SlideShare a Scribd company logo

2016 MSCPA Fraud Conference Presentation

Download as PPTX, PDF
Ron Steinkamp
Ron Steinkamp

The document discusses using data analytics to identify fraud indicators. It provides an overview of COSO's fraud risk management principles and how data analysis fits within those principles. Several fraud risk areas are identified that are well-suited for data analytic techniques, including payroll, accounts payable, travel and entertainment, procurement cards, and foreign corrupt practices. Examples of specific fraud indicators that could be identified through data analysis for each risk area are also provided.

1 of 41
Using Data Analytics to Find Fraud Indicators Ron Steinkamp Joe Montes November 30, 2016
• COSO Fraud Risk Management • What is Data Analysis? • Data Analysis Benefits & Challenges • Perspectives on Data Analysis • Using Data Analysis to Find Fraud Indicators • Exercise 2 Agenda © 2016 All Rights Reserved Brown Smith Wallace LLP
© 2016 All Rights Reserved 3 Brown Smith Wallace LLP
• COSO issued Fraud Risk Management Guide. • Guidance on how to deter fraud. • 5 Fraud Risk Management Principles. • Aligned with the COSO Framework Components and Principles. • Further detailed in Points of Focus related to each Principle. • Can be used as a starting point to develop a Fraud Risk Management Program. 4 COSO Fraud Risk Management Guide © 2016 All Rights Reserved Brown Smith Wallace LLP
1. The organization establishes and communicates a Fraud Risk Management Program that demonstrates the expectations of the board of directors and senior management and their commitment to high integrity and ethical values regarding managing fraud risk. CONTROL ENVIRONMENT 5 Fraud Risk Management Principles © 2016 All Rights Reserved Brown Smith Wallace LLP
2. The organization performs comprehensive fraud risk assessments to identify specific fraud schemes and risks, assess their likelihood and significance, evaluate existing fraud control activities, and implement actions to mitigate residual fraud risks. RISK ASSESSMENT 6 Fraud Risk Management Principles © 2016 All Rights Reserved Brown Smith Wallace LLP
3. The organization selects, develops, and deploys preventive and detective fraud control activities to mitigate the risk of fraud events occurring or not being detected in a timely manner. CONTROL ACTIVITIES 7 Fraud Risk Management Principles © 2016 All Rights Reserved Brown Smith Wallace LLP
4. The organization establishes a communication process to obtain information about potential fraud and deploys a coordinated approach to investigation and corrective action to address fraud appropriately and in a timely manner. INFORMATION & COMMUNICATION 8 Fraud Risk Management Principles © 2016 All Rights Reserved Brown Smith Wallace LLP
5. The organization selects, develops, an performs ongoing evaluations to ascertain whether each of the five principles of fraud risk management is present and functioning and communicates Fraud Risk Management Program deficiencies in a timely manner to parties responsible for taking corrective action, including senior management and the board. MONITORING ACTIVITIES 9 Fraud Risk Management Principles © 2016 All Rights Reserved Brown Smith Wallace LLP
• Data analytics is addressed as a Point of Focus within the Fraud Risk Management Principles. Use data analytics for fraud risk assessment and response. Use proactive data analytic procedures to identify transactions or events for further investigation. • Appendix E of the COSO Fraud Risk Management Guide covers the use of data analytics in fraud risk management. 10 What Does This Have to Do With Data Analytics? © 2016 All Rights Reserved Brown Smith Wallace LLP
© 2016 All Rights Reserved 11 Brown Smith Wallace LLP
• Process of extracting, inspecting, cleaning, transforming, and modeling data in order to discover useful information, derive conclusions, and support decision-making – Employees are not using a system field as intended – Controls are not functioning properly – Vendor master access should be restricted 12 Data Analysis Defined © 2016 All Rights Reserved Brown Smith Wallace LLP
© 2016 All Rights Reserved 13 Brown Smith Wallace LLP
• 100% vs. sampling • Brings Operational and IT together • Comparison to an outside source • Identification of control weaknesses • Re-performable • Red flags and trends • Log = Workpaper 14 Data Analysis Benefits © 2016 All Rights Reserved Brown Smith Wallace LLP
15 Challenges © 2016 All Rights Reserved Brown Smith Wallace LLP Overall •Employee Resources • Limited know how • Analysis is most effective with good business, process, and system knowledge • Check the box mentality •What is Success? •Technology Choices •Boiling the Ocean
Data Quality and Availability • Lack of access • Disparate systems • Weak system controls lead to bad data • Bad data leads to bad information • Integrity tests: • Corruption • Completeness • Uniqueness • Logical relationships • Proper boundaries 16 Challenges © 2016 All Rights Reserved Brown Smith Wallace LLP
Actual Objectives • Ability to effectively achieve objectives selected • Defining exceptions • Investigating exceptions • Business processes change 17 Challenges © 2016 All Rights Reserved Brown Smith Wallace LLP
© 2016 All Rights Reserved 18 Brown Smith Wallace LLP
• The AICPA has said that use of technological improvements in Audit have been incremental rather than transformative • To advance data analytics in Internal Audit – Data analytics must be part of the mission – Funding must be available to buy the tools and provide training – Auditors must learn the appropriate skills – Time must be budgeted and allocated – The data must be readily available – The data must be accurate 19 Data Surveys © 2016 All Rights Reserved Brown Smith Wallace LLP
• Internal Audit initially detecting fraud increased from 14.4% to 16.5% between 2012 and 2016 • Larger organizations showed Internal Audit detecting 18.6% of cases • Greatest Inhibitors to Data Analysis Success – Lack of appropriate skills – Data to be integrated is not clean – Complexity of implementation – Inability to integrate necessary data sources – Lack of integration with existing systems – Solutions are difficult to use – Inability to customize for specific needs 20 ACFE © 2016 All Rights Reserved Brown Smith Wallace LLP
“Not auditing the data in your company’s ERP system wastes the amount of money and time spent implementing it.” “Analysts can’t just be good at scripting, they have to be able to identify risks, interpret results, and audit exceptions.” “None of the technologies understand relationships, business changes, or critical thinking. The Human factor will always be there. You will never set it and forget it.” “Everything IT serves the business and is not just an IT risk.” “In 10 years, computers will do all of this and humans won’t be needed.” 21 Recent Conferences © 2016 All Rights Reserved Brown Smith Wallace LLP
“Analytics should be used to add, drop, and accelerate audits in the audit plan. It should not be a document updated yearly.” “Coordination between Compliance and Internal Audit to share data and coordinate schedules will increase everyone’s effectiveness.” “Data analysis is worth the effort. So much to gain. Hang in there.” “Every control review can have a fraud focus with data analytics and the right auditors.” Intelligence should not be acquired just for the sake of integrating more data; the strategic focus should be on ‘acquiring intelligence with a purpose’.” 22 Recent Conferences © 2016 All Rights Reserved Brown Smith Wallace LLP
© 2016 All Rights Reserved 23 Brown Smith Wallace LLP
• First Thing! • Various standard steps to understand a file • Experience Hours Reputation 24 Data Integrity Verification © 2016 All Rights Reserved Brown Smith Wallace LLP
Main Categories • Statistics • Counts • Totals • Blanks • Classifies • Duplicates • Gaps • Logical Relationships 25 Data Integrity Verification © 2016 All Rights Reserved Brown Smith Wallace LLP
Ghost Employee red flags • Duplicate addresses, routing numbers, SSNs • Employee record has been accessed/edited by one person • HR compared v. Payroll v. other systems • No withholdings or deductions • No vacation or sick time • No overtime for hourly • Blank fields • PO Box 26 Payroll © 2016 All Rights Reserved Brown Smith Wallace LLP
Payment Red Flags • Frequent changes to bank numbers • Terminated employees with current pay • Employees with multiple bank accounts • Bank accounts with multiple employees • Excessive Overtime 27 Payroll Continued © 2016 All Rights Reserved Brown Smith Wallace LLP
Process Red Flags • Segregation of duties • Date Comparisons • Quantity Comparisons • Amount Comparison 28 Accounts Payable © 2016 All Rights Reserved Brown Smith Wallace LLP
Employee / Vendor Red Flags • Same name • Matching addresses or routing numbers • Last name or Initials as part of vendor name • Disclosure and emergency contact comparison 29 AP Continued © 2016 All Rights Reserved Brown Smith Wallace LLP
Vendor Red Flags • Same vendor with different vendor number • Vendor type does not match vendor spend • Vendor type does not match purchaser • Frequent or Inappropriate changes • Inactive vendor with activity • Unusual payment terms • PO Box or no address • One-time vendors 30 AP Continued © 2016 All Rights Reserved Brown Smith Wallace LLP
Payable Red Flags • Frequent or Inappropriate changes • Single payment run • Payment runs at unusual times • Checks to different address than master • Invoice and check sequence 31 AP Continued © 2016 All Rights Reserved Brown Smith Wallace LLP
Duplicate Red Flags Same expense reimbursed more than once • Identify employees that report expenses for the same transaction dates on multiple expense reports. This makes duplication harder to identify. • Look at transactions not paid via company card, could also be duplicate of card transaction (same date, transaction amount, and vendor/expense type). • Identify same transaction reported on different individuals’ expense reports. 32 Travel & Entertainment © 2016 All Rights Reserved Brown Smith Wallace LLP
Other Red Flags • Unexpected dates, vendor names, individual names, or keywords • Round dollars (gift cards, cash) • Employees who have more than the average quantity or amount of transactions in higher risk or specific expense categories. • Identify expenses with unusual Merchant Category Codes (MCC) based on company policy or transaction type selected by the employee. • Spending zip code 33 T & E Continued © 2016 All Rights Reserved Brown Smith Wallace LLP
Other Red Flags • Weekends or holidays • Declined or disputed transactions • Large transactions • Active cards v. current employee • Approval workflow • Missing receipts 34 P-Card © 2016 All Rights Reserved Brown Smith Wallace LLP
Foreign Corrupt Practices Act • It is unlawful to make a corrupt payment to a foreign official for the purpose of influencing the official in order to assist in obtaining/retaining business • Companies who file reports with the SEC must maintain records that accurately reflect transactions and the nature and quantity of corporate assets and liabilities • Yates memo made it personal • Lower fines by making corruption as difficult to perpetrate as you can 35 FCPA © 2016 All Rights Reserved Brown Smith Wallace LLP
Other Red Flags • Names and addresses on the SAM list, etc. • Keyword search in payables, general ledger, P-Cards, T&E • Journal entries with unexpected account combinations of accounts (e.g. debit to sales/credit to cash) • Analyze sales and commission information • Identify payroll, travel advances, or travel reimbursements to non-employee • Test currency exchange expectations • Purchasing costs 36 FCPA © 2016 All Rights Reserved Brown Smith Wallace LLP
© 2016 All Rights Reserved 37 Brown Smith Wallace LLP
What data analysis procedures can we utilize to help identify a fraud where employees create approximately 2 million fake bank/credit card accounts? 38 Question??? © 2016 All Rights Reserved Brown Smith Wallace LLP
Employees/Managers/Locations Who • Consistently meet or beat performance quotas • Have more than average number of accounts that have not been accessed by account holder (activity files exist for everything) • Have more than average number of accounts opened without customer service interaction (in person, phone, app, online is traced) • Have more than average number of accounts closed within # days of opening • Have more than average number of accounts opened for the same customer within # of days • Have complaints against them (textual analysis of complaint tracking system) Challenges • What about the really good salesperson? • No complaints, surely has a bad month, • Widespread could cause averages to be skewed 39 Audience Participation © 2016 All Rights Reserved Brown Smith Wallace LLP
• Fraud is not going away and we need to devise better methods to prevent and detect it as early as possible. • The new COSO Fraud Risk Management Guide encourages the use of data analytics. • Data analysis is a great preventative and detective control for fraud. • If people think you are watching, they are less likely to try to commit fraud • Payroll, P2P, T&E, and FCPA are great places to start • Hindsight is 20/20, but it can be applied to the future. 40 In Summary © 2016 All Rights Reserved Brown Smith Wallace LLP
Any Questions? Ron Steinkamp | rsteinkamp@bswllc.com | 314-983-1238 Joe Montes | jmontes@bswllc.com | 314-983-1380 41 A Measurable Difference © 2016 All Rights Reserved Brown Smith Wallace LLP 6 CityPlace Drive, Suite 900│ St. Louis, Missouri 63141 │ 314.983.1200 1520 S. Fifth St., Suite 309 │ St. Charles, Missouri 63303 │ 636.255.3000 2220 S. State Route 157, Ste. 300 │ Glen Carbon, Illinois 62034 │ 618.654.3100 1.888.279.2792 │ bswllc.com Brown Smith Wallace is a Missouri Limited Liability Partnership

Recommended

Occupational Fraud The Facts and How to Protect Your Organization Webinar_FIN...
Occupational Fraud The Facts and How to Protect Your Organization Webinar_FIN...Occupational Fraud The Facts and How to Protect Your Organization Webinar_FIN...
Occupational Fraud The Facts and How to Protect Your Organization Webinar_FIN...Ron Steinkamp
 
2016 - Fraud Detection & Prevention with Internal Controls (Updated for 2016 ...
2016 - Fraud Detection & Prevention with Internal Controls (Updated for 2016 ...2016 - Fraud Detection & Prevention with Internal Controls (Updated for 2016 ...
2016 - Fraud Detection & Prevention with Internal Controls (Updated for 2016 ...Ron Steinkamp
 
Q1 2016 Fraud Detection, Prevention & Risk Management
Q1 2016 Fraud Detection, Prevention & Risk ManagementQ1 2016 Fraud Detection, Prevention & Risk Management
Q1 2016 Fraud Detection, Prevention & Risk ManagementRon Steinkamp
 
Forensic line - fraud prevention and detection tool
Forensic line - fraud prevention and detection toolForensic line - fraud prevention and detection tool
Forensic line - fraud prevention and detection tool
Haládik Consulting, s.r.o.
 
7 Keys to Fraud Prevention, Detection and Reporting
7 Keys to Fraud Prevention, Detection and Reporting7 Keys to Fraud Prevention, Detection and Reporting
7 Keys to Fraud Prevention, Detection and Reporting
Brown Smith Wallace
 
Fraud Incident Response Planning Essentials
Fraud Incident Response Planning EssentialsFraud Incident Response Planning Essentials
Fraud Incident Response Planning Essentials
FraudBusters
 
7 keys to fraud prevention
7 keys to fraud prevention7 keys to fraud prevention
7 keys to fraud preventionRon Steinkamp
 
Public Sector Fraud - Central MO IIA
Public Sector Fraud - Central MO IIAPublic Sector Fraud - Central MO IIA
Public Sector Fraud - Central MO IIARon Steinkamp
 

Recommended

Occupational Fraud The Facts and How to Protect Your Organization Webinar_FIN...
Occupational Fraud The Facts and How to Protect Your Organization Webinar_FIN...Occupational Fraud The Facts and How to Protect Your Organization Webinar_FIN...
Occupational Fraud The Facts and How to Protect Your Organization Webinar_FIN...Ron Steinkamp
 
2016 - Fraud Detection & Prevention with Internal Controls (Updated for 2016 ...
2016 - Fraud Detection & Prevention with Internal Controls (Updated for 2016 ...2016 - Fraud Detection & Prevention with Internal Controls (Updated for 2016 ...
2016 - Fraud Detection & Prevention with Internal Controls (Updated for 2016 ...Ron Steinkamp
 
Q1 2016 Fraud Detection, Prevention & Risk Management
Q1 2016 Fraud Detection, Prevention & Risk ManagementQ1 2016 Fraud Detection, Prevention & Risk Management
Q1 2016 Fraud Detection, Prevention & Risk ManagementRon Steinkamp
 
Forensic line - fraud prevention and detection tool
Forensic line - fraud prevention and detection toolForensic line - fraud prevention and detection tool
Forensic line - fraud prevention and detection tool
Haládik Consulting, s.r.o.
 
7 Keys to Fraud Prevention, Detection and Reporting
7 Keys to Fraud Prevention, Detection and Reporting7 Keys to Fraud Prevention, Detection and Reporting
7 Keys to Fraud Prevention, Detection and Reporting
Brown Smith Wallace
 
Fraud Incident Response Planning Essentials
Fraud Incident Response Planning EssentialsFraud Incident Response Planning Essentials
Fraud Incident Response Planning Essentials
FraudBusters
 
7 keys to fraud prevention
7 keys to fraud prevention7 keys to fraud prevention
7 keys to fraud preventionRon Steinkamp
 
Public Sector Fraud - Central MO IIA
Public Sector Fraud - Central MO IIAPublic Sector Fraud - Central MO IIA
Public Sector Fraud - Central MO IIARon Steinkamp
 
Fraud Risk and Control
Fraud Risk and ControlFraud Risk and Control
Fraud Risk and Control
WeaverCPAs
 
Preventing and Detecting Fraud in the Workplace
Preventing and Detecting Fraud in the WorkplacePreventing and Detecting Fraud in the Workplace
Preventing and Detecting Fraud in the Workplace
DecosimoCPAs
 
Fraud prevention detection control fuh 12
Fraud prevention detection control fuh 12Fraud prevention detection control fuh 12
Fraud prevention detection control fuh 12
Fuh George Cheo
 
McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...
McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...
McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...
McKonly & Asbury, LLP
 
Fight Fraud with Employee Fraud Training
Fight Fraud with Employee Fraud TrainingFight Fraud with Employee Fraud Training
Fight Fraud with Employee Fraud Training
Case IQ
 
Risk Management
Risk ManagementRisk Management
Risk ManagementRon Steinkamp
 
Fraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance IndustryFraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance IndustryDecosimoCPAs
 
Fraud And Internal Controls Linked In April 2011
Fraud And Internal Controls Linked In April 2011Fraud And Internal Controls Linked In April 2011
Fraud And Internal Controls Linked In April 2011
John Hall, CPA - Keynote Speaker Consultant
 
What You Need to Know About Occupational Fraud in Government - 2014
What You Need to Know About Occupational Fraud in Government - 2014What You Need to Know About Occupational Fraud in Government - 2014
What You Need to Know About Occupational Fraud in Government - 2014Ron Steinkamp
 
Essentials of a Highly Effective Employee Fraud Awareness Program
Essentials of a Highly Effective Employee Fraud Awareness ProgramEssentials of a Highly Effective Employee Fraud Awareness Program
Essentials of a Highly Effective Employee Fraud Awareness Program
FraudBusters
 
St. Louis County Municipal League - 7 keys to fraud prevention
St. Louis County Municipal League - 7 keys to fraud preventionSt. Louis County Municipal League - 7 keys to fraud prevention
St. Louis County Municipal League - 7 keys to fraud preventionRon Steinkamp
 
Fraud Investigation
Fraud InvestigationFraud Investigation
Fraud Investigation
Salih Islam
 
Internal Control Issues in Fraud Cases
Internal Control Issues in Fraud CasesInternal Control Issues in Fraud Cases
Internal Control Issues in Fraud Cases
DecosimoCPAs
 
Fraud principles1
Fraud principles1Fraud principles1
Fraud principles1Sevisa Isufaj
 
Current Trends in Fraud Prevention
Current Trends in Fraud PreventionCurrent Trends in Fraud Prevention
Current Trends in Fraud Prevention
Blackbaud
 
Fraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part iiFraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part ii
EMAC Consulting Group
 
Chapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudChapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudVidaB
 
Fraud and Internal Controls: A Forensic Accountant's Perspective - Bill Acuff
Fraud and Internal Controls: A Forensic Accountant's Perspective - Bill AcuffFraud and Internal Controls: A Forensic Accountant's Perspective - Bill Acuff
Fraud and Internal Controls: A Forensic Accountant's Perspective - Bill Acuff
DecosimoCPAs
 
Fraud & Risk Management - A Guide to Good Practice
Fraud & Risk Management - A Guide to Good PracticeFraud & Risk Management - A Guide to Good Practice
Fraud & Risk Management - A Guide to Good Practice
Arianto Muditomo
 
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk AssessmentACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
BillyCheuk
 
Internal Controls and Effective Report Writing - sent to MSCPA
Internal Controls and Effective Report Writing - sent to MSCPAInternal Controls and Effective Report Writing - sent to MSCPA
Internal Controls and Effective Report Writing - sent to MSCPARon Steinkamp
 
Data-Ed Webinar: Data Quality Success Stories
Data-Ed Webinar: Data Quality Success StoriesData-Ed Webinar: Data Quality Success Stories
Data-Ed Webinar: Data Quality Success Stories
DATAVERSITY
 

More Related Content

What's hot

Fraud Risk and Control
Fraud Risk and ControlFraud Risk and Control
Fraud Risk and Control
WeaverCPAs
 
Preventing and Detecting Fraud in the Workplace
Preventing and Detecting Fraud in the WorkplacePreventing and Detecting Fraud in the Workplace
Preventing and Detecting Fraud in the Workplace
DecosimoCPAs
 
Fraud prevention detection control fuh 12
Fraud prevention detection control fuh 12Fraud prevention detection control fuh 12
Fraud prevention detection control fuh 12
Fuh George Cheo
 
McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...
McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...
McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...
McKonly & Asbury, LLP
 
Fight Fraud with Employee Fraud Training
Fight Fraud with Employee Fraud TrainingFight Fraud with Employee Fraud Training
Fight Fraud with Employee Fraud Training
Case IQ
 
Fraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance IndustryFraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance IndustryDecosimoCPAs
 
Fraud And Internal Controls Linked In April 2011
Fraud And Internal Controls Linked In April 2011Fraud And Internal Controls Linked In April 2011
Fraud And Internal Controls Linked In April 2011
John Hall, CPA - Keynote Speaker Consultant
 
What You Need to Know About Occupational Fraud in Government - 2014
What You Need to Know About Occupational Fraud in Government - 2014What You Need to Know About Occupational Fraud in Government - 2014
What You Need to Know About Occupational Fraud in Government - 2014Ron Steinkamp
 
Essentials of a Highly Effective Employee Fraud Awareness Program
Essentials of a Highly Effective Employee Fraud Awareness ProgramEssentials of a Highly Effective Employee Fraud Awareness Program
Essentials of a Highly Effective Employee Fraud Awareness Program
FraudBusters
 
St. Louis County Municipal League - 7 keys to fraud prevention
St. Louis County Municipal League - 7 keys to fraud preventionSt. Louis County Municipal League - 7 keys to fraud prevention
St. Louis County Municipal League - 7 keys to fraud preventionRon Steinkamp
 
Fraud Investigation
Fraud InvestigationFraud Investigation
Fraud Investigation
Salih Islam
 
Internal Control Issues in Fraud Cases
Internal Control Issues in Fraud CasesInternal Control Issues in Fraud Cases
Internal Control Issues in Fraud Cases
DecosimoCPAs
 
Current Trends in Fraud Prevention
Current Trends in Fraud PreventionCurrent Trends in Fraud Prevention
Current Trends in Fraud Prevention
Blackbaud
 
Fraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part iiFraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part ii
EMAC Consulting Group
 
Chapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudChapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudVidaB
 
Fraud and Internal Controls: A Forensic Accountant's Perspective - Bill Acuff
Fraud and Internal Controls: A Forensic Accountant's Perspective - Bill AcuffFraud and Internal Controls: A Forensic Accountant's Perspective - Bill Acuff
Fraud and Internal Controls: A Forensic Accountant's Perspective - Bill Acuff
DecosimoCPAs
 
Fraud & Risk Management - A Guide to Good Practice
Fraud & Risk Management - A Guide to Good PracticeFraud & Risk Management - A Guide to Good Practice
Fraud & Risk Management - A Guide to Good Practice
Arianto Muditomo
 
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk AssessmentACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
BillyCheuk
 

What's hot (20)

Fraud Risk and Control
Fraud Risk and ControlFraud Risk and Control
Fraud Risk and Control
 
Preventing and Detecting Fraud in the Workplace
Preventing and Detecting Fraud in the WorkplacePreventing and Detecting Fraud in the Workplace
Preventing and Detecting Fraud in the Workplace
 
Fraud prevention detection control fuh 12
Fraud prevention detection control fuh 12Fraud prevention detection control fuh 12
Fraud prevention detection control fuh 12
 
McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...
McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...
McKonly & Asbury Webinar - Fraud Prevention and Detection: Surprise Fraudster...
 
Fight Fraud with Employee Fraud Training
Fight Fraud with Employee Fraud TrainingFight Fraud with Employee Fraud Training
Fight Fraud with Employee Fraud Training
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Fraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance IndustryFraud Prevention, Detection and Investigation in the Payday Advance Industry
Fraud Prevention, Detection and Investigation in the Payday Advance Industry
 
Fraud And Internal Controls Linked In April 2011
Fraud And Internal Controls Linked In April 2011Fraud And Internal Controls Linked In April 2011
Fraud And Internal Controls Linked In April 2011
 
What You Need to Know About Occupational Fraud in Government - 2014
What You Need to Know About Occupational Fraud in Government - 2014What You Need to Know About Occupational Fraud in Government - 2014
What You Need to Know About Occupational Fraud in Government - 2014
 
Essentials of a Highly Effective Employee Fraud Awareness Program
Essentials of a Highly Effective Employee Fraud Awareness ProgramEssentials of a Highly Effective Employee Fraud Awareness Program
Essentials of a Highly Effective Employee Fraud Awareness Program
 
St. Louis County Municipal League - 7 keys to fraud prevention
St. Louis County Municipal League - 7 keys to fraud preventionSt. Louis County Municipal League - 7 keys to fraud prevention
St. Louis County Municipal League - 7 keys to fraud prevention
 
Fraud Investigation
Fraud InvestigationFraud Investigation
Fraud Investigation
 
Internal Control Issues in Fraud Cases
Internal Control Issues in Fraud CasesInternal Control Issues in Fraud Cases
Internal Control Issues in Fraud Cases
 
Fraud principles1
Fraud principles1Fraud principles1
Fraud principles1
 
Current Trends in Fraud Prevention
Current Trends in Fraud PreventionCurrent Trends in Fraud Prevention
Current Trends in Fraud Prevention
 
Fraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part iiFraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part ii
 
Chapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudChapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraud
 
Fraud and Internal Controls: A Forensic Accountant's Perspective - Bill Acuff
Fraud and Internal Controls: A Forensic Accountant's Perspective - Bill AcuffFraud and Internal Controls: A Forensic Accountant's Perspective - Bill Acuff
Fraud and Internal Controls: A Forensic Accountant's Perspective - Bill Acuff
 
Fraud & Risk Management - A Guide to Good Practice
Fraud & Risk Management - A Guide to Good PracticeFraud & Risk Management - A Guide to Good Practice
Fraud & Risk Management - A Guide to Good Practice
 
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk AssessmentACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
 

Similar to 2016 MSCPA Fraud Conference Presentation

Internal Controls and Effective Report Writing - sent to MSCPA
Internal Controls and Effective Report Writing - sent to MSCPAInternal Controls and Effective Report Writing - sent to MSCPA
Internal Controls and Effective Report Writing - sent to MSCPARon Steinkamp
 
Data-Ed Webinar: Data Quality Success Stories
Data-Ed Webinar: Data Quality Success StoriesData-Ed Webinar: Data Quality Success Stories
Data-Ed Webinar: Data Quality Success Stories
DATAVERSITY
 
Convercent Webinar Ethisphere Strategy Report
Convercent Webinar Ethisphere Strategy ReportConvercent Webinar Ethisphere Strategy Report
Convercent Webinar Ethisphere Strategy Report
Melissa Kovach
 
Compliance Strategy and Performance
Compliance Strategy and PerformanceCompliance Strategy and Performance
Compliance Strategy and Performance
Ethisphere
 
ACC November Luncheon: Integrating Analytics Into Fraud Investigations & Comp...
ACC November Luncheon: Integrating Analytics Into Fraud Investigations & Comp...ACC November Luncheon: Integrating Analytics Into Fraud Investigations & Comp...
ACC November Luncheon: Integrating Analytics Into Fraud Investigations & Comp...
Amber Clark
 
The path to a Modern Data Architecture in Financial Services
The path to a Modern Data Architecture in Financial ServicesThe path to a Modern Data Architecture in Financial Services
The path to a Modern Data Architecture in Financial Services
Hortonworks
 
Top 10 Artifacts Needed For Data Governance
Top 10 Artifacts Needed For Data GovernanceTop 10 Artifacts Needed For Data Governance
Top 10 Artifacts Needed For Data Governance
First San Francisco Partners
 
DV 2016: Why Your Organization Needs Data and Analytics Governance
DV 2016: Why Your Organization Needs Data and Analytics GovernanceDV 2016: Why Your Organization Needs Data and Analytics Governance
DV 2016: Why Your Organization Needs Data and Analytics Governance
Tealium
 
How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...
How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...
How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...
DATAVERSITY
 
Third-Party Oversight & Governance
Third-Party Oversight & GovernanceThird-Party Oversight & Governance
Third-Party Oversight & Governance
EDR
 
Detox Your Vendor Master File Process: How to Sanitize & Stabilize your VMF P...
Detox Your Vendor Master File Process: How to Sanitize & Stabilize your VMF P...Detox Your Vendor Master File Process: How to Sanitize & Stabilize your VMF P...
Detox Your Vendor Master File Process: How to Sanitize & Stabilize your VMF P...
Lavante Inc.
 
Leading Compliance Monitoring Activities to Assess Fraud and Corruption Risks
Leading Compliance Monitoring Activities to Assess Fraud and Corruption RisksLeading Compliance Monitoring Activities to Assess Fraud and Corruption Risks
Leading Compliance Monitoring Activities to Assess Fraud and Corruption RisksRachel Hamilton
 
How Big Data and Predictive Analytics are Transforming the World of Accountin...
How Big Data and Predictive Analytics are Transforming the World of Accountin...How Big Data and Predictive Analytics are Transforming the World of Accountin...
How Big Data and Predictive Analytics are Transforming the World of Accountin...
Swenson Advisors, LLP
 
Missouri Bar - Legal Ethics and the False Claims Act - May 2018
Missouri Bar - Legal Ethics and the False Claims Act - May 2018Missouri Bar - Legal Ethics and the False Claims Act - May 2018
Missouri Bar - Legal Ethics and the False Claims Act - May 2018
Downey Law Group LLC
 
Data Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and MonitoringData Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and Monitoring
Jim Kaplan CIA CFE
 
PREPARING FOR COMPLIANCE CHANGES UNDER A NEW ADMINISTRATION
PREPARING FOR COMPLIANCE CHANGES UNDER A NEW ADMINISTRATIONPREPARING FOR COMPLIANCE CHANGES UNDER A NEW ADMINISTRATION
PREPARING FOR COMPLIANCE CHANGES UNDER A NEW ADMINISTRATION
Human Capital Media
 
FUTURE READY HR: STRATEGIES FOR POSITIVE WORKPLACE CULTURE
FUTURE READY HR: STRATEGIES FOR POSITIVE WORKPLACE CULTUREFUTURE READY HR: STRATEGIES FOR POSITIVE WORKPLACE CULTURE
FUTURE READY HR: STRATEGIES FOR POSITIVE WORKPLACE CULTURE
Human Capital Media
 
Contego Fraud Solutions Ltd fin tech week 2014
Contego Fraud Solutions Ltd fin tech week 2014Contego Fraud Solutions Ltd fin tech week 2014
Contego Fraud Solutions Ltd fin tech week 2014
Rebecca1243
 
Enterprise policy-management
Enterprise policy-managementEnterprise policy-management
Enterprise policy-management
Amit Bhargava
 
Improve Regulatory Compliance & Risk Management Using Best Practices
Improve Regulatory Compliance & Risk Management Using Best PracticesImprove Regulatory Compliance & Risk Management Using Best Practices
Improve Regulatory Compliance & Risk Management Using Best Practices
Lavante Inc.
 

Similar to 2016 MSCPA Fraud Conference Presentation (20)

Internal Controls and Effective Report Writing - sent to MSCPA
Internal Controls and Effective Report Writing - sent to MSCPAInternal Controls and Effective Report Writing - sent to MSCPA
Internal Controls and Effective Report Writing - sent to MSCPA
 
Data-Ed Webinar: Data Quality Success Stories
Data-Ed Webinar: Data Quality Success StoriesData-Ed Webinar: Data Quality Success Stories
Data-Ed Webinar: Data Quality Success Stories
 
Convercent Webinar Ethisphere Strategy Report
Convercent Webinar Ethisphere Strategy ReportConvercent Webinar Ethisphere Strategy Report
Convercent Webinar Ethisphere Strategy Report
 
Compliance Strategy and Performance
Compliance Strategy and PerformanceCompliance Strategy and Performance
Compliance Strategy and Performance
 
ACC November Luncheon: Integrating Analytics Into Fraud Investigations & Comp...
ACC November Luncheon: Integrating Analytics Into Fraud Investigations & Comp...ACC November Luncheon: Integrating Analytics Into Fraud Investigations & Comp...
ACC November Luncheon: Integrating Analytics Into Fraud Investigations & Comp...
 
The path to a Modern Data Architecture in Financial Services
The path to a Modern Data Architecture in Financial ServicesThe path to a Modern Data Architecture in Financial Services
The path to a Modern Data Architecture in Financial Services
 
Top 10 Artifacts Needed For Data Governance
Top 10 Artifacts Needed For Data GovernanceTop 10 Artifacts Needed For Data Governance
Top 10 Artifacts Needed For Data Governance
 
DV 2016: Why Your Organization Needs Data and Analytics Governance
DV 2016: Why Your Organization Needs Data and Analytics GovernanceDV 2016: Why Your Organization Needs Data and Analytics Governance
DV 2016: Why Your Organization Needs Data and Analytics Governance
 
How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...
How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...
How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...
 
Third-Party Oversight & Governance
Third-Party Oversight & GovernanceThird-Party Oversight & Governance
Third-Party Oversight & Governance
 
Detox Your Vendor Master File Process: How to Sanitize & Stabilize your VMF P...
Detox Your Vendor Master File Process: How to Sanitize & Stabilize your VMF P...Detox Your Vendor Master File Process: How to Sanitize & Stabilize your VMF P...
Detox Your Vendor Master File Process: How to Sanitize & Stabilize your VMF P...
 
Leading Compliance Monitoring Activities to Assess Fraud and Corruption Risks
Leading Compliance Monitoring Activities to Assess Fraud and Corruption RisksLeading Compliance Monitoring Activities to Assess Fraud and Corruption Risks
Leading Compliance Monitoring Activities to Assess Fraud and Corruption Risks
 
How Big Data and Predictive Analytics are Transforming the World of Accountin...
How Big Data and Predictive Analytics are Transforming the World of Accountin...How Big Data and Predictive Analytics are Transforming the World of Accountin...
How Big Data and Predictive Analytics are Transforming the World of Accountin...
 
Missouri Bar - Legal Ethics and the False Claims Act - May 2018
Missouri Bar - Legal Ethics and the False Claims Act - May 2018Missouri Bar - Legal Ethics and the False Claims Act - May 2018
Missouri Bar - Legal Ethics and the False Claims Act - May 2018
 
Data Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and MonitoringData Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and Monitoring
 
PREPARING FOR COMPLIANCE CHANGES UNDER A NEW ADMINISTRATION
PREPARING FOR COMPLIANCE CHANGES UNDER A NEW ADMINISTRATIONPREPARING FOR COMPLIANCE CHANGES UNDER A NEW ADMINISTRATION
PREPARING FOR COMPLIANCE CHANGES UNDER A NEW ADMINISTRATION
 
FUTURE READY HR: STRATEGIES FOR POSITIVE WORKPLACE CULTURE
FUTURE READY HR: STRATEGIES FOR POSITIVE WORKPLACE CULTUREFUTURE READY HR: STRATEGIES FOR POSITIVE WORKPLACE CULTURE
FUTURE READY HR: STRATEGIES FOR POSITIVE WORKPLACE CULTURE
 
Contego Fraud Solutions Ltd fin tech week 2014
Contego Fraud Solutions Ltd fin tech week 2014Contego Fraud Solutions Ltd fin tech week 2014
Contego Fraud Solutions Ltd fin tech week 2014
 
Enterprise policy-management
Enterprise policy-managementEnterprise policy-management
Enterprise policy-management
 
Improve Regulatory Compliance & Risk Management Using Best Practices
Improve Regulatory Compliance & Risk Management Using Best PracticesImprove Regulatory Compliance & Risk Management Using Best Practices
Improve Regulatory Compliance & Risk Management Using Best Practices
 

More from Ron Steinkamp

Q4-2016 Public Sector Risk Briefing - Third Party Contract Reviews (STL)
Q4-2016 Public Sector Risk Briefing - Third Party Contract Reviews (STL)Q4-2016 Public Sector Risk Briefing - Third Party Contract Reviews (STL)
Q4-2016 Public Sector Risk Briefing - Third Party Contract Reviews (STL)Ron Steinkamp
 
2016 MSCPA Fraud Conference Presentation
2016 MSCPA Fraud Conference Presentation2016 MSCPA Fraud Conference Presentation
2016 MSCPA Fraud Conference PresentationRon Steinkamp
 
Public Sector Fraud - Mid-MO AGA
Public Sector Fraud - Mid-MO AGAPublic Sector Fraud - Mid-MO AGA
Public Sector Fraud - Mid-MO AGARon Steinkamp
 
Q2-2016 Public Sector Risk Briefing Employee Engagement Trends
Q2-2016 Public Sector Risk Briefing Employee Engagement TrendsQ2-2016 Public Sector Risk Briefing Employee Engagement Trends
Q2-2016 Public Sector Risk Briefing Employee Engagement TrendsRon Steinkamp
 
Trends in Local Government
Trends in Local GovernmentTrends in Local Government
Trends in Local GovernmentRon Steinkamp
 
Contract Performance Fraud
Contract Performance FraudContract Performance Fraud
Contract Performance FraudRon Steinkamp
 
Contract Procurement Fraud
Contract Procurement FraudContract Procurement Fraud
Contract Procurement FraudRon Steinkamp
 
Q4-2015 Public Sector Risk Briefing Presentation by Ron Steinkamp
Q4-2015 Public Sector Risk Briefing Presentation by Ron SteinkampQ4-2015 Public Sector Risk Briefing Presentation by Ron Steinkamp
Q4-2015 Public Sector Risk Briefing Presentation by Ron SteinkampRon Steinkamp
 
2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot Spots2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot SpotsRon Steinkamp
 
BSW Value of Muni Audits
BSW Value of Muni AuditsBSW Value of Muni Audits
BSW Value of Muni AuditsRon Steinkamp
 
Steps to Prevent Detect Occupational Fraud in Government (Final)
Steps to Prevent Detect Occupational Fraud in Government (Final)Steps to Prevent Detect Occupational Fraud in Government (Final)
Steps to Prevent Detect Occupational Fraud in Government (Final)Ron Steinkamp
 
Emotional Intelligence - St. Charles - June 3, 2015
Emotional Intelligence - St. Charles - June 3, 2015Emotional Intelligence - St. Charles - June 3, 2015
Emotional Intelligence - St. Charles - June 3, 2015Ron Steinkamp
 
Emotional Intelligence - St. Louis - June 5, 2015
Emotional Intelligence - St. Louis - June 5, 2015Emotional Intelligence - St. Louis - June 5, 2015
Emotional Intelligence - St. Louis - June 5, 2015Ron Steinkamp
 
Steps to Prevent Detect Occupational Fraud in Government (Final)
Steps to Prevent Detect Occupational Fraud in Government (Final)Steps to Prevent Detect Occupational Fraud in Government (Final)
Steps to Prevent Detect Occupational Fraud in Government (Final)Ron Steinkamp
 
Fraud Prevention & Detection for Local Government
Fraud Prevention & Detection for Local GovernmentFraud Prevention & Detection for Local Government
Fraud Prevention & Detection for Local GovernmentRon Steinkamp
 
keys to fraud prevention in the public sector
keys to fraud prevention in the public sectorkeys to fraud prevention in the public sector
keys to fraud prevention in the public sectorRon Steinkamp
 
internalcontrolmanual
internalcontrolmanualinternalcontrolmanual
internalcontrolmanualRon Steinkamp
 
BSW Fraud Infographic_300dpi-01
BSW Fraud Infographic_300dpi-01BSW Fraud Infographic_300dpi-01
BSW Fraud Infographic_300dpi-01Ron Steinkamp
 
Fraud Report, Steinkamp, July 2014
Fraud Report, Steinkamp, July 2014Fraud Report, Steinkamp, July 2014
Fraud Report, Steinkamp, July 2014Ron Steinkamp
 

More from Ron Steinkamp (20)

Q4-2016 Public Sector Risk Briefing - Third Party Contract Reviews (STL)
Q4-2016 Public Sector Risk Briefing - Third Party Contract Reviews (STL)Q4-2016 Public Sector Risk Briefing - Third Party Contract Reviews (STL)
Q4-2016 Public Sector Risk Briefing - Third Party Contract Reviews (STL)
 
2016 MSCPA Fraud Conference Presentation
2016 MSCPA Fraud Conference Presentation2016 MSCPA Fraud Conference Presentation
2016 MSCPA Fraud Conference Presentation
 
Public Sector Fraud - Mid-MO AGA
Public Sector Fraud - Mid-MO AGAPublic Sector Fraud - Mid-MO AGA
Public Sector Fraud - Mid-MO AGA
 
Q2-2016 Public Sector Risk Briefing Employee Engagement Trends
Q2-2016 Public Sector Risk Briefing Employee Engagement TrendsQ2-2016 Public Sector Risk Briefing Employee Engagement Trends
Q2-2016 Public Sector Risk Briefing Employee Engagement Trends
 
Contract Risks
Contract RisksContract Risks
Contract Risks
 
Trends in Local Government
Trends in Local GovernmentTrends in Local Government
Trends in Local Government
 
Contract Performance Fraud
Contract Performance FraudContract Performance Fraud
Contract Performance Fraud
 
Contract Procurement Fraud
Contract Procurement FraudContract Procurement Fraud
Contract Procurement Fraud
 
Q4-2015 Public Sector Risk Briefing Presentation by Ron Steinkamp
Q4-2015 Public Sector Risk Briefing Presentation by Ron SteinkampQ4-2015 Public Sector Risk Briefing Presentation by Ron Steinkamp
Q4-2015 Public Sector Risk Briefing Presentation by Ron Steinkamp
 
2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot Spots2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot Spots
 
BSW Value of Muni Audits
BSW Value of Muni AuditsBSW Value of Muni Audits
BSW Value of Muni Audits
 
Steps to Prevent Detect Occupational Fraud in Government (Final)
Steps to Prevent Detect Occupational Fraud in Government (Final)Steps to Prevent Detect Occupational Fraud in Government (Final)
Steps to Prevent Detect Occupational Fraud in Government (Final)
 
Emotional Intelligence - St. Charles - June 3, 2015
Emotional Intelligence - St. Charles - June 3, 2015Emotional Intelligence - St. Charles - June 3, 2015
Emotional Intelligence - St. Charles - June 3, 2015
 
Emotional Intelligence - St. Louis - June 5, 2015
Emotional Intelligence - St. Louis - June 5, 2015Emotional Intelligence - St. Louis - June 5, 2015
Emotional Intelligence - St. Louis - June 5, 2015
 
Steps to Prevent Detect Occupational Fraud in Government (Final)
Steps to Prevent Detect Occupational Fraud in Government (Final)Steps to Prevent Detect Occupational Fraud in Government (Final)
Steps to Prevent Detect Occupational Fraud in Government (Final)
 
Fraud Prevention & Detection for Local Government
Fraud Prevention & Detection for Local GovernmentFraud Prevention & Detection for Local Government
Fraud Prevention & Detection for Local Government
 
keys to fraud prevention in the public sector
keys to fraud prevention in the public sectorkeys to fraud prevention in the public sector
keys to fraud prevention in the public sector
 
internalcontrolmanual
internalcontrolmanualinternalcontrolmanual
internalcontrolmanual
 
BSW Fraud Infographic_300dpi-01
BSW Fraud Infographic_300dpi-01BSW Fraud Infographic_300dpi-01
BSW Fraud Infographic_300dpi-01
 
Fraud Report, Steinkamp, July 2014
Fraud Report, Steinkamp, July 2014Fraud Report, Steinkamp, July 2014
Fraud Report, Steinkamp, July 2014
 

2016 MSCPA Fraud Conference Presentation

  • 1. Using Data Analytics to Find Fraud Indicators Ron Steinkamp Joe Montes November 30, 2016
  • 2. • COSO Fraud Risk Management • What is Data Analysis? • Data Analysis Benefits & Challenges • Perspectives on Data Analysis • Using Data Analysis to Find Fraud Indicators • Exercise 2 Agenda © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 3. © 2016 All Rights Reserved 3 Brown Smith Wallace LLP
  • 4. • COSO issued Fraud Risk Management Guide. • Guidance on how to deter fraud. • 5 Fraud Risk Management Principles. • Aligned with the COSO Framework Components and Principles. • Further detailed in Points of Focus related to each Principle. • Can be used as a starting point to develop a Fraud Risk Management Program. 4 COSO Fraud Risk Management Guide © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 5. 1. The organization establishes and communicates a Fraud Risk Management Program that demonstrates the expectations of the board of directors and senior management and their commitment to high integrity and ethical values regarding managing fraud risk. CONTROL ENVIRONMENT 5 Fraud Risk Management Principles © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 6. 2. The organization performs comprehensive fraud risk assessments to identify specific fraud schemes and risks, assess their likelihood and significance, evaluate existing fraud control activities, and implement actions to mitigate residual fraud risks. RISK ASSESSMENT 6 Fraud Risk Management Principles © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 7. 3. The organization selects, develops, and deploys preventive and detective fraud control activities to mitigate the risk of fraud events occurring or not being detected in a timely manner. CONTROL ACTIVITIES 7 Fraud Risk Management Principles © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 8. 4. The organization establishes a communication process to obtain information about potential fraud and deploys a coordinated approach to investigation and corrective action to address fraud appropriately and in a timely manner. INFORMATION & COMMUNICATION 8 Fraud Risk Management Principles © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 9. 5. The organization selects, develops, an performs ongoing evaluations to ascertain whether each of the five principles of fraud risk management is present and functioning and communicates Fraud Risk Management Program deficiencies in a timely manner to parties responsible for taking corrective action, including senior management and the board. MONITORING ACTIVITIES 9 Fraud Risk Management Principles © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 10. • Data analytics is addressed as a Point of Focus within the Fraud Risk Management Principles. Use data analytics for fraud risk assessment and response. Use proactive data analytic procedures to identify transactions or events for further investigation. • Appendix E of the COSO Fraud Risk Management Guide covers the use of data analytics in fraud risk management. 10 What Does This Have to Do With Data Analytics? © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 11. © 2016 All Rights Reserved 11 Brown Smith Wallace LLP
  • 12. • Process of extracting, inspecting, cleaning, transforming, and modeling data in order to discover useful information, derive conclusions, and support decision-making – Employees are not using a system field as intended – Controls are not functioning properly – Vendor master access should be restricted 12 Data Analysis Defined © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 13. © 2016 All Rights Reserved 13 Brown Smith Wallace LLP
  • 14. • 100% vs. sampling • Brings Operational and IT together • Comparison to an outside source • Identification of control weaknesses • Re-performable • Red flags and trends • Log = Workpaper 14 Data Analysis Benefits © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 15. 15 Challenges © 2016 All Rights Reserved Brown Smith Wallace LLP Overall •Employee Resources • Limited know how • Analysis is most effective with good business, process, and system knowledge • Check the box mentality •What is Success? •Technology Choices •Boiling the Ocean
  • 16. Data Quality and Availability • Lack of access • Disparate systems • Weak system controls lead to bad data • Bad data leads to bad information • Integrity tests: • Corruption • Completeness • Uniqueness • Logical relationships • Proper boundaries 16 Challenges © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 17. Actual Objectives • Ability to effectively achieve objectives selected • Defining exceptions • Investigating exceptions • Business processes change 17 Challenges © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 18. © 2016 All Rights Reserved 18 Brown Smith Wallace LLP
  • 19. • The AICPA has said that use of technological improvements in Audit have been incremental rather than transformative • To advance data analytics in Internal Audit – Data analytics must be part of the mission – Funding must be available to buy the tools and provide training – Auditors must learn the appropriate skills – Time must be budgeted and allocated – The data must be readily available – The data must be accurate 19 Data Surveys © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 20. • Internal Audit initially detecting fraud increased from 14.4% to 16.5% between 2012 and 2016 • Larger organizations showed Internal Audit detecting 18.6% of cases • Greatest Inhibitors to Data Analysis Success – Lack of appropriate skills – Data to be integrated is not clean – Complexity of implementation – Inability to integrate necessary data sources – Lack of integration with existing systems – Solutions are difficult to use – Inability to customize for specific needs 20 ACFE © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 21. “Not auditing the data in your company’s ERP system wastes the amount of money and time spent implementing it.” “Analysts can’t just be good at scripting, they have to be able to identify risks, interpret results, and audit exceptions.” “None of the technologies understand relationships, business changes, or critical thinking. The Human factor will always be there. You will never set it and forget it.” “Everything IT serves the business and is not just an IT risk.” “In 10 years, computers will do all of this and humans won’t be needed.” 21 Recent Conferences © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 22. “Analytics should be used to add, drop, and accelerate audits in the audit plan. It should not be a document updated yearly.” “Coordination between Compliance and Internal Audit to share data and coordinate schedules will increase everyone’s effectiveness.” “Data analysis is worth the effort. So much to gain. Hang in there.” “Every control review can have a fraud focus with data analytics and the right auditors.” Intelligence should not be acquired just for the sake of integrating more data; the strategic focus should be on ‘acquiring intelligence with a purpose’.” 22 Recent Conferences © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 23. © 2016 All Rights Reserved 23 Brown Smith Wallace LLP
  • 24. • First Thing! • Various standard steps to understand a file • Experience Hours Reputation 24 Data Integrity Verification © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 25. Main Categories • Statistics • Counts • Totals • Blanks • Classifies • Duplicates • Gaps • Logical Relationships 25 Data Integrity Verification © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 26. Ghost Employee red flags • Duplicate addresses, routing numbers, SSNs • Employee record has been accessed/edited by one person • HR compared v. Payroll v. other systems • No withholdings or deductions • No vacation or sick time • No overtime for hourly • Blank fields • PO Box 26 Payroll © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 27. Payment Red Flags • Frequent changes to bank numbers • Terminated employees with current pay • Employees with multiple bank accounts • Bank accounts with multiple employees • Excessive Overtime 27 Payroll Continued © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 28. Process Red Flags • Segregation of duties • Date Comparisons • Quantity Comparisons • Amount Comparison 28 Accounts Payable © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 29. Employee / Vendor Red Flags • Same name • Matching addresses or routing numbers • Last name or Initials as part of vendor name • Disclosure and emergency contact comparison 29 AP Continued © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 30. Vendor Red Flags • Same vendor with different vendor number • Vendor type does not match vendor spend • Vendor type does not match purchaser • Frequent or Inappropriate changes • Inactive vendor with activity • Unusual payment terms • PO Box or no address • One-time vendors 30 AP Continued © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 31. Payable Red Flags • Frequent or Inappropriate changes • Single payment run • Payment runs at unusual times • Checks to different address than master • Invoice and check sequence 31 AP Continued © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 32. Duplicate Red Flags Same expense reimbursed more than once • Identify employees that report expenses for the same transaction dates on multiple expense reports. This makes duplication harder to identify. • Look at transactions not paid via company card, could also be duplicate of card transaction (same date, transaction amount, and vendor/expense type). • Identify same transaction reported on different individuals’ expense reports. 32 Travel & Entertainment © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 33. Other Red Flags • Unexpected dates, vendor names, individual names, or keywords • Round dollars (gift cards, cash) • Employees who have more than the average quantity or amount of transactions in higher risk or specific expense categories. • Identify expenses with unusual Merchant Category Codes (MCC) based on company policy or transaction type selected by the employee. • Spending zip code 33 T & E Continued © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 34. Other Red Flags • Weekends or holidays • Declined or disputed transactions • Large transactions • Active cards v. current employee • Approval workflow • Missing receipts 34 P-Card © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 35. Foreign Corrupt Practices Act • It is unlawful to make a corrupt payment to a foreign official for the purpose of influencing the official in order to assist in obtaining/retaining business • Companies who file reports with the SEC must maintain records that accurately reflect transactions and the nature and quantity of corporate assets and liabilities • Yates memo made it personal • Lower fines by making corruption as difficult to perpetrate as you can 35 FCPA © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 36. Other Red Flags • Names and addresses on the SAM list, etc. • Keyword search in payables, general ledger, P-Cards, T&E • Journal entries with unexpected account combinations of accounts (e.g. debit to sales/credit to cash) • Analyze sales and commission information • Identify payroll, travel advances, or travel reimbursements to non-employee • Test currency exchange expectations • Purchasing costs 36 FCPA © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 37. © 2016 All Rights Reserved 37 Brown Smith Wallace LLP
  • 38. What data analysis procedures can we utilize to help identify a fraud where employees create approximately 2 million fake bank/credit card accounts? 38 Question??? © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 39. Employees/Managers/Locations Who • Consistently meet or beat performance quotas • Have more than average number of accounts that have not been accessed by account holder (activity files exist for everything) • Have more than average number of accounts opened without customer service interaction (in person, phone, app, online is traced) • Have more than average number of accounts closed within # days of opening • Have more than average number of accounts opened for the same customer within # of days • Have complaints against them (textual analysis of complaint tracking system) Challenges • What about the really good salesperson? • No complaints, surely has a bad month, • Widespread could cause averages to be skewed 39 Audience Participation © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 40. • Fraud is not going away and we need to devise better methods to prevent and detect it as early as possible. • The new COSO Fraud Risk Management Guide encourages the use of data analytics. • Data analysis is a great preventative and detective control for fraud. • If people think you are watching, they are less likely to try to commit fraud • Payroll, P2P, T&E, and FCPA are great places to start • Hindsight is 20/20, but it can be applied to the future. 40 In Summary © 2016 All Rights Reserved Brown Smith Wallace LLP
  • 41. Any Questions? Ron Steinkamp | rsteinkamp@bswllc.com | 314-983-1238 Joe Montes | jmontes@bswllc.com | 314-983-1380 41 A Measurable Difference © 2016 All Rights Reserved Brown Smith Wallace LLP 6 CityPlace Drive, Suite 900│ St. Louis, Missouri 63141 │ 314.983.1200 1520 S. Fifth St., Suite 309 │ St. Charles, Missouri 63303 │ 636.255.3000 2220 S. State Route 157, Ste. 300 │ Glen Carbon, Illinois 62034 │ 618.654.3100 1.888.279.2792 │ bswllc.com Brown Smith Wallace is a Missouri Limited Liability Partnership