2013 CliftonLarsonAllen LLP Using Data Analytics as a Management Tool to Identify Organizational Risks Government Finance Officers Association of South Carolina October 13, 2014 cliftonlarsonallen.com
Objectives Discuss how data analytics can be used to better identify various risks in an organization. Encourage you to use technology to protect the organization. Demonstrate the power of data analytics using a case study.
What and Why Data Analytics? Data analytics is the process of accessing, normalizing, and modeling data with the intent of discovering useful information Often consider a forensic tool Much more can be learned about your organization Large organizations such as States and Municipalities process very large amount of data and often in a decentralized manner Risk of misappropriations Risk of management override of internal controls Risk of the unknown
Misconceptions It s hard. It s time consuming. It s expensive. It s an audit tool. Get it done Outsource it Get trained and get coached
Organizational Studies What is normal for my organization? What is abnormal? Who is working in the system? When are they working in the system? Who is making all those journal entries? What systems feed information to the financial system?
Types of Risks and Areas of Analysis Accounts Payable Purchase Cards Payroll Travel and Entertainment Expense Journal Entries Fictitious vendors Fictitious, inflated and / or duplicate invoices Structured payments Conflicts of interest Kickbacks Bid-rigging Duplicate purchasing and reimbursement schemes Unauthorized and/or improper purchases Unauthorized users Unauthorized SIC codes Ghost employees Improper supplemental payments Improper bonus or incentive compensation payments Inflated salaries Inflated hours False or inflated reimbursement submissions Improper use of corporate credit card Purchase for personal use Duplicate purchasing and reimbursement schemes Unbalanced journal entries Improper management override Improper expense capitalization Improper revenue recognition Entries to unusual or seldom used accounts Improper or unauthorized user activity Foreign Corrupt Practices Act Entries during nonbusiness hours
Types of Risks and Areas of Analysis Accounts Receivable Inventory Revenue Non- Financial Fictitious customers Lapping Fictitious, inflated, duplicate or unnecessary purchases False or inflated sales Fictitious customers Weblog analysis Building access logs Credit balance fraud Offsets with unauthorized or improper expenses Improper AR aging Theft through improper write-off Excessive shrinkage Improper commission or bonus payments Revenue recognition abuses including channel stuffing, liberal return policies or bill and hold schemes Computer print reports Client proprietary database analysis
Specific Risks Internal control overrides Avoid purchase authority escalation Journal entries General disbursements Payroll Receipting
Tools Data Extraction Tools IDEA ACL Excel Pivot tables Formulas
State Pension Plan Brief Case Study
Cash Disbursement Testing: Objective - Test 3.1 Million Payments Totaling $7.0 Billion 123 ft 360,000 pages Challenges faced by us: Each monthly report provided by the State: Was in a massive.pdf print report format, each monthly files was approximately 15,000 pages There were 3.1 Million payments in FY 2013 The files were too large to print and so large they crippled laptops 6 ft
Cash Disbursement Testing: The Monthly Report was Over 15,000 Pages 2013 CliftonLarsonAllen LLP
Time and Effort Most Systems Provide Data in a Usable Form Obtaining Data Normalizing Data Analyizing Data
Cash Disbursement Testing: Understanding the Data and Year over Year Comparisons We were able to analyze the files and compare activity from FY 2013 to FY 2012
Benford s Analysis FY 2013 FY 2012
Another Benford s Analysis Two-Digit Test on General Disbursements 2013 CliftonLarsonAllen LLP
Stratification by Payment Amount FY 2013 FY 2012
Cash Disbursement Testing: Abnormal Payments Specific Analysis that would be difficult/impossible without Forensic Data Analysis: Payees whose payments amounts varied significantly
Cash Disbursement Testing: Specific Analytics Specific Analysis that would be difficult/impossible without Forensic Data Analysis: Retirement Numbers that had more than one name associated
Show Vendor Analysis Expenditures by vendor by month and year Sparkline Uses Vendor analysis Spending analysis
Cash Disbursement Data Analysis vs. Traditional Procedures Data Analysis Imported 100% of data Reconciled totals to F/S for Completeness Testing Summary Results that tie to F/S balances and compared to PY Run specific queries from which to make Risk Based selections for test work More efficient - Analysis FY 2013 procedure took only about 60% of the time of FY 2012 Traditional Procedure Random Sampling No Completeness Testing Less efficient
Consider How much data is collected in your organization? How quickly can you analyze the data for management decisions and internal risks? As Financial Director s do you believe you have your hands around all the organization s transactions?
2013 CliftonLarsonAllen LLP Sean M. Walker, CPA, CGFM, CGMS Principal State and Local Government 410-308-8081 Sean.Walker@CLAconnect.com cliftonlarsonallen.com twitter.com/ CLA_CPAs facebook.com/ cliftonlarsonallen linkedin.com/company/ cliftonlarsonallen 24