View
51
Download
0
Category
Tags:
Preview:
DESCRIPTION
Continuous Transaction Monitoring. Introductions. Oversight Systems Patrick Taylor, CEO Mark Converse, Director, Sales/Business Development Stephen Barbarisi, Regional Sales Director. Internal Audit Trends. 2009. 2010. Cost of Compliance Focus Resource reductions (25%) - PowerPoint PPT Presentation
Citation preview
1 oversightsystems.com
Continuous Transaction Monitoring
2 oversightsystems.com
Introductions
Oversight SystemsPatrick Taylor, CEO
Mark Converse, Director, Sales/Business Development
Stephen Barbarisi, Regional Sales Director
3 oversightsystems.com
Internal Audit Trends
2009
Cost of Compliance Focus
• Resource reductions (25%)
• Outsourcing considered
• Technology leverage considered… delayed
Value Creation/Continuous Improvement
• Internal Audit: Fact-based, data-driven
• IA: Advise the “business”
• IA: “Enable” the business
Increased Board Activity
• Overall risk exposure
• Specific risk “initiatives”
Automate “Low Value” Tasks
• “More with less…”
• Focus on high value, bottom line results
• Leverage advanced technology
2010
4 oversightsystems.com
Compliance Benefits/Risk Improvement
• “In-process, real-time” controls• Extend existing
system controls• Replace, automate post
transaction audits
• Gain visibility/accuracyinto business
• Policies• Stakeholder behaviors• Process improvement• Financial accuracy
• Audit Automation• Expanded use of data
analytics• Detect fraud early
OperationalBenefits
• Deliver bottom-line results
• Automate “lower value” tasks• Auditing/QA• Account reconciliations
• Real-time continuous improvements
• Detect issues early• Errors• Bottom-line/cash flow
improvement opportunities• Waste, abuse
• Establish a “detection adjudication/resolution” capability
Why Continuous Transaction Monitoring?
5 oversightsystems.com
Fraud Statistics
Typical organization loses 5% of revenues to fraud• Median loss $160K, 25% of loses >$1M• Significantly higher for financial statement fraud, median >$4M
Asset misappropriation the most common
Recovery is low, only 20% recover significant amounts of losses
Controls work: organizations with more robust fraud controls had lower losses
85% of perpetrators have never been charged before
13% of employees will steal if given the opportunity
Source: ACFE 2010 Report to the Nation
6 oversightsystems.com
Other Relevant Statistics
1.6% of vendor payments have errors• Similar for companies with a high degree of automation
3.6% of vendor invoices contain errors
Companies average 1.1% error rates in T&E
Invoice input error rates – average 15.6%
43% of companies never clean Vendor Master File• Leads to other issues: fraud, duplicate payments, missed discounts
Duplicate payments are still a problem• Approx 20% of companies report duplicate payment rate > 0.1%
39% of companies had check fraud in past two years• 70% in large companies (> 5000 employees)• % is growing
Source: IOMA 2007 Benchmark Study
7 oversightsystems.com
What Value Does Oversight Deliver?
8 oversightsystems.com
What Value Does Oversight Deliver?
• Regulations- SOX
• Best practices- COSO- GRC Program
• Internal policies/ procedures
• Audit Automation
• 100% transaction review
• Fraud- Employee- Vendor
• Policy/procedures- Procurement- T&E- Corporate cards
• Improper payment- real-time error prevention- Errors- Fraud/misuse
• Un-recovered payments
• Cost of capital• (Margin
optimization)
• Resource optimization
• Error correction• Audit fees• Internal audit
efficiency
• Reporting reliability• Decision support• Automated testing/reporting
• Transaction-level analytics• Process improvement
9 oversightsystems.com
CCM-T Application Components
Example Transaction Process: Revenue Cycle
Libraries of Data Analytics
Disparate Source Systems
ExceptionIdentification
Analytics Engine
Reporting
ExceptionResolution
Documentation
Insights/Reporting
• Monitors Controls • Embeds Audit
Best Practices in Process
• Risk Ranking
HR Data Legacy SAP
Data Extraction
CUSTOMERMAINTENANCE
SALES ORDER INVOICE RECEIVING CASH RECEIPT CASH
APPLICATIONRMA/RETURNS
SAPCCM-T Application
UI and Workflow
10 oversightsystems.com
Representative Monitoring Value Propositions
Financial Process Hard ROICompliance/Risk
GeneralLedger
G&A Cost Efficiency Audit Cost Reduction
Financial Reporting Accuracy Inappropriate Employee Behavior
Orderto Cash
Margin Improvement G&A Efficiency
Policy Compliance Error Reduction Operational Controls/Visibility
Procureto Pay
Prevent Cash Leakage G&A Efficiency
Policy Compliance Error reduction Operational Controls/Visibility Inappropriate Employee Behavior
P-Card/T&E
Prevent Cash Leakage G&A Efficiency
Policy Compliance PR Risks Operational Controls/Visibility Inappropriate Employee Behavior
11 oversightsystems.com
Introduction to Oversight Systems
The Company
• Leader in continuous transaction monitoring
• Software company
• Headquartered inAtlanta, Georgia USA
• Recognized by Forbes, “Big 4” and industrytrade associations
• Best practices focusand approach
Continuous Transaction Monitoring
• Automated, in-process
• 100% transaction review & prioritization
• Extracted from multiple data sources
• Pre-defined monitors
• Operational policy
• Policy adjudication workflow
• Financial transaction process monitoring• General Ledger Order to Cash• HR / Payroll Procure to Pay• PCard/T&E Custom
12 oversightsystems.com
Continuous Monitoring: Emerging Best Practice
Oversight Clients:Monitoring $500B+ Transactions
13 oversightsystems.com
Finance & Accounting Functions
Continuous Monitoring Adoption
14 oversightsystems.com
Procure-to-Pay Monitoring• Payment for 0• Payment w/o
Voucher• Payment Payee
Differsfrom Vendor
• Payment to Ghost Vendor
• Payment to Employee
• Payment Detail Mismatch
• Payment/PO SOD
• Invalid Vendor• Duplicate Vendor• Ghost Vendor• Vendor
Change/Change-back
• Vendor Maintenance SOD
• Receipt/PO SOD
• Payment Duplicate• Payment Line Duplicate• Payment Line Exceed
Voucher• Payment Line w/o Voucher• Payment Line/Voucher
Mismatch• Payment Line for Duplicate
Voucher• Payment/Voucher SOD
• Invalid PO• PO to Inactive Vendor• PO to Invalid Vendor• PO to Ghost Vendor• Duplicate PO• PO/Vendor SOD
• Invalid Voucher• Voucher for 0• Voucher to Invalid
Vendor• Voucher to Duplicate
PO• Voucher Duplicate
Amount• Voucher Duplicate
Invoice• Voucher/PO SOD• Voucher Line with no
PO• Voucher Line/PO
Mismatch• Voucher Line/Receipt
SOD• Voucher Line/Receipt
Mismatch
VendorMaster Requisitions Purchase
and Receipts Invoice Voucher Payment Recovery
15 oversightsystems.com
Accepted RiskBuilt into Design
• Less than ideal segregationof duty to facilitate doing business
• Quantity & pricing tolerances• Manual over-ride of controls• Subjective RFP process
Fraud
• Collusion• Single individual capitalizing
on system weakness• Single individual manipulating
data to mislead decision makers
• Check theft / manual check
Errors and Inefficiencies
• Lost payment terms discounts• Higher delivery costs• Catalog pricing not current• Manual processes• Multiple touches/parked
invoices• Research
Cash Leakage: Procure to Pay ProcessUnintended Design Gaps
• Lost volume discounts/rebates• Freight overpayments• Duplicate vendor payments• Approvals outside design
tolerance• Over/under payment of S&U tax• Start-up and/or new
configuration post go-live• Orders by-pass procurement • Incomplete/inaccurate
master data
16 oversightsystems.com
Cardholder Maintenance
Card Maintenance Purchase Substantiate
Reconcile Accounting Approval Payment
• Cardholder Status Change• Cardholder Invalid• Cardholder Change• Cardholder Employee
Invalid
• Transaction Duplicate• Transaction Chain Individual• Transaction Chain Department/BU• Transaction Invalid• Transaction Merchant
Unauthorized• Transaction Merchant Suspicious• Transaction Amount Suspicious• Transaction Timing Suspicious• Transaction Limit Violation• Transaction Employee Invalid• Transaction Series
• Merchant Distribution Mismatch
• Distribution Timing Error
• Payment without Approval
• Payment to Ghost Merchant
• Payment to Employee
Card Program Monitoring
• Cardholder Multiple Cards• Card Limit Change• Card Excessive Limit• Card Invalid
• Recon SOD• Transaction without Recon• Transaction without
Substantiation
• Transaction without Approval
• Approval Override
17 oversightsystems.com
Accepted RiskBuilt into Design
• Less than ideal segregation of duty to facilitate doing business
• Quantity & pricing tolerances• Manual over-ride of controls• Subjective RFP process
Fraud
• Collusion• Single individual capitalizing
on system weakness• Single individual manipulating
data to mislead decision makers
• Check theft / manual check
Errors and Inefficiencies
• Lost payment terms discounts• Higher delivery costs• Catalog pricing not current• Manual processes• Multiple touches/parked
invoices• Research
T&E and Cards Programs: Monitoring ObjectivesUnintended Design Gaps
• Lost volume discounts/rebates• Freight overpayments• Duplicate vendor payments• Approvals outside design
tolerance• Over/under payment of S&U tax• Start-up and/or new
configuration post go-live• Orders by-pass procurement • Incomplete/inaccurate
master data
18 oversightsystems.com
Accepted RiskBuilt into Design
• Price overrides• Approval tolerances
Unintended Design Gaps
• Pricing errors• Credit terms• Unit of measure• Free shipping not in contract• Wrong tax codes• Rebates• Incomplete/inaccurate
master data
Fraud
• Collusion• Single individual capitalizing
on system weakness• Single individual manipulating
data to mislead decision makers
Errors and Inefficiencies
• Returns• Deductions• Authorized promotion
deductions• Chargebacks• Penalties• Short shipments• Late payments• Write-offs• Slow dispute resolution
Profit Leakage: Order to Cash Process
19 oversightsystems.com
Access Controls
• Unintended configuration gaps• Super-user access• Material transaction approval• Incomplete/Inaccurate Master
Data• Period open – period close
Process Controls
• Intercompany reconciliation• Month end close monitoring• Improve close efficiency
accuracy
Fraud
• Revenue manipulation• Overcapitalization• Understatement of liabilities• Super-user access
Errors and Inefficiencies
• Duplicate entries• Entries posted “backwards”• Account code misclassification• Keying errors• Manual entry review• Internal/external audit
preparation• Multiple touches required for
multiple “customers”
General Ledger: Accuracy, Risk and Compliance
20 oversightsystems.com
Oversight Overview
21 oversightsystems.com
Oversight Solution Overview
22 oversightsystems.com
CTM: People, Process and Technology
Corporate
Finance
Operations
BU3
Finance
Procurement
BU4
Operations
Internal Audit
CFO Office
Audit Committee
BU1
Finance
Procurement
BU2
Operations
Finance Operations
VP Finance
VP Operations
BU1
Finance
Procurement
BU2
Operations
23 oversightsystems.com
Oversight Product Capabilities
Reporting CapabilitiesOversight DashboardOversight Workbench
Exception Handling CapabilitiesDiscovery: Exception Detection
WorkflowCollaboration
CommunicationAdvanced Analytical Capabilities
24 oversightsystems.com
Oversight: Macro Trends Generated Automatically
25 oversightsystems.com
Oversight: “Exception” Reporting
26 oversightsystems.com
Oversight: “Exception” Reporting
27 oversightsystems.com
Oversight: “Exception” Detail
28 oversightsystems.com
Oversight: Transaction Detail Provided
29 oversightsystems.com
Why Industry Leaders Choose Oversight
• Multiple, diverse, systems• Normalize data into common model• No data volume limitation• Low impact on client system/network
• Reasoning beyond rules• Statistical, Behavioral, Temporal, Symbolic• Correction detection integrated with workflow• Pre-defined + user defined analytics
• Workflow enabled resolution• Consistent across all business processes• Supporting documentation in one system• Drill-down, email, attachments, link analysis
• User-defined view: workbench & dashboard• Ad-hoc reporting + “what if” analysis• Flexible deployment configurations• Web based administration and configuration
• Client base Best Practices Group• The most successful implementations• Diversity in team expertise• Proven customer satisfaction
• Large, diverse data volume• Minimize IT on-going support• Streamlines advanced analytics
• Higher ROI faster• Discover “what I don’t know”
• No technical skills required• Assurance through visibility
• Encourages user adoption• Direct & pertinent to unique KPI
• Operationalizing continuous improvement
• Quick time-to-value• Quick, efficient, effective• Leverage F500 client experience
Key Attributes Key Value
Superior Data Acquisition
Advanced Analytics
Intuitive Configurability
Practical Workbench and
Dashboard
Proven Experience and
Results
30 oversightsystems.com
Find It.Inspect every transaction.
Fix It.Resolve every exception.
Prove It.Substantiate every resolution.
Recommended