© APEX Analytix, Inc. | www.apexanalytix.com

continyous™

2011 Association of Certified Fraud Examiners ConferenceSan Diego, CAApex Analytix, Inc.

www.apexanalytix.com 2Recover. Prevent. Improve.

Fraud News and Headlines

www.apexanalytix.com 3Recover. Prevent. Improve.

Instant Polling Questions

1. Do you believe asset misappropriation fraud is:a) Increasingb) Decreasing

2. Has there been a documented disbursement, payroll, or T&E fraud in your company during the past 12 months?a) Disbursementb) Payrollc) T&Ed) None

www.apexanalytix.com 4Recover. Prevent. Improve.

What is Continuous Monitoring?

2010 Compass Benchmarking Survey

57 percent indicated they have a continuous monitoring process for assessing Vendor risk.

What does continuous monitoring mean to you?a) Reducing financial and brand exposure to fraudb) Monitoring employee policy violationsc) Reducing the costs of complianced) Keeping a clean vendor mastere) All of the above

www.apexanalytix.com 5Recover. Prevent. Improve.

Continuous Monitoring - Defined

Continuous monitoring is the process and technology used to detect compliance and risk issues associated with an organization’s financial and operational environment.

Our Definition:The assessing and/or continuous monitoring of supply chain vendors to provide early detection, identification, and prevention of potential risk or fraudulent activity…

www.apexanalytix.com 6Recover. Prevent. Improve.

Identifying Fraudulent Vendors

Vendor Setup Invoice Entry Disbursement

www.apexanalytix.com 7Recover. Prevent. Improve.

Vendor Masking—An individual or business entity is attempting to mask its true identify, size, business relationship, owners, or business practices.

Falsified Vendor Information—False information provided to give the perception of a credible, independent business.

Regulatory Non-compliance—Business activity with an individual or supplier that has been posted on a global government watch list (OFAC, BIS, INTERPOL, etc.) that could result in civil or criminal penalties to your organization.

Change Control Abuse—Once a vendor is approved and on the vendor master, an individual alters the vendor master data to redirect payment.

Vendor Setup

Tin matching,1099 capture, public records search

Best Practices

www.apexanalytix.com 8Recover. Prevent. Improve.

Prohibited Entities

www.apexanalytix.com 9Recover. Prevent. Improve.

Prohibited Vendor Review

Vendor Data List Information Entity Detail

Vendor ID

Vendor Name

Invoices Spend List Name List Description Entity Name Alias Name Remarks

917173 Card Aid 0 $0FTO (Foreign Terrorist 

Organization); SDGT (Specially Designated Global Terrorist)

2008‐06‐05 OFAC No Vessel Source 

DataKahane Chai

aka, The Committee Against 

Racism and Discrimination 

(CARD)

104692Irish Army

0 $0HMT, SDT (HM Treasury Terrorist 

Financing Sanction)

2008‐08‐12 HM Treasury Source 

Data

Continuity Irish Republican Army

aka, CIRAUK Listing, EU Common 

Position 931

104692Irish Army

0 $0FTO (Foreign Terrorist 

Organization); SDGT (Specially Designated Global Terrorist)

2008‐06‐05 OFAC No Vessel Source 

DataREAL IRA

aka, Real Irish Republican Army 

104692Irish Army

0 $0 OSFI (OSFI Canadian List)2009‐09‐24 OSFI Canadian Source 

Data

Continuity Irish Republican Army

aka, IRA‐ Continuity (Army Republicaine 

Irlandaise)

104692Irish Army

0 $0 DOS TEL (Terrorist Exclusion List)2004‐12‐29TEL Source Data

Continuity Irish Republican Army

aka, Continuity Army Council

Listed on 12/07/2001

www.apexanalytix.com 10Recover. Prevent. Improve.

Falsified Invoice/Approval—False information provided to give the impression of a credible invoice that requires expedited payment. A forged or unauthorized signature.

Split Invoicing—Splitting transactions to stay below a certain threshold.

Approval Abuse—A manager may create fictitious invoices and approve his own invoice. Abuse may also occur through the artificial inflation of invoice amounts, for the purposes of kickbacks, bribery, or embezzlement.

Invoice Entry

Monitor G/L activity/ non-PO spend processes Manual approval for high-risk transactions

Best Practices

www.apexanalytix.com 11Recover. Prevent. Improve.

Quick Pay—Altered payment terms

Special Handling—Manual rerouting of checks to an employee

Employee/Vendor Match—Vendors with any matching data to current or former employees

High-risk Address—Disbursements sent to prisons, private mail service, or high-risk zip code

Q) How many false tax refunds did the IRS send to prisons last year?

A) In 2009, they approved $295M, Paid $39M

Disbursements

Understand and continue to research anomalies

Best Practice

www.apexanalytix.com 12Recover. Prevent. Improve.

How do you guard against collusion?Management collusion renders internal controls over financial reporting relatively ineffective because management is working as a team to fake documents, alter records, and fabricate scenarios to fool the auditor into believing the financial statements are real. Journal of Business and Economics Research, July 2006

Collusion Concerns

Best Practices

www.apexanalytix.com 13Recover. Prevent. Improve.

Instant Polling Questions

3. Is fraud prevention and detection a primary initiative within your company?a) Yesb) Noc) Maybe

4. Is fraud prevention a primary initiative (written objective or goal) within your department?a) Yesb) Noc) Maybe

www.apexanalytix.com 14Recover. Prevent. Improve.

Instant Polling Questions

5. Which department has primary responsibility for fraud detection?a) Internal Auditb) Corporate Security (or some version of that)c) Compliance or General Counseld) Human Resourcese) Financef) Other

6. Which tool does your company use to prevent and detect fraud?a) Excel and Accessb) Manual Auditsc) Third-Party Softwared) Human Power

www.apexanalytix.com 15Recover. Prevent. Improve.

What Data Should Be Analyzed?

Risk

DisbursementInvoice

Vendor

Employee Data• 10,000–100,000

EmployeeData

• 20,000–50,000Vendor Records

• 500,000 –16,000,000Invoice& G/L

• $1B–$200BDisbursement

www.apexanalytix.com 16Recover. Prevent. Improve.

Using Attributes to Focus on Fraud

Vendor Attributes• Initials in Vendor’s Name• High-Risk Receipt • Residential Address• Multiple Vendors Crossing• Mobile Phone• High Risk Geography

• Corruption Perception Index (CPI)

• Prohibited Entity (OFAC)• Employee Vendor Match

Invoice Attributes• Consecutive Invoice Numbering• Benford's Law • Even Gross Amount• First Payment Small Relative

to Average Payment• Checks Returned to Employee• No Purchase Order• High-Risk Accounts (GL Level) • Year to Year Comparative Spend

www.apexanalytix.com 17Recover. Prevent. Improve.

0%

5%

10%

15%

20%

25%

30%

35%

1 2 3 4 5 6 7 8 9

Benford Global Corp 2010

“Benford’s Law provides a data analysis method that can help alert … to possible errors, potential fraud, manipulative biases, costly processing inefficiencies, or other irregularities.”

Journal of Accountancy, May 1999

The blue bars to the left represent the normal distribution of Benford’s Law, also called first-digit law, as stated in 1938 by physicist Frank Benford.

Benford declared that the leading digits of a list of real-world data followed a specific, non-uniform distribution.

The red bars represent the distribution of first digits of gross invoice amounts for all Global Corp invoices for the time period reviewed.

Benford’s Law

High Risk Vendor PopulationVendor Characteristics

InitialsHigh Risk

Recpt

Multi Vendor Cross

Proh.Vendor

VendorInvoice CharacteristicsConsec.Invoice

NumbersBenfords

Law

Even Dollar

Amounts

Totals

Score Invoice Count

Inv Net

Amount

Vendor Characteristics

InitialsHigh Risk

Recpt

Multi Vendor Cross

Proh.Vendor

VendorInvoice CharacteristicsConsec.Invoice

NumbersBenfords

Law

Even Dollar

Amounts

1 2 3 EvenABC

1 2 3 Even

1 2 3 EvenABC

1 2 3

Totals

Score Invoice Count

Inv Net

Amount

482

48

183

97

370

290

222

381 $1.4M

$533,271

$345,000

$205,000

High Risk Vendor Analysis

Employee of the Month

Vendor Characteristics

InitialsHigh Risk

Recpt

Multi Vendor Cross

Proh.Vendor

VendorInvoice CharacteristicsConsec.Invoice

NumbersBenfords

Law

Even Dollar

Amounts

Totals

Score Invoice Count

Inv Net

Amount

High Risk Vendor Analysis

1 2 3 Even 381482 $533K

Notes:-D&B: No record found-State Inc: No record found-InfoUSA: [by phone] Arnold, John; 1521Founders Way, Huntington, PA 19335-4520; 610-321-0567

(Residential)-Web Search: http://home.comcast.net/~jarnold/index_files/frame.htm --Hethington Enterprise; no address provided; 610-321-0578; JohnHeathington@comcast.net; one-page website.-Manual Review: High net amount for residential operation; no business records found-2009 Spend: $ 385,410 2009 Invoices: 31 Vendor Type: VEN1

0%

5%

10%

15%

20%

25%

30%

35%

40%

1 2 3 4 5 6 7 8 9

Benford Actual

Employee Vendor MatchMary Smith1521 Founders WayHuntington, PA 19335PH: 610-321-0577Status: CurrentPosition: General Manager

S-0034330017HETHINGTON ENTERPRISE1521 FOUNDERS WAYHUNTINGTON, PA 19335PH: 610-321-0578 TIN:***4513Create: 03-15-2006 Update:

www.apexanalytix.com 21Recover. Prevent. Improve.

Case Study

3M Engineer

25 year employee, retired & rehired as facility manager

Bilked the company of more than $5 million by billing it for specialized parts from phantom companies

Extremely detailed person

Created 3 phony vendors – paid taxes, registered with state

Used knowledge to bill, alter receiving records and inventory numbers

Significant recoveries from more than 25 bank accounts

www.apexanalytix.com 22Recover. Prevent. Improve.

Fraud Calculator – Do you know what the risk is?

Stop by the APEX Analytix booth and in 5 minutes time you can have a customized calculation of the fraud risk that your corporation is likely facing.

Do you have 5 minutes?

www.apexanalytix.com 24Recover. Prevent. Improve.

Contact Information

John BrocarVice President, Fraud Risk SolutionsAPEX Analytix®

1501 Highwoods Blvd, Suite 200-AGreensboro, NC 27410 Toll-Free + 1 800 284 4522 ext. 1518Direct +1 336 291 1056 jbrocar@apexanalytix.com