Leveraging Data Analytics to Expand Audit Coverage and Add Organizational Value

Similar documents
ACL ESSENTIALS. Get insight into your ERP process health, compliance & financial exposure TRAVEL & ENTERTAINMENT EXPENSES

AUDIT STATUS. Continuous Auditing Ideas and Priority Ranking Draft: 8/7/2012

ACL ESSENTIALS. Get insight into your ERP process health, compliance & financial exposure ACCOUNTS PAYABLE

SAP Business One. A Single System to Streamline Your Entire Business

JD Edwards EnterpriseOne Financial Management Overview

ACL ESSENTIALS. Get insight into your ERP process health, compliance & financial exposure SEGEREGATION OF DUTIES

IIA Springfield IL Chapter

Using Data Analytics as a Management Tool to Identify Organizational Risks

Using Data Analytics in Audits

9/12/2013. CAPITALIZE ON YOUR PURCHASING CARD PROGRAM September 20, Agenda. With a card payment you can:

Using Transactional Analysis for

SEGREGATION OF DUTIES for SAP

AIMS Version 6.3. Feature presentation

Payables Management. 2 nd Edition. Steven M. Bragg

ACL ESSENTIALS. Get insight into your ERP process health, compliance & financial exposure ACCOUNTS PAYABLE

<Insert Picture Here> JD Edwards EnterpriseOne Financial Management

INTERNAL CONTROLS REVIEW PROGRESS REPORT Highlighted items have been completed since last report in January 2016


Enter Invoice. Invoice. No Holds. Approve Invoice. Pay Invoice. Reconcile Payments

Financial Controls Checklist

The Best of Crimes, the Worst of Crimes: Fraud Stories That Prove the Truth Is in the Transactions

Ten Payment Fraud Protections

CFC U.S. Bank One Card. Tuesday, July 12, 2011

INTERNAL CONTROLS REVIEW PROGRESS REPORT Yellow highlighted items have been completed/validated since last report in August 2016

Internal Control Checklist

Finance Committee, Board of Health Elizabeth Bowden, Interim Director of Administrative Services FINANCIAL CONTROLS CHECKLIST

INTERNAL CONTROLS REVIEW PROGRESS REPORT Yellow highlighted items have been updated since last report in October 2017

Fraud Risk Management

INTERNAL CONTROLS REVIEW PROGRESS REPORT Yellow highlighted items have been updated since last report in October 2016

Microsoft MB6-871 Exam Questions & Answers

Managing Risk in Your P2P Process: 10 Ways that Automation Can Help Mitigate Risk

Electronic accounts payable: increasing compliance, control and security

EMPLOYEE FRAUD OPPORTUNITIES CHECKLIST

Financial Management. Control your bottom line with accuracy and real-time global visibility while accommodating local operational requirements

Activant Prophet 21. Getting Started with Voucher Creation

You can easily view comparative data and drill through for transaction details.

FINANCE FUNCTION PROCESSES AND PERFORMANCE MEASURES

Oracle ERP Cloud Period Close Procedures

Account Determination in SAP

How to stop improper payments: A focus on government vendor risk

Internal Audit Report Accounts Payable September 2017

7 th - Houston IIA Conference. Optimizing Analytics. Presented by Philip Billeaud

CHAPTER 2: WORKING WITH GENERAL LEDGER ACCOUNTS

Scrap Dragon to QuickBooks Interface Revised 10/2/14

Van Sales. Ver : 1.6 AT/F/PR 07 Date : 12/07

Finance Month End. Deltek Maconomy Deltek, Inc. Deltek proprietary, all rights reserved.

Kianoff & Associates Crystal Clear Reports for Sage 100

IT Service Delivery And Support

Making Progress with epayables

SMALL BUSINESS FRAUD ASSESSMENT INTERNAL CONTROL QUESTIONNAIRE Download your risk assessment form at

Risk assessment checklist - Purchasing cycle

Lawrence Berkeley National Lab. Observations from Audit Procedures October 17, 2005

Letting the Data tell the Story

Use of Forensic Data Analytics in Investigations. Gerry Zack, CCEP, CFE, CIA CEO SCCE & HCCA Minneapolis, MN

Contract and Procurement Fraud

Reports. REFERENCE QUICK GUIDE Acumatica ERP 6.1

Credit Cards & Purchasing Cards (P-Card) (USFR Memorandum No. 253)

Activant Prophet 21. Perfecting Your Month and Year End Closing Routines

Once you have completed this topic, you will be able to create and verify opening balances for Business Partners.

Fraud Risk Management

DATATRON Features Order Entry (Invoicing)

Division of Student Affairs General Fund Units Internal Control Questionnaire FY 2012

SAP FICO Course Content

Leverage T echnology: Move Your Business Forward

Accenture Profit Recovery and Analytics

Contract and Procurement Fraud

SAN FRANCISCO COURT APPOINTED SPECIAL ADVOCATE PROGRAM

Question: 1 Which four statements are true about modifying a payment batch? (Choose four.)

What Happens When Internal Controls Fail

SECTION III. ACCOUNTING GUIDELINES AND DOCUMENTS

INTERNAL CONTROLS REVIEW PROGRESS REPORT

Global Enterprise Model (GEM) for Utilities

Sage ERP X3 Finance

2. Which of the following statements is true when configuring a group chart of accounts?

Material available on web at

Bisan Enterprise. Governmental Edition. A New Dimension in Financial Management Applications

PeopleSoft PO BILLING--> Peoplesoft FSCM Course Content details

A Financial Executive s Guide to Internal Controls & Fraud Prevention in the Cloud

5 Ways Excel Accelerates Your Return On SAP FICO Business Processes

FRAUD SCHEMES. South Carolina HFMA Finance & Reimbursement Forum. November 13, 2012 WITH RELATED INTERNAL CONTROLS

MAC CONTINUOUS AUDIT REPORT st QUARTER

Foundation Pack (ID: 14,005,200) Designed for Dynamics NAV 2009 Classic or RTC with 49 great features all in one FOB

MIS 5208 Week 2 Fraud Detection & Prevention

Division of Student Affairs Internal Control Questionnaire FY 2011

CHAPTER 9 TESTS OF CONTROLS

2/27/2017. Segregation of Duties/ Internal Controls. Objectives. Agenda

Top 25 Tests for Analytic Superheroes

Welcome to the introduction of the Intercompany Integration Solution for SAP Business One. In this course, we present the highlights of the basic

Using ACL For Journal Entry Analysis

SPECTRUM+ SYSTEM. Accounts Payable. Regular Voucher Entry. User Guide for Departments. PeopleSoft Version 9.2. Revised 9/16/2015.

SYSTEMS ALIF I N D E X. Overview 2. Accounting Functions 3. Supplier Management 5. Receivables Management 6. Reports 7.

A Comparison between SAP B1 & Tally ERP

Contract and Procurement Fraud. Fraud in Procurement without Competition

Seattle Public Schools The Office of Internal Audit

AP Automation: The Paperless Solution for Payables

Automating Audit Analytics: The benefits, the concepts and the road to Continuous Auditing

Seminar Internal Control Identification and Filtering

Kua O Ka La s Financial/Accounting Policies & Procedures

Data Exchange Module. Vendor Invoice Import

v10.5 Enhancements List

Transcription:

Leveraging Data Analytics to Expand Audit Coverage and Add Organizational Value Clint McPherson Managing Director, Dallas, TX Cindy Hart Manager, Dallas, TX

Setting the Stage - Data Analysis Defined Data Analysis CAATS Data Analysis is. the extraction of data from a client s information system in order to perform data selection, classification, ordering, filtering, translation, and other functions to provide the client with information about their business Data Miningi processes 2

What is Data? Name Div Sales Amount Employee ID Transaction Date User Name Transaction Type Quantity Customer Number Price G/L Account 3

Data Becomes Reports Name Div Sales Amount Employee ID Transaction Date User Name Transaction Type Quantity Customer Number Price G/L Account Data File Inventory Report Warehouse Part Description Quantity Unit Cost Extended Cost Quantity 1 5340 XJ4701 540 1.65 891.00 Part Number Unit Cost Client Application Program Warehouse Number 10 5560 1 5560 LN502 1005.79 793.95 4 4061 SR437 6057.85 5148.45 4 9011 CF605 275 2.25 618.75 LN502 850.74 629.00 10 4831 JR864 579 1.15 665.85 4

With Data Analysis YOU Design Reports Name Div Sales Amount Employee ID Summarized by Part Number Transaction Date User Name Transaction Type Quantity Customer Number Price G/L Account Data File Extensions & Footings Verified Quantity Part Number Unit Cost Cust Name Cust ID Data Analysis Techniques Excess Inventory Warehouse Number Unusual Items 5

Benefits from Internal Audit s Use of Data Analytics Benefits Include: Increased testing coverage (100% of population) Improved timeliness of testing Greater visibility Independent testing Creation of Fraud Testing Environment Improved consistency More efficient allowing focus on overall process efficiency and effectiveness Cost-effective solution Greater confidence in your SOX initiatives The Auditing Profession is entering the Age of Continuous Auditing This is the Fourth Age -- (Age of Inspection & Re-performance, Age of Control Focused Auditing, Age of Risk Based Auditing) Annual Audits are being viewed as untimely and obsolete Internal Control issues are expected to be reported almost immediately 6

The 6 Elements of Infrastructure Policies define processes Process assigned to key owners Informed decisions based on reports Information facilitates definition of controls Automation and data integrity meet needs Business Policies Business Processes People & Organization Management Reports Methodologies Systems & Data Risk if element is deficient: Process does not carry out established policies or achieve intended result People lack the knowledge and experience to perform process Reports do not provide information for effective management Methodologies do not adequately analyze data and information Information is not available for analysis and reporting 7

Critical Success Factors & Common Pitfalls Business Policies Business Processes People & Organization Management Reports Methodologies Systems & Data Focus on what matters: Fraud, Waste & Abuse Compliance Business Performance Monitoring Risk across the Organization Link the program to business objectives Articulate the specific benefits of investing in a program and the implementation strategy 8

Critical Success Factors & Common Pitfalls Business Policies Business Processes People & Organization Management Reports Methodologies Systems & Data Define a high-level process Inputs Activities Outputs Identify source of inputs How is information captured? How will inputs be validated? Determine types of activities that will be performed Data Analysis & Investigation of Anomalies Manual Audit Procedures Identify expected outputs & audience Define periodic reporting process 9

Critical Success Factors & Common Pitfalls Business Policies Business Processes People & Organization Management Reports Methodologies Systems & Data Obtain executive support for the program Identify all key stakeholders Champion Program management and executers Data providers Recipients of detailed results and periodic summaries Understand needs of key stakeholders Obtain buy-in for program from key stakeholders Identify and develop required skills & competencies Identify and address organizational obstacles 10

Critical Success Factors & Common Pitfalls Business Policies Business Processes People & Organization Management Reports Methodologies Systems & Data Identify data requirements for the program What information is required? Where is that information stored? Who can provide the information? Design a standard data request format Timeline Source & Required Data Background Information Define data validation process & reporting Define reporting requirements by stakeholder What information does the audience want and what questions do they want answered? How will detailed results be summarized? Who will make conclusions based on the results? 11

Critical Success Factors & Common Pitfalls Business Policies Business Processes People & Organization Management Reports Methodologies Systems & Data Define test scope & tolerances Develop testing procedures ( rules ) Select or build application, if applicable Understand standard queries Select applicable procedures Embed queries into application Test logic and confirm results Provide adequate training to applicable stakeholders Automate as many rules as practical System-based audit targets Manually-intensive audit targets 12

Critical Success Factors & Common Pitfalls Business Policies Business Processes People & Organization Management Reports Methodologies Systems & Data Understand how applicable data is captured & reported in operational and financial systems Procurement through Payment Sale through Cash Application Payroll & Expense Reimbursement General & Sub-Ledgers Bank information External Databases Understand system interfaces (automated & manual) Advocate automating data capture where practical Know the audit tools available and their capabilities Select the right tools for program/procedures Focus on driving efficiency over time vs. initial investment 13

So, this is all great stuff Clint but how do we use this and what are some good examples?

Data Analysis - Suggested Approach 15

Possible Examples for Consideration G/L and Journal Entry Examples Travel and Entertainment Examples Benford s Law on Journal Entries by User Journal Entries identifying outliers (Uncommon Accounts, Profit Centers, Cost Centers) Manual Round Dollar Entries Unusual Posting Dates/Times Analysis of Split Entries (Entries just below Approval Threshold) Analysis of Suspense, Clearing, and Intercompany Accounts Credits vs. Aged Invoices Reversed Month End Journal Entries Entries within Accounts Inactive Accounts Entries Calculate and sort percentage variances in GL accounts between periods Spend by Employee Large Dollar Expenses Identification Analysis of Expenses by Employee (just below threshold, Non-Timely Expense comparison of employees Submission expensing duplicates, expensing airfare but no hotel (vice versa), expensing car but no airfare, etc) Analysis of MCCG and MCC of T&E or P-Card Transactions Benford s Law Analysis on Employee Expenses Expense Dollar and Volume Stratification Inactive Employee Spend Analysis Spend by Expense Type Expense Analysis by Category (e.g., Airfare, Office Supply, Cell Phone, Professional Dues) Per Diem Expense Identification and comparison to trips, policy threshold, and potential duplicates in meal reimbursement and per diem Duplicate Expense Submission Analysis of Weekend Transaction Dates Analysis of No Activity from Personnel in Expense-Centric Departments 16

Case Study 1 Background Organization: Global management consulting, technology services and outsourcing company with offices and operations in more than 50 countries and annual revenues in excess of $21 billion. Internal Audit (IA) personnel were using ACL to perform limited analyses as part of quarterly company-wide Journal Entry (JE) reviews of more than 13 million journal entry lines. All analyses were performed manually through the ACL graphical user interface. IA personnel were using Excel to perform limited analyses for employee Time & Expense (T&E) testing. Implement routines (i.e., scripts) in ACL to automate the existing limited JE and T&E Project analytics. Objectives Create additional automated testing routines to be executed ec as quarterly Continuous o Controls Monitoring (CCM) procedures. 17

JE Testing Overview Quarterly Company-Wide JE Review Data integrity testing such as reconciliation to control totals, analysis of reporting period, search for blanks in key fields, etc. Analysis of JE approvers to those on authorized list, analysis of manual and automated entries by document type, identify entries where document header or line item text is blank, etc. CCM: Data Exploration Classify unique values for key data fields including: company code, transaction code, manual vs. automated flag, year/period, and currency Statistics on amount and posting date fields CCM: Duplicates Testing Identify duplicates (same account and amount) for manual JE s CCM: Fraud Analytics Keyword search for items such as plug, miscellaneous, temporary, adjust, etc. Entries posted in top 10 countries in the corruption perceptions index listing All manual JE s with same person to enter and post CCM: High Risk Account Entries Identify all entries posted to high risk accounts CCM: Timeliness of Postings Analysis Calculate number of days between JE entry and posting dates 18

T&E Testing Overview General Data Overview Create record count and dollar amount totals by Year and Month (i.e., to reconcile to control totals) Classify unique values for key data fields including: expense type and entry date Identify the top 100 highest and lowest transaction amounts Statistics on amount field T&E Population Analyses Identify transactions just under $25 threshold for receipts per US Policy Extract all transactions that are round multiples of $100 Approval threshold analyses for certain expense types per policy, including : Training / Publication > $500, Business Meals > $1,000, and Travel / Other > $500 Identify potential duplicates using multiple sets of criteria Expense Type Analyses Identify all transactions for certain expense types assessed to be high risk, including: Gifts, Floral, Tickets, Promotional Items, Miscellaneous, Non- Std Office Supplies, Technology Supplies, and Charitable Contributions Key Word Search Keyword search for items assessed to be high risk such as gift, car repair, rent, pet, movie, apartment, doctor, furniture, laptop, p clothes, tuition, laundry, etc. 19

Summary Of Value JE Testing Sample Results from One Quarter Reduced amount of time to perform quarterly JE review procedures including manual analyses through the ACL GUI from approximately 40-60 hours to 15-20 hours Additional CCM test results: 5,500 journal entries (more than 28,000 journal entry lines) where same individual entered and posted the JE Nearly 15,000 JE lines just under the $25K approval threshold 137 JE lines with the word plug, 7,800 JE lines with the word miscellaneous, and nearly 5,000 JE lines with the word temporary 164 JE s where the posting date was more than 30 days before the entry date More than 75,000 journal entries posted in countries in the top 10 of the Corruption Perceptions Index, including nearly 30,000 journal entries with line amounts greater than $25,000 T&E Testing Sample Results from One Quarter Identified more than 2,500 expense transactions with the word wine, 175 containing the word laundry, more than 150 with the word golf, 25 with the words doctor or surgery, 17 with the word clothes, and12 with the word ipod. Identified nearly 5,500 transactions with round dollar amounts that are multiples of $100 Identified for additional testing all transactions requiring separate approvals per policy, including 875 transactions exceeding the business meal threshold, 325 above the training/publications threshold, and more than 7,500 exceeding the other expense threshold. Identified more than 8,000 potential duplicate transactions with the same Personnel Number, Expense Date, Charge Code, Expense Type, and Amount. 20

More Examples for Consideration Procure-to-Pay Examples Order-to-Cash Examples Information Technology Vendor Master File Analysis # of Inactive Vendors with Activity Payments to Inactive Vendors Duplicate Vendors, Invoices, Payments Analysis of Cash Receipts and Verifying i access rights are in Timely posting compliance with policy/templates Customer Credit ranking aligns with Policy Requirements (amounts, authorization) and Perform Analysis on Customer Activity (payments and credits) Analysis of Write-off Transactions (authorization, timeliness) DSO Analysis by Order Date, Bill Date and Payment Received Date Vendor to Employee Match Benford s Law Analysis - Invoice, Payments, PO, and/or Credit Analysis Missed Discounts Late Payments Authorization and Analysis of PR, PO, Date, and Payment Received Date Invoice, and Payment Analysis of Unfulfilled Customer Purchase Orders Aging and Analysis of AP and Credit Processing User Analysis between Processing Holiday Activity A/R invoices, posting to the sub- Void/Reissue Payment Analysis ledger, and cash receipts Payment Gap Analysis Analysis of Customer Account Aging Holiday Activity User Analysis between Vendor Setup, Voucher, and Payment Processing Analysis of Debit Memos/Adjustments Analysis of Overpayments/Refunds (unused credits) Multi-system segregation of duties analysis Last user sign on Comparison to employee master records Duplicate employee IDs Change Management authorization New Hire/Terminations i Problem Management Analysis Analysis of system logic to verify procedures (e.g., write-offs, refunds) are programmed accurately Report benchmarking determine the accuracy of system reports by utilizing actual transactional and master data (i.e., compute what the values should be based on business rules and then compare to actual monthly reports) 21

Sample Results - Supplier Statement Audits Supplier statement reviews can be a significant driver for identifying unused credits or outstanding checks, which result in near term cash recovery. Example Vendor Credit Summary B ERP 1 ERP 2 ERP 3 Root Cause Count Dollar Count Dollar Count Dollar Adjustment 1 $889 9 $35,042 1 $126 Duplicate payment 16 $40,598 18 $63,790 3 $10,430 Overpayment 24 $18,009 21 $53,345 13 $10,626 Rebate 3 $1,858 37 $28,284 - - Return 26 $126,307 51 $52,123 6 $8,778 Unapplied cash 14 $60,341 74 $74,502 6 $5,344 Unknown 22 $48,467 21 $29,385 4 $36,897 Total 106 $296,469 231 $336,471 33 $72,200 5,725 Suppliers Received responses from 61% of suppliers totaling 63% of spend 3,468 Responses 94 Suppliers with Credits 370 Credits $705K Recovered Example Key Findings Aged items on account were surfaced to the organization to enable them to readdress these with the vendor for more immediate resolution Credits being received by plant locations, but not being sent to the Shared Service Centers for processing Unapplied Cash and Returns were the most prominent root causes of credits 22

Sample Results - Payment Terms Non-standard or unfavorable payment terms should be analyzed to determine opportunities for either payment discounts or extending to more favorable terms. 131K, 45% Invoice Spend Totals by Payment Term Unfavorable Terms 106K Invoices (37%) Net 30+ No Discount Discounted Terms 17% Discounted Terms 17% 28K, 10% 25K, 9% 6K, 2% 34K, 12% 13K, 4% 11K, 4% 10K, 3% 6K, 2% 26K, 9% 40% Net 30+ No Discount <30 Days No Discount <30 Days No Discount 43% 43% 40% Observations 85% of all non-discount invoice terms required payment in less than the standard 30 day payment terms $197M in invoice spend (17%) had immediate payment terms 23

Fixed Assets Estimating / Recalculating Aging CIP depreciation Verifying accumulated depreciation does not exceed cost for any asset Identifying credit assets Identifying land that is depreciating Identifying assets assigned out of policy useful lives Determining assets set up with cost below capitalization threshold Estimating impact to P&L of increasing / decreasing capitalization threshold Reviewing for assets set up in duplicate Facilitating Item Master clean up Negative Depreciation Inconsistent / Outlier useful lives / Depreciation methods Post-addition percentage analysis (how much more cost added after depreciation started) Aging of fully depreciated assets Analysis of Asset Classification (Leased vs. Fixed or Long-Term vs. Short- Term) Comparison of Asset Turnover Ratio compared to industry average 24

Inventory Summary of Inventory by Type Inventory vs. Sales analysis Inconsistent costing Inconsistent units of measure with the same unit costs Verify category type Extended cost analysis Quantity analysis Per unit cost analysis Current vs Prior year cost comparison setup Reports of unit cost changes (Based on P/Y Quantities, C/Y Unit Costs) Sales analysis Potential excess inventory Margin review User analysis between purchase order and receipt Inventory adjustment analysis (write-offs) by items, users, locations, transaction type, and time of day Inventory adjustment analysis (returns) by items, users, locations, transaction type, and time of day Analysis of scrap activity Negative inventory balances and/or inconsistent fluctuations in inventory accounts between months 25

Lessons Learned Senior Management buy-in crucial for the success of any controls monitoring project Understanding of requirements, documentation and change request procedures Involvement of IT earlier on during the project Test, test and test Focus on high risk processes YOU have a tremendous opportunity to drive value and be an agent of positive change in YOUR organization! 26

Questions / Open Discussion 27

Thank You!

Contact Information Clint McPherson Managing Director, Dallas Office: 469.374.2438 Mobile: 214.215.8374 clint.mcpherson@protiviti.com Cindy Hart Manager, Dallas Office: 972.788.8505 Mobile: 817.253.9176 cindy.hart@protiviti.com Powerful Insights. Proven Delivery. Powerful Insights. Proven Delivery. 29

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback