The role of data analytics in fraud prevention
March marks Fraud Prevention Month in Canada, an annual education and awareness campaign that encourages Canadians to recognize, reject and report fraud. It’s an important campaign, especially considering that most cases of fraud go unreported despite CFEs estimating that 5% of an organization’s annual revenue is lost to fraud. Although a common issue, many companies that have fallen victim to fraud choose not to report it for fear that it may tarnish their reputation. There is often little incentive to come forward, with the risks often outweighing the benefits.
Though some organizations are disinclined to report fraud, it is still necessary to try to prevent and detect it. There is, however, some confusion over who exactly is responsible for this task, with many non-auditors having the misconception that it is the duty of auditors, internal or external, to uncover fraud. From the external auditor’s perspective, their role is to say if financial statements fairly represent the operations of the company. Internal auditors would also argue that revealing fraud is not their ultimate goal—they aim to test the effectiveness of internal controls. In reality, it’s also much more likely that errors rather than fraud will be found during an audit.
While uncovering fraud may not be an auditor’s main responsibility, there is certainly a variety of tools, tests and processes they can utilize to detect it. Data analytics, for example, increases the chances that fraud may be uncovered. An easy way to start is by matching data from the supplier master file to the employee master file to determine if an employee’s home address matches up with a supplier. Segregation of duties (SoD) is also a common technique in internal control. Some things you can do with IDEA in terms of SoD is to see who approved invoices—were they all approved by the people you’d expect them to be, or were any approved by someone you didn’t expect? You can also match inventory records to payments to ensure that goods were received for payments made and that false invoices haven’t been paid.
This is also where IDEA’s data visualizations become really interesting because you can see, for example, that there were a million journal entries this month. One of your employees only processed two of them, but that represents 30% of the total amount. This employee could be responsible for signing the payroll so it’s perfectly acceptable, but because it’s not what you would expect it requires further investigation to rule out fraud.
For companies wanting to more proactively protect against fraud, they can implement a continuous controls monitoring solution to provide assurance that the internal control system is functioning as it’s intended to. Then data analytics can be utilized for after-the-fact assurance that policies and procedures were complied with.
Apart from software solutions and conducting audits, fraud can be significantly deterred by setting the tone at the top. If a company’s leadership demonstrates strong ethics, the rest of the organization will follow in their footsteps. However, the reverse is also almost always true: if the leadership is cutting corners and taking advantage of weaknesses in controls, it effectively gives other employees carte blanche to do the same. This has always been key to fraud prevention, and once the right tone is set then the organization can move toward having a truly effective internal controls system.
To learn more about how data analytics can help reveal fraud, download our free white paper, ‘Global Benchmark: Role of Data Analytics for Internal Fraud Detection’.
About Bob Cuthbertson:
Bob Cuthbertson brings a wealth of accounting, auditing and technology experience to his role as Chief Operating Officer at CaseWare Analytics. Prior to starting the analytics division of CaseWare in 2000, initially as CaseWare IDEA Inc., Mr. Cuthbertson was Vice President, Professional Services, of The Canadian Institute of Chartered Accountants (CICA). Mr. Cuthbertson is also a CPA (Ontario) with a specialty in Information Technology (CITP), granted by AICPA, and holds a Bachelor of Commerce degree from Queen’s University School of Business.
Connect: Bob Cuthbertson