This blog is the first in a series of seven to explain how to perform fraud data analytics. It introduces a ten-step approach along with explaining the concept of fraud auditing.
For years, auditors, myself included, would launch a fraud detection project by getting the data and playing with the data. At least that was the expression. We hoped to trip across a fraud scheme. We had no specific plan, just a simple goal: Find fraud. We did not know what we were looking for, but we were looking. Eventually, we hoped to find something. But, those days are over.
The expectation has changed. We are now expected to integrate fraud detection into an audit program and complete the program in a specified time period.
So, what is fraud data analytics? It is the process of using data mining to analyze data for red flags that correlate to a specific fraud risk statement.
After using fraud data analytics for over thirty years, I developed a methodology for performing fraud data analytics. The methodology is explained in my book, Fraud Data Analytics Methodology: The Fraud Scenario Approach to uncovering Fraud in Core Business Systems published by John Wiley.
The following questions form the ten steps of my methodology for finding fraud risk statements in core business systems:
What is the scope of the fraud data analysis plan?
How will the fraud risk assessment impact the fraud data analytics plan?
Which data mining strategy is appropriate for the scope of the fraud audit?
What decisions do you need to make regarding the availability, reliability, and usability of the data?
Do you understand the data?
What are the steps to designing a fraud data analytics search routine?
What filtering techniques are necessary to refine the sample selection process?
What is the basis of the sample selection?
What is the plan for resolving false positives?
What is the design of the fraud audit test for the selected sample?
Fraud Auditing Defined
First, we need to understand the concept of fraud auditing. Unlike an investigation that starts with an allegation, the fraud auditing project starts with an audit scope that includes one or more fraud risk statements. Fraud auditing is the application of audit procedures designed to detect a fraud risk statement while following the audit standards. There are four critical steps to follow:
Fraud Risk Identification, the process of identifying the fraud risk statements. The process is explained in this blog. (Add link to “this blog” https://www.leonardvona.com/blog/fraud-risk-statement-how-to-write-one)
Fraud Risk Assessment, the process of identifying the fraud risk statements that have a high likelihood of occurring.
Fraud Audit Program, the fraud data analytics plan and the fraud testing procedure.
Fraud Conclusion, an either/or outcome that indicates whether there is or is not creditable evidence of the existence of a fraud risk statement in your core business system.
It is important to make a distinction between identifying transactions and examining the transaction. Fraud data analytics is about creating a sample; the audit program is about gathering evidence to support a conclusion regarding the transaction. The end goal of the process is a sample of transactions that have the characteristics of a fraud risk statement.
Evaluating Red Flags
It is critical to understand that fraud data analytics is driven by the fraud risk statement rather than the mining of data errors. Based on the scenario, it might be one red flag or a combination of red flags. Yes, some red flags are so overpowering that the likelihood of fraud is higher. Yes, some red flags simply correlate to errors. The process still requires an auditor to examine the documents and formulate a conclusion regarding the need for a fraud investigation. The end product of data analytics is a sample of transactions that have a higher probability of containing one fraudulent transaction rather than a random sample of transactions used to test control effectiveness.
Addressing the Issue of False Positives
In a recent project, we started with a sample of 200 vendors that contained sufficient red flags of shell company schemes. Through our fraud testing, we referred just five of the 200 vendors for investigation. So, was our fraud data analytics flawed because we had so many false positives? In my opinion, the answer is no. Why you ask?
A false positive is a transaction that matches the red flags identified in the fraud data profile, but the transaction is not a fraudulent transaction. It is neither bad nor good. It simply is what it is. What is important is that the fraud data analytics plan includes a method for addressing false positives.
Fundamentally, there are two ways to address false positives. The first is to attempt to reduce the number of them through the fraud data analytics plan, and the second is to allow the fraud auditor to resolve the false positives through the audit procedure.
Remember, even the world’s best auditor using the best audit program cannot detect fraud unless the sample being examined includes a fraudulent transaction. This is why fraud data analytics is so essential to the audit profession.
Sign up now to have this blog delivered to your inbox and read the rest of the series.
At Fraud Auditing Inc. we have over 38 years of diversified experience. Contact us today if you need help building a comprehensive fraud audit program to detect complex fraud schemes.