Uncovering Fraud Schemes with Data Analytics Techniques

use of fraud data analytics to uncover fraud n.w
1 / 77
Embed
Share

Explore the innovative use of fraud data analytics to detect and prevent fraud schemes in core business systems. Learn valuable insights from renowned author Mr. Vona and gain practical knowledge on developing a robust fraud data analytics plan. Discover real-life examples and essential strategies to combat fraudulent activities effectively.

  • Fraud Detection
  • Data Analytics
  • Business Systems
  • Internal Fraud
  • Risk Assessment
rayaanacharya
cror Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Use of Fraud Data Analytics to Uncover Fraud Schemes in Core Business Systems 5/10/2025 FRAUD DATA ANALYTICS 1

  2. Speaker Mr. Vona is the author of three books published by Wiley, Fraud Risk Assessment: Building a Fraud Audit Program and The Fraud Audit: Responding to the Risk of Fraud in Core Business Systems, Fraud Data Analytics Methodology: The Fraud Scenario Approach to Uncovering Fraud. Wiley has referred to Mr. Vona as a worldwide renowned authority on internal fraud risk. Mr. Vona s trial experience is extensive, including appearances in federal and state courts. He is qualified as an expert witness, as a CPA and a CFE, and is cited in West Law for the successful use of circumstantial evidence. Leonard W Vona, CPA, CFE CEO Fraud Auditing, Inc. 5/10/2025 FRAUD DATA ANALYTICS 2

  3. What this Session is About Fraud Data Analytics FRAUD KNOWLEDGE Fraud Risk 5/10/2025 FRAUD DATA ANALYTICS 3

  4. Audit in the New Era Use of Fraud Data Analytics to Uncover Fraud Schemes in Core Business Systems Todays Agenda Strategic Plan for Robust Fraud Data Analytics Plan Data Intensive Fraud Approach Ten Steps: Successful Fraud Data Analytics Plan Practical Illustration: Pass Through Shell Company Schemes 5/10/2025 FRAUD DATA ANALYTICS 4

  5. Could this Happen to You? 63 Million Theft Loss to a False Billing Scheme 2.3 Million Theft Spree, Purchase and Resell Scheme Conflict of Interest Scheme: Wife of VP of Human Resources Whistle Blower of Actual Fraud Committed by Senior Management: Was also accepting Kickbacks from a Vendor How would you explain this to your Audit Committee 5/10/2025 FRAUD DATA ANALYTICS 5

  6. Breaking The Code of Fraud: Fraud Data Analytics Plan The Expectation Questions: Should internal audits find fraud? Can internal audits find fraud? How do we detect fraud schemes? 5/10/2025 FRAUD DATA ANALYTICS 6

  7. Words of Wisdom The world s best audit program and the world s best auditor cannot detect fraud unless their sample includes a fraudulent transaction. This is why fraud data analytics is so important to our profession. 5/10/2025 FRAUD DATA ANALYTICS 7

  8. Your Strategic Plan: Thought Provoking Words Five key words I want you think about! Differently Logic Linked Methodology Superior knowledge 5/10/2025 FRAUD DATA ANALYTICS 8

  9. Differently Fraud risk identification needs to be logic driven versus professional experience driven The statement has five elements Person committing the scheme Type of entity: master file data Fraud action statement: transactional data Fraud impact Fraud conversion 5/10/2025 FRAUD DATA ANALYTICS 9

  10. Logic You can compute the number of fraud risk statements in your scope with mathematical precision The goal of logic analysis is two-fold: Ensure the completeness of your analysis Create time for data interpretation I may not know what the perpetrator is doing, but I know everything the perpetrator can do! 5/10/2025 FRAUD DATA ANALYTICS 10

  11. Linked The fraud risk statement is what drives the fraud data analytics plan and the fraud audit procedure Person committing Type of entity Fraud action statement By understanding what you are looking for; the programming of the routine become obvious 5/10/2025 FRAUD DATA ANALYTICS 11

  12. Superior Knowledge Understanding data from the: Data perspective Industry perspective Fraud perspective 5/10/2025 FRAUD DATA ANALYTICS 12

  13. There is a Methodology 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. Link the fraud audit test procedures Scope of data analysis Integrating the fraud risk assessment Select the data mining strategy Availability, reliability and usability Understand the data Develop search routines Filtering techniques Sample selection criteria Plan to resolve false positives 5/10/2025 FRAUD DATA ANALYTICS 13

  14. What is Fraud Data Analytics A methodology of using data mining to analyze data for the red flags that correlates to a specific fraud risk statement It is about identifying transactions that has the highest probability of containing a fraudulent transaction 5/10/2025 FRAUD DATA ANALYTICS 14

  15. Goal of Fraud Data Analytics Fraud Risk Statement Red Flag Red Flag Red Flag Discreet Number 5/10/2025 FRAUD DATA ANALYTICS 15

  16. Circular View Of Fraud Data Analytics Plan Fraud Risk Statement Plan Strategy Entity Concealment Transaction 5/10/2025 FRAUD DATA ANALYTICS 16

  17. Fun Question - 1 What was the original name of the FBI A. FBI B. BOI C. DOI 5/10/2025 FRAUD DATA ANALYTICS 17

  18. Three Key Considerations of the Fraud Data Plan What are you looking for: What is your scope? Which fraud risk statements? What is your fraud data analytics strategy How to calibrate data interrogation for the sophistication of concealment 5/10/2025 FRAUD DATA ANALYTICS 18

  19. The Fraud Risk Structure Establishes Scope of the Project PRIMARY FRAUD CLASSIFICATION What Fraud Risk Statements are in your audit? SECONDARY FRAUD CLASSIFICATION FRAUD RISK STATEMENT FRAUD SCENARIO 5/10/2025 FRAUD DATA ANALYTICS 19

  20. The Fraud Risk Statement: Linkage Audit Scope Audit Report & Conclusions Objectives Fraud Risk Statement Fraud Risk Assessment Fraud Audit Procedure Fraud Internal Controls Data Analytics 5/10/2025 FRAUD DATA ANALYTICS 20

  21. Illustration of a Fraud Risk Statement Budget owner acting alone / cause a shell company to be set up on the vendor master file / process a contract and approves a fake invoice for goods or services not received / causing the diversion of company funds The statement has five elements Person committing the scheme: Budget Owner Type of entity: master file data: Shell Company Fraud action statement: transactional data: False Invoice Fraud Impact: Loss of company assets Fraud Conversion: Budget owner receives payment 5/10/2025 FRAUD DATA ANALYTICS 21

  22. Three Key Considerations What are you looking for Fraud data analytics strategy Data Pattern Data Frequency How to calibrate data interrogation for the sophistication of concealment 5/10/2025 FRAUD DATA ANALYTICS 22

  23. Primary Data Mining Strategies Specific identification Internal control avoidance Data interpretation Number anomaly Patterns and frequency for: Entity analysis Transaction analysis 5/10/2025 FRAUD DATA ANALYTICS 23

  24. What is the Purpose Primary Data Mining Strategies Methodology to identify a data pattern Each strategy has rules Each strategy correlates to sophistication of concealment Each strategy correlates to sample selection 5/10/2025 FRAUD DATA ANALYTICS 24

  25. Creating the Strategy Score Card Seldom does one data element cause a sample selection The goal is to identify an entity or transaction that meets the criteria of the search routine: The data profile Illustration of missing data test for created entity How many missing data elements should cause a selection of the entity? Does all missing data have the same weight? 5/10/2025 FRAUD DATA ANALYTICS 25

  26. Fraud Data Analytics plan Usually Have Multiple Layers Specific Identification Internal Control Avoidance Sample 5/10/2025 FRAUD DATA ANALYTICS 26

  27. Sample Selection is Both Strategy Concealment 5/10/2025 FRAUD DATA ANALYTICS 27

  28. Specific Identification Key words associated with strategy Missing Change Duplicate, same file Match, different file Identify a specific criteria Sample size is based on the specific identification 5/10/2025 FRAUD DATA ANALYTICS 28

  29. Internal Control Avoidance: Inference Strategy Internal control avoidance Circumvention of an internal control Structuring multi transactions One entity Multiple entities Transactions below a control threshold 5/10/2025 FRAUD DATA ANALYTICS 29

  30. Internal Control Avoidance Use of aged documents providing open authority Speed of transaction or illogical order of a transaction Off period analysis Create, change, delete or void Person performing task Date and time Override transaction, by code or person Manual transaction Sample size is based on the internal control avoidance 5/10/2025 FRAUD DATA ANALYTICS 30

  31. Data Interpretation Relies on professional experience Relies on filtering techniques Relies on visual selection Sample size is based on the judgment of the auditor 5/10/2025 FRAUD DATA ANALYTICS 31

  32. Number Anomaly Benford's Law Even number or a recurring number Contra entry 5/10/2025 FRAUD DATA ANALYTICS 32

  33. Fun Question-2 Does the FBI use shell companies to conduct surveillance in the USA. True False 5/10/2025 FRAUD DATA ANALYTICS 33

  34. Patterns Analysis What is a pattern analysis in fraud data analytics? Process of searching for pattern recognition in either master file data or transaction data. Pattern correlates to the fraud risk statement I.e., Two vendors have a duplicate address I.e., Sequential pattern of vendor invoice numbers 5/10/2025 FRAUD DATA ANALYTICS 34

  35. Pattern Questions Which need to be Understood What are the implications of: Exact match Close match Related match What are the implications of: Data input error Intentional disguised 5/10/2025 FRAUD DATA ANALYTICS 35

  36. Understand False Positives and False Negatives False positive: Transaction tested meets the criteria of the test, but the transaction is not fraudulent Improperly designed test Lacks a sufficient number of testing criteria Occurs due to data integrity Data field contains multiple subset Address field Physical address or bank lock box 5/10/2025 FRAUD DATA ANALYTICS 36

  37. Understand False Positives and False Negatives False negative: Transaction tested does not fit the criteria of the test, but the transaction is fraudulent Improperly designed test Fraud scenario does lend itself to data mining Concealment is higher than the test 5/10/2025 FRAUD DATA ANALYTICS 37

  38. Frequency Considerations Perpetrators seldom steal once, of course, unless the amount is huge! Perpetrators all have a personal risk tolerance will I get caught? Perpetrators find a comfort in a particular technique Perpetrator become more erratic for frauds over a long duration 5/10/2025 FRAUD DATA ANALYTICS 38

  39. Three Key Considerations of the Fraud Data Plan What are you looking for: What is your fraud data analytics strategy How to calibrate data interrogation for the sophistication of concealment How it impacts master file data How it impacts transactional data How it impacts your search routines How it impacts your fraud testing procedure 5/10/2025 FRAUD DATA ANALYTICS 39

  40. Fraud Sophistication Chart Detection Of Fraud Undetected Fraud Detection Bar Detected 5/10/2025 FRAUD DATA ANALYTICS 40

  41. Fraud Concealment Linkage Master File Data High Must use transactional data No match Concealment Medium Concealment Limited linkage between vendor and perpetrator Close match Linkage between vendor and perpetrator Exact match Low Concealment 5/10/2025 FRAUD DATA ANALYTICS 41

  42. Illustration Using a Bank Account High No match Different bank Concealment Medium Concealment Close match Same bank, different account number Low Exact match Same bank and same account number Concealment 5/10/2025 FRAUD DATA ANALYTICS 42

  43. Fraud Concealment Linkage Transactional File Data Judgment based on visual examination Related match High Concealment Medium Concealment Reduce population Close match Low Data pattern visible naked eye Exact match Concealment 5/10/2025 FRAUD DATA ANALYTICS 43

  44. Low Sophistication Guidelines Specific identification strategies are used for both entity and transactional data. Entity identifying information links to the perpetrators known identifying information, for example, a specific street address. The false entity structure will match to another entity either in the same database or a different database. False entity will also reveal missing identifying information in order to reduce someone else s ability to contact the false entity. The patterns associated with the transaction data will typically be overtly obvious to the naked eye. The pattern recognition for the transaction data allows for specific identification. Sample size is determined by the number of transactions that match the data profile. The sample size can be either zero because no transactions link to the data profile or a very large sample because the match criteria are not sufficiently defined. 5/10/2025 FRAUD DATA ANALYTICS 44

  45. Medium Sophistication Guidelines Internal control avoidance strategies tend to be more effective. Specific identification routines are less effective because there is no direct match to the entities data. Specific identification will allow for a match on some aspect of the entity information. Specific identification is more effective when there is an allegation that focuses on a person or department. Entity identifying information relates to some aspect of the perpetrators known identifying information, for example, a postal code versus a physical street address. 5/10/2025 FRAUD DATA ANALYTICS 45

  46. Medium Sophistication Guidelines Internal control avoidance strategies should be used for transactional data. Outlier patterns tend to be effective for transactional history analysis. Creating smaller homogeneous data groups, referred to as cluster patterns, will facilitate the auditors ability to spot an anomaly. Filtering techniques based on dollar magnitude are effective in reducing the number of transactions fitting the data profile. Sample selection is based on the entities or transactions that avoid the internal control after all relevant filtering. 5/10/2025 FRAUD DATA ANALYTICS 46

  47. High Sophistication Guidelines Data analytics at this level is like code breaking. There is no finite criterion that serves as identification criteria. The process tends to be judgmental selection versus a criteria selection. The key is to understand how the fraud scenario occurs in your business systems. The specific concealment strategies used by the perpetrator tend to be more deliberate and planned. Direct matches seldom occur. Entity identifying information has no relationship with the perpetrators known identifying information. Entity identifying information may relate to a mailbox service or an out of area address that has a mail forwarding feature providing the illusion of a real business. Transactional data are more effective at identifying fraud scenarios versus entity data. 5/10/2025 FRAUD DATA ANALYTICS 47

  48. High Sophistication Guidelines The process of creating smaller homogenous data files based on geographic, transaction types, transaction codes, cost centers facilitates the data interpretation. Filtering techniques like drill-down analysis are effective in reducing the number of transactions fitting the data profile, thus, allowing data interpretation to be more effective. Sample selection relies on data interpretation skills. Selection process is based on understanding how the scenario operate, money trail, fraud theory, concealment theory, and professional experience of the auditor. Sample size tends to be judgmentally determined based on the data interpretation. 5/10/2025 FRAUD DATA ANALYTICS 48

  49. Sample Selection Thought Process STRATEGY SAMPLE CONCEALMENT 5/10/2025 FRAUD DATA ANALYTICS 49

  50. Illustration of Fraud Risk Statement A fraud risk statement for a pass-through scheme (of which there are at least 15 permutations) looks as follows: Budget owner, acting alone or in collusion with a direct report, causes a shell company to be set up on the master file and places orders for goods or services through the shell company. The shell company then places an order with a real supplier, and the real supplier ships directly to the budget owner s company. The real supplier invoices the shell company, and the shell company invoices the budget owner company at an inflated price, diverting company funds. 5/10/2025 FRAUD DATA ANALYTICS 50

Related


Efficient Fraud Management with Data Analytics

Efficient Fraud Management with Data Analytics

adalwine
2023 WV ASBO Conference

2023 WV ASBO Conference

trent
Data Analytics: Introduction, Terminology, Challenges, Platforms, Tools, Applications

Data Analytics: Introduction, Terminology, Challenges, Platforms, Tools, Applications

saint
Ethical Conduct and Fraud Prevention in Institutions

Ethical Conduct and Fraud Prevention in Institutions

darci
Fraud in Financial Claims: Insights from Experts

Fraud in Financial Claims: Insights from Experts

rusty
Your Current Business Analytics Tool Is No Longer Enough_ What’s Next for Data-Driven Decisions_

Your Current Business Analytics Tool Is No Longer Enough_ What’s Next for Data-Driven Decisions_

gogrow
Enhancing Fraud Awareness in Schools

Enhancing Fraud Awareness in Schools

camilla
Is Your Analytics Software Lying to You_ How to Spot and Correct Data Bias

Is Your Analytics Software Lying to You_ How to Spot and Correct Data Bias

gogrow
Challenges to Enforcement in Arbitration: Immunity, Fraud, and Public Policy

Challenges to Enforcement in Arbitration: Immunity, Fraud, and Public Policy

ichiro
Unleashing the Power of Business Analytics for Enhanced Decision-Making

Unleashing the Power of Business Analytics for Enhanced Decision-Making

love
Fraud and Forensic Accounting

Fraud and Forensic Accounting

nary111
Missouri Department of Labor and Industrial Relations (DOLIR) Fraud and Noncompliance Unit Overview

Missouri Department of Labor and Industrial Relations (DOLIR) Fraud and Noncompliance Unit Overview

roum156
Forensic Accounting and Fraud - Types and Definitions

Forensic Accounting and Fraud - Types and Definitions

jeet_527
SAS 99 and Fraud Consideration in Financial Audits

SAS 99 and Fraud Consideration in Financial Audits

filibert
Understanding Fraud in Auditing and Government

Understanding Fraud in Auditing and Government

rayleami
Analytics for Target (A4T) Integration

Analytics for Target (A4T) Integration

dain728
Direct Payments & Social Care Investigations Workshop Overview

Direct Payments & Social Care Investigations Workshop Overview

daew629
Strategies for Handling Commercial Fraud Cases: Insights from Brick Court Chambers

Strategies for Handling Commercial Fraud Cases: Insights from Brick Court Chambers

rdunk
Business Analytics Program at Wake Tech Community College

Business Analytics Program at Wake Tech Community College

das_ynn
Fraud Risk Assessment and Internal Controls Overview

Fraud Risk Assessment and Internal Controls Overview

maxx_196
Fraud Awareness Training: Detection and Prevention

Fraud Awareness Training: Detection and Prevention

khayl
Government Fraud: Impacts and Prevention

Government Fraud: Impacts and Prevention

pmek

More Related Content