What Is Continuous Monitoring?

© 2018 Association of Certified Fraud Examiners, Inc.

Fraud Risk Management

Using Automated Continuous

Monitoring Tools

© 2018 Association of Certified Fraud Examiners, Inc. 2 of 27

Discussion Questions

1. Does your organization use continuous and/or

automated monitoring to address fraud risks? If

so, how successful has it been in identifying

potential frauds?



2. Design a continuous monitoring test that might

uncover the following fraud:

a. An hourly employee is recording five hours of

overtime each week and is actually working no

overtime at all. The supervisor has approved the time

cards each pay period, and employees are required

to badge in and out of the building for security

purposes.





b. A vice president of the organization has created a

shell company, set the company up as a vendor in

the organization’s accounting system, and begun

submitting invoices to the accounts payable

department for “consulting services” that were never

performed.





c. A marketing employee who travels regularly for

business and pleasure submitted an expense

reimbursement for the same flight twice. The

supervisor forgot that he had already approved it the

first time and approved it a second time.





d. A fraudulent vendor submits invoices in sequential

number order, as this “vendor” has only one

customer—your organization.





e. A payroll department employee has set up a ghost

employee in the payroll system and used his own

bank account information for the direct deposit. The

payroll and human resources departments are

separate in this organization.



3. What issues might you encounter in running the

tests designed to catch the previous schemes?


Learning Objectives

▪ Examine how continuous monitoring and

automated tools can help manage fraud risk.

▪ Identify some benefits and potential issues of

using automated tools for fraud risk

management.

▪ Compare some of the tools available for

automated monitoring of fraud risks.


Learning Objectives

▪ Identify tests that can be run by automated tools

to uncover potential frauds.

▪ Understand how monitoring financial ratios and

other metrics can help manage the risk of fraud.


What Is Continuous Monitoring?

▪ The process of

regularly performing

tests to detect

fraudulent acts

▪ A best practice in

managing the risk of

fraud


What Does Continuous

Monitoring Mean?

▪ Proactive search for abnormal behaviors and

transactions

▪ Reduction in fraud duration and losses

▪ Not a guarantee that all frauds will be detected


Applications of Continuous Monitoring

▪ Focus on anomalies in each stage of a scheme:

• Perpetration

• Concealment

• Override or improper application of preventive or

detective controls

• Effect of the scheme


Implementing Continuous Monitoring

▪ Designate a department or person as

responsible for developing, executing, and

updating the continuous monitoring program.

▪ Base the program on the risk assessment.


Benefits of Using Automated Tools

▪ Saves personnel resources

▪ More comprehensive coverage of data

▪ More precise than the human eye

▪ Easier to maintain confidentiality

▪ Quicker to analyze large volumes of data

▪ Easier to identify trends in data

▪ Compares data across applications and

systems


Benefits of Using Automated Tools

▪ Implements a comprehensive set of potential

fraud indicators

▪ Compares transactions within a given area and

test them against established expectations

▪ Performs analysis on a continuous basis

▪ Maintains comprehensive logs of all activities

performed

▪ Links testing results to report templates


Potential Issues with

Automated Tools

▪ False positives

▪ Not all frauds uncovered

▪ Might be cost prohibitive

▪ Built-in edits and controls in current software

▪ Additional training and staff requirements

▪ Preference for reviews of hard copies

▪ Employees feeling they are constantly “watched”


Choosing an Automated Tool

▪ Budget

▪ Data structure and volume

▪ Training alternatives

▪ Access options such as remote or server

▪ User configuration and number of users

▪ Functionality


Feature ExcelActiveData

for ExcelACL IDEA

Table Manipulation

Append/merge X X X X

Export X X X X

Extract X X X X

Join/relate X X X

Functions

Aging X X X

Calculated field X X X X

Cross tabulation X X X

Benford’s Law analysis X X X

Duplicates X X X

Gaps X X X

Sample X X

Sort X X X X

Summarize X X X X


Types of Tests Run by Automated Tools

▪ Search for duplicates (A/R, payroll).

▪ Search for sequential invoice numbers.

▪ Compare paid employees to other employee

listings.

▪ Test time card reasonableness.

▪ Test payroll reasonableness.

▪ Examine voided checks.



▪ Test purchase order limits.

▪ Identify management overrides.

▪ Analyze vendor information changes.

▪ Examine receivables aging.

▪ Compare vendor summary totals.

▪ Calculate descriptive statistics.



▪ Benford’s Law analysis

▪ Employee-to-vendor address match

▪ Searching for unrecorded liabilities

▪ Testing journal entry approval process

▪ Journal entry gap tests

▪ Identifying nonstandard journal entries

▪ Summarizing activity by user account


Textual Analytics

▪ Involves scanning emails

and text documents for

presence of keywords

that might indicate fraud

▪ Requires close guidance

from legal counsel


Metrics and Ratio Analysis to Identify

Fraud, Waste, and Abuse

▪ Inventory turnover, both for individual parts and

in the aggregate

▪ Concentrations of vendors and customers

▪ Profit by customers and product line

▪ Significant inconsistencies between reporting

earnings and cash flows from operations


Metrics and Ratio Analysis to Identify

Fraud, Waste, and Abuse

▪ Unusual relationships between recorded sales

volume and production statistics

▪ Trends in sales, cost of sales, and gross profit

▪ Rapid growth, especially compared to that of

other companies in the same industry


Example of Using Metrics and Ratio

Analysis to Identify Fraud

Koss Corporation

Statements of Income (excerpts)

2006 2007 2008 2009

Revenues 50.9 46.2 46.9 38.2

Cost of Sales 31.1 28.3 29.2 24.9

Gross Profit 19.8 17.9 17.7 13.3

Gross Profit % 38.9% 38.7% 37.7% 34.8%

Currency in Millions of U.S. Dollars

Fiscal Year-End: June 30

Documents

What Is Continuous Monitoring?