- The sheer volume of data generated by many organisations is often too large for manual analyses.
- Data analytics plays a key role in helping auditors ask better questions.
- Analytics can be an efficient tool to identify potentially fraudulent transactions.
Auditors use analytical techniques day in and day out. We take the numbers provided by our clients and work to validate that the accounts fairly represent the financial position of the companies and entities we audit. Our analyses range from footing, or casting, to tracing, recalculating and estimating.
However, in many organisations (even small organisations) the amount of data and the number of transactions forming the accounts is too great to be able to perform such procedures manually. With more data available, there is a need for more sophisticated analyses as fraudsters look to hide transactions or manipulate the accounts.
Many people expect data analytics will provide the answers, solve the problems and tell them what to do next. This is an expectation that cannot be met. However, data analytics can help you understand information and provide insights so you can ask more informed questions.
Here is an example. A data analytics review of payroll to determine if there are employees collecting payroll under multiple names doesn’t guarantee the employees are committing a fraud. It may be that there are two employees in a relationship who share a bank account. The data analysis allows the auditor to ask the question and perform additional procedures to determine if a fraud has in fact occurred.
Without data analytics, the questions would be far more general in nature, for instance, “Are you aware of any employees defrauding the company through ghost employees?”
Identifying potential frauds
Data analytics can also help identify potential fraud by allowing auditors to see trends in transactional data that previously may not have been recognised.
A well-known tool for fraud analysis is Benford’s Law (also known as the Law of Leading Digits). Benford’s Law can identify transactions that may be meant to bypass certain controls. For instance, let’s say the company you are auditing has a delegation limit of $5000, where payments under $5000 need only one manager’s approval. If analytics identifies more transactions beginning with a “4” than expected, this may be an indicator that transactions are being split to bypass the $5000 limit. Of course, this analytical technique won’t confirm a fraud, but it will identify transactions where questions may need to be asked.
Another technique that can be used to identify potential fraudulent activity is file comparison. It should be expected that companies have in place controls that require approval for edits to the payroll master file or the vendor master file. A common fraud, where such controls are weak, is for someone with access to those master files to edit the bank account details or payment methods for certain vendors or employees, resulting in the payments being made to an unauthorised person. Using data analytics it is possible to compare prior periods to the current period to identify all changes to master data files.
An example analysis is to obtain the current vendor master file (the accounts payable system file that records the vendor name, bank account, address, phone number and other important information) and obtain the vendor master file for the previous month. Using a file comparison function you can then compare record-by-record to identify changes, additions and deletions from the file. Where there are changes, additions or deletions, the auditor can then examine these to understand the authority for the change, and confirm that the changes were correct. Changes that cannot be verified will need to be investigated further.
Discover more on the role of analytics in audit
David White is a speaker Audit Conference 2018 New ZealandClick here