- 1. Using Data Analytics to Detect & Prevent Corporate and
P-Card Fraud November 20, 2013 Special Guest Presenter: Rich
LanzaCopyright 2013 FraudResourceNet LLCAbout Peter Goldmann, MSc.,
CFEPresident and Founder of White Collar Crime 101Publisher of
White-Collar Crime Fighter Developer of FraudAware Anti-Fraud
Training Monthly Columnist, The Fraud Examiner, ACFE Newsletter
Member of Editorial Advisory Board, ACFE Author of Fraud in the
Markets Explains how fraud fueled the financial crisis.Copyright
2013 FraudResourceNet LLC
2. About Jim Kaplan, MSc, CIA, CFE President and Founder of
AuditNet, the global resource for auditors (now available on Apple
and Android devices) Auditor, Web Site Guru, Internet for Auditors
Pioneer Recipient of the IIAs 2007 Bradford Cadmus Memorial Award.
Author of The Auditors Guide to Internet Resources 2nd
EditionCopyright 2013 FraudResourceNet LLCRichard B. Lanza, CPA,
CFE, CGMA Over two decades of ACL and Excel software usage Wrote
the first practical ACL publication on how to use the product in
101 ways (101 ACL Applications) Has written and spoken on the use
of audit data analytics for over 15 years. Received the Outstanding
Achievement in Business Award by the Association of Certified Fraud
Examiners for developing the publication Proactively Detecting
Fraud Using Computer Audit Reports as a research project for the
IIA Recently was a contributing author of: Global Technology Audit
Guide (GTAG #13) Fraud in an Automated World - IIA Data Analytics A
Practical Approach - research whitepaper for the Information System
Accountability Control Association. Cost Recovery Turning Your
Accounts Payable Department into a Profit Center Wiley & Sons.
Please see full bio at www.richlanza.com Copyright 2013
FraudResourceNet LLC 3. Webinar Housekeeping This webinar and its
material are the property of FraudResourceNet. Unauthorized usage
or recording of this webinar or any of its material is strictly
forbidden. We are recording the webinar and you will be provided
access to that recording within 5 business days after the webinar.
Downloading or otherwise duplicating the webinar recording is
expressly prohibited.Please complete the evaluation questionnaire
to help us continuously improve our Webinars.You must answer the
polling questions to qualify for CPE per NASBA.Submit questions via
the chat box on your screen and we will answer them either during
or at the conclusion.If GTW stops working you may need to close and
restart. You can always dial in and listen and follow along with
the handout. Copyright 2013 FraudResourceNet LLCDisclaimers The
views expressed by the presenters do not necessarily represent the
views, positions, or opinions of FraudResourceNet LLC (FRN) or the
presenters respective organizations. These materials, and the oral
presentation accompanying them, are for educational purposes only
and do not constitute accounting or legal advice or create an
accountant-client relationship. While FRN makes every effort to
ensure information is accurate and complete, FRN makes no
representations, guarantees, or warranties as to the accuracy or
completeness of the information provided via this presentation. FRN
specifically disclaims all liability for any claims or damages that
may result from the information contained in this presentation,
including any websites maintained by third parties and linked to
the FRN website Any mention of commercial products is for
information only; it does not imply recommendation or endorsement
by FraudResourceNet LLC Copyright 2013 FraudResourceNet LLC5 4.
Todays Agenda Management override: What it is and how its most
often done Recap of major corporate and P-card fraud schemes How to
gather the data you need to audit for card fraud using data
analytics Best practices in data analytic for corporate and P-card
fraud detection Proven P-card fraud deterrence and prevention
practices P-card-related travel & entertainment fraud detection
using data analyticsCopyright 2013 FraudResourceNet LLCKey
Considerations Before Entering Pcard and T&E Reviews Is 3% to
5% savings in T&E worth the controls? It probably wont be
enough of an issue for SarbOx It DOES make for an embarrassing
paper headline 98% of people are honestDo you want to hound them
for the 2%? Is T&E a company benefit? Will you be able to take
on the executives? Copyright 2013 FraudResourceNet LLC 5. Asset
Misappropriation Tops The ChartsCopyright 2013 FraudResourceNet
LLCRisk Assessment Departmental FocusCopyright 2013
FraudResourceNet LLC9 6. Top Fraud Schemes By DepartmentCopyright
2013 FraudResourceNet LLCMaking $20K Extra This Year (assume 20
trips a year) Meals ($30 a day * 4 days * 20 trips) = $2,400
Gas/Mileage ($20 per trip * 20 trips) = $400 Airline ($100 per trip
* 20 trips) = $2,000 Hotel ($10 per day * 4 days * 20 trips) = $800
Entertainment ($50 per trip * 20 trips) = $1,000 Other ($50 per
trip * 20 trips) = $1,000 Airline/Other miles for free tickets =
$7,000Total of $14,600 after tax or $20,000 before taxCopyright
2013 FraudResourceNet LLC 7. Playing The T&E Game Can Be
Addictive The extra cash always helps Its tax-free! The getting
back at the company feeling Managers never check anyway What are
they going to dofire me over $20? The slippery slope to go for
moreCopyright 2013 FraudResourceNet LLCPolling Question 1What is
not one of the top occurring frauds per the ACFE study? A. B. C.
D.Billing Corruption Overstated Revenue Expense
ReimbursementsCopyright 2013 FraudResourceNet LLC 8. What to Look
for and Best Practices in P-Card and T&E Fraud DetectionP-Card
Process Steps Create/Issue Cards Maintain Cards Cancel Cards
Approve Merchants / Merchant Codes Block Merchants / Merchant Codes
Set Approval Limits / Policies of Use Initiate Transactions
Validate Transactions Approve Transactions Copyright 2013
FraudResourceNet LLC 9. The Controls Summary Whistleblower Hotline
Code of Conduct Employee Training Review the Data Book It For Them
Automated Workflow Deal With the FraudstersCopyright 2013
FraudResourceNet LLCSet the Baseline Establish set of core values
Communicate them Train people in them Give people examples So they
understand in practical terms when they break the codeCopyright
2013 FraudResourceNet LLC 10. Other Fraud Policy Categories
Definitions of misconduct and dishonesty Organizational policy and
responsibilities regarding reporting suspected misconduct.
Deterrence and detection responsibilities of individuals with
supervisory or review responsibility. Policy specifying the
responsibility and authority related to the investigation of
incidents of misconduct and dishonesty. General procedures for the
follow up and investigation of reported incidents. Note that
questions or other clarifications of the fraud policy should be
addressed to the corporations Chief Counsel. Copyright 2013
FraudResourceNet LLCP-Card Policy Considerations Who can have the
card / Who cannot have the card (former employees, non-employees,
agents/students/vendors) Reconciliation procedures What can and
cannot be purchased with the card Restricting use to organizational
business needs How to get the card How to handle exceptions and
irregularities How a card can and should be deactivated How to get
help Cardholder agreements Rights and responsibilities of the
cardholder, department manager responsible for managing card usage,
department manager, organization and card-issuer Copyright 2013
FraudResourceNet LLC 11. Train the Frontline Troops Explain the
basics of fraud How it starts How it grows fast Red flag signs
Explain what to do if they sense it Make it fun Case studies using
past or fictional examplesCopyright 2013 FraudResourceNet LLCThe
Basic Tests Review the business purpose of each expense for
reasonableness. Validate expenses with proper receipts (when
applicable). Recalculate the total reimbursable amount to test
accuracy. Review each report for proper approval Trace and agree
the total reimbursable amount on the T&E report to the
disbursement(s).Copyright 2013 FraudResourceNet LLC 12. Types of
T&E Fraud (in order of occurrence per ACFE Study Report to the
Nations - 2006) Mischaracterized personal expenses that are
submitted as business. Overstated inappropriate overstatement of
submitted expenses. Fictitious Receipt phony receipt used as
support. Over-purchase purchase more than needed and keep the rest.
Collusion manager and employee scheme against the company Copyright
2013 FraudResourceNet LLCPolling Question 2What is not one of the
top occurring frauds per the ACFE study? A. B. C. D.Billing
Corruption Overstated Revenue Expense ReimbursementsCopyright 2013
FraudResourceNet LLC 13. Little More Advanced Tests Submit altered
claims for legitimate expenses that are larger than actuals, pocket
difference in cash Create fictitious vendor to vouch for purchases
Use a Square to become a vendor yourself Change the vendors name
between the P-Card and T&E system Avoid approval limits by
splitting purchases Organize legitimate expenses to secure a cash
discount or other benefit from vendor that should go to the
employer Submit same expense to multiple authorities or multiple
general ledger accounts Copyright 2013 FraudResourceNet LLCAirline
Schemes and Tests Book a personal trip as a business one: Match
dates of travel to airline dates Book an expensive refundable
ticket and a cheaper ticket, cancel the refundable ticket, and then
submit it for payment Obtain payment receipt (i.e., Visa bill for
the month) and airline support See How To Pad Your Expense
Report..and Get Away With It by Employee X Copyright 2013
FraudResourceNet LLC 14. Airline Schemes and Tests Edit the E-mail
on an E-Ticket Obtain payment receipt (i.e., Visa bill for the
month) and airline support Use one airline to get mileage points
(even if not the best) Get a general sense of flight costs and
airlines for key company locations See How To Pad Your Expense
Report..and Get Away With It by Employee X Copyright 2013
FraudResourceNet LLCHotel Schemes and Tests Scan invoice and
increase amounts Get extra invoice paper from hotel and type phony
bill Complain to reverse charges and submit the original invoice
Ask for a discount (i.e., AAA) after the bill is printed Obtain
payment receipt (i.e., Visa bill for the month) and hotel support
See How To Pad Your Expense Report..and Get Away With It by
Employee X Copyright 2013 FraudResourceNet LLC 15. Meal Schemes and
Tests Buy tear off receipts at office supply store and submit phony
receipts Eat cheap meals or have someone else pay for them and then
submit thrown away receipts Check dates are within travel period
Obtain payment receipt (i.e., Visa bill for the month) and hotel
support See How To Pad Your Expense Report..and Get Away With It by
Employee X Copyright 2013 FraudResourceNet LLCTaxi / Mileage Put
through phony taxi receipt and have someone drive you to the
airport Obtain payment receipt (i.e., Visa bill for the month) Add
more mileage to the mileage allowance Get a general sense of
mileage between company locations or use Mapquest See How To Pad
Your Expense Report..and Get Away With It by Employee X Copyright
2013 FraudResourceNet LLC 16. Polling Question 3Which of the
following are key to the P-Card fraud control framework? A. B. C.
D. E.Employee Training Review the Data Book It For Them Automated
Workflow All of the aboveCopyright 2013 FraudResourceNet LLCBook It
For Them Travel agency to process hotel, car, and air Use a car
service Ensure that payment is made by company to the vendor
directlyCopyright 2013 FraudResourceNet LLC 17. Benefits of
Automation: Enforce company financial policy Established system of
approvals Increased visibility Sound internal controls Heightened
accountability Reduced audit fees Peace of mind Copyright 2013
FraudResourceNet LLCHave a Response Team Have an incident response
program Set the investigation plan Set accountabilities Do
appropriate marketing Put everyone on notice that a team exists and
is ready to investigate as needed Communicate wrongdoing through
company newsletters even if it is done at a departmental
levelCopyright 2013 FraudResourceNet LLC 18. Ways To Deal With
Fraudsters Terminate Make an example of those who get caught Put
fraud on their W-2 Remember it is better to prevent and deter than
try to reclaim laterCopyright 2013 FraudResourceNet LLCIntegrating
Data Analytics Into the P-Card Review Process 19. Step #1 in
Automation Plan: Aggregate the Data You can improve what you
measure Summary data (at the invoice level) is not enough for
auditing Detail data Doesnt have to be an automated system
(although one helps)Can be done in Excel/Access to get
startedCopyright 2013 FraudResourceNet LLCData Tables and Fields
P-Card Cardholder: Card Number Cardholder Address City Post Code
LimitMCC Description: MCC MCC DescriptionTransactions: Name Card
Number Merchant Merchant City Merchant State Merchant Cntry
Merchant PostCode MCC Amount Curr ency Post Date Trans
DateCopyright 2013 FraudResourceNet LLC 20. Data Tables and Fields
T&E Considerations Business Purpose Who Entertained Flight
Information (from Travel Company) Days before the flight booking
made Type of airline and ticketCopyright 2013 FraudResourceNet
LLCThe Data Aggregators Online T&E system Travel company / Car
Service company Vendor System (i.e., Office Supplies) Procurement
card Access database / Excel spreadsheetCopyright 2013
FraudResourceNet LLC 21. The Overall Fraud Analytic Process Get the
Most Useful Data for Analysis Develop Fraud Query Viewpoints The 5
Dimensions Brainstorm report ideas Analytically Trend Benfords Law
Statistical averages and simple trending by day, month, day of week
Post dated changes Use Visualization Techniques Copyright 2013
FraudResourceNet LLCPolling Question 4What is not one of the key
tables for P-Card analysis? A. B. C. D.Cardholder Travel
Information MCC Code Description TransactionsCopyright 2013
FraudResourceNet LLC 22. Our Viewpoints or Data DimensionsCopyright
2013 FraudResourceNet LLCTop Reports Unmatched query of cardholders
to an active employee masterfile Cards used in multiple states in
the same day Cards processing in multiple currencies in the same
day Identify cards that have not had activity in the last six
months Cardholders that have more than one card (Duplicates on card
holder) Extract any cash back credits processed through the card
Extract declined card transactions and determine if they are
frequent for certain cards Summary of card usage by merchant to
find newly added merchants and most activeCopyright 2013
FraudResourceNet LLC 23. Top Reports (continued) Duplicates on card
number, amount, and transaction date Duplicates on merchant,
amount, and transaction date (regardless of card) Duplicates on
merchant and amount Duplicates on cardholder and amount A multitude
of transactions under the card purchase limit or MCC amount limit
to identify split purchases on the card to purchase higher amount
items using multiple charges. Postings to unusual MCC codes Align
the Pcard to T&E system to ensure merchant and amounts line up
for each transactionsCopyright 2013 FraudResourceNet LLCIts The
Trends.Right? Trend categories (meals, hotel, airfare, other) Trend
mileage Trend departments Trend in the type of receipts Trend under
limits (company policy) Trend by person By location By
vendorCopyright 2013 FraudResourceNet LLC 24. Stratify Data -
ResultsCopyright 2013 FraudResourceNet LLCScatter DataCopyright
2013 FraudResourceNet LLC 25. Scatter GraphCopyright 2013
FraudResourceNet LLCMap of the Vendor PopulationCopyright 2013
FraudResourceNet LLC49 26. Benfords Law Continuous View Quarterly
law0.3500 0.3000 0.2500 4th 3rd 2nd0.15001st0.1000
0.050095908580757065605550454035302520150.000010FrequencyBenford0.2000DigitsCopyright
2013 FraudResourceNet LLCDeeper into BenfordsCopyright 2013
FraudResourceNet LLC 27. Invoices Near The Approval LimitCopyright
2013 FraudResourceNet LLCPolling Question 5What is probably the
best Excel feature for reviewing Pcard and T&E data? A. B. C.
D.Scatter Graphs Pivot Tables Vlookup Data Analysis
ToolkitCopyright 2013 FraudResourceNet LLC 28. T&E Scoring
Analysis (Using Macros) 1. 2. 3.4.Employees with low transaction,
high dollar activity - 20 Employees with a high proportion of round
dollar payments. - 25 Payments to any employees that exceed the
twelve month average payments to that employee by a specified
percentage (i.e., 200%) or 3x the standard deviation for that
vendor. - 20 Employees with a high proportion of charges near
approval limits - 35Copyright 2013 FraudResourceNet
LLCTransactional Score Benefits Instead of selecting samples from
reports, transactions that meet multiple report attributes are
selected (kill more birds with one stone). Therefore a 50 unit
sample can efficiently audit: 38 duplicate payments 22 round
invoices 18 in sequence invoices.and they are the best given they
are mathematically the most severe. Sampling can be based on
quadrants which takes into account different severity, volume, and
value dimensionsCopyright 2013 FraudResourceNet LLC55 29.
Questions? Any Questions? Dont be Shy!Copyright 2013
FraudResourceNet LLCComing Up Next Month How to Use Data Analysis
to Detect Revenue and Receivables Fraud, Dec.12th Integrating Data
Analytics for Fraud Into Your Audit Dec. 17th Internal Anti-Fraud
Controls: Attaining Long-Term Effectiveness Dec 18thCopyright 2013
FraudResourceNet LLC 30. Thank You! Website:
http://www.fraudresourcenet.com Jim Kaplan FraudResourceNet
800-385-1625 [email protected] Peter Goldmann
FraudResourceNet 800-440-2261 [email protected] Rich
Lanza Cash Recovery Partners, LLC Phone: 973-729-3944
[email protected] Copyright 2013 FraudResourceNet LLC