Leverage T echnology: Turn Risk into Opportunity

Size: px

Start display at page:

Download "Leverage T echnology: Turn Risk into Opportunity"

Abigayle Atkinson
5 years ago
Views:

Give me a lever long enough and a fulcrum on which

Copyright. Fulcrum Information Technology, Inc.

Monitor PO and AP transac/ons to prevent losses,

misconfigura/ons in Oracle EBS R12 Payables and

A Leader in Risk Based Enterprise Controls

Reporting Internal Audit Controls Catalog

1 Give me a lever long enough and a fulcrum on which to place it, and I shall move the world - Archimedes Copyright. Fulcrum Information Technology, Inc. Is Your ERP Leaking Cash? Monitor PO and AP transac/ons to prevent losses, control supplier master data changes and detect misconfigura/ons in Oracle EBS R12 Payables and Purchasing applica/ons. A Leader in Risk Based Enterprise Controls Management Solutions Risk and Compliance Financial Reporting Internal Audit Controls Catalog Application Security Advanced Analytics NorCalOAUG August 26, 2014 Brian Amato Client Services Director Leverage T echnology: Turn Risk into Opportunity

2 Agenda Is Your ERP Leaking Cash?! Introductions! Top Procure to Pay challenges in ERP! Overview of Payable and Purchasing Controls! Advanced Controls Analytics! Case Study! Q&A Page 2

3 Agenda Is Your ERP Leaking Cash?! Introductions! Top Procure to Pay challenges in ERP! Overview of Payable and Purchasing Controls! Advanced Controls Analytics! Case Study! Q&A Page 3

4 FulcrumWay! A Leader in Risk Based Controls Management! FulcrumWay: is the #1 End-to-End Provider of Risk Based Enterprise Controls Management Solutions for Oracle EBS, PeopleSoft and JDE customers with over 200 Fortune-500 to Middle Market clients. Since 2003, we have successfully assisted companies across all major industry segments.! Expertise: Risk Advisory Services. Advanced Controls Design for Enterprise Applications. Best Practices for Risk Mitigation and Internal Controls Automation. Audit, Compliance, Financial, Enterprise and Operational Risk Assessments. Risk Remediation Services.! Packaged Solutions: FulcrumWay is the #1 choice of Oracle customers for Oracle GRC Advanced Controls, GRC Manager, and GRC Intelligence/OBIEE software implementation. Oracle has certified us as the only partner with Accelerators for Oracle GRC. We also provide Managed Services! Software Services: Risk Assessment for ERP systems, Control Design and Management Tools, Controls Catalog, Enterprise Risk Manager, Financial Reporting Manager, Audit Manager! USA Presence: Privately held Delaware Corporation with US offices in New York City, Dallas and San Francisco! International Presence: in Auckland, Chennai, Johannesburg, London, Mexico City Page 4

5 Successful Track Record Government Oil and Gas FulcrumWay Clients Financial Services Retail Communications Manufacturing Transportation Natural Resources Media/Entertainment Healthcare High Tech Life Sciences Page 5

Proven Expertise FulcrumWay Insight Page 6 Thought Leadership!

SROAUG GRC Solution Lab - February 21 st Los Angels: GRC Case

Collaborate 14 GRC Client Appreciation Dinner April 7 th, 2014 Las

NEOAUG Spring Conference June 9 th Worcester, MA -GRC Case

New Ways to Assess the Risks that Can Turn Results into Rewards!

6 Proven Expertise FulcrumWay Insight Page 6 Thought Leadership! Co-Authored GRC Book: First book on GRC for Oracle Applications! SROAUG GRC Solution Lab - February 21 st Los Angels: GRC Case Studies and Best Practices! Collaborate 14 GRC Client Appreciation Dinner April 7 th, 2014 Las Vegas! NEOAUG Spring Conference June 9 th Worcester, MA -GRC Case Studies and Best Practices! IIA/ISACA GRC Conference August 19 th, Presentations Five New Ways to Assess the Risks that Can Turn Results into Rewards! Webcasts Every 3 rd Tuesday of the Month GRC Best Practices, Trends and Expert Insight! Oracle Open World Annual GRC Dinner on September 29 th, San Francisco, CA! LinkedIn FulcrumWay Risk, Compliance and Audit Software Group! YouTube Podcasts FulcrumWay Instant Insight in 10 min or less

7 Agenda Is Your ERP Leaking Cash?! Introductions! Top Procure to Pay challenges in ERP! Overview of Payable and Purchasing Controls! Advanced Controls Analytics! Case Study! Q&A Page 7

Top Procure to Pay Challenges Organizations are seeking new ways to transform their rapidly growing data into insight that mitigates risks and unlocks new opportunities.

8 Top Procure to Pay Challenges Organizations are seeking new ways to transform their rapidly growing data into insight that mitigates risks and unlocks new opportunities. However, using the traditional reporting tools to look for unusual patterns in large data sets is like finding a needle in haystack. The problem is not the resources, or the personnel, or the data. It s that many organizations simply don t have the advanced analytics required to arrange the data, identify suspicious patterns and weaknesses, at least not fast enough. There s too much data, and not enough analytics! Page 8

9 Top Procure to Pay Challenges By 2016, 70 Percent of the Most Profitable Companies Will Manage Their Business Processes Using Real- Time Predictive Analytics Gartner Hidden bottlenecks, repetitions, and loopbacks in business processes can now be tracked, exposed, analyzed and addressed easily and efficiently, which leads to increased efficiency. Exposing these problematic business activities within the processes also allows for a more effective business process optimization, reduces costs, and improves the bottom line. Page 9

10 Top Procure to Pay Challenges How does cash leak through your ERP system? Top 10 Issues Business Risk Bottom Line Impact Duplicate Invoices 2 invoices Overpayment to Supplier Cash Leakage Duplicate Invoices 2 vehicle Overpayment to Supplier Cash Leakage Erroneous Charges to Invoice Overpayment to Supplier Cash Leakage Late Payment Overpayment to Supplier Cash Leakage Tax Errors Inaccurate Tax Cash Leakage Duplicate Vendor in Vendor Master File Inaccurate Vendor Master Cash Leakage Purchase order Related Issues Financial Fraud and Misuse Cash Leakage Early Payment Untimely Payment to Supplier Negative Cash Flow Missed Discounts Untimely Payment to Supplier Negative Cash Flow Page 10

11 Agenda Is Your ERP Leaking Cash?! Introductions! Top Procure to Pay challenges in ERP! Overview of Payable and Purchasing Controls! Advanced Controls Analytics! Case Study! Q&A Page 11

12 Issue1: Duplicate Invoices 2 Invoices Discrepant Invoices Late Payments Honest mistake/ Fraud ERP Control Detective: Detect invoices with Similar invoice number, same amount to the one supplier Detect invoices made to the same suppliers but in different business unit Detect invoices made to different vendor with very similar names Preventive: Put duplicate invoices on hold until proper investigation is complete Page 12

13 Issue2: Duplicate Payments 2 Vehicle 2 Vehicles like Invoices and P-Card Paper Invoice and Electronic Process Expense Report and Petty Cash Multiple payment vehicle for a vendor ERP Control Detective: Detect suppliers with multiple method of payment Detect payment made by procurement card and checks Preventive: Put duplicate invoices on hold until proper investigation is complete Prevent Supplier from getting paid through paper invoice if he is setup for electronic payment Page 13

14 Issue3: Erroneous Charges to Invoice Who pays freight, insurance? Are invoices based on POs? Special deals ERP Control Detective: Detect invoices where freight was charged when in PO it was supposed to be pre-paid by the vendor Detect invoices where freight was charged and warehouse charged freight separately Detect invoices billed for quantities than what was actually shipped Preventive: Put suspect invoices on hold until proper investigation is complete Page 14

15 Issue4: Late Payments Never pay late fees Open Vendor Credit Can result in Duplicate Payment ERP Control Detective: Detect invoices that are approaching due date base on supplier/ PO payment term Identify users who have consistently not paid vendors on time Detect payments to vendors that are consistently late Preventive: Send alerts on upcoming payments that are approaching due dates Page 15

16 Issue5: Tax Errors - Sales/ Use/ VAT Wrong Amounts Proper jurisdiction Proper documentation VAT Reclaim ERP Control Detective: Detect sales tax invoices by vendors for non-taxable items Identifies use tax in error on non-taxable goods and services Identify all VAT invoices that are approaching due date of the calendar year Detect if sales tax goes over a threshold value Identify supplier invoices where VAT is charged based on supplier location vs where the service is rendered Page 16

17 Issue6: Master Vendor Management Potential duplicate payments Segregation of Duties Concern Correspondence Issues ERP Control Detective: Duplicate payment made to multiple entities of the same supplier Identify purchases made from unapproved vendors Identify suppliers with similar or different names but with same Tax ID Number or address Identify suppliers who exists in the Do not do business with suppliers Preventive: Ensure Segregation of duties between supplier creation and other conflicting functions Detect suppliers with similar names at the time of supplier creation Page 17

18 Issue7: Purchase Order Problems Split Purchase Order Blanket Purchase Order After the Fact PO ERP Control Detective: Detect Split PO to work around approval threshold Detect standard PO issued to a supplier where a blanket PO exists Preventive: POs over a certain threshold require approvals Good receipts cannot take place without an approved PO Mandate PO number during invoice creation Page 18

19 Issue8: Missed Discounts Inefficient processing Best financial return for any company Track discount lost and why Fix root causes whenever possible ERP Control Detective: Identifies special rebate from the PO contract that the invoice failed to mention Track invoices that missed discount date by a little margin Preventive: Send alerts on upcoming discounts available for payments above a threshold Page 19

20 Issue9: Early Payment Negative cash flow Fraud Analyze early payments ERP Control Detective: Detect payments made earlier than supplier payment term Alerts a user if payment term setup is changed Preventive: Set up an approval process if payment term is changed Prevent payment term to be changed Ensures segregation of duties between invoice creation and supplier creation Page 20

21 Issue10: Travel & Entertainment Employee misuse Constant leakage to the bottom line Make manager responsible Part of annual review ERP Control Detective: Identify suspicious activity between coworkers to highlight the pattern of interrelationship in the expense reports Detect expenses claimed in an expense report instead of booking through approved channels Detect expense splitting Preventive: Deny expenses through unapproved channels unless approved by senior management Page 21

22 Agenda Is Your ERP Leaking Cash?! Introductions! Top Procure to Pay challenges in ERP! Overview of Payable and Purchasing Controls! Advanced Controls Analytics! Case Study! Q&A Page 22

23 Advanced Controls What are Advanced Controls?! Layer of automated controls over ERP controls! Continuously monitor key controls! Detect and Report issues as they occur! Prevent issues from occurring! Quickly see high risk issues with exception based dashboards! Address issues that affect the bottom line! Reduces operational risk and process effectiveness Page 23

Advanced Controls One Enterprise Foundation Enterprise Risk & Controls Foundation Risk & Controls Repository Assess and

Search Perspectives Risk, Controls & Compliance Management Documentation Reviews Assessments Surveys Remediation

Controls Fraud & Error Patterns Web Services & APIs All Users & Applications 100% of Transactions All Processes Procure

24 Advanced Controls One Enterprise Foundation Enterprise Risk & Controls Foundation Risk & Controls Repository Assess and Certify Detect Policy Violations Role Based Access Security Dashboards, Reports and Alerts Worklists Notifications Search Perspectives Risk, Controls & Compliance Management Documentation Reviews Assessments Surveys Remediation Continuous Controls & Risk Monitoring Access Setups Master Data Transactions Audit Tests Data Connectors User Authored Controls Fraud & Error Patterns Web Services & APIs All Users & Applications 100% of Transactions All Processes Procure to Pay Order to Cash Financial Reporting User Access Custom or Legacy Applications Manage by Exception Optimize Processes Page 24

Orders Duplicate Payments Advanced Controls Transaction Threshold Amounts Fuzzy Logic, similar values

25 Advanced Controls Standard + Advanced Controls User Roles Approval Hierarchies Standard Controls 3-Way Match Track Payments Track Discounts Sentiment Analysis Hide Displays of Sensitive Data Split Purchase Orders Duplicate Payments Advanced Controls Transaction Threshold Amounts Fuzzy Logic, similar values Duplicate Vendors Finegrained User Access Transaction Pattern Analysis Configuration Snapshots & Audit Trial Page 25

Advanced Controls Ontology based Advanced Transaction (OAT) Analytics User Roles Approval Hierarchies Standard Controls 3-Way Match Track Payments Track Discounts

values Duplicate Vendors Finegrained User Access Transaction Pattern Analysis Configuration Snapshots & Audit Trial FulcrumWay OAT Analytics discovers your data

26 Advanced Controls Ontology based Advanced Transaction (OAT) Analytics User Roles Approval Hierarchies Standard Controls 3-Way Match Track Payments Track Discounts Sentiment Analysis Hide Displays of Sensitive Data Split Purchase Orders Duplicate Payments Advanced Controls Transaction Threshold Amounts Fuzzy Logic, similar values Duplicate Vendors Finegrained User Access Transaction Pattern Analysis Configuration Snapshots & Audit Trial FulcrumWay OAT Analytics discovers your data source and creates enterprise ontology catalog including business objects, attribute, era, frequency, patterns and model logic to deliver insight within just a few weeks Page 26

27 Advanced Controls Procure to Pay with Advanced Controls Page 27

28 Advanced Controls Exception Based Dashboard Page 28

29 Advanced Controls Continuous Monitor Duplicate Invoices Page 29

30 Advanced Controls Definition Control Model Logic Page 30

31 Advanced Controls Incident Management Page 31

32 Advanced Controls Incident Management Page 32

33 Advanced Controls Preventive Controls Page 33

34 Advanced Controls Preventive Controls Page 34

35 Advanced Controls Page 35

36 Advanced Controls Page 36

37 Agenda Is Your ERP Leaking Cash?! Introductions! Top Procure to Pay challenges in ERP! Overview of Payable and Purchasing Controls! Advanced Controls Analytics! Case Study! Q&A Page 37

38 Case Study A global leader in the lifestyle footwear controls cost with OAT Analytics! Designs, develops, markets, and distributes footwear for men, women, and children, as well as performance footwear for men and women! The company operates through four segments: Domestic Wholesale Sales, International Wholesale Sales, Retail Sales, and E-commerce Sales.! As of February 15, 2014, the company operated 122 concept stores, 131 factory outlet stores, and 71 warehouse outlet stores in the United States; and 44 concept stores and 26 factory outlets internationally. Page 38

39 Case Study Analytics Use Cases by Process and Industry! Accounts Payable Audits: Track all your claims closely, and prevent future losses by catching them earlier. Improve vendor relationships by submitting only verified high-quality claims, all resulting in less work for you, and more accurate, more profitable results! Merchandise Audits: Detect merchandising errors early by finding the facts as close to the transaction as possible. This helps your company reduce operating expenses through recoveries.! Vendor Risk Assessment: Comprehensive vendor risk analysis to analyze all available data for optimal results. Research a wide variety of potential vendor risks from fraud and conflicts of interest to lapsed business licenses and liability concerns.! Freight Audits: Safeguard freight-related disbursements by identifying payment errors and analyzing whether vendors and carriers have complied with your shipping guidelines! Media Audits: Agency and media invoices match up. Identify duplicates and overpayments, review contracts, media plans, insertion orders, print orders and billing statements, and accurately determine whether there have been mistakes and under-achieving performance.! Contract Compliance: In-depth review of contract compliance combines automated techniques with focused strategic buyer discussions. Identify the causes behind overpayments, and developing customized prevention techniques for minimizing future exposure. Page 39

40 Case Study Implementation Approach for Reliable, Affordable, Rapid and Easy (RARE) Insight Assess Design Install / Configure Test / Train Deploy Iden/ty data- sources, business objects, ahribute era, frequency, paherns and model logic Create object catalog, condi/ons and paherns and transac/on excep/ons using DataProbe Confirm Findings and Gap. Map data source objects catalog to OAT (Protégée) Define transac/on model logic in terms of data- sources, business objects, ahribute era, frequency, and paherns Confirm Design. Iden/fy out of the box vs custom objects for install Install Advanced Controls plavorm Configure data- source, objects, and models Unit Test and Verify Results Train users, managers, and administrators Conduct user acceptance tes/ng Setup produc/on system Support administrators as needed Page 40

41 AP Audit! FulcrumWay Retail Industry Claims Trend Page 41

42 Merchandise! FulcrumWay Retail Industry Net Price Merchandise Losses Page 42

43 Vendor Risk! FulcrumWay Retail Industry Page 43

44 Freight! FulcrumWay Retail Industry Page 44

45 Media! FulcrumWay Retail Industry Page 45

46 Industry Opportunities What is Possible with OAT AnalyCcs Page 46

47 Agenda Is Your ERP Leaking Cash?! Introductions! Top Procure to Pay challenges in ERP! Overview of Payable and Purchasing Controls! Advanced Controls Analytics! Case Study! Q&A Page 47

48 Q & A! Leader in Risk Based Enterprise Controls Download DataProbe One-on-One with Experts Follow FulcrumWay on LinkedIn for ERP Risk and Controls