In recent years, there has been an increasing focus on financial crime in both public and private entities. The press coverage of money laundering, tax fraud and employee embezzlement of public funds is greater than it has been in the past several years. This increased awareness leads to an increasing expectation that we must detect and punish financial crime.
It is a wonder why big data and analytics are not mentioned more often in the debate. Experts recognize analytics as one of the most important tools in the fight to identify and resolve financial crime.
How big is the problem?
An estimate from PwC indicates that procurement is one of the areas most prone to fraud. International organizations, including the Association of Certified Fraud Examiners and the English CROWE, indicate that the number of errors, fraud and abuse is on average 5% of public/private entities' procurement. In other words, if your organization purchases DKK 1 billion, there will most likely be a high risk of DKK 50 million in fraud. In addition, international institutions point out that:
- The process of identifying fraud is complicated. Typically 18-24 months pass before an organization identifies and acknowledges that it has been subjected to fraud.
- Typical perpetrators have been in the organization for a long time (over 10 years), and only 4% have been previously convicted of fraud.
- Fraud is committed at all levels of an organization. And people at the highest management level commit almost 20% of it.
Fraud does not start out as fraud
One of the reasons why fraud is both widespread and difficult to uncover is that there are many different types of fraud. And most often it occurs as errors, which if not detected, will be tried again and again, becoming more systematic.
This means that fraud may not start with the perpetrator intending to profit from it, but that those involved gradually read the possibilities, and then develop and refine the fraud, possibly other people, internally or externally. This makes it even more complicated to uncover what is happening.
Some of the typical types of fraud are double invoicing, splitting orders/invoices in order to keep the value below a limit for extra processing, agreed action between two or more individuals (can be both internal and external) and payment for items that are never delivered. Furthermore, employees often have financial interests in companies that serve as suppliers.
Generally, all types of fraud bypass internal processes. Organizations design their procurement processes to balance rigidity and flexibility. The process must be rigid enough to be difficult to circumvent, but flexible enough that procurement can be carried out efficiently, without undue costs in the form of checks or disruptions to internal operations.
Problems with manual monitoring
This means that it is not enough for a company that wants to systematically fight fraud and ensure good control to tighten up procurement and payment processes by adding extra checks of the individual processes. For example, there may be an extra check of payments over DKK 10,000. If you want to safeguard a company effectively against fraud, there must be a more systematic follow-up and monitoring of process compliance.
An internal or external auditing function typically performs such monitoring, whose task is to dive into the volume of data on procurement and payments in order to identify and verify fraud. This is often a time-consuming, manual – thus costly – process that often uses random samples or checks on leads from whistleblowers. In some cases, auditors find collusion between the perpetrator of the fraud and the person who should monitor for it.
Moreover, it takes a lot of experience, and possibly great ingenuity, to manually identify new patterns in the enormous amount of procurement-related data.
Continuous monitoring
The solution is to use analytical tools to constantly monitor compliance with processes and rules. At SAS, we call this continuous monitoring.
Continuous monitoring automates a number of the functions that are currently manual. First, the solution extracts millions of data records from the relevant systems, including purchase orders, invoices, payments, HR data, etc. Afterwards, the data is cleaned and prepared for the actual analyses of anomalies, patterns and events that can identify possible fraud, error and misuse.
Continuous monitoring with the support of analytical tools is far more effective than the more traditional audit. The main differences are:
- Analysis of ALL transactions. Full analysis not only proportionally increases the chance of finding fraud, but is crucial for effective identification of anomalies and patterns.
- Automated data integration, cleaning and preparation. A good data basis is essential for finding fraud. Experience shows that 80% of the time spent on auditing goes to locating, compiling and cleaning data. Automation of these processes will free up time for the more important task of monitoring for fraud.
- Using artificial intelligence. You can look at AI as the automation of cognitive processes. This means that the problems that traditionally require human logic to solve can be handled efficiently and often more precisely by computer. Today, AI can improve all stages of the process, from data cleaning to reporting.
- Known vs. unknown scenarios. In our experience, companies will be able to automate simple rule-based controls that capture known scenarios of error, fraud or misuse. In the worst-case scenario, such controls increase the possibility of fraud, as new scenarios go under the radar.
The value of AI for detecting errors, fraud and abuse
Artificial intelligence is an essential element in building an effective procurement monitoring process. The Association of Certified Fraud Examiners points out that the use of data and analysis is among the most effective elements in reducing loss and resolution time. Using AI to complement more traditional analytics only reinforces this trend. You can apply artificial intelligence to many of the key tasks of the overall analytical process:
- Cleaning and compiling data.
- Preparing data.
- Generating and analyzing networks.
- Identifying anomalies.
- Scoring the potential for fraud, error and abuse.
Artificial intelligence, therefore, provides fraud investigators with the best opportunities for efficiently identifying possible fraud, prioritizing scenarios and documenting their investigation. Thus, in addition to reducing the organization's financial losses, this strong management tool also reduces the risk of bad publicity. And it conveys that you are working purposefully to avoid fraud because it is unacceptable.
How can I find out more
For decades now, SAS has helped companies safeguard against fraud. The lessons learned have been brought into the SAS Continuous Monitoring for Procurement Integrity solution.
Sources:
- Report to the nations – 2018 Global Study on Occupational Fraud and Abuse, Western Europe Edition. Association of Certified Fraud Examiners.
- Annual Fraud Indicator 2017 – UK Fraud Costs Measurement Committee, CROWE.