© APEX Analytix, Inc. | www.apexanalytix.com
continyous™
2011 Association of Certified Fraud Examiners ConferenceSan Diego, CAApex Analytix, Inc.
www.apexanalytix.com 3Recover. Prevent. Improve.
Instant Polling Questions
1. Do you believe asset misappropriation fraud is:a) Increasingb) Decreasing
2. Has there been a documented disbursement, payroll, or T&E fraud in your company during the past 12 months?a) Disbursementb) Payrollc) T&Ed) None
www.apexanalytix.com 4Recover. Prevent. Improve.
What is Continuous Monitoring?
2010 Compass Benchmarking Survey
57 percent indicated they have a continuous monitoring process for assessing Vendor risk.
What does continuous monitoring mean to you?a) Reducing financial and brand exposure to fraudb) Monitoring employee policy violationsc) Reducing the costs of complianced) Keeping a clean vendor mastere) All of the above
www.apexanalytix.com 5Recover. Prevent. Improve.
Continuous Monitoring - Defined
Continuous monitoring is the process and technology used to detect compliance and risk issues associated with an organization’s financial and operational environment.
Our Definition:The assessing and/or continuous monitoring of supply chain vendors to provide early detection, identification, and prevention of potential risk or fraudulent activity…
www.apexanalytix.com 6Recover. Prevent. Improve.
Identifying Fraudulent Vendors
Vendor Setup Invoice Entry Disbursement
www.apexanalytix.com 7Recover. Prevent. Improve.
Vendor Masking—An individual or business entity is attempting to mask its true identify, size, business relationship, owners, or business practices.
Falsified Vendor Information—False information provided to give the perception of a credible, independent business.
Regulatory Non-compliance—Business activity with an individual or supplier that has been posted on a global government watch list (OFAC, BIS, INTERPOL, etc.) that could result in civil or criminal penalties to your organization.
Change Control Abuse—Once a vendor is approved and on the vendor master, an individual alters the vendor master data to redirect payment.
Vendor Setup
Tin matching,1099 capture, public records search
Best Practices
www.apexanalytix.com 9Recover. Prevent. Improve.
Prohibited Vendor Review
Vendor Data List Information Entity Detail
Vendor ID
Vendor Name
Invoices Spend List Name List Description Entity Name Alias Name Remarks
917173 Card Aid 0 $0FTO (Foreign Terrorist
Organization); SDGT (Specially Designated Global Terrorist)
2008‐06‐05 OFAC No Vessel Source
DataKahane Chai
aka, The Committee Against
Racism and Discrimination
(CARD)
104692Irish Army
0 $0HMT, SDT (HM Treasury Terrorist
Financing Sanction)
2008‐08‐12 HM Treasury Source
Data
Continuity Irish Republican Army
aka, CIRAUK Listing, EU Common
Position 931
104692Irish Army
0 $0FTO (Foreign Terrorist
Organization); SDGT (Specially Designated Global Terrorist)
2008‐06‐05 OFAC No Vessel Source
DataREAL IRA
aka, Real Irish Republican Army
104692Irish Army
0 $0 OSFI (OSFI Canadian List)2009‐09‐24 OSFI Canadian Source
Data
Continuity Irish Republican Army
aka, IRA‐ Continuity (Army Republicaine
Irlandaise)
104692Irish Army
0 $0 DOS TEL (Terrorist Exclusion List)2004‐12‐29TEL Source Data
Continuity Irish Republican Army
aka, Continuity Army Council
Listed on 12/07/2001
www.apexanalytix.com 10Recover. Prevent. Improve.
Falsified Invoice/Approval—False information provided to give the impression of a credible invoice that requires expedited payment. A forged or unauthorized signature.
Split Invoicing—Splitting transactions to stay below a certain threshold.
Approval Abuse—A manager may create fictitious invoices and approve his own invoice. Abuse may also occur through the artificial inflation of invoice amounts, for the purposes of kickbacks, bribery, or embezzlement.
Invoice Entry
Monitor G/L activity/ non-PO spend processes Manual approval for high-risk transactions
Best Practices
www.apexanalytix.com 11Recover. Prevent. Improve.
Quick Pay—Altered payment terms
Special Handling—Manual rerouting of checks to an employee
Employee/Vendor Match—Vendors with any matching data to current or former employees
High-risk Address—Disbursements sent to prisons, private mail service, or high-risk zip code
Q) How many false tax refunds did the IRS send to prisons last year?
A) In 2009, they approved $295M, Paid $39M
Disbursements
Understand and continue to research anomalies
Best Practice
www.apexanalytix.com 12Recover. Prevent. Improve.
How do you guard against collusion?Management collusion renders internal controls over financial reporting relatively ineffective because management is working as a team to fake documents, alter records, and fabricate scenarios to fool the auditor into believing the financial statements are real. Journal of Business and Economics Research, July 2006
Collusion Concerns
Best Practices
www.apexanalytix.com 13Recover. Prevent. Improve.
Instant Polling Questions
3. Is fraud prevention and detection a primary initiative within your company?a) Yesb) Noc) Maybe
4. Is fraud prevention a primary initiative (written objective or goal) within your department?a) Yesb) Noc) Maybe
www.apexanalytix.com 14Recover. Prevent. Improve.
Instant Polling Questions
5. Which department has primary responsibility for fraud detection?a) Internal Auditb) Corporate Security (or some version of that)c) Compliance or General Counseld) Human Resourcese) Financef) Other
6. Which tool does your company use to prevent and detect fraud?a) Excel and Accessb) Manual Auditsc) Third-Party Softwared) Human Power
www.apexanalytix.com 15Recover. Prevent. Improve.
What Data Should Be Analyzed?
Risk
DisbursementInvoice
Vendor
Employee Data• 10,000–100,000
EmployeeData
• 20,000–50,000Vendor Records
• 500,000 –16,000,000Invoice& G/L
• $1B–$200BDisbursement
www.apexanalytix.com 16Recover. Prevent. Improve.
Using Attributes to Focus on Fraud
Vendor Attributes• Initials in Vendor’s Name• High-Risk Receipt • Residential Address• Multiple Vendors Crossing• Mobile Phone• High Risk Geography
• Corruption Perception Index (CPI)
• Prohibited Entity (OFAC)• Employee Vendor Match
Invoice Attributes• Consecutive Invoice Numbering• Benford's Law • Even Gross Amount• First Payment Small Relative
to Average Payment• Checks Returned to Employee• No Purchase Order• High-Risk Accounts (GL Level) • Year to Year Comparative Spend
www.apexanalytix.com 17Recover. Prevent. Improve.
0%
5%
10%
15%
20%
25%
30%
35%
1 2 3 4 5 6 7 8 9
Benford Global Corp 2010
“Benford’s Law provides a data analysis method that can help alert … to possible errors, potential fraud, manipulative biases, costly processing inefficiencies, or other irregularities.”
Journal of Accountancy, May 1999
The blue bars to the left represent the normal distribution of Benford’s Law, also called first-digit law, as stated in 1938 by physicist Frank Benford.
Benford declared that the leading digits of a list of real-world data followed a specific, non-uniform distribution.
The red bars represent the distribution of first digits of gross invoice amounts for all Global Corp invoices for the time period reviewed.
Benford’s Law
High Risk Vendor PopulationVendor Characteristics
InitialsHigh Risk
Recpt
Multi Vendor Cross
Proh.Vendor
VendorInvoice CharacteristicsConsec.Invoice
NumbersBenfords
Law
Even Dollar
Amounts
Totals
Score Invoice Count
Inv Net
Amount
Vendor Characteristics
InitialsHigh Risk
Recpt
Multi Vendor Cross
Proh.Vendor
VendorInvoice CharacteristicsConsec.Invoice
NumbersBenfords
Law
Even Dollar
Amounts
1 2 3 EvenABC
1 2 3 Even
1 2 3 EvenABC
1 2 3
Totals
Score Invoice Count
Inv Net
Amount
482
48
183
97
370
290
222
381 $1.4M
$533,271
$345,000
$205,000
High Risk Vendor Analysis
Employee of the Month
Vendor Characteristics
InitialsHigh Risk
Recpt
Multi Vendor Cross
Proh.Vendor
VendorInvoice CharacteristicsConsec.Invoice
NumbersBenfords
Law
Even Dollar
Amounts
Totals
Score Invoice Count
Inv Net
Amount
High Risk Vendor Analysis
1 2 3 Even 381482 $533K
Notes:-D&B: No record found-State Inc: No record found-InfoUSA: [by phone] Arnold, John; 1521Founders Way, Huntington, PA 19335-4520; 610-321-0567
(Residential)-Web Search: http://home.comcast.net/~jarnold/index_files/frame.htm --Hethington Enterprise; no address provided; 610-321-0578; [email protected]; one-page website.-Manual Review: High net amount for residential operation; no business records found-2009 Spend: $ 385,410 2009 Invoices: 31 Vendor Type: VEN1
0%
5%
10%
15%
20%
25%
30%
35%
40%
1 2 3 4 5 6 7 8 9
Benford Actual
Employee Vendor MatchMary Smith1521 Founders WayHuntington, PA 19335PH: 610-321-0577Status: CurrentPosition: General Manager
S-0034330017HETHINGTON ENTERPRISE1521 FOUNDERS WAYHUNTINGTON, PA 19335PH: 610-321-0578 TIN:***4513Create: 03-15-2006 Update:
www.apexanalytix.com 21Recover. Prevent. Improve.
Case Study
3M Engineer
25 year employee, retired & rehired as facility manager
Bilked the company of more than $5 million by billing it for specialized parts from phantom companies
Extremely detailed person
Created 3 phony vendors – paid taxes, registered with state
Used knowledge to bill, alter receiving records and inventory numbers
Significant recoveries from more than 25 bank accounts
www.apexanalytix.com 22Recover. Prevent. Improve.
Fraud Calculator – Do you know what the risk is?
Stop by the APEX Analytix booth and in 5 minutes time you can have a customized calculation of the fraud risk that your corporation is likely facing.
Do you have 5 minutes?
www.apexanalytix.com 24Recover. Prevent. Improve.
Contact Information
John BrocarVice President, Fraud Risk SolutionsAPEX Analytix®
1501 Highwoods Blvd, Suite 200-AGreensboro, NC 27410 Toll-Free + 1 800 284 4522 ext. 1518Direct +1 336 291 1056 [email protected]