Select Page

Using data analytics to detect, assess, and prevent fraud

Dave Coderre

Dave Coderre

President, CAATS

Are you underusing data analysis when it comes to fraud management? You’re missing out.

In 2016, the Committee of Sponsoring Organizations for the Treadway Commission issued the Fraud Risk Management Guide. The guide encouraged the use of data analytics all throughout the fraud risk management process, including assessment, prevention, detection, investigation, and reporting.

Yet, data analysis and data mining remain underutilized when it comes to addressing fraud risk.

The Auditor General of Canada found the same thing. They released a report that suggested governments are not using data analysis effectively enough when it comes to fraud detection and prevention for procurement.

To help governments improve, The Auditor General recommended the use of data analytics, data mining and a monitoring program.

So why are analytics so important and how exactly can they help you with your fraud management?

1. Assesses control weaknesses

In areas of highest risk, you can use analytics to search for control weaknesses and anomalies that could be indicators of fraud. You could then take it one step further and devise appropriate data analysis strategies for each risk factor.

If, for example, your company has highly-valuable or easily transportable items in inventory, then you’re at risk of theft. Analytical tests could include verifying the effectiveness of the inventory controls by looking at trends in reorder quantity versus use in production or sales, and identifying write-offs and the use of management overrides, to adjust inventory levels.

“A fraud monitoring plan helps in high-risk areas. The monitoring plan identifies the four Ws of the analysis: Why, What, Where, and What’s Next.”

2. Supports fraud monitoring plans

A fraud monitoring plan helps in high-risk areas. The monitoring plan identifies the four Ws of the analysis that will be performed: Why, What, Where, and What’s Next.

For example, inventory items could be declared unrepairable, written-off, or taken home by an employee. Separation of duties should prevent the same employee from both declaring an item unrepairable and writing it off. In this scenario, data analysis could identify all employees doing this. The same person shouldn’t appear on both lists. If they did, appropriate follow-up investigation/action could be taken.

3. Addresses the fraud triangle

Data analytics provide a few additional benefits. While many auditors are aware of the “fraud triangle” (opportunity, pressure, and rationalization), they don’t always consider how data analysis can be used to address all aspects of the fraud triangle:

  1. Creating the fear of being watched. When data is being analyzed, and employees know you are looking at data patterns, they are less likely to commit fraud.
  2. Detecting fraud instances earlier. The Association of Certified Fraud Examiners (ACFE) Report to the Nations 2016 revealed a 50% reduction in duration and a 60% reduction in losses when proactive data analytics were used.
  3. Narrowing your investigation focus. When you use data analytics, you know where to look and what exactly to look at, as opposed to a jumble of data from different sources.
  4. Having supporting evidence for prosecution. By identifying the evidence found in data analytics, you can have a compelling story to tell the jury in the case of prosecution.

Conducting a fraud investigation

Now that we know why we need analytics, how do you actually apply them to your fraud management processes? We’ve put together seven steps of conducting a fraud investigation:

  1. Define objectives of the investigation by detailing why you’re performing the analysis and what you want to accomplish.
  2. Define the indicators of fraud by describing what the symptoms of fraud would look like in the data.
  3. Identify the required data sources by working with IT and the business process owner to determine the appropriate source and timing.
  4. Obtain and safeguard the data, and determine which fields are required (e.g., one business unit or more; the best methods for obtaining the data; file formats; transfer mechanisms; and how you will safeguard the data).
  5. Determine the extent to which you can rely on the data and how you will assess its integrity and completeness.
  6. Test the integrity and completeness of the data.
  7. Describe the analytics tests to be performed, the expected results, and the follow up analyses.

In cases of suspected fraud, the auditor must verify the data and analysis results with source documents, or compare against other electronic sources. When performing the analysis, it’s important to drill down into the data, to challenge your assumptions and results.

Make data analytics part of your fraud risk management

Countless studies and surveys of CFOs and CAEs highlight the importance of data extraction, data analysis, and data visualization. Not just to prevent and detect fraud, but also to test critical controls, and assess process efficiency and effectiveness. If you are not already embracing data analysis, what are you waiting for?

eBook

Automating Fraud Detection: The Essential Guide

You’ll learn about:

  • The role of data analysis in fraud detection
  • Automation of fraud detection analytics and continuous monitoring
  • Fraud tests for key business process areas.

Download eBook

Related Articles

Find us in Gartner MQ for IT Risk Management

Gartner names Galvanize (formerly ACL and Rsam)* a Leader in the 2019 Magic Quadrant for IT Risk Management

Learn what you should be looking for when selecting an ITRM solution.

Download the report