Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
Leading Practices to Leverage Forensic
Data Analytics in Compliance
Monitoring and Investigation
Page 2
Table of contents
Proactive Compliance Monitoring1
2
44
Big Data and Forensic Data Analytics
5
EY’s Forensic Data Analytics Solution
Beyond Compliance and Investigation
EY’s First Annual Global Forensic Data Analytics Survey
3
6 Case Examples
7
Page 3
Proactive Compliance Monitoring
Page 4
Top Compliance Issues— What We are Seeing
► Bribery and corruption remain top risks► Regulatory compliance and fraud & abuse► Third-party integrity► M&A due diligence► Risk areas include:
► Integrity of vendors, suppliers and distributors► Improper payments in the forms of bribes or kickbacks► Travel and entertainment abuse► Conflicts of interests (e.g., employee and supplier matches)
Page 5
Now, more than ever, increased transparency istop-of-mind among our clients in…
► Internal Audit► Compliance & Legal► Investigations► Business / Operations
What we hear:1. Make my program more effective and measurable2. Make my program more efficient (reduced sample sizes, risk based,
cost savings)
Page 6
50% by tip or accident demonstrates the needfor improved analytics
2012 ACFE Report to the Nation on Occupational Fraud
How is Fraud Detected?
Page 7
Compliance Monitoring Challenges
► A good compliance monitoring program needs to be flexible and adaptive► Investigators, attorneys and regulators need information now► Convergence of structured and unstructured data► Organizational silo leads to redundant efforts to meet monitoring and
reporting requirements► The volume of business activities that should be monitored can
overwhelm the resources of most organizations.► Get the right FDA tools and the right people to operate FDA► The data available for analysis are incomplete or inaccurate► Need for innovative analytics to increase detection and reduce false
positives► Timely follow up and remediation
Page 8
How Global Companies are Responding
► Compliance and legal are often teaming with internal audit to lookbeyond anti-corruption policies and training and into tests of books andrecords
► Integrating new analytics specifically targeting corruption – these aren’tyour typical rules-based, process control SOX tests
► Integrating “Big Data” concepts including:► Text mining (unstructured data)► Statistical analyses and anomaly detection► Visual analytics and interactive dashboards► 100% data sampling, not just random sampling
► Analytics used to assess high fraud/corruption risk areas
Page 9
Ernst & Young’s First Annual Global ForensicData Analytics Survey
Page 10
Ernst & Young’s First Annual Global ForensicData Analytics Survey
Target audience/ recruitment criteria:• Senior individuals in global companies: Finance
(excluding audit), Internal audit & risk, Procurement,Legal, Compliance, Investigations,Business/management
• Companies with over US $100 million annual revenue,over 50% greater than US $1 billion
• Criteria: Must have decision-making responsibilityaround the company’s anti-fraud and anti-briberyefforts, compliance monitoring and investigations
• Respondents are users of forensic data analytics only
• Research period: November 2013 and January 2014
This work has been conducted in accordance with ISO 20252, the international standard for market and social research
Markets CountAmericas 105US 65
Brazil 40EMEIA 200France 40
Germany 41
India 40
Italy 40
UK 40
Asia Pacific 160
Australia 40
China / HK 40
Japan 40
Singapore 40
TOTAL 466
Telephone interviews conducted globally with leading companies
Page 11
Ernst & Young’s First Annual Global ForensicData Analytics Survey – Key Findings
FDA efforts are well aligned with perceived fraud risks► Bribery and corruption is top fraud risk at 65%► Further, 74% are using FDA to combat bribery and corruption
Big data has big potential► 72% of respondents believe emerging big data technologies can play
a key role in prevention and detection
Key benefits► Enhance our risk assessment process (90%)
► Detect potential misconduct that we could not detect before (89%)
Page 12
Ernst & Young’s First Annual Global ForensicData Analytics Survey – Key Findings (Cont.)
Need to do more► 63% of respondents agree that they need to do more to improve their
anti-fraud/anti-bribery procedures, including the use of FDA
Biggest challenge► Getting the right tools or expertise for FDA (26%)
Data volumes analyzed are relative to company size► 71% of companies over US$1 billion in revenues report working with
data sizes less than or equal to 1 million records► 42% of companies with revenues between US$100 million and US$1
billion report working with data sets under 10,000 records
Page 13
Big Data and Forensic Data Analytics
Page 14
Gartner:
Big Data is high volume, velocity and varietyinformation assets that demand cost-effective,innovative forms of information processing forenhanced insight and decision making.
What is Big Data?
Page 15
34%38%40%41%41%42%42%43%
57%59%
73%88%
0% 20% 40% 60% 80% 100%
Still images/videoAudio
GeospatialRFID scans or POS data
Free-form textSensors
External FeedsSocial Media
EmailsEvents
Log DataTransactions
Source: IBM Technology Outlook 2012
IBM Survey – Big Data Sources
Page 16
25%26%
35%43%
52%56%
65%67%
71%77%
91%
0% 20% 40% 60% 80% 100%
Voice analyticsVideo analytics
Streaming analyticsGeospatial analytics
Natural language textSimulation
OptimizationPredictive modeling
Data visualizationData mining
Query and reporting
Source: IBM Technology Outlook 2012
IBM Survey – Big Data Analytics Activities
Page 17
What is Forensic Data Analytics?
Page 18
False Positive RateHigh Low
Stru
ctur
edD
ata
Detection RateLow High
Uns
truc
ture
dD
ata
“Traditional” rules-Based Queries & Analytics
Matching, Grouping, Ordering,Joining, Filtering
Statistical-Based Analysis
Anomaly Detection, ClusteringRisk Ranking
Traditional Keyword Searching
Keyword Search
Data Visualization & Text Mining
Data visualization, Drill-down into data, TextMining
Forensic data analytics maturity modelBeyond traditional “rules-based queries” – consider all four quadrants
Page 19
Who What When Why
Social Networking Concept Clusteringand Keywords
Communication Over Time Sentiment Analysis
“Who is talking towhom?
about what? over which time period? how do they feel?”
► People-to-people analysis► Entity-to-entity analysis► Map communication lines
to organization chart
► Top words mentioned► Key concepts / topics► Top or unusual dollar amounts► Sensitive words / phrases► Potentially privilege flagging► Potentially non-responsive► Predictive coding (more-like-this)
► When communications occur► Communication spikes
around key business events► Linked to T&E or other journal
payment related transactions
► Positive vs. Negative Sentiment► Top 10 angry or negative emails► Ethical tone: flag for secretive,
harassing, confused, orderogatory communications
► Fraud Triangle analytics: linkcommunications to anemployee’s pressure, opportunityor rationalization risk score
Unstructured data sources
Page 20
DescriptiveAnalytics
What ishappening?
DiagnosticAnalytics
Why did it happen?
PredictiveAnalytics
What is likely tohappen?
PrescriptiveAnalytics
What should I doabout it?
70% 30% 16% 3%
100% 9%Source: Gartner Research
Structured Hybrid Unstructured/Content
Emerging Trends: Information and Analytics
Page 21
EY’s Forensic Data Analytics Solution
Page 22
Earlycase assessment
Dynamic reportingand visualization
Forensic software
Info
rmat
ion
Gov
erna
nce
EvidenceTrackingSystem
Unstructured data
Structured data
Email and IM processing tools
Analytics and statistics tools
Clientpresentation andreporting layer
Forensics andanalytics core
Big Data Big data platform
Processing layer
Our Technology EcosystemIndustry-recognized Technology Stack
Page 23
To drive better decisions, we must first ask the right business questions and then seekanswers in the data. Thus, our work moves left to right, but our thinking must move fromright to left.
Rules/Algorithms
Focus of many companies EY’s strategic focus
► Many analytics companies in themarketplace today are dominated bydata warehousing, enterprisedashboard and reporting solutions.
► Many clients, however, still struggle toembed analytics into operationaldecisions in a systematic andrepeatable way, often resulting inclients not realizing the full value ofanalytics.
► Our focus is on becoming the leader in “value-driven analytics” by going to market throughsectors and core competencies, supported by acentralized group providing market-leading,analytical and big data skills and technology.
► We also realize the importance of using changemanagement skills to help our clients moreeffectively use analytics to create value.
The EY difference in analyticsOur strategic focus is to help clients achieve the transformationalvalue that is possible through analytics
Page 24
Our Approach to Detective and PredictiveData Analytics
Basicü Vendor/Customer listü Contracts/agreementsü Purchase/Sales ordersü Receipts/invoicesü Vendor/Customer
payment
Advancedü All of data from basicü Emailsü Chat logsü E-filesü Call logs
Predictiveü All data from Basic
and Advancedü Statistical modelingü External sources –
blogs/posting,Twitter, Facebook
Linking the identifiedirregular activities with
purchasing/sales reps andvendor/customer contact– “who’s talking to who”
Identifying the“unknown” – using data
sets to identify rulesand to continuously
redefine “basic”
Rem
edia
lact
ion
iden
tifie
d
Sust
aina
ble
and
impr
oved
oper
atin
gpr
acti
ces
Monitoring to identifyirregular activities from
numerical data setsusing specified rules
Det
ecti
on
Cont
inuo
usly
re-d
esig
n
Pre
dict
ive
Page 25
EY Forensic Data Analytics Workflow
Gather Process Analysis Delivery/Follow up
ERP SCM
Warehouse
management
Cash
Contracts
Other
• Obtain data from all centralsystems and externalsources.
• Load, validate andtransform data into definecommon model –independent of ERP.
• Link sources to facilitateanalysis.
• Provide global dashboardsto facilitate identificationof risk issues.
• Deliver dashboards to bereviewed as part of thetesting process
Below is an illustration of how a broad data collection exercise operates in practice. The objective isto gather data from a range of sources – and undertake initial processing to provide a central teamwith the ability to identify the higher risk activities. Following that review, targeted analytics wouldbe deployed to identify the issues, transactions and relationships that need to be reviewed.
Page 26
Risk Indicator Framework Design
Tailored design with data analytic risk indicators
High Risk Transactions
Duplicate Payments
Meal Splitting
Travel Agents
Overbilling
A%
B%
C%
D%
In-Scope Transactions
► Not every item bears the same risk level► Define risk based on understanding of business process and potential control weaknesses
Page 27
The dashboard tells you “who got paid what,where and what for”.
Data Visualization: Accounts Payable Monitoring
Page 28
The 4W1H tell you “Who entertained who,where, what for, and for how much?”
Data Visualization: Travel & EntertainmentMonitoring
Page 29
Filter by selectedanalytics
Review breaches ontargeted analytics
Payment Risk ScoringKey Component to Educing False Positives and Focusing Risk Assessment
Page 30
Analytics include:► Stratify revenues by top and bottom distributors► Analysis of credits and returns
► Analysis of free goods and samples
► Analysis of write-offs► Analysis of payment cycles
► Commissions analysis► Analysis of price variances,
by distributor and by product
► Zero dollar shipments► Analysis of “debits” to revenue
► Compare order quantities withproduct and receipt quantities
► Profit margin analysis
► Anomalous or zero shipmentweights
► Vendor due diligence andaddress verifications, sanctionlist check, etc.
FDA – In-depth Overview of Big DataDistributor or 3rd Party Analytics
Page 31
Analytics include:► Employee stratification
► Stratify by expense type
► Sensitive keywords► Term frequency analysis
(concept analysis)► Round payments
► One-time payments
► Potential “gross ups”► Potentially duplicative
► Out-of-policy spend► Weekend or personal use
► High risk venues(e.g., adult entertainment,check cashing, etc.)
► Meal splitting► HCP spend
► Spending over time/ trending
FDA – In-depth Overview of Big DataEmployee Expense Analytics
Page 32
The dashboard tells you relationships identified through the analysis of structured andunstructured data sources.
Data Visualization: Social Network Analysis
Page 33
Rather than simply comparing watch-list names to a vendor table in a spreadsheet, thisexample links accounts payable data to third-party watch-list data to identify potentiallyimproper payments to sanctioned or high-risk entities and displays the results in aninteractive dashboard.
Demonstrate Management Oversight & IntentLinking Payment Data to Sanctions and Watch List Databases
Page 34
These three variableswere this highest drivers ofsuspicious transactions
These variables were less important whenpredicting suspicious transactions. Client should focus resources onmonitoring efforts for the three leading drivers, which accounts for 80%of the predictive value.
Perform VariableAnalysis
Predictive ModellingFocus on the Variables that Matter Most
Page 35
SalesRep
Expense support(receipts)
FIDS investigated allegedimproper payments throughemployee travel andentertainment expenses.
Using forensic data analytics andenhancements to our reviewplatform, investigators used datavisualization to select certainexpenses for further review inRelativity.
Merging Electronic Discovery ManagementServices and Forensic Data Analytics
Page 36
Merging Electronic Discovery ManagementServices and Forensic Data AnalyticsEY investigated alleged improper healthcareprovider (HCP) payments through employeetravel and entertainment expenses.
Fieldforce
Expense support(receipts)
Using forensic data analytics and enhancementsto our review platform, investigators used datavisualization to select certain expenses forfurther review in Relativity.
Page 37
We identified several thousand wiretransfers that were the subject of allegeduse of customer funds in the company’sown investments.We developed an algorithm thatassociated related email messages to thewire transfers based upon minimallyavailable wire transfer information.The wire transfers and correspondingemail chatter were presented in our filereview platform for further analysis.
Wire transferinformation
Associated emailcommunications
Merging Electronic Discovery ManagementServices and Forensic Data Analytics
Page 38
Approach to Continuous Transaction Monitoring
Why Continuous Monitoring?► Executive visibility and
transparency► Drive process improvements► More advanced anti-fraud
control► Improved audit effectiveness
Enables:► Proactively identify and
remediate transaction-relatedissues and challenges
► Generate advancedanalytics/insights
► Timely, accurate, completereporting
Page 39
Beyond Compliance and Investigation
Page 40
Operations/Business Process
Data reflectingthe Businessstrategies andoperations?
Leverage Data Analytics to Optimize Operationsand Grow Business
Page 41
Case Examples
Page 42
Case Example: Predictive Modeling
Challenge: Analyze 400,000 transactions for suspected bribery payments perDOJ subpoena
► Team reviewed 2,000 transactions from ledger data (text comments,amounts, dates, etc.)► Identified 400 suspicious and 1,600 non-suspicious entries
► Created statistical model: “Is Suspicious” / “Is Not Suspicious”
► Applied model to remaining 398,000 additional transactions
► Identified 14,000 new suspicious transactions► With confidence over 95% similar to “Is Suspicious”
► Identified over $8 million in highly suspicious payments
► Methodology accepted by the DOJ for this case
Page 43
AnalyticsEngine
Case Example: Business Growth
0%
40%
63%75%
83%100%
0%
20%
40%
60%
80%
100%
120%
0 1 2 3 4 5 6 7 8 9 10 11
%of
cust
omer
sac
quire
d
Decile
ValidationSample
75% results canbe achieved by
targeting 30% ofcustomers
Approached and boughtApproached but did not bought Model Data
Validation Data
Runmodeling
OutputEquation
11
. . ∗ .
. . ∗
Stats Equation
Comparewith Actuals
Potential model for identifying newcustomers most likely to buy
Model Results
Goal:► Identify new customers most likely to buy Product AProposed Approach:► Look at profile of physicians currently buying Product A and use predictive model to identify
causal factors differentiating high potential customers from low potential customers► Use causal success factors to score entire list of physicians to identify and target high potential
customers
Raw Data
Classifycustom
ers
Page 44
Thanks You