a fraud risk statement that is causing economic damages to the company. The design of a fraud test should be based on the following four considerations:
- The audit procedure must be designed for a specific fraud risk statement.
- There is a correlation between the audit evidence considered and fraud detection. The focus should be on quality rather than quantity of the audit evidence.
- The audit procedure must be calibrated to the sophistication of the concealment strategy.
- The design of the audit procedure is based on the mechanics of the fraud risk statement and the concealment strategy.
The conclusion of the audit procedure is either that there is credible evidence that the fraud risk statement is occurring or there is not. I call this the degree of certainty. How certain does an auditor need to be to recommend an investigation. Remember that fraud auditing is not about proving fraud has occurred but rather determining whether there is enough evidence to recommend an investigation.
I will be speaking at the ACFE conference in June 2019 regarding complex vendor overbilling schemes. One of the schemes is a mix of corruption on the selection process and overbilling on the vendor invoice process. In the scheme, the winning vendor is provided advance communication of changes in quantity or product mix. So, here is the million-dollar question: what evidence will I need to gather to convince management that the change in quantity or product mix is consistent with the fraud risk statement? Once again, the only wrong answer is no answer. If you do not link the audit procedure to the fraud data analytics, you will have great analysis, but nothing to show for it.
I hope you have enjoyed the series on fraud data analytics methodology.
Sign up now to have this blog delivered to your inbox and read of our latest articles.
At Fraud Auditing Inc. we have over 40 years of diversified experience. Contact us today if you need help building a comprehensive fraud audit program to detect complex fraud schemes.
